CN109508535B - Firmware security authentication method and device and payment terminal - Google Patents
Firmware security authentication method and device and payment terminal Download PDFInfo
- Publication number
- CN109508535B CN109508535B CN201811277132.3A CN201811277132A CN109508535B CN 109508535 B CN109508535 B CN 109508535B CN 201811277132 A CN201811277132 A CN 201811277132A CN 109508535 B CN109508535 B CN 109508535B
- Authority
- CN
- China
- Prior art keywords
- file
- firmware
- security level
- level
- downloaded
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/572—Secure firmware programming, e.g. of basic input output system [BIOS]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The invention is suitable for the technical field of terminal processing, and provides a firmware security authentication method, a firmware security authentication device and a payment terminal, wherein the method comprises the following steps: acquiring the security level of a firmware file to be downloaded, and judging whether the security level of the firmware file to be downloaded meets a preset security level; downloading the firmware file when the security level of the firmware file to be downloaded meets the preset security level, wherein the firmware file comprises a BOOT file or an OS file; starting the BOOT file to obtain the security level of the BOOT file; and judging whether the security level of the OS file meets the security level of the BOOT file, and if so, starting the OS file according to the BOOT file. The invention can ensure that the firmware file can be switched from the low version to the high version and can not be returned from the high version to the low version, thereby avoiding the firmware file from being distorted and improving the safety of the system.
Description
Technical Field
The invention belongs to the technical field of terminal processing, and particularly relates to a firmware security authentication method and device and a payment terminal.
Background
With the development Of the card swiping habit, POS (Point Of Sale) is gaining more and more widespread use. Meanwhile, more and more people begin to research the POS and obtain illegal benefits by using the loophole of the POS. In order to improve the security of the whole POS, the China Unionpay proposes an authorization scheme. After the authorized function is added, high cost is brought to after-sale maintenance, debugging and maintenance when software is upgraded, part of customers can select unauthorized software, and due to the fact that the unauthorized software and the authorized software coexist for a long time, the possibility of switching firmware is provided for illegal personnel, and the safety of the POS is reduced.
Disclosure of Invention
In view of this, embodiments of the present invention provide a firmware security authentication method, an apparatus, and a payment terminal, so as to solve the problem in the prior art that a firmware in a POS is easily switched, so that the security of the POS is low.
A first aspect of an embodiment of the present invention provides a firmware security authentication method, including:
acquiring the security level of a firmware file to be downloaded, and judging whether the security level of the firmware file to be downloaded meets a preset security level;
downloading the firmware file when the security level of the firmware file to be downloaded meets the preset security level, wherein the firmware file comprises a BOOT file or an OS file;
starting the BOOT file to obtain the security level of the BOOT file;
and judging whether the security level of the OS file meets the security level of the BOOT file, and if so, starting the OS file according to the BOOT file.
Optionally, the firmware security authentication method further includes:
and writing the firmware file into a Flash area when the security level of the firmware file to be downloaded meets the preset security level.
Optionally, the downloading the firmware file when the security level of the firmware file to be downloaded meets the preset security level includes:
and when the safety level of the BOOT file is greater than the preset safety level, writing the safety level of the BOOT file into a Fuse area, wherein the safety level in the Fuse area is set as the preset safety level.
Optionally, the firmware security authentication method further includes:
and if the downloaded firmware file has a bug, increasing the security level of the firmware file to be downloaded currently.
A second aspect of an embodiment of the present invention provides a firmware security authentication apparatus, including:
the system comprises a security level judging module, a security level judging module and a downloading module, wherein the security level judging module is used for acquiring the security level of a firmware file to be downloaded and judging whether the security level of the firmware file to be downloaded meets a preset security level or not;
the firmware downloading module is used for downloading the firmware file when the security level of the firmware file to be downloaded meets the preset security level, wherein the firmware file comprises a BOOT file or an OS file;
the BOOT file starting module is used for starting the BOOT file and acquiring the security level of the BOOT file;
and the OS file starting module is used for judging whether the security level of the OS file meets the security level of the BOOT file or not, and if so, starting the OS file according to the BOOT file.
Optionally, the firmware downloading module is further configured to:
and writing the firmware file into a Flash area when the security level of the firmware file to be downloaded meets the preset security level.
Optionally, the firmware downloading module is specifically configured to:
and when the safety level of the BOOT file is greater than the preset safety level, writing the safety level of the BOOT file into a Fuse area, wherein the safety level in the Fuse area is set as the preset safety level.
Optionally, the firmware downloading module is further configured to:
and if the downloaded firmware file has a bug, increasing the security level of the firmware file to be downloaded currently.
A third aspect of the embodiments of the present invention provides a payment terminal, including a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor implements the steps of the firmware security authentication method according to any one of the above items when executing the computer program.
A fourth aspect of embodiments of the present invention provides a computer-readable storage medium storing a computer program which, when executed by a processor, implements the steps of the firmware security authentication method according to any one of the above.
Compared with the prior art, the embodiment of the invention has the following beneficial effects: the method comprises the steps of obtaining the security level of a firmware file to be downloaded, comparing the security level of the firmware file to be downloaded with a preset security level, and only downloading the firmware file when the first security level is greater than or equal to the preset security level, so that the firmware file can be switched from a low version to a high version and cannot be backed from the high version to the low version; and then when the firmware file is started, judging whether the security level of the OS file meets the security level of the BOOT file, if so, starting the OS file according to the BOOT file, avoiding the situation that the firmware file is tampered and the system cannot be started, and improving the security of the machine.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the embodiments or the prior art descriptions will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive exercise.
Fig. 1 is a schematic flowchart of an implementation flow of a firmware security authentication method provided in an embodiment of the present invention;
fig. 2 is a schematic diagram of a specific implementation flow of step S103 and step S104 in fig. 1;
FIG. 3 is a schematic structural diagram of a firmware security authentication apparatus according to an embodiment of the present invention;
fig. 4 is a schematic diagram of a payment terminal provided in an embodiment of the present invention.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth, such as particular system structures, techniques, etc. in order to provide a thorough understanding of the embodiments of the invention. It will be apparent, however, to one skilled in the art that the present invention may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present invention with unnecessary detail.
In order to explain the technical means of the present invention, the following description will be given by way of specific examples.
Example one
The embodiment provides a firmware security authentication method, which is applicable to a POS, where the POS mainly includes a firmware file, a Central Processing Unit (CPU), and the like. The central processing unit may include a Fuse area and a Flash area, but is not limited to include the Fuse area and the Flash area. Wherein, the Fuse area is a one-time program writing area, and the modification is not allowed subsequently.
Referring to fig. 1, an implementation flow of the firmware security authentication method is detailed as follows:
step S101, obtaining the security level of the firmware file to be downloaded, and judging whether the security level of the firmware file to be downloaded meets a preset security level.
Each system file in the firmware files defines a corresponding security level variable, the security level variable represents the security level of the firmware file, when the security level variable of the firmware file is 0, the firmware file is represented as an unauthorized version, when the security level variable of the firmware file is greater than 0, the firmware file is represented as an authorized version, and the greater the security level variable value, the higher the security level of the firmware file.
In practical application, the software system in the POS mainly includes: before downloading the application program, signature verification needs to be carried out on firmware files (the BOOTROM file, the BOOT file and the OS file), the BOOTROM file verifies the signature of the BOOT file, and the BOOT file is loaded to run after the verification is passed; the BOOT file verifies the signature of the OS file, and the OS file is loaded to run after the verification is passed; the OS file verifies the APP signature, and the APP can be operated after the verification is passed.
And S102, downloading the firmware file when the security level of the firmware file to be downloaded meets the preset security level, wherein the firmware file comprises a BOOT file or an OS file.
The safety level in the Fuse area is set as a preset safety level, and the initial value of the safety level in the Fuse area is set to be 0 or 1.
For example, if the security level in the Fuse area of the POS is 1, taking the security level 1 in the Fuse area as the preset security level, so that the POS can only download the BOOT file not less than the security level 1; or when the POS is in a factory setting state, the security level in the Fuse area is 0, so as long as the security level of the firmware file to be downloaded is greater than 0, the firmware file is allowed to be downloaded. The security level in the Fuse area is set to be a preset security level, so that the security level in the Fuse area can be prevented from being tampered, the firmware file can be switched from a low version (low security level) to a high version (high security level), and the firmware file cannot be backed from the high version to the low version.
In this embodiment, when the security level of the firmware does not meet the preset security level, the system may pop up a window alarm to prompt that the firmware file to be downloaded is illegal.
In one embodiment, when the security level of the firmware file to be downloaded meets the preset security level, the firmware file is written into a Flash area.
For example, when the security level of the BOOT file meets the preset security level, writing the BOOT file into a Flash area; or when the security level of the OS file meets the preset security level, writing the OS file into the Flash area. The firmware file is written into the Flash area, so that even if an illegal person downloads the low-version firmware in a Flash burning mode to cause a bug, the system cannot be started normally.
In an embodiment, in step S102, when the security level of the firmware file to be downloaded meets the preset security level, a specific implementation procedure of downloading the firmware file may include:
and when the safety level of the BOOT file is greater than the preset safety level, writing the safety level of the BOOT file into a Fuse area, wherein the safety level in the Fuse area is set as the preset safety level.
In practical applications, the preset security level is written in the Fuse area. The initial value of the preset security level may be 0, and according to the above process, the preset security level can only be written from 0 to 1, and cannot be written from 1 to 0. The Fuse area stores the preset security level in the following format:
by analogy, the number of security levels is 1, and the embodiment adopts a storage space of two bytes, so that the embodiment can support 16 security levels.
Specifically, when the security level of the BOOT file is greater than the preset security level, it is indicated that the version of the BOOT file to be downloaded is greater than the version of the downloaded BOOT file, at this time, the security level of the BOOT file is written into a Fuse area, and the security level of the Fuse area is the preset security level.
In addition, when the security level of the BOOT file is less than the preset security level, the BOOT file to be downloaded is prohibited from being downloaded at the moment, namely the BOOT file fails to be downloaded; and when the safety level of the BOOT file is greater than or equal to the preset safety level, writing the BOOT file to be downloaded into the Flash area and starting the BOOT file.
Step S103, starting the BOOT file and obtaining the security level of the BOOT file.
And step S104, judging whether the security level of the OS file meets the security level of the BOOT file, and if so, starting the OS file according to the BOOT file.
Specifically, after the BOOT file is started, whether the security level of the OS file to be started is greater than or equal to the security level of the BOOT file is determined, and if the security level of the OS file to be started is greater than or equal to the security level of the BOOT file, it is indicated that the security level of the OS file to be started is higher than the security level of the BOOT file to be started, or the security level of the OS file to be started is equal to the security level of the BOOT file to be started, the OS file is started, and if the security level of the OS file to be started is less than the security level of the BOOT file, the start fails.
In an embodiment, referring to fig. 2, a flowchart of a specific implementation of step S103 and step S104 in fig. 1 is shown, where SecLevel is a preset security level variable, BootSecLevel is a security level variable of a BOOT file, and osceclevel is a security level variable of an OS file, which is detailed as follows:
step S201, start. I.e. into the boot-up procedure of the downloaded firmware file.
Step S202, loading the SecLevel parameter of the Fuse area.
Step S203, judging whether BootSecLevel is greater than SecLevel; if BootSecLevel is greater than SecLevel, entering step S204; if the BootSecLevel is not greater than the SecLevel, the process goes to step S205, step S204, where the BootSecLevel is written into the Fuse area, and then the process goes to step S207.
Step S205, when BootSecLevel is not greater than SecLevel, judging whether BootSecLevel is less than SecLevel; if BootSecLevel is equal to SecLevel, go to step S207; if BootSecLevel is less than SecLevel, the process proceeds to step S206.
In step S206, the start fails.
In step S207, the BOOT is started, and the process advances to step S208.
Step S208, reading OsSecLevel.
Step S209, judging whether BootSecLevel is greater than OsSecLevel; if BootSecLevel is greater than OsSecLevel, entering step S206; if BootSecLevel is not greater than OsSecLevel, go to step S210.
In step S210, the OS is started.
In the process, the preset security level of the Fuse area may be a security level of a downloaded firmware file, for example, a security level of a BOOT file. In this embodiment, when the OS file is started, whether the security level of the OS file meets the security level of the BOOT file is verified, so as to prevent an illegal person from tampering with the firmware file downloaded to the Flash area to run the low-version firmware file, thereby effectively avoiding the risk that the firmware file of the POS is backed to the non-secure version, and further improving the security of the POS.
In one embodiment, the firmware security authentication method further includes: and if the downloaded firmware file has a bug, increasing the security level of the firmware file to be downloaded currently.
For example, the security level variable of the firmware file originally downloaded in the POS is 1, and when a firmware file with the security level variable of 1 is found to have a bug, the security level value of the firmware file to be currently downloaded is upgraded to 2, so that the POS does not download or run the firmware file with the security level variable of 1.
According to the firmware safety authentication method, the safety level of a firmware file to be downloaded is compared with the preset safety level, the firmware is downloaded under the condition that the condition is met, the safety level of the BOOT file is written into a Fuse area to indicate that the safety level of the firmware file currently operated by the system is the preset safety level, the downloaded firmware is written into a Flash area, the safety level of the OS file is compared with the safety level of the BOOT file when the OS file is started, and the OS file is started afterwards.
It should be understood by those skilled in the art that the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present invention.
Example two
Fig. 3 is a block diagram of a firmware security authentication apparatus according to a second embodiment of the present invention, which corresponds to the firmware security authentication method according to the first embodiment. For convenience of explanation, only the portions related to the present embodiment are shown.
The device includes: a security level judging module 110, a firmware downloading module 120, a BOOT file starting module 130 and an OS file starting module 140.
The security level determining module 110 is configured to obtain a security level of a firmware file to be downloaded, and determine whether the security level of the firmware file to be downloaded meets a preset security level.
The firmware downloading module 120 is configured to download the firmware file when the security level of the firmware file to be downloaded meets the preset security level, where the firmware file includes a BOOT file or an OS file.
The BOOT file starting module 130 is configured to start the BOOT file, and obtain a security level of the BOOT file.
The OS file starting module 140 is configured to determine whether the security level of the OS file meets the security level of the BOOT file, and if so, start the OS file according to the BOOT file.
Optionally, the firmware downloading module 120 is further configured to: and writing the firmware file into a Flash area when the security level of the firmware file to be downloaded meets the preset security level.
Optionally, the firmware downloading module 120 is specifically configured to: and when the safety level of the BOOT file is greater than the preset safety level, writing the safety level of the BOOT file into a Fuse area, wherein the safety level in the Fuse area is set as the preset safety level.
Optionally, the firmware downloading module 120 is further configured to: and if the downloaded firmware file has a bug, increasing the security level of the firmware file to be downloaded currently.
In the firmware safety certification device, the safety level judgment module 110 compares the safety level of the firmware file to be downloaded with a preset safety level, the firmware downloading module 120 finishes downloading the firmware under the condition that the condition is met, and writes the safety level of the BOOT file into a Fuse area to indicate that the safety level of the firmware file currently operated by the system is the preset safety level, the downloaded firmware is written into a Flash area, the OS file starting module 140 compares the safety level of the OS file with the safety level of the BOOT file when starting the OS file, and the OS file is started afterwards.
EXAMPLE III
Fig. 4 is a schematic diagram of the payment terminal 100 according to the third embodiment of the present invention. As shown in fig. 4, the payment terminal 100 according to this embodiment includes: a processor 150, a memory 160, and a computer program 161, such as a program for a firmware security authentication method, stored in the memory 160 and executable on the processor 150. The processor 150, when executing the computer program 161, implements the steps in the above-described embodiments of the firmware security authentication method, such as the steps S101 to S104 shown in fig. 1. Alternatively, the processor 150, when executing the computer program 161, implements the functions of each module/unit in each device embodiment described above, for example, the functions of the modules 110 to 140 shown in fig. 3.
Illustratively, the computer program 161 may be partitioned into one or more modules/units that are stored in the memory 160 and executed by the processor 150 to implement the present invention. The one or more modules/units may be a series of computer program instruction segments capable of performing specific functions, which are used to describe the execution of the computer program 161 in the payment terminal 100. For example, the computer program 161 may be divided into a security level determination module, a firmware download module, a BOOT file startup module, and an OS file startup module, where the specific functions of each module are as follows:
the safety grade judging module is used for acquiring the safety grade of the firmware file to be downloaded and judging whether the safety grade of the firmware file to be downloaded meets a preset safety grade.
The firmware downloading module is used for downloading the firmware file when the security level of the firmware file to be downloaded meets the preset security level, wherein the firmware file comprises a BOOT file or an OS file.
And the BOOT file starting module is used for starting the BOOT file and acquiring the security level of the BOOT file.
And the OS file starting module is used for judging whether the security level of the OS file meets the security level of the BOOT file or not, and if so, starting the OS file according to the BOOT file.
Optionally, the firmware downloading module is further configured to: and writing the firmware file into a Flash area when the security level of the firmware file to be downloaded meets the preset security level.
Optionally, the firmware downloading module is specifically configured to: and when the safety level of the BOOT file is greater than the preset safety level, writing the safety level of the BOOT file into a Fuse area, wherein the safety level in the Fuse area is set as the preset safety level.
Optionally, the firmware downloading module is further configured to: and if the downloaded firmware file has a bug, increasing the security level of the firmware file to be downloaded currently.
The payment terminal 100 may be a desktop computer, a notebook, a palm computer, a cloud server, or other computing devices. The payment terminal 100 may include, but is not limited to, a processor 150, a memory 160. Those skilled in the art will appreciate that fig. 4 is merely an example of the payment terminal 100 and does not constitute a limitation of the payment terminal 100 and may include more or less components than those shown, or some components in combination, or different components, e.g., the payment terminal 100 may also include input and output devices, network access devices, buses, etc.
The Processor 150 may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic, discrete hardware components, etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory 160 may be an internal storage unit of the payment terminal 100, such as a hard disk or a memory of the payment terminal 100. The memory 160 may also be an external storage device of the payment terminal 100, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card) and the like provided on the payment terminal 100. Further, the memory 160 may also include both an internal storage unit and an external storage device of the payment terminal 100. The memory 160 is used to store the computer program and other programs and data required by the payment terminal 100. The memory 160 may also be used to temporarily store data that has been output or is to be output.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and reference may be made to the related descriptions of other embodiments for parts that are not described or illustrated in a certain embodiment.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
In the embodiments provided by the present invention, it should be understood that the disclosed apparatus/payment terminal and method may be implemented in other ways. For example, the above-described embodiments of the device/payment terminal are merely illustrative, and for example, the division of the modules or units is only one logical division, and there may be other divisions when actually implemented, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated modules/units, if implemented in the form of software functional units and sold or used as separate products, may be stored in a computer readable storage medium. Based on such understanding, all or part of the flow of the method according to the embodiments of the present invention may also be implemented by a computer program, which may be stored in a computer-readable storage medium, and when the computer program is executed by a processor, the steps of the method embodiments may be implemented. Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer-readable medium may include: any entity or system capable of carrying said computer program code, recording medium, usb disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-Only Memory (ROM), Random Access Memory (RAM), electrical carrier wave signals, telecommunications signals, software distribution medium, etc. It should be noted that the computer readable medium includes content that can be appropriately increased or decreased according to the requirements of legislation and patent practice in jurisdictions, for example, in some jurisdictions, computer readable media does not include electrical carrier signals and telecommunication signals according to legislation and patent practice.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the same; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present invention, and are intended to be included within the scope of the present invention.
Claims (10)
1. A method for secure authentication of firmware, comprising:
acquiring the security level of a firmware file to be downloaded, and judging whether the security level of the firmware file to be downloaded meets a preset security level; wherein, the safety level in the Fuse area is set as a preset safety level;
when the security level of the firmware file to be downloaded meets the preset security level, downloading the firmware file, including: comparing the security level of the firmware file to be downloaded with a preset security level, and downloading the firmware file when the security level of the firmware file to be downloaded is greater than or equal to the preset security level, wherein the firmware file comprises a BOOT file or an OS file;
starting the BOOT file to obtain the security level of the BOOT file;
and judging whether the security level of the OS file meets the security level of the BOOT file, and if so, starting the OS file according to the BOOT file.
2. The firmware security authentication method of claim 1, further comprising:
and writing the firmware file into a Flash area when the security level of the firmware file to be downloaded meets the preset security level.
3. The firmware security authentication method of claim 2, wherein the downloading the firmware file when the security level of the firmware file to be downloaded meets the preset security level comprises:
and when the safety level of the BOOT file is greater than the preset safety level, writing the safety level of the BOOT file into a Fuse area, wherein the safety level in the Fuse area is set as the preset safety level.
4. A firmware security authentication method as claimed in any one of claims 1 to 3, further comprising:
and if the downloaded firmware file has a bug, increasing the security level of the firmware file to be downloaded currently.
5. A firmware security authentication apparatus, comprising:
the system comprises a security level judging module, a security level judging module and a downloading module, wherein the security level judging module is used for acquiring the security level of a firmware file to be downloaded and judging whether the security level of the firmware file to be downloaded meets a preset security level or not; wherein, the safety level in the Fuse area is set as a preset safety level;
a firmware downloading module, configured to download the firmware file when the security level of the firmware file to be downloaded meets the preset security level, including: comparing the security level of the firmware file to be downloaded with a preset security level, and downloading the firmware file when the security level of the firmware file to be downloaded is greater than or equal to the preset security level, wherein the firmware file comprises a BOOT file or an OS file;
the BOOT file starting module is used for starting the BOOT file and acquiring the security level of the BOOT file;
and the OS file starting module is used for judging whether the security level of the OS file meets the security level of the BOOT file or not, and if so, starting the OS file according to the BOOT file.
6. The firmware security authentication apparatus of claim 5, wherein the firmware download module is further configured to:
and writing the firmware file into a Flash area when the security level of the firmware file to be downloaded meets the preset security level.
7. The firmware security authentication device of claim 6, wherein the firmware download module is specifically configured to:
and when the safety level of the BOOT file is greater than the preset safety level, writing the safety level of the BOOT file into a Fuse area, wherein the safety level in the Fuse area is set as the preset safety level.
8. The firmware security authentication device of any one of claims 5 to 7, wherein the firmware download module is further configured to:
and if the downloaded firmware file has a bug, increasing the security level of the firmware file to be downloaded currently.
9. Payment terminal comprising a memory, a processor and a computer program stored in said memory and executable on said processor, characterized in that said processor, when executing said computer program, carries out the steps of the method according to any one of claims 1 to 4.
10. A computer-readable storage medium storing a computer program, wherein the computer program, when executed by a processor, implements the steps of the method according to any one of claims 1 to 4.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811277132.3A CN109508535B (en) | 2018-10-30 | 2018-10-30 | Firmware security authentication method and device and payment terminal |
| PCT/CN2019/114321 WO2020088516A1 (en) | 2018-10-30 | 2019-10-30 | Firmware security authentication method, device and payment terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811277132.3A CN109508535B (en) | 2018-10-30 | 2018-10-30 | Firmware security authentication method and device and payment terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109508535A CN109508535A (en) | 2019-03-22 |
| CN109508535B true CN109508535B (en) | 2021-07-13 |
Family
ID=65747174
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811277132.3A Active CN109508535B (en) | 2018-10-30 | 2018-10-30 | Firmware security authentication method and device and payment terminal |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN109508535B (en) |
| WO (1) | WO2020088516A1 (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109508535B (en) * | 2018-10-30 | 2021-07-13 | 百富计算机技术(深圳)有限公司 | Firmware security authentication method and device and payment terminal |
| CN111966970B (en) | 2020-07-31 | 2021-05-07 | 深圳比特微电子科技有限公司 | Method and device for preventing firmware of digital currency mining machine from backing and digital currency mining machine |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101470610A (en) * | 2007-12-25 | 2009-07-01 | 英业达股份有限公司 | Updating method of program used for test |
| CN102662714A (en) * | 2012-04-17 | 2012-09-12 | 中标软件有限公司 | Linux operation system and startup method thereof |
| CN106201640A (en) * | 2016-09-19 | 2016-12-07 | 杭州迪普科技有限公司 | A kind of method and device of BootLoader program of upgrading |
| CN108228222A (en) * | 2017-12-27 | 2018-06-29 | 努比亚技术有限公司 | A kind of upgrade method of firmware data, mobile terminal and computer storage media |
Family Cites Families (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101034991B (en) * | 2007-04-06 | 2011-05-11 | 中兴通讯股份有限公司 | Secure guiding system, method, code signature construction method and authentication method |
| CN102105883A (en) * | 2008-06-23 | 2011-06-22 | Nxp股份有限公司 | Electronic device and method of software or firmware updating of an electronic device |
| CN101826026A (en) * | 2010-04-12 | 2010-09-08 | 中兴通讯股份有限公司 | Embedded equipment and on-line updating system and method of firmware in embedded equipment |
| US9665719B2 (en) * | 2012-06-04 | 2017-05-30 | Oracle International Corporation | System and method for supporting host-based firmware upgrade of input/output (I/O) devices in a middleware machine environment |
| CN102981881B (en) * | 2012-12-10 | 2018-03-27 | 中兴通讯股份有限公司 | A kind of method and system for preventing updating mobile terminal to illegal firmware version |
| US20140250290A1 (en) * | 2013-03-01 | 2014-09-04 | St-Ericsson Sa | Method for Software Anti-Rollback Recovery |
| CN103530150B (en) * | 2013-10-10 | 2017-03-01 | 上海爱数信息技术股份有限公司 | A kind of long-range method updating of (SuSE) Linux OS |
| CN103927490A (en) * | 2014-04-25 | 2014-07-16 | 华为技术有限公司 | OS secure startup method and device |
| CN104008342B (en) * | 2014-06-06 | 2017-12-15 | 山东超越数控电子股份有限公司 | A kind of method that secure and trusted certification is realized by BIOS and kernel |
| CN105183529A (en) * | 2015-10-29 | 2015-12-23 | 浪潮(北京)电子信息产业有限公司 | Method for refreshing server firmware, target server, source server and system |
| CN105549974A (en) * | 2015-12-09 | 2016-05-04 | 合肥联宝信息技术有限公司 | Chip firmware updating method and system |
| US20170308705A1 (en) * | 2016-04-22 | 2017-10-26 | Qualcomm Incorporated | System, device and method for anti-rollback protection of over-the-air updated device images |
| CN107908416A (en) * | 2017-12-28 | 2018-04-13 | 惠州Tcl家电集团有限公司 | Microcontroller firmware upgrade method, device and computer-readable recording medium |
| CN109508535B (en) * | 2018-10-30 | 2021-07-13 | 百富计算机技术(深圳)有限公司 | Firmware security authentication method and device and payment terminal |
-
2018
- 2018-10-30 CN CN201811277132.3A patent/CN109508535B/en active Active
-
2019
- 2019-10-30 WO PCT/CN2019/114321 patent/WO2020088516A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101470610A (en) * | 2007-12-25 | 2009-07-01 | 英业达股份有限公司 | Updating method of program used for test |
| CN102662714A (en) * | 2012-04-17 | 2012-09-12 | 中标软件有限公司 | Linux operation system and startup method thereof |
| CN106201640A (en) * | 2016-09-19 | 2016-12-07 | 杭州迪普科技有限公司 | A kind of method and device of BootLoader program of upgrading |
| CN108228222A (en) * | 2017-12-27 | 2018-06-29 | 努比亚技术有限公司 | A kind of upgrade method of firmware data, mobile terminal and computer storage media |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109508535A (en) | 2019-03-22 |
| WO2020088516A1 (en) | 2020-05-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11113404B2 (en) | Securing operating system configuration using hardware | |
| US9881162B2 (en) | System and method for auto-enrolling option ROMS in a UEFI secure boot database | |
| CN107330333B (en) | Method and device for ensuring safety of firmware of POS (point-of-sale) machine | |
| US8745612B1 (en) | Secure versioning of software packages | |
| US9589139B2 (en) | Method and device for altering a unified extensible firmware interface (UEFI) secure boot process in a computing device | |
| KR101702289B1 (en) | Continuation of trust for platform boot firmware | |
| US8874892B1 (en) | Assessing BIOS information prior to reversion | |
| KR101229148B1 (en) | Protecting interfaces on processor architectures | |
| TWI607376B (en) | System and method for processing requests to alter system security databases and firmware stores in a unified extensible firmware interface-compliant computing device | |
| US8776040B2 (en) | Protection for unauthorized firmware and software upgrades to consumer electronic devices | |
| US8856771B2 (en) | Protection for unauthorized firmware and software upgrades to consumer electronic devices | |
| CN108229144B (en) | Verification method of application program, terminal equipment and storage medium | |
| US20170255775A1 (en) | Software verification systems with multiple verification paths | |
| US20130104188A1 (en) | Secure option rom control | |
| US10592661B2 (en) | Package processing | |
| US9659171B2 (en) | Systems and methods for detecting tampering of an information handling system | |
| CN109508535B (en) | Firmware security authentication method and device and payment terminal | |
| CN111160879A (en) | Hardware wallet and security improving method and device thereof | |
| US10019577B2 (en) | Hardware hardened advanced threat protection | |
| CN111177732B (en) | System debugging mode control method and system and electronic equipment | |
| US10262309B1 (en) | Augmenting a BIOS with new programs | |
| EP3176723A1 (en) | Computer system and operating method therefor | |
| KR20230082388A (en) | Apparatus for verifying bootloader of ecu and method thereof | |
| CN107220546B (en) | Application running method and device and terminal equipment | |
| CN107295177B (en) | Application disabling method and device and terminal equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |