CN102456111B - Method and system for license control of Linux operating system - Google Patents
Method and system for license control of Linux operating systemDownload PDFInfo
- Publication number
- CN102456111B CN102456111BCN201110194517.5ACN201110194517ACN102456111BCN 102456111 BCN102456111 BCN 102456111BCN 201110194517 ACN201110194517 ACN 201110194517ACN 102456111 BCN102456111 BCN 102456111B
- Authority
- CN
- China
- Prior art keywords
- license
- file
- module
- key
- control module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034methodMethods0.000titleclaimsabstractdescription75
- 230000008569processEffects0.000claimsabstractdescription36
- 238000004891communicationMethods0.000claimsabstractdescription25
- 238000013475authorizationMethods0.000claimsdescription29
- 238000012795verificationMethods0.000claimsdescription13
- 238000003556assayMethods0.000claimsdescription6
- 230000005540biological transmissionEffects0.000claimsdescription5
- 230000015572biosynthetic processEffects0.000claimsdescription3
- 238000000151depositionMethods0.000claimsdescription3
- 230000007246mechanismEffects0.000abstractdescription17
- 238000009826distributionMethods0.000abstractdescription11
- 238000007689inspectionMethods0.000abstract5
- OBSYIMVMIJBTMQ-VIFPVBQESA-N(2r)-3-[(3-nitrophenyl)methylsulfanyl]-2-(oxaloamino)propanoic acidChemical compoundOC(=O)C(=O)N[C@H](C(=O)O)CSCC1=CC=CC([N+]([O-])=O)=C1OBSYIMVMIJBTMQ-VIFPVBQESA-N0.000description15
- 238000012360testing methodMethods0.000description5
- 238000010586diagramMethods0.000description4
- 230000009286beneficial effectEffects0.000description2
- 230000008859changeEffects0.000description2
- 238000005516engineering processMethods0.000description2
- 238000013461designMethods0.000description1
- 238000011161developmentMethods0.000description1
- 230000006872improvementEffects0.000description1
- 230000000977initiatory effectEffects0.000description1
- 230000002427irreversible effectEffects0.000description1
- 238000004519manufacturing processMethods0.000description1
- 238000013507mappingMethods0.000description1
- 238000012986modificationMethods0.000description1
- 230000004048modificationEffects0.000description1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
Description
Technical field
The present invention relates to a kind of (SuSE) Linux OS and permitted controllable method and system.
Background technology
License is controlled (License Control) and is referred to by authority or sequence number mode, a kind of mode that production firm's rights and interests, intellecture property are protected.
At present, Windows system is that mode by sequence number authenticates for the method for controlling of license, according to the polytype of sequence number, and the information such as each version of control system, term of life.This mode is beneficial to deployment, and domestic consumer just can carry out renewal sequence number, and meanwhile, its license is controlled to network and further verified.
The license of business application software and system software is at present controlled comparatively ripe, but the characteristic due to operating system software self, its license method of controlling is comparatively single, particularly the character due to its open source software for (SuSE) Linux OS itself does not substantially have consideration to be permitted controllable content in design and development.
To be permitted the authorization control method of controllable method and content and Windows system similar for soft ware authorization in the past, and this method is easy to be easy-to-use, but has very large problem simultaneously.For example, be easy to the authorization control program process of above-mentioned software or system to replace, replace with a program that there is no function, so just by destroying whole authorization, control function.
Summary of the invention
For above reason; the present invention proposes a kind of (SuSE) Linux OS and permitted controllable method and system; the method comprises self-protective mechanism and empowerment management mechanism two parts; self-protective mechanism is controlled selftest module and common realization of application layer license communication module by inner nuclear layer license, and empowerment management mechanism is realized by license communication module by application layer license control module and application layer license distribution module.Wherein, it is the integrality of guaranteeing to permit control module that selftest module is controlled in license, prevents from permitting control module to be tampered or to replace, and the authorization control function that can effectively solve software in the past or system is made the problem of destroying; License communication module is mainly to set up license control selftest module and permit communicating by letter between control module, carries out the transmission of grant message; License control module realizes the mandate to system by decryption verification license file, and realizes different functions according to different user's requests, as binds specific hardware information, specifies permitted hours etc.; License distribution module is that a kind of method by authorization file distributing realizes, and the method for this authorization file distributing is guaranteed the validity of authorization file by multi-enciphering, thereby prevents that authorization file from arbitrarily being distorted.
For achieving the above object, the invention provides a kind of (SuSE) Linux OS and permitted controllable method, it comprises: self check step is controlled in license, this step is the integrality of guaranteeing to permit control module, permit control module to be tampered or replace preventing, it is after computing machine powers up, while starting the boot of system via BIOS, utilize the loading of linux system kernel that license control selftest module is loaded into kernel spacing, by module, complete the controllable functions of being permitted of system is carried out to integrity check again, and process accordingly according to assay.
Wherein, permitted controllable functions and realize by a kind of linux system permission control method, the method is after linux system kernel starts, and the init process by system is by the function on of authorization control module.
This license is controlled self check step and is comprised:
Step 101: after computing machine powers up, system starts the boot of (SuSE) Linux OS via BIOS, and (SuSE) Linux OS boot can load linux kernel;
Step 102:Linux kernel can load corresponding driving and other modules; And will permit that controlling selftest module loads, as a kernel level thread operation;
Step 103: license is controlled selftest module and generated key, and this key will be decrypted authorization file forstep 108, and it leaves the unreadable core position of user program in, only has license control module can read the content of this key;
Step 104: load license communication module, this license communication module is opened up a kernel spacing, this kernel spacing is used for and license control module communicates; The key simultaneouslystep 103 being generated is deposited in this kernel spacing;
Step 105: license is controlled selftest module and obtained the value AX after the init program X encryption of permitting control module, for comparing with the authenticating documents key (AX) that is stored in file system; License communication module is delivered to AX in the kernel spacing thatstep 104 opens up; Now, in this kernel spacing, just there is AX and authenticating documents key (AX); If authenticating documents key (AX) completes the checking to AX, the init program of explanation license control module is not tampered, and authorization control is correct from detected state, can further to system, authorize; Otherwise the init program X of license control module is tampered, authorization control detects status error certainly, thereby cannot authorize system.
Forstep 105, preferred scheme is, license is controlled selftest module and is obtained after the value AX after the init program encryption of permitting control module, to it, ask MD5 hash value to obtain MD5 (AX), and ask MD5 hash value to obtain key (MD5 (AX)) to the authenticating documents key (AX) being stored in file system; License communication module is delivered to MD5 (AX) in the kernel spacing thatstep 104 opens up, and then MD5 (AX) and key (MD5 (AX)) is compared.
So far, this system is controlled self check by license and has been realized self-protective mechanism, and empowerment management mechanism is realized by license communication module by application layer license control module and application layer license distribution module.First, license distribution module generates license file by specific encryption method, and as shown in Figure 2, the process that self check is controlled in the process of generation license file and license as described above is relatively independent; License file is written to it in system by methods such as issue, transmission, downloads after generating.Then, license control module realizes the mandate to system by decryption verification license file.Further comprise following steps:
Step 106: authorization control is in the situation that detected state is correct instep 105, and linux kernel loads init process, starts the license control module of application layer;
Step 107: the key that the license control module of application layer generates by the kernelspacing obtaining step 103 that in inner nuclear layer, license control selftest module is opened up;
Step 108: use the key reading instep 107 to be decrypted and verification the authority of depositing in system.Then, according to assay, system is authorized, or the service time of restriction system, or the hardware environment of restriction system operation etc., thereby controllable functions perhaps completed.The step of concrete decryption verification license file and flow process are as shown in Figure 3.
As shown in Figure 2, the method for encrypting generation license file realizes by license file is carried out to multi-enciphering, comprises the following steps:
Step 201: the plaintext to license file is encrypted, the ciphertext of formation license file;
Step 202: the license file cryptogram computation hash value that step 201 is generated;
Step 203: use and be different from the key that step 201 is used, the hash value of the license file ciphertext that step 202 is generated is encrypted;
Step 204: the ciphertext of the hash value that the ciphertext of the license file that step 201 is generated and step 203 generate forms new authority.
As shown in Figure 3, decryption verification license file comprises the following steps:
Step 301: license file is divided into hash value ciphertext part and remainder;
Step 302: the hash value ciphertext thatstep 301 kind is obtained is partly decrypted, the hash value of the license file ciphertext after being deciphered;
Step 303: calculate the hash value of remainder, obtain the hash value of former license file ciphertext;
Step 304: the hash value of the former license file ciphertext that the hash value of the license file ciphertext after the deciphering thatstep 302 is obtained andstep 303 obtain compares, if unequal, judges that license file is invalid; Otherwise remainder is decrypted to the plaintext that can obtain license file.
The present invention also provides a kind of (SuSE) Linux OS to be permitted controllable system, and it comprises:
Selftest module is controlled in the license that is positioned at inner nuclear layer, and it is to run on kernel, and the controllable functions of being permitted of system is carried out to integrity check, to guarantee to permit the integrality of control module, permits control module to be tampered or replaces preventing;
Be positioned at application layer license communication module, it is to set up license control selftest module and permit communicating by letter between control module, carries out the transmission of grant message;
Be positioned at by layer license control module, it realizes the mandate to system by decryption verification license file, and realizes different empowerment management functions according to different user's requests.
It also can comprise license distribution module in addition.
It should be noted that, it is to realize (SuSE) Linux OS license to control requisite three modules that selftest module, license communication module and license control module are controlled in the license the present invention relates to, and license distribution module is just to need when upgrading the file of authorizing separately, if authority is integrated in (SuSE) Linux OS, this license distribution module does not just need.
The self-protective mechanism the present invention relates to is that a kind of control functional completeness self-checking by linux system license method realizes.That is: after computing machine powers up, via BIOS, start the boot of system, load linux system kernel, then the license in this mechanism controls selftest module and complete the controllable functions of being permitted of system is carried out to integrity check, and process accordingly according to assay.
The empowerment management mechanism the present invention relates to, this mechanism is realized by license control module.License control module realizes by a kind of linux system permission control method, that is: after linux system kernel starts, the init process by system is by the function on of authorization control module.Init process is as the feature of all subsequent processes parent processes of system, just guaranteed that controllable functions can start before all other process initiations perhaps, guaranteed to be permitted the operability of controllable functions, make the permissions that they can be different according to different requirement definitions, allow which program operation, do not allow those operations; License is controlled need to carry out multi-enciphering to license file, when carrying out license file check, just need to be decrypted work.The complexity of key and the time overhead of deciphering are the problems that need to consider.The method leaves decruption key in user program unreadable core position, only has license control module can read the content of key, thereby improves as much as possible its safe reliability, and take into account operational efficiency.
Accompanying drawing explanation
Fig. 1 is permitted controllable process flow diagram under linux system;
Fig. 2 is the ciphering process process flow diagram of license file;
Fig. 3 is license file decrypting process process flow diagram.
Embodiment
In order to make object of the present invention, technical scheme and beneficial effect clearer, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein, only in order to explain the present invention, is not intended to limit the present invention.
Common process of self-test is realized in application space, like this, is easy to the authorization process of above-mentioned software or system to replace, and replaces with a program that there is no function, has so just destroyed easily the function that whole authorization is controlled.
Process of self-test of the present invention is realized at kernel spacing, because the program of kernel spacing can not be replaced easily, thereby has got rid of the possibility of destroying easily whole authorization control function.
Process of self-test is generally exactly to the init program of system self and is stored in the process that the authenticating documents in file system is compared, if the two is consistent, the init program of system is not just tampered; Otherwise, be tampered.If but the init program of system self is directly compared with the authenticating documents being stored in file system, also there is following problem, even if that is: the init program of system self has been tampered as A ', because A ' is that system is known, can be easy to forge an authenticating documents key (A '), complete the checking to the init program A ' after distorting, do not reach and prevent the object that is tampered.
For fear of this problem, the present invention obtains AX after the init program A of system self is encrypted, and the authenticating documents key (AX) being stored in file system verifies the init program AX after encrypting.If the init program A of this system has been tampered as A ', because X is system the unknown, so system cannot forge an authenticating documents key (A ' X) and complete the checking to A ' X, thereby effectively prevented from being tampered.
General plotting of the present invention is: after the init program A of system self is encrypted, obtain AX, the authenticating documents key (AX) being stored in file system verifies the init program AX after encrypting; License is controlled selftest module and in system, is opened up in advance a kernel spacing and obtain AX.Then, license communication module is delivered to AX in the kernel spacing of opening up in advance.Now, in kernel spacing, just there is AX and authenticating documents key (AX).If AX is not tampered, authenticating documents key (AX) just can complete the checking to AX, completes process of self-test, and further system is authorized; Otherwise if AX has been tampered the X into A ', authenticating documents key (AX) cannot complete the checking to A ' X, thereby cannot further authorize system.
Preferred scheme is, the AX after init program encryption is carried out obtaining its MD5 value MD5 (AX) after MD5 Hash computing, and the authenticating documents key (MD5 (AX)) being stored in file system also verifies MD5 (AX); License is controlled selftest module and in system, is opened up in advance a kernel spacing and obtain MD5 (AX).Then, license communication module is delivered to MD5 (AX) in the kernel spacing of opening up in advance.Now, in kernel spacing, just there is MD5 (AX) and authenticating documents key (MD5 (AX)).If MD5 (AX) is not tampered, authenticating documents key (MD5 (AX)) just can complete the checking to MD5 (AX), completes process of self-test, and further system is authorized; Otherwise if MD5 (AX) has been tampered into MD5 (A ' X), authenticating documents key (MD5 (AX)) cannot complete the checking to MD5 (AX), thereby cannot further authorize system.
As shown in Figure 1, license control flow chart of the present invention has been described.This process flow diagram relates to license necessary in license control procedure and controls selftest module, license communication module and these three modules of license control module.
Step 101: after computing machine powers up, system starts the boot of (SuSE) Linux OS via BIOS, and (SuSE) Linux OS boot can load linux kernel;
Step 102:Linux kernel can load corresponding driving and other modules; And will permit that controlling selftest module loads, as a kernel level thread operation;
Step 103: license is controlled selftest module and generated key, and this key will be decrypted authorization file forstep 108, and it leaves the unreadable core position of user program in, only has license control module can read the content of this key;
Step 104: load license communication module, this license communication module is opened up a kernel spacing, this kernel spacing is used for and license control module communicates; The key simultaneouslystep 103 being generated is deposited in this kernel spacing;
Step 105: license is controlled selftest module and obtained the value AX after the init program X encryption of permitting control module, for comparing with the authenticating documents key (AX) that is stored in file system; License communication module is delivered to AX in the kernel spacing thatstep 104 opens up; Now, in this kernel spacing, just there is AX and authenticating documents key (AX); If authenticating documents key (AX) completes the checking to AX, the init program of explanation license control module is not tampered, and authorization control is correct from detected state, can further to system, authorize; Otherwise the init program X of license control module is tampered, authorization control detects status error certainly, thereby cannot authorize system.
Forstep 105, preferred scheme is, license is controlled selftest module and is obtained after the value AX after the init program encryption of permitting control module, to it, ask MD5 hash value to obtain MD5 (AX), and ask MD5 hash value to obtain key (MD5 (AX)) to the authenticating documents key (AX) being stored in file system; License communication module is delivered to MD5 (AX) in the kernel spacing thatstep 104 opens up, and then MD5 (AX) and key (MD5 (AX)) is compared.
So far, this system is controlled self check by license and has been realized self-protective mechanism, and empowerment management mechanism is realized by license communication module by application layer license control module and application layer license distribution module.First, license distribution module generates license file by specific encryption method, and as shown in Figure 2, the process that self check is controlled in the process of generation license file and license as described above is relatively independent; License file is written to it in system by methods such as issue, transmission, downloads after generating.Then, license control module realizes the mandate to system by decryption verification license file.Further comprise following steps:
Step 106: authorization control is in the situation that detected state is correct instep 105, and linux kernel loads init process, starts the license control module of application layer;
Step 107: the key that the license control module of application layer generates by the kernelspacing obtaining step 103 that in inner nuclear layer, license control selftest module is opened up;
Step 108: use the key reading instep 107 to be decrypted and verification the authority of depositing in system.Then, according to assay, system is authorized, or the service time of restriction system, or the hardware environment of restriction system operation etc., thereby controllable functions perhaps completed.The step of concrete decryption verification license file and flow process are as shown in Figure 3.
Fig. 2 has described and has encrypted the flow process that generates license file, and concrete steps are as follows:
Step 201: the plaintext to license file is encrypted, the ciphertext of formation license file;
Step 202: the license file cryptogram computation hash value that step 201 is generated;
Step 203: use and be different from the key that step 201 is used, the hash value of the license file ciphertext that step 202 is generated is encrypted;
Step 204: the ciphertext of the hash value that the ciphertext of the license file that step 201 is generated and step 203 generate forms new authority.
Fig. 3 has described decryption verification license file flow process, and concrete steps are as follows:
Step 301: license file is divided into hash value ciphertext part and remainder;
Step 302: the hash value ciphertext that step 301 kind is obtained is partly decrypted, the hash value of the license file ciphertext after being deciphered;
Step 303: calculate the hash value of remainder, obtain the hash value of former license file ciphertext;
Step 304: the hash value of the former license file ciphertext that the hash value of the license file ciphertext after the deciphering that step 302 is obtained and step 303 obtain compares, if unequal, judges that license file is invalid; Otherwise remainder is decrypted to the plaintext that can obtain license file.
The explanation of common technology noun:
MD5:Message Digest Algorithm MD5(Message Digest Algorithm 5) be the widely used a kind of hash function of computer safety field, its use be hash function, in order to the integrity protection giving information.The typical case application of MD5 is the information of one section of random-length (Message) to be produced to the informative abstract (Message-Digest) of 128, is tampered preventing.MD5 is used as whole file as a large text message, by its irreversible character string mapping algorithm, has produced this unique MD5 informative abstract.MD5 can produce a same unique MD5 informative abstract for any file (regardless of its size, form, quantity), if anyone has done any change to file, its MD5 value namely MD5 informative abstract of correspondence all can change.
The foregoing is only preferred embodiment of the present invention, not in order to limit the present invention, all any modifications of making within the spirit and principles in the present invention, be equal to and replace and improvement etc., within all should being included in protection scope of the present invention.
Claims (8)
1. (SuSE) Linux OS is permitted a controllable method, it is characterized in that, it comprises:
Self check step is controlled in license, this step is the integrality of guaranteeing to permit control module, permit control module to be tampered or replace preventing, it is after computing machine powers up, while starting the boot of system via BIOS, utilize the loading of linux system kernel that license control selftest module is loaded into kernel spacing, then complete the controllable functions of being permitted of system is carried out to integrity check by module, and process accordingly according to assay;
Wherein, permitted controllable functions and realize by a kind of linux system permission control method, the method is after linux system kernel starts, and the init process by system is by the function on of authorization control module;
And this license is controlled self check step and is comprised:
Step 101: after computing machine powers up, system starts the boot of (SuSE) Linux OS via BIOS, and (SuSE) Linux OS boot can load linux kernel;
Step 102:Linux kernel can load corresponding driving and other modules; And will permit that controlling selftest module loads, as a kernel level thread operation;
Step 103: license is controlled selftest module and generated key, and this key will be for authorization file is decrypted, and it leaves the unreadable core position of user program in, only has license control module can read the content of this key;
Step 104: load license communication module, this license communication module is opened up a kernel spacing, this kernel spacing is used for and license control module communicates; The key simultaneously step 103 being generated is deposited in this kernel spacing;
Step 105: license is controlled selftest module and obtained the value AX after the init program X encryption of permitting control module, for comparing with the authenticating documents key (AX) that is stored in file system; License communication module is delivered to AX in the kernel spacing that step 104 opens up; Now, in this kernel spacing, just there is AX and authenticating documents key (AX); If authenticating documents key (AX) completes the checking to AX, the init program of explanation license control module is not tampered, and authorization control is correct from detected state, can further to system, authorize; Otherwise the init program X of license control module is tampered, authorization control detects status error certainly, thereby cannot authorize system.
2. the method for claim 1, it is characterized in that, license in step 105 is controlled selftest module and is obtained after the value AX after the init program encryption of permitting control module, to it, ask MD5 hash value to obtain MD5 (AX), and ask MD5 hash value to obtain key (MD5 (AX)) to the authenticating documents key (AX) being stored in file system; License communication module is delivered to MD5 (AX) in the kernel spacing that step 104 opens up, and then MD5 (AX) and key (MD5 (AX)) is compared.
3. the method for claim 1, is characterized in that, it further comprises:
Step 106: authorization control is in the situation that detected state is correct in step 105, and linux kernel loads init process, starts the license control module of application layer;
Step 107: the key that the license control module of application layer generates by the kernel spacing obtaining step 103 that in inner nuclear layer, license control selftest module is opened up;
Step 108: use the key reading in step 107 to be decrypted and verification the authority of depositing in system,
Then, according to assay, system is authorized, or the service time of restriction system, or the hardware environment of restriction system operation, thereby controllable functions perhaps completed.
4. the method for claim 1, is characterized in that, the key of its deciphering leaves the unreadable core position of user program in, only has license control module can read the content of key.
5. the method for claim 1, is characterized in that, decryption verification license file comprises the following steps:
Step 301: license file is divided into hash value ciphertext part and remainder;
Step 302: the hash value ciphertext obtaining in step 301 is partly decrypted to the hash value of the license file ciphertext after being deciphered;
Step 303: calculate the hash value of remainder, obtain the hash value of former license file ciphertext;
Step 304: the hash value of the former license file ciphertext that the hash value of the license file ciphertext after the deciphering that step 302 is obtained and step 303 obtain compares, if unequal, judges that license file is invalid; Otherwise remainder is decrypted to the plaintext that can obtain license file.
6. the method for claim 1, it is characterized in that, it further comprises license distributing step, and this license distributing step is that a kind of method by authorization file distributing realizes, and the method for this authorization file distributing generates license file and realizes by encrypting.
7. method as claimed in claim 6, is characterized in that, encrypts generation license file and comprises the following steps:
Step 201: the plaintext to license file is encrypted, the ciphertext of formation license file;
Step 202: the license file cryptogram computation hash value that step 201 is generated;
Step 203: use and be different from the key that step 201 is used, the hash value of the license file ciphertext that step 202 is generated is encrypted;
Step 204: the ciphertext of the hash value that the ciphertext of the license file that step 201 is generated and step 203 generate forms new authority.
8. the (SuSE) Linux OS that application rights requires 1-7 any one to be permitted controllable method is permitted a controllable system, it is characterized in that it comprises:
Selftest module is controlled in the license that is positioned at inner nuclear layer, and it is to run on kernel, and the controllable functions of being permitted of system is carried out to integrity check, to guarantee to permit the integrality of control module, permits control module to be tampered or replaces preventing;
Be positioned at application layer license communication module, it is to set up license control selftest module and permit communicating by letter between control module, carries out the transmission of grant message;
Be positioned at the license control module of application layer, it realizes the mandate to system by decryption verification license file, and realizes different empowerment management functions according to different user's requests.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110194517.5ACN102456111B (en) | 2011-07-12 | 2011-07-12 | Method and system for license control of Linux operating system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110194517.5ACN102456111B (en) | 2011-07-12 | 2011-07-12 | Method and system for license control of Linux operating system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102456111A CN102456111A (en) | 2012-05-16 |
| CN102456111Btrue CN102456111B (en) | 2014-04-09 |
Family
ID=46039292
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110194517.5AActiveCN102456111B (en) | 2011-07-12 | 2011-07-12 | Method and system for license control of Linux operating system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102456111B (en) |
Families Citing this family (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102982260B (en)* | 2012-11-12 | 2015-09-02 | 中标软件有限公司 | A kind of (SuSE) Linux OS and installation series number verification method thereof |
| CN104217166A (en)* | 2013-05-30 | 2014-12-17 | 鈊象电子股份有限公司 | Verification Method of System Execution Environment |
| CN106203002B (en)* | 2015-05-06 | 2019-09-03 | 朗新科技股份有限公司 | Software product guard method |
| CN105426749B (en)* | 2015-11-03 | 2018-08-14 | 浪潮电子信息产业股份有限公司 | Method for controlling E L F file operation based on signature mechanism |
| CN108073792B (en)* | 2016-11-10 | 2021-05-28 | 中标软件有限公司 | Version authorization control system and method under Linux operating system |
| CN108229144B (en)* | 2018-01-12 | 2020-04-03 | 百富计算机技术(深圳)有限公司 | Verification method of application program, terminal equipment and storage medium |
| CN110296407A (en)* | 2019-05-10 | 2019-10-01 | 金字号(福建)燃烧设备有限公司 | A kind of Different Boiler Burner Control System |
| CN111523154B (en)* | 2020-03-20 | 2021-03-02 | 北京元心科技有限公司 | Method and system for obtaining hardware unique identifier and corresponding computer equipment |
| CN112364306B (en)* | 2020-11-18 | 2022-11-11 | 华东计算技术研究所(中国电子科技集团公司第三十二研究所) | Embedded operating system software use license authorization method and system |
| CN113821775B (en)* | 2021-09-29 | 2022-04-08 | 北京珞安科技有限责任公司 | Software copyright protection system and method based on Ubuntu operating system |
| CN116502186B (en)* | 2023-06-26 | 2023-09-15 | 明阳时创(北京)科技有限公司 | System application tpm license generation method, system, medium and device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7191327B2 (en)* | 2002-04-04 | 2007-03-13 | Intrinsyc Software International, Inc. | Internet-enabled device provisioning, upgrade and recovery mechanism |
| CN101419654A (en)* | 2008-12-05 | 2009-04-29 | 北京交通大学 | Boot file credible verify based on mobile TPM |
| US20090199048A1 (en)* | 2008-02-04 | 2009-08-06 | Honeywell International Inc. | System and method for detection and prevention of flash corruption |
| CN101645127A (en)* | 2009-06-17 | 2010-02-10 | 北京交通大学 | Method for establishing trusted booting system based on EFI |
- 2011
- 2011-07-12CNCN201110194517.5Apatent/CN102456111B/enactiveActive
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7191327B2 (en)* | 2002-04-04 | 2007-03-13 | Intrinsyc Software International, Inc. | Internet-enabled device provisioning, upgrade and recovery mechanism |
| US20090199048A1 (en)* | 2008-02-04 | 2009-08-06 | Honeywell International Inc. | System and method for detection and prevention of flash corruption |
| CN101419654A (en)* | 2008-12-05 | 2009-04-29 | 北京交通大学 | Boot file credible verify based on mobile TPM |
| CN101645127A (en)* | 2009-06-17 | 2010-02-10 | 北京交通大学 | Method for establishing trusted booting system based on EFI |
Non-Patent Citations (2)
| Title |
|---|
| Security Bootstrap Based on Trusted Computing;Yu chao 等;《2010 Second International Conference on Networks Security, Wireless Communications and Trusted Computing》;20100425;486-489* |
| Yu chao 等.Security Bootstrap Based on Trusted Computing.《2010 Second International Conference on Networks Security, Wireless Communications and Trusted Computing》.2010,456-489. |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102456111A (en) | 2012-05-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102456111B (en) | Method and system for license control of Linux operating system | |
| US11126754B2 (en) | Personalized and cryptographically secure access control in operating systems | |
| CN113632417B (en) | Generating the identity of a computing device using physically unclonable functions | |
| US11132468B2 (en) | Security processing unit of PLC and bus arbitration method thereof | |
| KR101712784B1 (en) | System and method for key management for issuer security domain using global platform specifications | |
| AU2020244511B2 (en) | Balancing public and personal security needs | |
| US7986786B2 (en) | Methods and systems for utilizing cryptographic functions of a cryptographic co-processor | |
| CN100354786C (en) | Open type general-purpose attack-resistant CPU and application system thereof | |
| KR20210132216A (en) | Verification of the identity of emergency vehicles during operation | |
| US10498712B2 (en) | Balancing public and personal security needs | |
| CN109313690A (en) | Self-contained encryption boot policy verifying | |
| EP2264639B1 (en) | Securing executable code integrity using auto-derivative key | |
| CN103460195A (en) | System and method for secure software update | |
| CN103051451A (en) | Encryption authentication of security service execution environment | |
| Nyman et al. | Citizen electronic identities using TPM 2.0 | |
| US20250217519A1 (en) | A device and a method for controlling use of a cryptographic key | |
| KR20130116485A (en) | Apparatus and method for file encryption | |
| CA3042984C (en) | Balancing public and personal security needs | |
| CN118972839A (en) | Method, wireless control device and medium for generating security key | |
| HK40060449A (en) | Personalized and cryptographically secure access control in operating systems | |
| HK40060449B (en) | Personalized and cryptographically secure access control in operating systems | |
| CN117077164A (en) | Component protection method based on hardware trust in offline state | |
| SSD | FIPS 140-2 Cryptographic Module Non-Proprietary Security Policy | |
| Krahn | Bluefly Processor | |
| Ye et al. | Protecting Mobile Codes Using the Decentralized Label Model |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |