設計與實作一個嵌入式電腦防竊系統

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：55

、訪客IP：18.221.11.166

姓名

陳奕彰(Yi-Chang Chen) 查詢紙本館藏

畢業系所

資訊工程學系在職專班

論文名稱

設計與實作一個嵌入式電腦防竊系統
(Design and Implementation of an embedded anti-theft system)

相關論文

★ 無線行動隨建即連網路上之廣播與繞徑問題	★ 熱門電影的高效能廣播演算法
★ 無線行動隨建即連網路上之媒體存取問題	★ 使用功率調整來增加多節點封包無線網路
★ 在無線行動隨建即用網路下Geocast 之設計與實做經驗	★ 一個適用於熱門隨選視訊服務之快速排程廣播策略
★ 應用數位浮水印技術於影像之智慧財產權保護與認證	★ 在寬頻分碼多重擷取技術上分配及再分配多重正交可變展頻係數碼
★ 無線行動隨建即連網路上之廣播排程協定	★ 在無線行動隨建即連網路下支援即時多媒體傳送的媒介存取協定
★ 以樹狀結構為基礎的Scatternet建構協定	★ 在無線感應器網路中具有省電機制並且採用對角線路徑的方向性擴散
★ 隨意型無線網路上一個具有能量保存的GRID繞徑協定	★ 在無線感應器網路中具有省電機制的傳輸協定
★ 隨意型無線網路上一個具有能量保存以及平衡的繞徑協定	★ 環形藍芽網路：一個藍芽通訊網路的新拓樸及其繞徑協定

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

[檢視]

[下載]

本電子論文使用權限為同意立即開放。
已達開放權限電子全文僅授權使用者為學術研究之目的，進行個人非營利性質之檢索、閱讀、列印。
請遵守中華民國著作權法之相關規定，切勿任意重製、散佈、改作、轉貼、播送，以免觸法。

摘要(中)

近年來，可攜式電腦的普及率不斷提升，所提供的行動性與便利性改變了人們使用
電腦的方式。不幸地，在輕巧便於攜帶的背後，卻潛藏著因電腦遺失或失竊而造成資料
安全性的問題。一般而言，儲存在可攜式電腦中的重要資料，其價值遠高於電腦本身硬
體之價值。因此，如何保護遺失或失竊電腦內所儲存的重要資料，是一項重要的研究議
題。
本論文中，我們設計與實作一套應用網路技術之可攜式電腦防竊系統(NAS：
Network Anti-theft System)。讓可攜式電腦於遺失或失竊後，自動連接有線或無線網路，
並回傳所連接網路之路由器的IP 位址至後端伺服器，透過伺服器內的資料庫，轉換IP
位址為實際地理位置，讓使用者能進行追蹤定位。此外，為了保護該電腦內的檔案資料，
使用者可透過網路進行遠端控制，取回或刪除重要檔案資料，或鎖定電腦等，達到電腦
的防竊保護。本系統包含三個主要模組NAS-Core、NAS-EOS 與NAS-Server。透過三個
模組間環環相扣之相互檢驗機制，來確保系統的安全。其中，NAS-Core 是建構於韌體
層的安全檢驗核心，結合SMM (System Management Mode)與HAD (Hidden Disk Areas)
技術，避免軟體程式被惡意的窺探與竄改，而達到嚴密的安全防護。而NAS-EOS 是一
個嵌入式系統，讓本系統在不依靠使用者的作業系統環境，與網路驅動程式的協助，即
可完成與遠端伺服器的通訊。最後的NAS-Server 則裝有Web 與資料庫伺服器，提供使
用者網頁介面以進行遠端控制，與儲存目前電腦的安全狀態資訊等資料。
本系統將電腦的安全狀態資訊，存放於獨立的非揮發性記憶體中，藉由韌體無法被
輕易移除或關閉的特性，確保系統有較高的安全性。實驗結果證明，本系統在機器遺失
後，能立即啟動防護，且使用者能進行追蹤定位與遠端控制等功能。

摘要(英)

The way of computer usage has changed a great deal in recent years due to the mobility
and convenience provided by mobile computers. Unfortunately, because of they are portable,
the risks, such as theft and its associated loss of data, have increased as well. The data stored
in the computer is usually far more valuable to the owner than the hardware itself; therefore,
the protection against the loss of data is an important research issue.
In this paper, we designed and implemented a Network Anti-theft System (NAS). The
NAS allows the mobile computers to connect to the internet through wired or wireless
network, and transmits their current router IP addresses to a backend server. From the server,
the IP addresses can be used to find the positions of the users. Our system can not only protect
the data inside the computer but also the user can retrieve or delete the data remotely, or to
lock the computer preventing from further access. NAS has three primary modules,
NAS-Core, NAS-EOS, and NAS-Server. Security is achieved through the interactions
between these three modules. NAS-Core is the kernel module for security check process in
the firmware layer. By combining the System Management Mode (SMM) and Hidden Disk
Areas (HAD), it prevents the user’s password or key from being viewed and changed by
malicious software. NAS-EOS is an embedded system that allows the system to connect to a
remote server without relying on the operating systems. Lastly, NAS-Server is a web and
database server which stores status of the computer and allows the user to remote control
through its web interface.
This system stores the security status of the computer into non-volatile memory. Since
the firmware is difficult to be removed or shut down, it increases the safety of our system.
Experiments have shown that the proposed system can activate immediately upon the loss of
mobile computer and allows the user to track its position and remote control the lost
computer.

關鍵字(中)

★ 嵌入式系統
★ 隱藏硬碟區域
★ 系統管理模式
★ 防竊系統

關鍵字(英)

★ Anti-theft
★ SMM
★ HAD
★ Embedded system

論文目次

第一章簡介 ......................................................................................................... 1
第二章相關研究 ................................................................................................. 3
2.1 應用程式層 .............................................................................................................. 5
2.2 韌體層結合應用程式層 .......................................................................................... 9
2.3 硬體層 .................................................................................................................... 14
2.4 純韌體層 ................................................................................................................ 15
第三章系統功能與架構 ................................................................................... 18
3.1 系統架構與運作流程 ............................................................................................ 18
3.2 系統功能 ................................................................................................................ 19
3.2.1 遠端操控功能 ............................................................................................ 19
3.2.2 查詢IP 位址對應實際地理位置功能 ....................................................... 20
3.2.3 利用IP 位址或是無線訊號限制可攜式電腦之使用範圍 ....................... 21
3.2.4 雲端資料備份功能 .................................................................................... 22
3.3 系統模組 ................................................................................................................ 23
3.2.1 NAS-Core 模組 ........................................................................................... 24
3.2.2 NAS-EOS 模組 ............................................................................................ 26
3.2.3 NAS-Server 模組 ......................................................................................... 27
第四章系統設計與實作 ................................................................................... 28
4.1 系統運作流程 ......................................................................................................... 28
4.1.1 開機檢驗流程 ........................................................................................... 28
4.1.2 Runtime 檢驗流程 ...................................................................................... 30
4.2 NAS-Core 之設計與實作 ....................................................................................... 32
4.2.1 SMM (System Management Mode)模式 ..................................................... 36
4.3 NAS-EOS 之設計與實作 ........................................................................................ 38
4.3.2 Hidden Disk Areas (HDA)運作原理 .......................................................... 40
4.4 NAS-Server 之設計與實作 ..................................................................................... 42
第五章系統整合測試與模擬實驗 ................................................................... 44
5.1 系統整合測試 ........................................................................................................ 45
5.2 系統功能之模擬實驗 ............................................................................................. 48
5.2.2 以IP 位址定位失蹤電腦之模擬實驗 ...................................................... 50
8
5.2.3 網路安全區域限制之模擬實驗 ............................................................... 51
5.2.4 雲端備份之模擬實驗 ............................................................................... 52
5.3 系統安全性探討 .................................................................................................... 52
5.3.1 NAS-Core 的安全機制 ............................................................................... 53
5.3.2 NAS-EOS 的安全機制 ................................................................................ 54
第六章結論與未來展望 ................................................................................... 55
參考文獻 ............................................................................................................. 57b

參考文獻

[1] K. N. Chee, S. W. Kong, N.K Noordin, M. I. Saripan, R. Syamsul, and A. RAbdullah,
“Theft prevention using wireless security system (WSS)”, in Proceedings of the IEEE
International RF and Microwave Conference, (RFM), pp.257 – 261, Kuala Lumpur,
Dec. 2008.
[2] Computrace Technology, Absolute Software Corporation, Online available at:
http://www.absolute.com
[3] Failsafe, Phoenix Technologies Ltd, Online available at: http://www.failsafe.com
[4] M. R. Gupta , M. D. Hoeschele ,and M. K. Rogers, “Hidden Disk Areas: HPA and
DCO,” International Journal of Digital Evidence, Vol. 5, Issue 1, 2006.
[5] Information technology -AT Attachment 8 - ATA/ATAPI Command Set (ATA8-ACS).
Online available at:
http://www.t13.org/Documents/UploadedDocuments/docs2008/D1699r6a-ATA8-ACS.p
df
[6] Intel® 64 and IA-32 Architectures Software Developer’s Manual. Online available at:
http://www.intel.com/products/processor/manuals/
[7] Intel® Anti-Theft Technology, Intel Corporation, Online available at:
http://www.intel.com
[8] B. G. Nagaraja, R. Rayappa, M. Mahesh, C. M. Patil, and T. C. Manjunath, “Design &
Development of a GSM Based Vehicle Theft Control System,” in Proceedings of the
2nd IEEE International Conference on Advanced Computer Control (ICACC),
pp.148-152, Singapore, Jan. 2009.
[9] E. Pastorino, and F. Haim, “Anti-theft security system for Plan Ceibal XO laptop,” in
Proceedings of the IEEE/IFIP 6th Latin American Network Operations and Management
Symposium(LANOMS), pp. 1-4, Punta del Este, Uruguay, Oct. 2009.
[10] S. H. Peng, and Z. Han, “Enhancing PC Security with a U-Key”, in Proceedings of the
IEEE Symposium on Security and Privacy, Vol. 4 , Issue 5, pp. 34-39, California, USA,
Sept. 2006
[11] TheftGuard, Softex Incorporated, Online available at: http://www.softexinc.com
[12] One Laptop per Child (OLPC), Online available at: http://www.laptop.org

指導教授

許健平(Jang-Ping Sheu)

審核日期

2010-7-20

推文