Suche Bilder Maps Play YouTube News Gmail Drive Mehr »
Anmelden
Nutzer von Screenreadern: Klicke auf diesen Link, um die Bedienungshilfen zu aktivieren. Dieser Modus bietet die gleichen Grundfunktionen, funktioniert aber besser mit deinem Reader.

Patentsuche

  1. Erweiterte Patentsuche
VeröffentlichungsnummerWO2009051471 A2
PublikationstypAnmeldung
AnmeldenummerPCT/MY2008/000112
Veröffentlichungsdatum23. Apr. 2009
Eingetragen22. Sept. 2008
Prioritätsdatum20. Sept. 2007
Auch veröffentlicht unterWO2009051471A3
VeröffentlichungsnummerPCT/2008/112, PCT/MY/2008/000112, PCT/MY/2008/00112, PCT/MY/8/000112, PCT/MY/8/00112, PCT/MY2008/000112, PCT/MY2008/00112, PCT/MY2008000112, PCT/MY200800112, PCT/MY8/000112, PCT/MY8/00112, PCT/MY8000112, PCT/MY800112, WO 2009/051471 A2, WO 2009051471 A2, WO 2009051471A2, WO-A2-2009051471, WO2009/051471A2, WO2009051471 A2, WO2009051471A2
ErfinderHau Keong Wong, Galoh Rashidah Haron, Fui Bee Tan, Chong Seak Sea, Kang Siong Ng, Talib Azhar Bin Abu
AntragstellerMimos Berhad
Zitat exportierenBiBTeX, EndNote, RefMan
Externe Links:  Patentscope, Espacenet
Trusted computer platform method and system without trust credential
WO 2009051471 A2
Zusammenfassung
A trusted computer platform method and system is disclosed for a secure computer system without a trust credential. The platform provides a functionality of a secure or 'trusted computing' (TC) environment to prevent or block unauthorized computer programs or applications from running within the computer system and provide a fully trusted computer system having 1) endorsement key; 2) secure input and output; 3) memory curtaining / protected execution; 4) sealed storage; and 5) remote attestation. The trusted computer platform is an implementation that achieves at least a mechanism to proactively establish more trusted relationships for remote or local access through secure user authentication and machine attestation, protect encryption keys and digital signature keys to maintain data confidentiality and integrity, protect key operations and other security tasks that would otherwise be performed on unprotected interfaces in unprotected communications, or protect platform and user authentication information from software- based attacks.
Ansprüche  (OCR-Text kann Fehler enthalten)
CLAIMS:
1. A method for creating a virtual trusted computer platform with a trust credential, comprising: providing a trusted platform module on a first computer, wherein the trusted platform module is a hardware device dedicated to trusted computing that protects data from unauthorized . use; accessing the trusted platform module on the first computer from a second computer unequipped with a trusted platform module; and replicating the trusted platform module on the second computer, thereby virtualizing a virtual trusted platform module in software on the second computer based on the trusted platform module on the first computer.
2. The method of claim 1 wherein accessing the trusted platform module is through a network.
3. The method of claim 2 wherein the network is the Internet.
4. The method of any preceding claim wherein accessing the trusted platform module comprises providing a private key and a certificate from an authorized certification authority.
5. The method of any preceding claim wherein accessing the trusted platform module comprises sending to the second computer a virtual trusted computer proxy with a hash network boot protocol stack.
6. The method of claim 5 further comprising signing the virtual trusted computer proxy with a network boot key and a network boot certificate.
7. The method of claim 6 further comprising: creating by the first computer an instance of the virtual trusted platform module for the second computer; verifying the network boot certificate received from the second computer; and sending back to the hash network boot protocol stack a hash.
8. The method of any preceding claim further comprising generating an encryption key of the virtual trusted platform module based on a signature given by the trusted platform module.
S 9. The method of claim 8 further comprising sending the encryption key to the certificate authority.
10. The method of claim 1 , wherein the trusted platform module includes a secure key generator and a key cache manager. 0
11. The method of claim 1, wherein the trusted platform module establishes trusted relationships for accessing the data through secure user authentication and machine attestation. 5
12. The method of claim 1, wherein the trusted platform module creates a chain of trust.
13. The method of claim 12, wherein the chain of trust is an inductive trust. 0
14. The method of claim 12, wherein the chain of trust includes a root of trust that gives a trustworthy description of a group of functions.
15. The method of claim 14, wherein the trustworthy description permits an interested entity to determine trust in the group of functions. 5
16. The method of claim 1, wherein the trusted platform module protects security tasks.
17. The method of claim 1, wherein the trusted platform module protects against0 unauthorized software execution.
18. The method of claim 1, wherein the trusted platform module protects against unauthorized software-based attacks. 5
19. The method of claim 1, wherein the trusted platform module supports an industry- standard cryptographic application program interface.
20. The method of claim 1 , wherein the trusted platform module is defined by the Trusted Computing Group.
21. The method of claim 1, wherein the trusted platform module is an integrated circuit chip.
22. The method of claim 1, wherein the virtual trusted platform module includes a virtual non-volatile storage.
23. The method of claim 1, wherein the virtual trusted platform module includes a virtual platform configuration register.
24. The method of claim 1, wherein the virtual trusted platform module includes a virtual key attestation identity key.
25. The method of claim 1, wherein the virtual trusted platform module includes a virtual program code.
26. The method of claim 1, wherein the virtual trusted platform module includes a virtual random number generator.
27. The method of claim 1, wherein the virtual trusted platform module includes a virtual SHA-1 engine.
28. The method of claim 1, wherein the virtual trusted platform module includes a virtual key generator.
29. The method of claim 1, wherein the virtual trusted platform module includes a virtual RSA engine.
30. The method of claim 1 , wherein the virtual trusted platform module includes a virtual opt-in.
31. The method of claim 1 , wherein the virtual trusted platform module includes a virtual execution engine.
32. The method of claim 1, wherein the virtual trusted platform module performs substantially the same function as the trusted platform module.
33. The method of claim 1 , wherein the virtual trusted platform module performs the same function as the trusted platform module.
34. The method of claim 1, wherein the virtual trusted platform module indicates to an operating system on the second computer that the second computer is equipped with a trusted platform module although the second computer remains unequipped with a trusted platform module.
35. The method of claim 1, wherein the trusted computing requires at least three of an endorsement key, secure input and output, memory curtaining and protected execution, sealed storage, and remote attestation.
36. The method of claim 1 , wherein the trusted computing requires at least four of an endorsement key, secure input and output, memory curtaining and protected execution, sealed storage, and remote attestation.
37. The method of claim 1, wherein the trusted computing requires an endorsement key, secure input and output, memory curtaining and protected execution, sealed storage, and remote attestation.
38. The method of claim 1, wherein the second computer lacks a trust credential before, and obtains a trust credential by, replicating the trusted platform module to virtualize the virtual trusted platform module.
39. The method of claim 1 , wherein the second computer is a personal computer.
40. A system for creating a trusted computer platform with a trust credential, comprising: a first computer installed with a trusted platform module; and a second computer in communication with the first computer, wherein the second computer is unequipped with a trusted platform module and accesses the trusted platform module on the first computer for replicating the trusted platform module on the second computer, thereby virtualizing a virtual trusted platform module on the second computer.
41. The system of claim 40 wherein the trusted platform module is accessed through a network.
42. The system of claim 41 wherein the network is the Internet.
43. The system of any one of claims 40 to 42 wherein the trusted platform module provides a private key and a certificate from an authorized certification authority for accessing the trusted platform module.
44. The system of any one of claims 40 to 43 wherein "the trusted platform module sends to the second computer a virtual trusted computer proxy with a hash network boot protocol stack for accessing the trusted platform module.
45. The system of claim 44 wherein the trusted platform module signs a virtual trusted computer proxy with a network boot key and a network boot certificate.
46. The system of claim 45 wherein the first computer creates an instance of the virtual trusted platform module for the second computer, the network boot certificate received from the second computer is verified by the first computer and the hash network boot protocol stack a hash is returned.
47. The system of any one of claims 40 to 46 wherein the second computer generates an encryption key of the virtual trusted platform module based on a signature given by the trusted platform module.
48. The system of claim 47 wherein the encryption key is sent to a certificate authority.
49. The system of claim 40, wherein the trusted platform module includes a secure key generator and a key cache manager.
50. The system of claim 40, wherein the trusted platform module establishes trusted relationships for accessing the data through secure user authentication and machine attestation.
51. The system of claim 40, wherein the trusted platform module creates a chain of trust.
52. The system of claim 51 , wherein the chain of trust is an inductive trust.
53. The system of claim 51, wherein the chain of trust includes a root of trust that gives a trustworthy description of a group of functions.
54. The system of claim 53, wherein the trustworthy description permits an interested entity to determine trust in the group of functions.
55. The system of claim 40, wherein the trusted platform module protects security tasks.
56. The system of claim 40, wherein the trusted platform module protects against unauthorized software execution.
57. The system of claim 40, wherein the trusted platform module protects against unauthorized software-based attacks.
58. The system of claim 40, wherein the trusted platform module supports an industry- standard cryptographic application program interface.
59. The system of claim 40, wherein the trusted platform module is defined by the Trusted Computing Group.
60. The system of claim 40, wherein the trusted platform module is an integrated circuit chip.
61. The system of claim 40, wherein the virtual trusted platform module includes a virtual non-volatile storage.
62. The system of claim 40, wherein the virtual trusted platform module includes a virtual platform configuration register.
63. The system of claim 40, wherein the virtual trusted platform module includes a virtual key attestation identity key.
64. The system of claim 40, wherein the virtual trusted platform module includes a virtual program code.
65. The system of claim 40, wherein the virtual trusted platform module includes a virtual random number generator.
66. The system of claim 40, wherein the virtual trusted platform module includes a virtual SHA-1 engine.
67. The system of claim 40, wherein the virtual trusted platform module includes a virtual key generator.
68. The system of claim 40, wherein the virtual trusted .platform module includes a virtual RSA engine.
69. The system of claim 40, wherein the virtual trusted platform module includes a virtual opt-in.
70. The system of claim 40, wherein the virtual trusted platform module includes a virtual execution engine.
71. The system of claim 40, wherein the virtual trusted platform module performs substantially the same function as the trusted platform module.
72. The system of claim 40, wherein the virtual trusted platform module performs the same function as the trusted platform module.
73. The system of claim 40, wherein the virtual trusted platform module indicates to an operating system on the second computer that the second computer is equipped with a trusted platform module although the second computer remains unequipped with a trusted platform module.
74. The system of claim 40, wherein the trusted computing requires at least three of an endorsement key, secure input and output, memory curtaining and protected execution, sealed storage, and remote attestation.
75. The system of claim 40, wherein the trusted computing requires at least four of an endorsement key, secure input and output, memory curtaining and protected execution, sealed storage, and remote attestation.
76. The system of claim 40, wherein the trusted computing requires an endorsement key, secure input and output, memory curtaining and protected execution, sealed storage, and remote attestation.
77. The system of claim 40, wherein the second computer lacks a trust credential before, and obtains a trust credential by, replicating the trusted platform module to virtualize the virtual trusted platform module.
78. The system of claim 40, wherein the second computer is a personal computer.
Beschreibung  (OCR-Text kann Fehler enthalten)

TRUSTED COMPUTER PLATFORM METHOD AND SYSTEM WITHOUT TRUST

CREDENTIAL

FIELD OF THE INVENTION This invention relates computer systems having embedded functionality to prevent or block unauthorized computer programs and applications from running within the computer system.

BACKGROUND OF THE INVENTION Attempts have been made in hardware and software applications by computer system designers and developers to secure computer systems to prevent or block unauthorized computer programs or applications from running within the computer system. One term used in the industry to define this attempt to secure computer systems in this manner is "trusted computing" (TC). The word "trusted" means that the computer is trusted by the software and system designers and developers that developed the computer system to ensure that unauthorized programs are blocked from running on the "trusted" computer. TC generally encompasses five key technology concepts, of which all are required for a fully trusted computer system: 1) endorsement key; 2) secure input and output; 3) memory curtaining / protected execution; 4) sealed storage; and 5) remote attestation.

One such effort of implementing TC into hardware has been from a group of software developers and semiconductor designers and manufacturers in the computer industry that have worked together in the Trusted Computing Group (TCG). At the heart of TCG's trusted computing implementation is a hardware module called Trusted Platform Module (TPM)1 which is the ultimate hardware system where the core "roof of trust in the platform must lie. Such a system 10 is shown in F(G. 1, where the TPM 12 is a hardware implementation that is designed by TCG to enhance platform security beyond the capabilities of current software-only solutions. The TPM chip is a secure key generator and key cache management component that supports industry-standard cryptographic application program interfaces (APIs) and operating system 14. TPM's generate, store, and manage cryptographic keys in hardware (within the TPM). This leverages the resources of the platform and allows hardening of the many applications (16i, 162, 163, ...,16n). TPM-capable products are built with the TPM chips soldered onto their printed circuit boards. The encryption keys and other critical security information are stored in non-volatile memory within the TPMs. The private keys stored in the TPM chips are also protected by the TPM even when in use, which provides secure key management. Protected key storage enables TPM-capable systems to support user authentication and platform attestation for secure local as well as remote access. The "root of trust" is based in hardware -the TPM- but can be extended to software. TPM-capable systems make storage of sensitive digital data (passwords, credit card numbers, digital signatures, etc.) more secure by protecting them from unauthorized use.

In other previous software based TC efforts, attempts have been made to rely on software implemented on existing "non-TC" platforms to achieve TC functionalities. These previous attempts rely solely on software encryption algorithms with keys. However, often the encryption algorithms with keys are stored in unsecured memory. In these instances, when security is provided by traditional, non-TC general-purpose central processing units (CPUs), encryption keys and related security information are stored in general system memory. Such use of system memory is no guarantee of secure key management, and provides system managers with a false sense of trust.

Therefore, there is a need for a software implementation that overcomes at least one of the problems associated with current TC systems. For example, an implementation that can proactively establish more trusted relationships for remote or local access through secure user authentication and machine attestation, protect encryption keys and digital signature keys to maintain data confidentiality and integrity, protect key operations and other security tasks that would otherwise be performed on unprotected interfaces in unprotected communications, and/or protect platform and user authentication information from software-based attacks.

SUMMARY

In accordance with an aspect of the invention, a method for creating a virtual trusted computer platform with a trust credential comprises providing a trusted platform module on a first computer, wherein the trusted platform module is a hardware device dedicated to trusted computing that protects data from unauthorized use, accessing the trusted platform module on the first computer from a second computer unequipped with a trusted platform module, and replicating the trusted platform module on the second computer, thereby virtualizing a virtual trusted platform module in software on the second computer based on the trusted platform module on the first computer.

In an embodiment, the accessing the trusted platform module comprises providing a private key and a certificate from an authorized certification authority. Accessing the trusted platform module comprises sending to the second computer a virtual trusted computer proxy with a hash network boot protocol stack. The virtual trusted computer proxy may be signed with a network boot key and a network' boot certificate. An instance of the virtual trusted platform module may be created for the second computer, verifying the network boot certificate received from the second computer, and sending back to the hash network boot protocol stack a hash. An encryption key may be generated of the virtual trusted platform module based on a signature given by the trusted platform module. The trusted platform module may be defined by the Trusted Computing Group. The virtual trusted platform module may indicate to an operating system on the second computer that the second computer is equipped with a trusted platform module although the second computer remains unequipped with a trusted platform module. The trusted computing may require at least one of an endorsement key, secure input and output, memory curtaining and protected execution, sealed storage, and remote attestation. The second computer may lack a trust credential before, and obtains a trust credential by, replicating the trusted platform module to virtualize the virtual trusted platform module.

In accordance with an aspect of the invention, a system for creating a trusted computer platform with a trust credential, comprises a first computer installed with a trusted platform module, and a second computer in communication with the first computer, wherein the second computer is unequipped with a trusted platform module and accesses the trusted platform module on the first computer for replicating the trusted platform module on the second computer, thereby virtualizing a virtual trusted platform module on the second computer.

In an embodiment, the trusted platform module provides a private key and a certificate from an authorized certification authority for accessing the trusted platform module. The second computer sends a virtual trusted computer proxy with a hash network boot protocol stack for accessing the trusted platform module. The virtual trusted computer proxy may be signed with a network boot key and a network boot certificate. An instance of the virtual trusted platform module may be created for the second computer, for verifying the network boot certificate received from the second computer, and sending back to the hash network boot protocol stack a hash. An encryption key may be generated of the virtual trusted platform module based on a signature given by the trusted platform module. The trusted platform module may be defined by the Trusted Computing

Group. The virtual trusted platform module indicates to an operating system on the second computer that the second computer is equipped with a trusted platform module although the second computer remains unequipped with a trusted platform module. The trusted computing may require at least three of an endorsement key, secure input and output, memory curtaining and protected execution, sealed storage, and remote attestation. The second computer may lack a trust credential before, and obtains a trust credential by, replicating the trusted platform module to virtualize the virtual trusted platform module.

Advantageously, the trusted computer platform method and system provides a secure computer system without a trust credential. The trusted computer platform provides a secure or "trusted computing" (TC) environment to prevent or block unauthorized computer programs or applications from running within the computer system. The trusted computer platform also provides a fully trusted computer system having 1) endorsement key; 2) secure input and output; 3} memory curtaining / protected execution; 4) sealed storage; and 5) remote attestation. The trusted computer platform achieves a mechanism to proactively establish more trusted relationships for remote or local access through secure user authentication and machine attestation, protect' encryption keys and digital signature keys to maintain data confidentiality and integrity, protect key operations and other security tasks that would otherwise be performed on unprotected interfaces in unprotected communications, and/or protect platform and user authentication information from software-based attacks.

BRIEF DESCRIPTION OF THE INVENTION

In order that the present invention may be fully understood and readily put into practical effect, there shall now be described by way of non-limitative example only embodiments of the present invention, the description referring to the following illustrative drawings.

FlG. 1 shows a block diagram of a system in accordance with a previous prior art trusted computing system;

FlG. 2 shows a block diagram of a virtual trusted platform module (VTPM) in accordance with an embodiment of the invention;

FIG. 3 shows the architecture of a virtual machine in accordance with an embodiment of the invention;

FIG. 4 shows a trusted computing sequence in accordance with an embodiment of the invention;

FIG. 5 illustrates a process flow in accordance with an embodiment of the invention; FIG. 6 shows a flow chart of a method in accordance with an embodiment of the invention;

FIG. 7 shows a network boot as part of the trusted building block and trusted root of trust in accordance with an embodiment of the invention; and

FIG. 8 shows connection of the endorsement key of the virtual trusted platform module to the attestation identity key (AIK) of the trusted platform module in accordance with an embodiment of the invention.

DETAILED DESCRIPTION

A method and system for trusted computer platform with a trust credential is disclosed. An embodiment of the invention is shown in FIG. 2 of a system architecture 100 that can be incorporated in or implemented by the system 10. FIG. 1 and the following discussion are intended to provide a brief, general description of a suitable computing environment in which the present invention may be implemented. Although not required, the invention will be described in the general context of computer-executable instructions, such as program modules, being executed by a personal computer. Generally, program modules include routines, programs, characters, components, data structures, to perform particular tasks or implement particular abstract data types. As those skilled in the art will appreciate, the invention may be practiced with other computer system configurations, including hand-held devices, multiprocessor systems, microprocessor-based or programmable user electronics, network PCs, minicomputers, mainframe computers, and the like. The invention may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote memory storage devices.

In a normal scenario, a trusted platform module (TPM) will create a chain of trust. This chain of trust called the inductive trust is a process where the root of trust gives a trustworthy description of a second group of functions. Based on this description, an interested entity can determine the trust it is to place in this second group of functions. If the interested entity determines that the trust level of the second group of functions is acceptable, the trust boundary is extended from the root of trust to include the second group of functions. This is illustrated in FIG. 1. For a conventional computer such as a personal computer (PC) this chain of trust will start with a printed circuit board that is equipped with the proper BIOS and TPM and built inductive trust as the functionality goes up as shown in FIG, 4.

An embodiment of the invention creates this same inductive trust within a computer such as a PC that is not previously equipped with a TPM. Compared with a PC that is equipped with a TPM, a virtual TPM (VTPM) 100 is shown in FIG. 2. The software based VTPM will perform the same or substantially the same function as the TPM which is defined in the TPM Design Version 1.2 Part 1, 2, 3.

The architecture of the VTPM 100 is shown in the FIG. 2. The VTPM 100 comprises virtual input/output (I/O) 102 that receives and/or sends data as determined by the CPU of the computer. The virtual I/O 102 provides data via virtual bus 112 to virtual non-volatile storage 104, virtual platform configuration register (VPCR) 106, virtual attestation identity key (VAIK) 108, virtual program code 110, virtual random number generator 114, virtual SHA-1 engine 116, virtual key generation 118, virtual RSA engine 120, virtual opt-in 122, and virtual execution engine 124.

The entire virtual machine 136 is shown in FIG. 3 of the virtual non-trusted PC (VNTP). The VNPT is created because the operating system has complete control of the underlying resources and thus would know that the underlying hardware does not include the necessary TPM. The virtual machine creates the necessary illusion for the operating system that the TPM is present even though it is physically located elsewhere. The architecture of a platform 130 with the virtual machine 136m is shown in the FIG. 3. The virtual machine and TC are combined into a platform 130 for creating trust where some of the underlying architecture is not necessarily trustabie. The platform 130 shows a computer 132, such as personal computer, hyperviser 134, virtual machine 136i.n, and guest operating system and applications 138i.n. It will be appreciated that the number n of guest operating system and applications may differ from the number of virtual machines n.

In FIG. 5, system 140 includes two computers, one computetihat is trusted with a TPM hardware 12 shown in FIG. 1, and a virtualized non-trusted computer 130 having VTPM 100. The VTPM is created according to the number of insecure platforms that wish to use the facility. The functionality of the VTPM is not directly accessible VTNC. Instead, proxies negotiate the activity between virtual non-trusted computer and the trusted computer for the VTPM services. The VTPM reside on the virtual trusted computer because the virtual trusted computer can provide memory curtaining what is crucial to the VTPM activity. The virtual non-trusted computer 10 comprises TPM 12, hyperviser 20, client side TPM driver 22, virtual machine 24, virtual machine server side TPM driver 28, VTPM manager 26 and VTPM instance 28 and proxy 164. The virtual non-trusted computer 130 comprises hypervisor 134, virtual machine client side TPM' driver 142, virtual machine server side TPM driver, virtual machine 136, proxy 162 and application 138.

The two process flows P1 30,170 and P2 28,172 are indicated by non-dashed and dashed arrows, respectively. P1 non-dashed arrow occurs when the system first boots up. The boot up sequence in this architecture may boot from the network. Instead of network boot sequence (NBS), in this embodiment the boot image also contains a private key (PK) and a certificate (Cert) from an authorized certification authority (CA). The first action of the network boot protocol (NBP) is to send to the virtual trusted computer proxy with the hash network boot protocol stack and sign it with the network boot key and the network boot certificate (NBC), for example, (SIGN VPWT (HASH(NBTS)), NBC), where PWT is personal computer without trusted platform, PT is personal computer with trusted platform, VPWT is virtual personal computer without trusted platform, NBT is network boot protocol. Once the virtual trusted computer proxy is received the hash network boot protocol stack, for example (SIGN VPWT (HASH (NBTS)), NBC), the trusted virtual trusted computer 10 will then create an instance of VTPM for the non-trusted computer 130 and verify the network boot certificate, for example, SIGN PWT(HASH (NBTS)) and send back to the network boot protocol a hash of SIGNVTPMPWT(SlGN VPWT(HASH (NBTS)) and this stored by network boot protocol. This process occurs initially upon boot up.

FIG. 6 illustrates the flow of this process in accordance with an embodiment of the invention. The non-trusted computer 130 prepares hash of binary image or stack, and signs it with the private key (PK1) 222. The hash binary image or stack and private key is sent to proxy in trusted computer, hash signs with private key2 (PK2) and certificate2 (Cert2) 224. The non-trusted computer receives the signed with private key2 and certificate from the trusted computer 226, and the hash signed with private key2 and certificate is stored 228.

For the later the boot process, the NBT will only need to send, for example, SIGN VTPM

PWT (SIGNVPWT(HASH(NBTS)) , SIGNVPWT(HASH(NBTS)) and network boot certificate as shown in the process flow 240 of FIG. 7. The non-trusted computer receives the hash previously signed with the private key2 and private key1 242, and prepares hash signed with private key1 244. The two hashes are sent to proxy of trusted computer 246, and the trusted computer and non trusted computer receives a notification of trust 248.

Once network boot is established as part of the trusted building block (TBB) and trusted root of trust 202, the chain of trust is progressed using the normal TC sequence 200 as shown in FIG.4. From the CRTM code 204 to the next links in the chain, for example, the operating system loader code 206, the operating system code 208, the application code 210.

In another process flow P2, a trust model is created from the application on VPWT to the VTPM on VPT. The trust establishment in context is built upon the necessary information and keys on the TPM itself. The main keys and certificate for the VTPM is to provide a certificate for an endorsement key (EK) of a VTPM by connecting the endorsement key of the VTPM to the attestation identity key (AIK) of the TPM. This is shown in the process flow 260 in FIG. 8. The quote command and AlKTPM is used to generate a signature and send to VTPM 262. The encryption key of the VTPM is generated and the certificate base on the signature is given by the TPM with the proper metric 264. The AIK of the VTPM is generated 266, and the encryption key of the VTPM certificate is sent to the certificate authority 268. The AlK of the VTPM certificate is received from the CA 270, and the signature is stored in the non-volatile storage of the VTPM 272. In this embodiment the AIK of TPM and the TPM quote command is used to issue a signature over the current state of the platform configuration register (PCR) stored in the non-volatile storage of the TPM and a user provided 160 bit number. The SHA1 content of the endorsement key for VTPM (endorsement key VTPM) is the sign PCR and the 160 bit number. This links the endorsement key VTPM to the AIK of TPM (AIKTPM). The AIK of the VTPM (AIKVTPM) is then created by CA using the endorsement key VTPM.

As discussed, the process is shown in FIG. 5. Using this technology on an insecure platform builds a chain of trust to the application level using the trusted computing technology even though there is no trusted component on the system prior to boot up. It will be appreciated that the devices and subsystems of the exemplary methods and systems described with respect to the figures may communicate, for example, over a communication network, and may include any suitable servers, workstations, personal computers (PCs), laptop computers, handheld devices, with visual displays and/or monitors, telephones, cellular telephones, wireless devices, PDAs, Internet appliances, set top boxes, modems, other devices, and the like, capable of performing the processes of the disclosed exemplary embodiments. The devices and subsystems, for example, may communicate with each other using any suitable protocol and may be implemented using a general-purpose computer system and the like. One or more interface mechanisms may be employed, for example, including Internet access, telecommunications in any suitable form, such as voice, modem, and the like, wireless communications media, and the like. Accordingly, network may include, for example, wireless communications networks, cellular communications network, Public Switched Telephone Networks (PSTNs), Packet Data Networks (PDNs), the Internet, intranets, hybrid communications networks, combinations thereof, and the like.

It is to be understood that the embodiments, as described with respect to the figures, are for exemplary purposes, as many variations of the specific hardware used to implement the disclosed exemplary embodiments are possible. For example, the functionality of the devices and the subsystems of the embodiments may be implemented via one or more programmed computer system or devices. To implement such variations as well as other variations, a single computer system may be programmed to perform the functions of one or more of the devices and subsystems of the exemplary systems. On the other hand, two or more programmed computer systems or devices may be substituted for any one of the devices and subsystems of the exemplary systems. Accordingly, principles and advantages of distributed processing, such as redundancy, replication, and the like, also may be implemented, as desired, for example, to increase robustness and performance of the exemplary systems described with respect to the figures. *

The exemplary systems described with respect to the figures may be used to store information relating to various processes described herein. This information may be stored in one or more memories, such as hard disk, optical disk, magneto-optical disk, RAM, and the like, of the devices and sub-systems of the embodiments. One or more databases of the devices and subsystems may store the information used to implement the exemplary embodiments. The databases may be organized using data structures, such as records, tables, arrays, fields, graphs, trees, lists, and the like, included in one or more memories, such as the memories listed above.

All or a portion of the exemplary systems described with respect to figures may be conveniently implemented using one or more general-purpose computer systems, microprocessors, digital signal processors, micro-controllers, and the like, programmed according to the teachings of the disclosed exemplary embodiments. Appropriate software may be readily prepared by programmers of ordinary skill based on the teachings of the disclosed exemplary embodiments. In addition, the exemplary systems may be implemented by the preparation of application-specific integrated circuits or by interconnecting an appropriate network of component circuits.-

Whilst there has been described in the foregoing description preferred embodiments of the present invention, it will be understood by those skilled in the technology concerned that many variations or modifications in details of design or construction may be made without departing from the present invention.

Patentzitate
Zitiertes PatentEingetragen Veröffentlichungsdatum Antragsteller Titel
EP1484891A2 *1. Juni 20048. Dez. 2004Broadcom CorporationOnline trusted platform module
US6185678 *2. Okt. 19986. Febr. 2001Trustees Of The University Of PennsylvaniaSecure and reliable bootstrap architecture
US6408163 *21. Jan. 199818. Juni 2002Nortel Networks LimitedMethod and apparatus for replicating operations on data
US7216369 *28. Juni 20028. Mai 2007Intel CorporationTrusted platform apparatus, system, and method
Nichtpatentzitate
Referenz
1 *SAILER ET AL.: 'The Role of TPM in Enterprise Security' IBM RESEARCH REPORT RC23363, [Online] 06 October 2004, pages 2 - 5 Retrieved from the Internet: <URL:http://domino.research.ibm.com/comm/re searchprojects.nsf/pages/ssd ima.index.html/$FILE/rc2 3363.pdf>
Referenziert von
Zitiert von PatentEingetragen Veröffentlichungsdatum Antragsteller Titel
WO2012084837A1 *19. Dez. 201128. Juni 2012International Business Machines CorporationVirtual machine validation
CN102262599A *2. Sept. 201130. Nov. 2011南京博智软件科技有限公司一种基于可信根的移动硬盘指纹认证方法
CN102262599B2. Sept. 201120. Nov. 2013江苏博智软件科技有限公司Trusted root-based portable hard disk fingerprint identification method
CN103270518A *19. Dez. 201128. Aug. 2013国际商业机器公司Virtual machine validation
US839699014. Apr. 201012. März 2013Afilias Technologies LimitedTranscoding web resources
US8984601 *22. Jan. 201317. März 2015Gerard A. GaglianoEnterprise security system
US908160019. Dez. 201114. Juli 2015International Business Machines CorporationVirtual machine validation
US914172419. Apr. 201022. Sept. 2015Afilias Technologies LimitedTranscoder hinting
US972774030. Jan. 20128. Aug. 2017Hewlett-Packard Development Company, L.P.Secure information access over network
US20140033285 *22. Jan. 201330. Jan. 2014Gerard A. GaglianoEnterprise security system
Klassifizierungen
Internationale KlassifikationG06F21/53, G06F21/57, G06F15/00
UnternehmensklassifikationG06F21/57, G06F21/53
Europäische KlassifikationG06F21/53, G06F21/57
Juristische Ereignisse
DatumCodeEreignisBeschreibung
17. Juni 2009121Ep: the epo has been informed by wipo that ep was designated in this application
Ref document number: 08840662
Country of ref document: EP
Kind code of ref document: A2
23. März 2010NENPNon-entry into the national phase in:
Ref country code: DE
3. Nov. 2010122Ep: pct application non-entry in european phase
Ref document number: 08840662
Country of ref document: EP
Kind code of ref document: A2