System and Method for Temporary Secure Boot of an Electronic Device

1. A method of temporary secure boot process of an electronic device, comprising: generating a first token according to an identification data of the electronic device; sending a request along with the first token to a service provider, the request corresponding to a boot package; receiving a second token and the boot package from the service provider; verifying the second token and the boot package; and executing the boot package according to verification result; wherein the generating of the first token comprises: generating random data; and encrypting the identification data and the random data according to a first key.

2. The method of claim 1 , further comprising: upon completion of the execution, erasing the boot package and then restarting the electronic device.

3. The method of claim 1 , wherein the verifying of the second token and the boot package comprises: decrypting the second token by the first key; confirming content of the second token with the identification data; and in response to the second token being confirmed, verifying the boot package by a second key.

4. The method of claim 3 , further comprises clearing the random data from the electronic device.

5. The method of claim 1 , wherein the identification data is one of the following: device serial number, IMEI number, MAC address and IMSI number.

6. The method of claim 1 , wherein the executing of boot package is executed in a secure domain of the electronic device.

7. A system for temporary boot up process, comprising: an electronic device, configured to execute at least an operating system by a processor, the electronic device comprises: a token generator, configured to generate a first token by encrypting an identification data of the electronic device and a random data according to a first key; a token verification unit, configured to verify a second token according to the first key of a first key pair; a boot package execution unit, configured to execute a secure boot package according to the verification of the second token; and a key pair unit, configured to store at least the first key, the first key being one key of a first key pair.

8. The system of claim 7 , further comprising: a communication interface unit within the electronic device, configured to transmit the first token and receive the second token and the secure boot package; and a service provider, configured to verify the first token and to generate the second token according to a second key of the first key pair and to generate the secure boot package according to a third key of a second key pair according to the verification result of the first token.

9. The system of claim 7 , wherein the service provider is further configured to generate the second token by encrypting content of the first token according to the second key, and to generate the secure boot package by signing a boot package with the third key.

10. The system of claim 7 , wherein the boot package execution unit is further configured to verify the secure boot package according to a fourth key of a second key pair.

11. The system of claim 10 , wherein the first key pair is a RSA key pair, the first key is a public key and the second key is a private key; the second key pair is another RSA key pair, the fourth key is a public key and the third key is a private key.

12. The system of claim 10 , wherein the fourth key is encrypted within the second token by the service provider, and is obtained by the electronic device by decrypting the second token.

13. The system of claim 7 , wherein the secure boot package is downloaded into a storage device accessible by the electronic device.

14. The system of claim 7 , wherein the processor is further configured to erase the secure boot package and restart the electronic device upon execution completion of the secure boot package, and execute the operating system.

15. The system of claim 7 , wherein the token generator, the token verification unit, the boot package execution unit and the key pair unit are implemented in a secure domain of the electronic device, the secure domain is unable to be accessed by the operating system.

16. A method for boot package processing, comprising: receiving a first token along with a request from an electronic device; verifying an identity of the electronic device according to the first token; in response to the identity being confirmed, generating a second token comprising at least partial content of the first token; securing a boot package corresponding to the request; and sending the second token and the secured boot package to the electronic device; wherein the step of verifying the identity of the electronic device further comprises decrypting the first token to obtain an identification data of the electronic device and a random data according to a second key of a first key pair, wherein the first token is generated by a first key of the first key pair.

17. The method of claim 16 , wherein the step of generating the second token further comprises encrypting at least the identification data and the random data by the first key.