JP2008523494A - Information updating method, program, and information processing apparatus - Google Patents

Abstract

In providing a method for updating CRTM, it is not necessary to add special hardware in order to realize this method, and an information transmission method and an information transmission device that can cope with an increase in information of CRTM to be updated are provided. To do. An information updating method for updating CRTM, which is a base point for performing chained authentication, using an information processing apparatus that employs a method in which the authenticity of the entire information processing apparatus is guaranteed by performing chained authentication, A step of extracting an update CRTM which is information of the CRTM from information to be updated; a step of storing the update CRTM in a main memory of the information processing apparatus; and a step of authenticating the update CRTM stored in the main memory And a method of updating the CRTM with the authenticated update CRTM.

Description

  The present invention relates to an information update method, a program for causing an information processing apparatus to execute these methods, and an information processing apparatus having a function for realizing these methods. More specifically, the present invention relates to a method of updating information related to the mechanism or the mechanism in the information processing apparatus or the information processing system with respect to a mechanism serving as a trust base of the apparatus or the system.

  In recent years, attempts have been made to design highly reliable computer mechanisms. For example, CRTM (Core Root of Trust for Measurement) is known as a basic element constituting a highly secure platform proposed by the Trusted Computing Group (TCG). Based on this CRTM, there is known a mechanism for performing chained authentication (Chain of Trust) and guaranteeing the legitimacy of the information processing apparatus and the information processing system as a whole.

  For example, in a computer architecture, a security chip that is a device for guaranteeing the reliability of the computer architecture is mounted. In the initialization of the security chip, information is transmitted to the security chip and information is updated by causing the security chip to execute a privileged instruction by a mechanism having a legitimate authority. Similarly, the security chip is set to stop execution of privileged instructions by a mechanism having a legitimate authority.

  Usually, for such a security chip, a mechanism (module) having an authority to change privileged settings of the security chip is provided as an upper level. That is, lower level authentication is performed by higher level mechanisms, thereby maintaining the reliability of the entire computer architecture. In such an architecture in which reliability is maintained in a chained manner, the issue is how to realize the change, update, and transmission of information held in the highest authority mechanism (CRTM).

  The CRTM is a module that includes information related to the security of the encryption key as one form of implementation, and is composed of program codes for realizing a mechanism called CRTM. Since CRTM serves as a point of reliability for the entire computer architecture with CRTM, it must be protected from modification by unauthorized users. Therefore, updating the CRTM data, updating the program constituting the CRTM, or transmitting information to the CRTM data is not an exceptional process performed only when there is a predetermined permission. Must not.

There is known a method of transmitting information to CRTM by providing dedicated hardware in the computer architecture. For example, in Patent Document 1, by providing a dedicated non-volatile memory (flash memory) for updating the BIOS (Basic Input Output System), BIOS update information is stored in the non-volatile memory, and after reset, A method of reading from a nonvolatile memory and performing update is described.
JP 2002-244874 A

However, in the method of updating using a non-volatile memory as in Patent Document 1, the size of information constituting the CRTM (module) to be updated depends on the capacity of the non-volatile memory. That is, as the CRTM data or program capacity increases, it becomes necessary to secure the capacity of the nonvolatile memory. In the future, since it becomes necessary to expand the functions of CRTM and to transmit a lot of information from a lot of application software, the information constituting the CRTM tends to increase. In order to cope with this, it is necessary to temporarily secure the size of the non-volatile memory necessary for CRTM update.
It is not preferable from the viewpoint of both cost and mounting area.

  SUMMARY OF THE INVENTION An object of the present invention is to provide a method for updating CRTM, and it is not necessary to add special hardware to realize this method, and an information updating method capable of dealing with an increase in information of CRTM to be updated. Is to provide.

  Therefore, the present invention uses the information processing apparatus that adopts a method in which the authenticity of the entire information processing apparatus is guaranteed by performing chained authentication, and updates the CRTM that is the base point for performing chained authentication. An update method for extracting an update CRTM, which is information of the CRTM, from information to be updated, storing the update CRTM in a main memory of the information processing apparatus, and storing the update CRTM in the main memory An information update method is provided, comprising: authenticating an update CRTM; and updating the CRTM with the authenticated update CRTM.

  Therefore, according to the present invention, in providing a method for updating the CRTM, the hardware necessary for realizing this method is usually provided in an information processing apparatus and uses a large-capacity main memory. Therefore, it is possible to provide an information updating method that can cope with an increase in CRTM information to be updated without adding special hardware.

  More specifically, in the updating step, all devices of the information processing apparatus except the main memory are reset, and the main memory is maintained in a self-refresh mode during the reset, so that the main memory is maintained. Provided is an information update method for updating the CRTM by resetting all the devices of the information processing apparatus except the memory.

  Therefore, according to the present invention, when the CRTM is updated, the self-refresh mode is used for the main memory. That is, when the CRTM information to be updated is stored in the main memory and updated, the main memory is maintained in the self-refresh mode, so that the information stored in the main memory does not disappear during the reset, CRTM can be updated.

  According to the present invention, in providing a method for updating CRTM, there is no need to add special hardware in order to realize this method, and an information updating method that can cope with an increase in information of CRTM to be updated. Can be provided.

  Preferred embodiments of the present invention will be described below with reference to the drawings.

  FIG. 1 shows a functional block diagram of an information processing apparatus 1 which is a preferred embodiment of the present invention. The information processing apparatus 1 includes a control unit 10 that controls, calculates, and stores information, a main memory 20 that can be arbitrarily accessed, a nonvolatile memory 30, and a ROM 40. The information processing apparatus 1 may be an ordinary computer, or may be an information processing terminal such as a small portable terminal (such as a PDA), a mobile phone, or a home appliance that performs information processing. The information processing apparatus 1 implements a method for updating the CRTM.

Here, the CRTM is a module that includes information related to the security of the encryption key as one form of implementation, and is composed of program codes for realizing a mechanism called CRTM. The CRTM may be part of the BIOS code. That is, the CRTM may be a BIOS boot block (a code that is read first when the information processing apparatus 1 is activated). The CRTM may be the entire BIOS. The CRTM serves as a base point for the reliability of the entire computer architecture provided with the CRTM, and other modules (authenticated modules) are authenticated using this point as a base point, thereby ensuring the overall reliability of the information processing apparatus 1. When the CRTM is updated, if the CRTM is a BIOS boot block as described above, the information processing apparatus 1 needs to be reset. Even if the CRTM is not a BIOS boot block, it is necessary to reset the information processing apparatus 1 when there is a module update related to booting.

  The control unit 10 executes the information update method according to the present invention, and controls a program that runs on the information processing apparatus 1. The control unit 10 may be a normal central processing unit (CPU). The control unit 10 includes an update unit 11 that updates information, an authentication unit 13 that performs authentication, and an extraction unit 15 that extracts information.

  The updating unit 11 updates CRTM and a module to be authenticated that is a module authenticated by CRTM. Updating the CRTM means updating a program that realizes the CRTM mechanism, and updating CRTM data (for example, data such as an encryption key). The update unit 11 may include a CRTM update unit 12 that updates the CRTM. The update unit 11 updates the information stored in the CRTM storage unit 41, but the information to be updated may not be overwritten by the updated information. That is, after the update unit 11 performs the update, both the information stored before the update in the CRTM storage unit 41 and the information to be updated may be stored (the update unit 11 may store the CRTM storage unit). 41 may simply convey information).

  The authenticating unit 13 authenticates the CRTM to be updated and the module to be authenticated to be updated. The authentication unit 13 may include an update module authentication unit 14 that authenticates a module to be updated.

  The extraction unit 15 extracts predetermined information from the information to be updated. That is, the extraction unit 15 determines whether the information to be updated is information about the CRTM, information about the module to be authenticated, or information other than that, and sets information about the CRTM or information about the module to be authenticated. Extract.

  The main memory 20 stores a CRTM to be updated (updated CRTM). The main memory 20 is a main storage device of the computer and may be a RAM (Random Access Memory). The main memory 20 includes an updated CRTM storage unit 21. That is, the control unit 10 temporarily stores the CRTM to be updated in the update CRTM storage unit 21 of the main memory 20.

  The nonvolatile memory 30 is a storage device in which stored information is not erased by resetting the information processing apparatus 1. The nonvolatile memory 30 includes a flag storage unit 31. The control unit 10 stores the flag in the flag storage unit 31 of the nonvolatile memory 30 when updating the CRTM, and determines that it is necessary to update the CRTM at the time of reset. Here, the reset is to return all devices of the information processing apparatus 1 to the initial state.

A ROM (Read Only Memory) 40 is a storage device that can perform writing enable / disable setting and setting change disable setting in a certain size unit for writing by the control unit 10. The ROM 40 includes a CRTM storage unit 41 and an authenticated module storage unit 42. The ROM 40 may store a boot block of the information processing apparatus 1. The authenticated module storage unit 42 stores the authenticated module. Here, for example, when the CRTM is a boot block, the authentication target module may be a BIOS code excluding the boot block. In this case, the CRTM is authenticated as the base point, and then the B excluding this boot block
IOS code is authenticated.

  In this embodiment, the ROM 40 of the information processing apparatus 1 includes the CRTM storage unit 41 and the authenticated module storage unit 42. However, the CRTM storage unit 41 and the authenticated module storage unit 42 include micro devices other than the ROM 40 or a hard disk. Etc. may be provided. For example, the module to be authenticated may be realized by an application program by providing the module to be authenticated storage 42 in a hard disk or the like. In this case, the storage device, such as a hard disk, has a function capable of performing write enable / disable setting and setting change disable setting in a certain size unit for writing by the control unit 10.

  FIG. 2 is a flowchart of information processing performed by the information processing apparatus 1 according to the preferred embodiment of the present invention. First, an update program for updating the CRTM and the module to be authenticated is activated (step S01). The update program is recorded on the hard disk and executed by the control unit 10. The extraction unit 15 extracts CRTM information (update CRTM) from the information to be updated (step S02). Next, the control unit 10 copies the updated CRTM from the hard disk or the like to the main memory (step S03).

  The extraction unit 15 extracts the information (update module) of the module to be authenticated from the information to be updated (step S04). Next, the control unit 10 sets a flag to ON in the nonvolatile memory 30 so that the CRTM is updated at the next reset (step S05). That is, the control unit 10 stores a flag for performing processing for updating CRTM in the flag storage unit 31 of the nonvolatile memory 30 at the next reset.

  Next, the update unit 11 performs setting so that all devices except the main memory 20 are reset at the time of resume (step S06). Here, “resume” refers to a function that the information processing apparatus 1 starts from the standby state, suspend state, or shutdown state of the information processing apparatus 1, or the state of the information processing apparatus 1 that is transitioning that starts from these states. It is. In this specification, the suspended state is a state in which devices other than the main memory 20 of the information processing apparatus 1 are suspended. When operating the device from the suspend state (resume), the control unit 10 stores the information and the state of the information processing apparatus 1 before entering this state in the main memory 20 and from the main memory 20 before the suspend state at the time of resume. To return the device of the information processing apparatus 1 to the operation state before the suspended state.

  The control unit 10 resets the device at the time of resume (step S06), but the main memory 20 stores the updated CRTM and is not reset because it needs to be retained. A preferred embodiment for achieving retention of the updated CRTM stored during reset of other devices is to use a self-refresh mode. The self-refresh mode is a function that can hold information in the main memory 20 independently of the memory controller. The self-refresh mode is realized by an internal circuit (self-refresh circuit 25) added to the main memory 20.

  The self-refresh mode is executed when the information processing apparatus 1 is in the suspended state. When resuming from this suspend (suspend / resume function), the fact that this self-refresh mode is guaranteed to be maintained is used to update the CRTM even though the device is reset. It can be held in the main memory 20. That is, as one of the devices, the updated CRTM can be reliably held because the self-refresh mode is guaranteed in spite of resetting the memory controller.

  The control unit 10 continues to operate the update program to shift to the suspended state (step S07).

  Next, FIG. 3 shows a flow for updating the CRTM of the information processing apparatus 1 as described above, performing the transition to the suspended state, and then resuming from the suspended state and updating the CRTM and the authenticated module. This will be explained based on.

  The control unit 10 receives a signal to resume from suspend (step S10). As the previous stage, in response to the update program requesting the suspend state, the information processing apparatus 1 enters the suspend state, and the main memory 20 is in the self-refresh mode. Here, in order to shorten the time for which the self-refresh mode is continued, when the control unit 10 determines that the suspend state is entered, the information processing apparatus 1 may be set to resume immediately.

  Next, the control unit 10 starts all devices (step S11). At this time, the boot block is started first. Here, if the CRTM is a boot block, the old CRTM is started first. The authentication unit 13 authenticates the update module using the old CRTM (step S13). When the update module is authenticated, the module to be authenticated is updated by replacing it with the update module (step S14). In the present embodiment, since the module to be authenticated is stored in the module to be authenticated storage unit 42 of the ROM 40, the module to be authenticated is updated with respect to the module to be authenticated storage 42. When the CRTM update is executed by one authenticated module, the one authenticated module needs to be authenticated by the CRTM before the update (hereinafter, “old CRTM”) before the CRTM update. Further, after step S04 in FIG. 2, authentication of one authenticated module by the old CRTM may be performed, and the authenticated module may be updated.

  When the authenticated module such as BIOS that updates the CRTM is authenticated by the old CRTM, the CRTM write protection of the CRTM storage unit 41 is removed (step S15). That is, the module to be authenticated such as BIOS that performs the update is authenticated by the old CRTM. Therefore, the control unit 10 determines that it is appropriate to perform the update because the authenticated legitimate subject (authenticated module such as an authenticated BIOS) updates the information, and releases the write protection. . As will be described later, the BIOS module update executed by the CRTM update unit 12 authenticates the update CRTM, and updates the CRTM only when the authentication is successful. In other words, if either the entity that performs the update or the information that performs the update is not authenticated, it is determined that the CRTM update is invalid and the update is not performed.

  Thereafter, the CRTM update unit 12 updates the CRTM by executing an update module that has been authenticated by the old CRTM (step S16). That is, the old CRTM information in the CRTM storage unit 41 of the ROM 40 is rewritten to the updated CRTM. Thereafter, the updated CRTM stored in the updated CRTM storage unit 21 of the main memory 20 may be deleted. When the CRTM is updated, it is determined whether the information processing apparatus 1 needs to be rebooted (step S17). If the reboot is necessary, the reboot is executed (step S18). After step S17 or step S18, the information processing apparatus 1 operates according to the updated CRTM.

A hardware configuration of the information processing apparatus 1 which is a preferred embodiment of the present invention will be described with reference to FIG. The information processing apparatus 1 includes a CPU 15 corresponding to the control unit 10, a host / PCI bridge 50 serving as a bridge for connecting to the CPU 15, a main memory 20, a main memory controller 51 for controlling the main memory 20, A PCI / ISA bridge serving as a bridge for connecting a refresh controller 52 for controlling refresh of the main memory, a disk controller 60, a hard disk 61 connected via the disk controller 60, a CD-ROM / DVD 62, and the ISA. Or P
It includes a CI / LPC bridge 70, a nonvolatile memory 30 connected via the PCI / ISA bridge or the PCI / LPC bridge 70, a ROM 40, and a power supply controller 71.

  Here, the main memory 20 is normally controlled by the main memory controller 51. However, when the main memory 20 enters the suspended state, the refresh controller 52 switches the normal memory mode from the normal refresh mode to the self refresh mode. The self-refresh circuit 25 of the main memory 20 receives this switched signal and switches the main memory 20 to the self-refresh mode.

  Each device connected to the host / PCI bridge 50 is reset when resuming from the suspended state or the shutdown state.

  The hard disk 61 stores an update program. A part or all of the update program may be written in the main memory 20 by the activation of the update program from the CPU 15.

  A flag for updating CRTM may be stored in the non-volatile memory 30, and a CRTM and an authenticated module may be stored in the ROM 40. The power controller 71 controls the power state of the information processing apparatus 1. The power supply controller 71 has a function of setting the information processing apparatus 1 to a suspended state and a shutdown state, and a function of resuming from these states.

  The hardware configuration diagram shown in FIG. 4 is a preferred example of the present invention, and the non-volatile memory 30, the ROM 40, and the power supply controller 71 may operate via the PCI / ISA bridge or the PCI / LPC bridge 70. Good.

  An information processing apparatus and an information update method that realize such an embodiment can be realized by a program that is executed by a computer or a server. Examples of the storage medium for this program include an optical storage medium, a tape medium, and a semiconductor memory. Further, a storage device such as a hard disk or a RAM provided in a server system connected to a dedicated communication network or the Internet may be used as a storage medium, and the program may be provided via the network.

  As mentioned above, although embodiment of this invention was described, it only showed the specific example and does not specifically limit this invention. Further, the effects described in the embodiments of the present invention only list the most preferable effects resulting from the present invention, and the effects of the present invention are not limited to the effects described in the embodiments of the present invention.

It is a figure which shows the functional block diagram of the information processing apparatus 1 which is an Example of this invention. It is the flowchart figure which showed the effect | action before the resume which operate | moves with the information processing apparatus 1 which is an Example of this invention. It is the flowchart figure which showed the effect | action before the resume which operate | moves with the information processing apparatus 1 which is an Example of this invention. It is a figure which shows the hardware constitutions of the information processing apparatus 1 which is an Example of this invention.

Claims (20)

An information updating method for updating CRTM, which is a base point for performing chained authentication, using an information processing apparatus that employs a method in which the authenticity of the entire information processing apparatus is guaranteed by performing chained authentication,
Extracting an update CRTM which is the information of the CRTM from the information to be updated;
Storing the updated CRTM in a main memory of the information processing apparatus;
Authenticating the updated CRTM stored in the main memory;
Updating the CRTM with the authenticated update CRTM;
Including information update method. An information updating method according to claim 1,
An update module that is a module (authenticated module) that is chain-authenticated by the CRTM is extracted from information to be updated, the update module is authenticated by the CRTM before the update, and the authentication target module currently stored An information update method including a step of updating a module by changing the module to the update module. An information updating method according to claim 1,
An information update method, wherein the authentication target module is a BIOS of the information processing apparatus. An information updating method according to claim 1,
In the updating step, an information updating method for updating the CRTM by resetting all devices of the information processing apparatus except the main memory. The information update method according to claim 4,
In the updating step, the main memory is maintained in the self-refresh mode during the reset, and all devices of the information processing apparatus except the main memory are reset, so that the CRTM is updated. . The information update method according to claim 5,
In the updating step, information and a state of the information processing apparatus are stored in the main memory, and information before the suspend state is called from the main memory from a suspended state in which a device other than the main memory is paused, and An information update method for updating the CRTM by an update CRTM stored in the main memory, using a resume function for returning the information processing apparatus to the operation state before the suspend state. The information updating method according to claim 6,
In the step of updating the CRTM, an information updating method for updating the CRTM by using the update CRTM stored in the main memory, using a resume function that resumes immediately when the information processing apparatus enters a suspended state. An information updating method according to claim 1,
The information processing apparatus includes a nonvolatile memory,
An information updating method including a flag storing step of storing a flag indicating that the updated CRTM is stored in the nonvolatile memory after the updated CRTM is stored in the main memory. An information updating method according to claim 8, wherein
In the updating step, the flag is checked in response to the information processing device being reset, and the update CRTM stored in the main memory is authenticated in response to the flag being ON. An information updating method for updating the CRTM using the authenticated CRTM. An information updating method according to claim 1,
An information updating method applied to the information processing apparatus as a computer. A program that updates CRTM, which is a base point for performing chained authentication, for an information processing apparatus that employs a method in which the authenticity of the entire information processing apparatus is guaranteed by performing chained authentication,
A function of extracting an update CRTM that is the information of the CRTM from the information to be updated;
A function of storing the updated CRTM in a main memory of the information processing apparatus;
A function of authenticating the updated CRTM stored in the main memory;
A function of updating the CRTM with the authenticated update CRTM;
A program that realizes   The recording medium which recorded the program of Claim 11. An information processing apparatus adopting a method in which the authenticity of the entire information processing apparatus is guaranteed by performing chained authentication,
An extraction unit that extracts an update CRTM that is the information of the CRTM among the information to be updated;
A main memory in which the updated CRTM is stored;
An authentication unit for authenticating the updated CRTM stored in the main memory;
An update unit for updating the CRTM by the authenticated update CRTM;
An information processing apparatus comprising: An information processing apparatus according to claim 13,
The update unit is an information processing apparatus that updates the CRTM by removing the write protection of the CRTM. An information processing apparatus according to claim 13,
The extraction unit extracts an update module that is a module (authenticated module) that is chain-authenticated by the CRTM from information to be updated,
The authentication unit authenticates the update module by CRTM before update,
The said update part is an information processing apparatus which updates a module by changing the to-be-authenticated module currently memorize | stored into the said update module. An information processing apparatus according to claim 13,
The update unit is an information processing apparatus that updates the CRTM by resetting all devices of the information processing apparatus except the main memory. The information processing apparatus according to claim 16,
The update unit is configured to update the CRTM by resetting all devices of the information processing apparatus except the main memory by maintaining the main memory in the self-refresh mode during the reset. Processing equipment. The information processing apparatus according to claim 17,
The update unit stores information and a state of the information processing apparatus in the main memory, and calls information before the suspend state from the main memory from a suspend state in which a device other than the main memory is suspended. An information processing apparatus that updates the CRTM by an update CRTM stored in the main memory, using a resume function that returns the processing apparatus to an operation state before the suspended state. The information processing apparatus according to claim 18,
The update unit updates the CRTM by the update CRTM stored in the main memory, using a resume function that resumes immediately when the information processing apparatus enters a suspended state. An information processing apparatus according to claim 13,
An information processing apparatus comprising a nonvolatile memory that stores a flag indicating that the updated CRTM is stored after the updated CRTM is stored in the main memory.