CN201126581Y - Biological personal identification apparatus based on UEFI - Google Patents
Biological personal identification apparatus based on UEFI Download PDFInfo
- Publication number
- CN201126581Y CN201126581Y CNU2007201707231U CN200720170723U CN201126581Y CN 201126581 Y CN201126581 Y CN 201126581Y CN U2007201707231 U CNU2007201707231 U CN U2007201707231U CN 200720170723 U CN200720170723 U CN 200720170723U CN 201126581 Y CN201126581 Y CN 201126581Y
- Authority
- CN
- China
- Prior art keywords
- biological
- uefi
- user
- computer
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
Images
Landscapes
- Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)
- Collating Specific Patterns (AREA)
Abstract
The utility mode is suitable for the field of computer safety, and provides a biological identity recognition device which comprises the following components: a UEFI chip, a trusted calculating chip and a biological characteristic information sensor which obtains the biological characteristic information through induction. The utility model furthermore increases the safety of the computer system by adopting a biological identity recognition technique under the base layer UEFI of the computer, integrating the algorithms for extracting the characteristics of the biological characteristic information in the UEFI chip and supporting the operation of graphics interface. The operation for identifying with the biological identity by the user is leaded to easier and the reliability is higher.
Description
Technical field
The utility model belongs to computer safety field, relates in particular to a kind of biological identity recognition device based on UEFI.
Background technology
Continuous development along with computer technology, information security becomes the focus that people pay close attention to, particularly on the airport, field such as bank, prison, respective government agencies, military establishment, enterprise computer infosystem, the identity identifying technology of safe ready seems extremely important.
At present, computer system adopts the method for " user ID+password " to carry out user's authentication and granted access control mostly, but password exists easily the potential safety hazard of forgeing, can stealing, easily crack, in a single day password is stolen or is cracked, loss can be very serious, can cause some important data not read and forget Password.
In order to address the above problem, people utilize the non-reproduction characteristics of physical trait, have imported the bio-identification identity validation technology.This biological secret key of characteristics of human body can't duplicate, and is stolen or pass into silence, and utilizes biological identification technology to carry out the identity identification, safety, reliable, accurately.Adopt biological " key ", you can carry the key of big string, also need not take a lot of trouble note or change password.And the system manager more needn't feel simply helpless because of forgetting Password.The biological identification technology product is easy to matching computer and safety, monitoring, management system integration all by means of modern computer technology, realizes automatic management.
This bio-identification identity validation technology is to utilize human body to carry out a kind of technology of authentication, by biological characteristic is taken a sample, extract unique feature and change into digital code by biological recognition system, and further these codes are formed template, when people's entity and biological recognition system carry out interactive authentication, recognition system is obtained its feature and is compared with the feature templates in the database, and determining whether coupling, thereby decision is to accept or refusal.The biological characteristic of User Recognition mainly contains hand-type, fingerprint, shape of face, iris, retina, sound, keystroke dynamics or the like, and wherein, fingerprint is the outstanding person in these biological characteristics, has fixing and unique characteristics.Equivalent risk is usurped in the loss that fingerprint recognition has avoided password, smart card to take place.
Mostly (Operating System OS) realizes down existing fingerprint identity recognizing technology, promptly adopts the user fingerprints authentication when the register system in operating system.The fingerprint identity recognizing technology brings great convenience to people, and security is greatly improved to a certain extent, but the storage of finger print data and the mode of storage also exist potential safety hazard, fingerprint is after collection converts template to, be to store, so the storage mode of the storage area of user fingerprints template and finger print information to be realized by rational security mechanism with the form of data.Realize the fingerprint identification under the OS of upper strata, level of security is not high, is easy to suffer assault.
(Basic Input and Output System BIOS) as the bottom kernel software, is the bridge between computer system hardware and the upper layer software (applications) to basic input-output system.Develop rapidly along with computer hardware and integrated circuit technique does not but change a lot, so restricted development of computer to a great extent.Traditional BIOS does not have unified standard or standard, and brand is many, compatible bad with hardware; Run on 16 real patterns, host-initiated speed is slow, and hardware initialization after the startup and self check time are long; The assembly language code, exploitation and maintenance cost height; BIOS will realize by limited 16 soft interruptions to the service that OS provides, the two coupling height, exploitation cost height.
In order to solve the problem that traditional B IOS faces, new BIOS standard and framework UEFI are suggested.The UEFI full name is Unified Extensible Firmware Interface, unified Extensible Firmware Interface, be a kind of opening be used to define interface specification between platform firmware and the operating system, so-called opening is exactly not rely on specific BIOS and Platform Implementation; UEFI is for operating system and the running status before starting provides a standard environment, how the control of systematically having stipulated computer system passes to operating system from starting preceding environment, it is a kind of high safe BIOS, supports clean boot, drives signature and hash (Hash) technology.The UEFI compatibility is good, run under 32 or 64 bit patterns, the toggle speed of computing machine is obviously accelerated, and modularization framework, C language development make the extensibility of software and reusability all very strong, and overcome the defective of traditional B IOS storage resources, support graphic interface.
The utility model content
The purpose of the utility model embodiment is to provide a kind of biological identity recognition device based on UEFI, be intended to solve prior art based on the biological identity recognition device under the OS cause the level of security of system low, the problem of user's inconvenient operation.
The purpose of the utility model embodiment is to provide a kind of biological identity recognition device based on UEFI, and described device comprises:
The UEFI chip comprises:
Biological identity identification information collecting unit is gathered user's biological identification data message;
Biological identity identification information eigenwert extraction unit extracts biological identification data information acquisition list
The eigenwert of the user's that unit gathers biological identification data message obtains biometric code;
Biometric code prestore unit, the biometric code of stored user in advance; And
The biometric code comparing unit is compared biological identity identification information eigenwert extraction unit user biological feature identification sign indicating number that extracts and the biometric code that prestores;
The Trusted Computing chip comprises:
Encrypt storage unit, the user biological feature identification sign indicating number that described biological identity identification information eigenwert extraction unit extracts is encrypted, the generation key is right, and private key is stored in the Trusted Computing chip, and PKI and data encrypted are stored in the protection subregion of hard disk; And
Obtain the biological information sensor of biological attribute data information by induction.
Another purpose of the utility model embodiment is to provide a kind of computer equipment, and described equipment comprises the biological identity recognition device of the above-mentioned UEFI of being applied to.
The utility model embodiment is by adopting biological identity recognizing technology under the bottom UEFI of computing machine, integrated bio characteristic information eigenwert extraction algorithm in the UEFI chip, the operation of support graphic interface, further improved the security of computer system, made the user adopt that biological authentication is more easy to operate, reliability is higher.
Description of drawings
Fig. 1 is a kind of biological identification system structural drawing based on UEFI that the utility model embodiment provides.
Embodiment
In order to make the purpose of this utility model, technical scheme and advantage clearer,, the utility model is further elaborated below in conjunction with drawings and Examples.Should be appreciated that specific embodiment described herein only in order to explanation the utility model, and be not used in qualification the utility model.
The utility model embodiment uses the bottom safety certification that UEFI realizes computing machine on the basis of safety hard disk and two key subsystems of Trusted Computing chip, under the prerequisite that guarantees user identity and hard disc data security, support the graphical user interface operation.
The Organization Chart of Fig. 1 shows that the utility model embodiment provides a kind of biological identity recognition device based on UEFI for convenience of explanation, only shows the part relevant with the utility model.This system comprises computer motherboard, safe hard disk, biological information sensor, and UEFI chip that computer motherboard carried and Trusted Computing chip, and operation has embedded micro-system (uOS) and protection hidden partition in the safe hard disk.
The Trusted Computing chip is the credible password module in the national Trusted Computing system, it is to be the computing module of core with the crypto-operation, be the core security control and the arithmetic unit of credible calculating platform, be independent of OS and BIOS or UEFI, not computed memory, external memory resource, inner realize standardization with the miscellaneous part interface, and the crypto-operation in the inner safe operation of carrying out is provided by defining disclosed security password algorithm.The Trusted Computing chip is in safety hard disk and the mutual authentication process of UEFI, and the Trusted Computing chip generates and provide the random number key of Virtual User.
The Trusted Computing built-in chip type is encrypted storage unit, and user biological feature identification sign indicating number is encrypted, and it is right to generate key, and private key is stored in the Trusted Computing chip, and PKI and data encrypted are stored in the protection subregion of hard disk.
Safe hard disk is used for carrying out encrypted command with main frame UEFI, OS and communicates by letter, and carries out the encryption and decryption operation of data turnover; And access according to the encrypted instruction of UEFI and to be stored in that the Trusted Computing chip is the random number key that Virtual User produces in the secure data district.
In the utility model, eigenwert and user login code that key data comprises the user profile that is used for verification, extracts from the user biological characteristic information.The user profile that is used for verification, and as be kept at the UEFI Flash (flash memory) from the fingerprint characteristic value that user fingerprint image is extracted, the user login code data are kept in the nonvolatile memory of Trusted Computing chip, to guarantee data security.
UEFI is by system management of embedded micro-kernel execute file and hardware resource management, execution is to the system resource management operation of Trusted Computing chip and safe hard disk, management Trusted Computing resources of chip (mobilizing function also calls in good time), realization is to the management of attached fail-safe software module, as management to the eigenwert extraction algorithm of primeval life feature (such as the fingerprint) information of the gathering algorithm consistent with safe hard disk enciphering and deciphering algorithm, be used for the storage administration of the data execution of initial key according to the user identity fingerprint characteristic value to the Trusted Computing chip, according to the identification strings of safety hard disk and UEFI verification process storage and management, and generate random number at safety hard disk and the mutual authentication invocation of procedure of UEFI randomizer to the Trusted Computing chip.
The biological identity identification information collecting unit of UEFI built-in chip type is gathered user's biological identification data message; Biological identity identification information eigenwert extraction unit extracts the eigenwert of the user's who gathers biological identification data information acquisition unit biological identification data message, obtains biometric code; Biometric code prestore unit, the biometric code of stored user in advance; The biometric code comparing unit is compared biological identity identification information eigenwert extraction unit user biological feature identification sign indicating number that extracts and the biometric code that prestores.
As an embodiment of the present utility model, the UEFI built-in chip type UEFI figure supporter, be used for calling the embedded system graphical interfaces that is stored in external unit, the management system pattern manipulation interface of hard disk.
(Universal Serial Bus, USB) interface is connected to mainboard to the biological information sensor, the collection of realization user's biological information and the input of user profile by USB (universal serial bus).
Among the utility model embodiment, the biological information sensor can be mainboard, keyboard, mouse or the casing surface that is flush-mounted in computing machine, also can be used as autonomous device and is connected with the UEFI chip by the data communication connecting line.The biological information sensor can be optical bio characteristic information sensor, semiconductor biological information sensor, ultrasound wave biological information sensor, comprises that also all can obtain the sensor of biological attribute data information by induction.
When the user is carried out authentication, biological information image by biological information sensor acquisition user, by embedded micro-kernel of UEFI and secure cryptographic algorithm the biological information image that collects is read in, extract the eigenwert of the biological information in the biological information image, then the eigenwert of the biological information that extracts is stored in the eigenwert of the biological information among the UEFI Flash (flash memory) with the deciphering of applied cryptography algorithm and the user profile in the Trusted Computing chip compares, realization user's authentication.
In the utility model, user's biological information comprises fingerprint, hand-type, shape of face, retina or the like.
The utility model embodiment not only can be used for computing machine, can also be used for any computer equipment that all have bottom UEFI, such as desktop computer, notebook computer, server, handheld device, touch screen computer and smart phone etc.
The utility model embodiment is by adopting biological identity recognizing technology under the bottom UEFI of computing machine, integrated fingerprint eigenwert extraction algorithm in the UEFI chip, the operation of support graphic interface, further improved the security of computer system, made the user adopt that biological authentication is more easy to operate, reliability is higher.
The above only is preferred embodiment of the present utility model; not in order to restriction the utility model; all any modifications of within spirit of the present utility model and principle, being done, be equal to and replace and improvement etc., all should be included within the protection domain of the present utility model.
Claims (5)
1, a kind of biological identity recognition device based on UEFI is characterized in that described device comprises:
The UEFI chip comprises:
Biological identity identification information collecting unit is gathered user's biological identification data message;
Biological identity identification information eigenwert extraction unit extracts the eigenwert of the user's who gathers biological identification data information acquisition unit biological identification data message, obtains biometric code;
Biometric code prestore unit, the biometric code of stored user in advance; And
The biometric code comparing unit is compared biological identity identification information eigenwert extraction unit user biological feature identification sign indicating number that extracts and the biometric code that prestores;
The Trusted Computing chip comprises:
Encrypt storage unit, the user biological feature identification sign indicating number that described biological identity identification information eigenwert extraction unit extracts is encrypted, the generation key is right, and private key is stored in the Trusted Computing chip, and PKI and data encrypted are stored in the protection subregion of hard disk; And
Obtain the biological information sensor of biological attribute data information by induction.
2, device as claimed in claim 1 is characterized in that, described UEFI built-in chip type UEFI figure supporter calls the embedded system graphical interfaces that is stored in the external unit, the management system pattern manipulation interface of hard disk.
3, device as claimed in claim 1 is characterized in that, described biological information sensor is flush-mounted in mainboard, keyboard, mouse or the casing surface of computing machine, perhaps is connected with the UEFI chip by the data communication connecting line as autonomous device; Described biological information sensor is optical bio characteristic information sensor, semiconductor biological information sensor, ultrasound wave biological information sensor or the sensor that can obtain biological attribute data information by induction.
4, a kind of computer equipment, described equipment comprise the biological identity recognition device of the UEFI of being applied to as claimed in claim 1.
5, computer equipment as claimed in claim 4, described equipment can be all any computer equipments that have bottom UEFI, such as desktop computer, notebook computer, server, handheld device, touch screen computer and smart phone.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNU2007201707231U CN201126581Y (en) | 2007-11-12 | 2007-11-12 | Biological personal identification apparatus based on UEFI |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNU2007201707231U CN201126581Y (en) | 2007-11-12 | 2007-11-12 | Biological personal identification apparatus based on UEFI |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN201126581Y true CN201126581Y (en) | 2008-10-01 |
Family
ID=40000048
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNU2007201707231U Expired - Lifetime CN201126581Y (en) | 2007-11-12 | 2007-11-12 | Biological personal identification apparatus based on UEFI |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN201126581Y (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102624699A (en) * | 2012-01-19 | 2012-08-01 | 歌尔声学股份有限公司 | Method and system for protecting data |
| CN102983969A (en) * | 2011-09-05 | 2013-03-20 | 国民技术股份有限公司 | Security login system and security login method for operating system |
| CN103761463A (en) * | 2014-01-13 | 2014-04-30 | 联想(北京)有限公司 | Information processing method and electronic device |
| CN104301295A (en) * | 2013-07-19 | 2015-01-21 | 中兴通讯股份有限公司 | Short-distance wireless communication transaction authentication method and system |
| CN106682531A (en) * | 2017-01-23 | 2017-05-17 | 济南浪潮高新科技投资发展有限公司 | Method for confidential data encryption based on biological information authorization |
| WO2019120322A3 (en) * | 2019-03-29 | 2020-01-23 | Alibaba Group Holding Limited | Managing cryptographic keys based on identity information |
| US11023620B2 (en) | 2019-03-29 | 2021-06-01 | Advanced New Technologies Co., Ltd. | Cryptography chip with identity verification |
| US11063749B2 (en) | 2019-03-29 | 2021-07-13 | Advanced New Technologies Co., Ltd. | Cryptographic key management based on identity information |
| US11251950B2 (en) | 2019-03-29 | 2022-02-15 | Advanced New Technologies Co., Ltd. | Securely performing cryptographic operations |
-
2007
- 2007-11-12 CN CNU2007201707231U patent/CN201126581Y/en not_active Expired - Lifetime
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102983969A (en) * | 2011-09-05 | 2013-03-20 | 国民技术股份有限公司 | Security login system and security login method for operating system |
| CN102983969B (en) * | 2011-09-05 | 2015-06-24 | 国民技术股份有限公司 | Security login system and security login method for operating system |
| CN102624699A (en) * | 2012-01-19 | 2012-08-01 | 歌尔声学股份有限公司 | Method and system for protecting data |
| CN102624699B (en) * | 2012-01-19 | 2015-07-08 | 歌尔声学股份有限公司 | Method and system for protecting data |
| CN104301295A (en) * | 2013-07-19 | 2015-01-21 | 中兴通讯股份有限公司 | Short-distance wireless communication transaction authentication method and system |
| CN103761463A (en) * | 2014-01-13 | 2014-04-30 | 联想(北京)有限公司 | Information processing method and electronic device |
| CN106682531A (en) * | 2017-01-23 | 2017-05-17 | 济南浪潮高新科技投资发展有限公司 | Method for confidential data encryption based on biological information authorization |
| WO2019120322A3 (en) * | 2019-03-29 | 2020-01-23 | Alibaba Group Holding Limited | Managing cryptographic keys based on identity information |
| US11023620B2 (en) | 2019-03-29 | 2021-06-01 | Advanced New Technologies Co., Ltd. | Cryptography chip with identity verification |
| US11063749B2 (en) | 2019-03-29 | 2021-07-13 | Advanced New Technologies Co., Ltd. | Cryptographic key management based on identity information |
| US11088831B2 (en) | 2019-03-29 | 2021-08-10 | Advanced New Technologies Co., Ltd. | Cryptographic key management based on identity information |
| US11251950B2 (en) | 2019-03-29 | 2022-02-15 | Advanced New Technologies Co., Ltd. | Securely performing cryptographic operations |
| US11251941B2 (en) | 2019-03-29 | 2022-02-15 | Advanced New Technologies Co., Ltd. | Managing cryptographic keys based on identity information |
| US11258591B2 (en) | 2019-03-29 | 2022-02-22 | Advanced New Technologies Co., Ltd. | Cryptographic key management based on identity information |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101436247B (en) | Biological personal identification method and system based on UEFI | |
| CN201126581Y (en) | Biological personal identification apparatus based on UEFI | |
| JP6239788B2 (en) | Fingerprint authentication method, apparatus, intelligent terminal, and computer storage medium | |
| JP5028194B2 (en) | Authentication server, client terminal, biometric authentication system, method and program | |
| CN100481107C (en) | An identity control method based on credibility platform module and fingerprint identifying | |
| CN102254119B (en) | Safe mobile data storage method based on fingerprint U disk and virtual machine | |
| CN109614799B (en) | Information authentication method | |
| CN101739622A (en) | Trusted payment computer system | |
| CN102024115B (en) | Computer with user security subsystem | |
| US11288349B2 (en) | System and method for authentication using biometric hash strings | |
| US11875605B2 (en) | User authentication for an information handling system using a secured stylus | |
| US20090006857A1 (en) | Method and apparatus for starting up a computing system | |
| CN108694310A (en) | Refer to vein identification computer lock system | |
| TWI724681B (en) | Managing cryptographic keys based on identity information | |
| CN202372990U (en) | USB (Universal Serial Bus) key with fingerprint identifying function | |
| CN202217282U (en) | Safety data memory system based on finger print universal serial bus (USB) flash disk and virtual machine | |
| CN106790237A (en) | A kind of authentication device and method based on living things feature recognition | |
| CN103456340A (en) | Safe movable hard disk and application method thereof | |
| CN201845340U (en) | Safety computer provided with user safety subsystem | |
| CN103207972B (en) | Device and method for recovering and analyzing login password of computer operation system | |
| CN109784022A (en) | System authentication method and device based on bio-identification under a kind of Linux | |
| Algarni | An Extra Security Measurement for Android Mobile Applications Using the Fingerprint Authentication Methodology | |
| CN1655505A (en) | Bank cashier safety system and method | |
| CN115967581A (en) | Login verification method and device, electronic equipment and storage medium | |
| CN2914193Y (en) | TPM fingerprint biological recognition system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CX01 | Expiry of patent term |
Granted publication date: 20081001 |