1. Technical Field
Embodiments of the present disclosure generally relate to security management, and more particularly to a security protection system and method applied in a server.
2. Description of Related Art
To protect a computer from being logged into by other people, the computer can be protected by a password. The password is usually stored in a complementary metal oxide semiconductor (CMOS) by the basic input output system (BIOS) of the computer. If the computer encounters a sudden power failure, the password stored in the CMOS may be cleared, then other people may be able to log into the computer easily.
The application is illustrated by way of examples and not by way of limitation in the figures of the accompanying drawings in which like references indicate similar elements. It should be noted that references to “an” or “one” embodiment in this disclosure are not necessarily to the same embodiment, and such references mean at least one.
In general, the word “module”, as used herein, refers to logic embodied in hardware or firmware, or to a collection of software instructions, written in a programming language, such as, Java, C, or assembly. One or more software instructions in the modules may be embedded in firmware, such as EPROM. The modules described herein may be implemented as either software and/or hardware modules and may be stored in any type of non-transitory computer-readable medium or other storage device. Some non-limiting examples of non-transitory computer-readable media include CDs, DVDs, BLU-RAY, flash memory, and hard disk drives.
In an exemplary embodiment, the server 1 includes at least one processor 13 and a storage system 14. The security protection system 10 may include one or more modules. The one or more modules may comprise computerized code in the form of one or more programs that are stored in the storage system 14 (or memory). The computerized code includes instructions that are executed by the at least one processor 14 to provide functions for the one or more modules.
As shown in
The receiving module 100 receives a first password set by the user. In one embodiment, the user sets the first password through the interface provided by the BIOS 12. The first password may be in plain text.
The encryption module 101 generates a first cryptograph corresponding to the first password.
The sending module 102 sends a storing command to the BMC 12. The BMC 12 stores the first cryptograph in the FRU 120 according to the storing command.
The receiving module 100 also receives a second password input by the user after the BIOS 11 has been initialized. For example, when the user intends to log in to the server 1, a dialog box may pop up to prompt the user to input the second password.
The encryption module 101 further generates a second cryptograph corresponding to the second password.
The sending module 102 sends a reading command to the BMC 12. The BMC 12 reads the first cryptograph from the FRU 120 according to the reading command.
The determination module 103 determines if the second cryptograph is the same as the first cryptograph.
If the second cryptograph is not the same as the first cryptograph, the determination module 103 further determines if a number of times that the second password was input is greater than a predefined number of times. In one embodiment, the predefined number of times is three. If the number of times that the second password was input is greater than the predefined number of times, the execution module 104 locks the server 1. If the server 1 is locked, the server is shut down. If the number of times that the second password has been input is not greater than the predefined number of times, the execution module 104 further prompts the user to input the second password one more time.
If the second cryptograph is the same as the first cryptograph, the execution module 104 starts up the server 1.
In block S30, the receiving module 100 receives a first password set by the user.
In block S31, the encryption module 101 generates a first cryptograph corresponding to the first password.
In block S32, the sending module 102 sends a storing command to the BMC 12. The BMC 12 stores the first cryptograph in the FRU 120 according to the storing command.
In block S33, the receiving module 100 receives a second password input by the user after the BIOS 11 has been initialized.
In block S34, the encryption module 101 generates a second cryptograph corresponding to the second password.
In block S35, the sending module 102 sends a reading command to the BMC 12. The BMC 12 reads the first cryptograph from the FRU 120 according to the reading command.
In block S36, the determination module 103 determines if the second cryptograph is the same as the first cryptograph. If the second cryptograph is the same as the first cryptograph, block S37 is implemented. If the second cryptograph is not the same as the first cryptograph, block S38 is implemented.
In block S37, the execution module 104 starts up the server 1 and the procedure ends.
In block S38, the determination module 103 detects if the number of times that the second password has been input is greater than a predefined number of times. If the number of times that the second password has been input is greater than the predefined number of times, block S40 is implemented. If the number of times the second password has been input is not greater than the predefined number of times, block S39 is implemented.
In block S39, the execution module 104 prompts the user to input the second password one more time, and block S33 to block S38 are repeated.
In block S40, the execution module 104 locks the server 1.
Although certain embodiments of the present disclosure have been specifically described, the present disclosure is not to be construed as being limited thereto. Various changes or modifications may be made to the present disclosure beyond departing from the scope and spirit of the present disclosure.
Number | Date | Country | Kind |
---|---|---|---|
201010557454.0 | Nov 2010 | CN | national |