1. Field of the Invention
The present invention relates to a certification method and a certification system, and more particularly to a power on certification method for a personal computer (PC) and a power on certification system thereof.
2. Related Art
Along with the rapid development of PCs, more and more people use the PCs for assisting works. In order to ensure the security of data in the PC, a plurality of confidentiality manners is provided in the PC.
The most common confidentiality manner is a verification password function in a basic input output system (BIOS) of the PC. The BIOS is the first executed procedure in a PC running process. Once the verification password function of the BIOS is started, the PC inquires of the user about the password when the BIOS is run. If the user inputs the false password, the BIOS is not continuously run, until the user inputs the correct password.
In the prior art, the BIOS is stored in a flash memory in a main board. Option data (comprising the verification password) of the BIOS is stored in a complementary metal-oxide-semiconductor (CMOS) memory. The CMOS memory is a volatile memory, such that an electric power for the operation of the CMOS memory needs to be provided by a battery of the main board. Once the electric power is interrupted, the data in the CMOS memory is lost. In other words, the verification password is also lost.
Alternatively, when the user updates the BIOS, the flash memory and the CMOS memory may be damaged due to irresistible reasons, thus causing the loss of the verification password.
In Chinese Patent Publication No. CN101105753A, entitled “Computer Security Control Method Based on USB Flash Disk”, in the prior art, when the operation system is started, a universal serial bus (USB) flash disk may be used as a manner of verifying the user. When a pop-up user password verification window is displayed in the operating system, the user only needs to insert the USB flash disk into the PC. The PC retrieves the password information in the USB flash disk, and judges whether the group of the password is correct or not. The user needs not to input the password, thus the risk that the password is recorded is lowered. For example, the malicious user may add a new disk, and performs the power on action by using the added disk. In this manner, the user may avoid the test procedure of the operating system.
However, the prior art is limited to only protect the operating system when the operating system is run, but it is impossible to ensure whether the BIOS is changed or not, such that the using security of the PC has loopholes.