跳到主要內容

簡易檢索 / 詳目顯示

回結果列表
研究生: 陳奕彰
Yi-Chang Chen
論文名稱: 設計與實作一個嵌入式電腦防竊系統
Design and Implementation of an embedded anti-theft system
指導教授: 許健平
Jang-Ping Sheu
口試委員:
學位類別: 碩士
Master
系所名稱: 資訊電機學院 - 資訊工程學系在職專班
Executive Master of Computer Science & Information Engineering
畢業學年度: 98
語文別: 中文
論文頁數: 57
中文關鍵詞: 嵌入式系統隱藏硬碟區域系統管理模式防竊系統
外文關鍵詞: Anti-theft, SMM, HAD, Embedded system
相關次數: 點閱:15下載:0
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報

    • 近年來,可攜式電腦的普及率不斷提升,所提供的行動性與便利性改變了人們使用
    電腦的方式。不幸地,在輕巧便於攜帶的背後,卻潛藏著因電腦遺失或失竊而造成資料
    安全性的問題。一般而言,儲存在可攜式電腦中的重要資料,其價值遠高於電腦本身硬
    體之價值。因此,如何保護遺失或失竊電腦內所儲存的重要資料,是一項重要的研究議
    題。
    本論文中,我們設計與實作一套應用網路技術之可攜式電腦防竊系統(NAS:
    Network Anti-theft System)。讓可攜式電腦於遺失或失竊後,自動連接有線或無線網路,
    並回傳所連接網路之路由器的IP 位址至後端伺服器,透過伺服器內的資料庫,轉換IP
    位址為實際地理位置,讓使用者能進行追蹤定位。此外,為了保護該電腦內的檔案資料,
    使用者可透過網路進行遠端控制,取回或刪除重要檔案資料,或鎖定電腦等,達到電腦
    的防竊保護。本系統包含三個主要模組NAS-Core、NAS-EOS 與NAS-Server。透過三個
    模組間環環相扣之相互檢驗機制,來確保系統的安全。其中,NAS-Core 是建構於韌體
    層的安全檢驗核心,結合SMM (System Management Mode)與HAD (Hidden Disk Areas)
    技術,避免軟體程式被惡意的窺探與竄改,而達到嚴密的安全防護。而NAS-EOS 是一
    個嵌入式系統,讓本系統在不依靠使用者的作業系統環境,與網路驅動程式的協助,即
    可完成與遠端伺服器的通訊。最後的NAS-Server 則裝有Web 與資料庫伺服器,提供使
    用者網頁介面以進行遠端控制,與儲存目前電腦的安全狀態資訊等資料。
    本系統將電腦的安全狀態資訊,存放於獨立的非揮發性記憶體中,藉由韌體無法被
    輕易移除或關閉的特性,確保系統有較高的安全性。實驗結果證明,本系統在機器遺失
    後,能立即啟動防護,且使用者能進行追蹤定位與遠端控制等功能。

    The way of computer usage has changed a great deal in recent years due to the mobility
    and convenience provided by mobile computers. Unfortunately, because of they are portable,
    the risks, such as theft and its associated loss of data, have increased as well. The data stored
    in the computer is usually far more valuable to the owner than the hardware itself; therefore,
    the protection against the loss of data is an important research issue.
    In this paper, we designed and implemented a Network Anti-theft System (NAS). The
    NAS allows the mobile computers to connect to the internet through wired or wireless
    network, and transmits their current router IP addresses to a backend server. From the server,
    the IP addresses can be used to find the positions of the users. Our system can not only protect
    the data inside the computer but also the user can retrieve or delete the data remotely, or to
    lock the computer preventing from further access. NAS has three primary modules,
    NAS-Core, NAS-EOS, and NAS-Server. Security is achieved through the interactions
    between these three modules. NAS-Core is the kernel module for security check process in
    the firmware layer. By combining the System Management Mode (SMM) and Hidden Disk
    Areas (HAD), it prevents the user’s password or key from being viewed and changed by
    malicious software. NAS-EOS is an embedded system that allows the system to connect to a
    remote server without relying on the operating systems. Lastly, NAS-Server is a web and
    database server which stores status of the computer and allows the user to remote control
    through its web interface.
    This system stores the security status of the computer into non-volatile memory. Since
    the firmware is difficult to be removed or shut down, it increases the safety of our system.
    Experiments have shown that the proposed system can activate immediately upon the loss of
    mobile computer and allows the user to track its position and remote control the lost
    computer.

    第一章 簡介 ......................................................................................................... 1 第二章 相關研究 ................................................................................................. 3 2.1 應用程式層 .............................................................................................................. 5 2.2 韌體層結合應用程式層 .......................................................................................... 9 2.3 硬體層 .................................................................................................................... 14 2.4 純韌體層 ................................................................................................................ 15 第三章 系統功能與架構 ................................................................................... 18 3.1 系統架構與運作流程 ............................................................................................ 18 3.2 系統功能 ................................................................................................................ 19 3.2.1 遠端操控功能 ............................................................................................ 19 3.2.2 查詢IP 位址對應實際地理位置功能 ....................................................... 20 3.2.3 利用IP 位址或是無線訊號限制可攜式電腦之使用範圍 ....................... 21 3.2.4 雲端資料備份功能 .................................................................................... 22 3.3 系統模組 ................................................................................................................ 23 3.2.1 NAS-Core 模組 ........................................................................................... 24 3.2.2 NAS-EOS 模組 ............................................................................................ 26 3.2.3 NAS-Server 模組 ......................................................................................... 27 第四章 系統設計與實作 ................................................................................... 28 4.1 系統運作流程 ......................................................................................................... 28 4.1.1 開機檢驗流程 ........................................................................................... 28 4.1.2 Runtime 檢驗流程 ...................................................................................... 30 4.2 NAS-Core 之設計與實作 ....................................................................................... 32 4.2.1 SMM (System Management Mode)模式 ..................................................... 36 4.3 NAS-EOS 之設計與實作 ........................................................................................ 38 4.3.2 Hidden Disk Areas (HDA)運作原理 .......................................................... 40 4.4 NAS-Server 之設計與實作 ..................................................................................... 42 第五章 系統整合測試與模擬實驗 ................................................................... 44 5.1 系統整合測試 ........................................................................................................ 45 5.2 系統功能之模擬實驗 ............................................................................................. 48 5.2.2 以IP 位址定位失蹤電腦之模擬實驗 ...................................................... 50 8 5.2.3 網路安全區域限制之模擬實驗 ............................................................... 51 5.2.4 雲端備份之模擬實驗 ............................................................................... 52 5.3 系統安全性探討 .................................................................................................... 52 5.3.1 NAS-Core 的安全機制 ............................................................................... 53 5.3.2 NAS-EOS 的安全機制 ................................................................................ 54 第六章 結論與未來展望 ................................................................................... 55 參考文獻 ............................................................................................................. 57b

    [1] K. N. Chee, S. W. Kong, N.K Noordin, M. I. Saripan, R. Syamsul, and A. RAbdullah,
    “Theft prevention using wireless security system (WSS)”, in Proceedings of the IEEE
    International RF and Microwave Conference, (RFM), pp.257 – 261, Kuala Lumpur,
    Dec. 2008.
    [2] Computrace Technology, Absolute Software Corporation, Online available at:
    http://www.absolute.com
    [3] Failsafe, Phoenix Technologies Ltd, Online available at: http://www.failsafe.com
    [4] M. R. Gupta , M. D. Hoeschele ,and M. K. Rogers, “Hidden Disk Areas: HPA and
    DCO,” International Journal of Digital Evidence, Vol. 5, Issue 1, 2006.
    [5] Information technology -AT Attachment 8 - ATA/ATAPI Command Set (ATA8-ACS).
    Online available at:
    http://www.t13.org/Documents/UploadedDocuments/docs2008/D1699r6a-ATA8-ACS.p
    df
    [6] Intel® 64 and IA-32 Architectures Software Developer’s Manual. Online available at:
    http://www.intel.com/products/processor/manuals/
    [7] Intel® Anti-Theft Technology, Intel Corporation, Online available at:
    http://www.intel.com
    [8] B. G. Nagaraja, R. Rayappa, M. Mahesh, C. M. Patil, and T. C. Manjunath, “Design &
    Development of a GSM Based Vehicle Theft Control System,” in Proceedings of the
    2nd IEEE International Conference on Advanced Computer Control (ICACC),
    pp.148-152, Singapore, Jan. 2009.
    [9] E. Pastorino, and F. Haim, “Anti-theft security system for Plan Ceibal XO laptop,” in
    Proceedings of the IEEE/IFIP 6th Latin American Network Operations and Management
    Symposium(LANOMS), pp. 1-4, Punta del Este, Uruguay, Oct. 2009.
    [10] S. H. Peng, and Z. Han, “Enhancing PC Security with a U-Key”, in Proceedings of the
    IEEE Symposium on Security and Privacy, Vol. 4 , Issue 5, pp. 34-39, California, USA,
    Sept. 2006
    [11] TheftGuard, Softex Incorporated, Online available at: http://www.softexinc.com
    [12] One Laptop per Child (OLPC), Online available at: http://www.laptop.org

    QR CODE
    :::