WO2007000670A1 - Information updating method, program for the same and information processing unit - Google Patents

Information updating method, program for the same and information processing unit Download PDF

Info

Publication number
WO2007000670A1
WO2007000670A1 PCT/IB2006/002313 IB2006002313W WO2007000670A1 WO 2007000670 A1 WO2007000670 A1 WO 2007000670A1 IB 2006002313 W IB2006002313 W IB 2006002313W WO 2007000670 A1 WO2007000670 A1 WO 2007000670A1
Authority
WO
WIPO (PCT)
Prior art keywords
crtm
processing unit
information
information processing
update
Prior art date
Application number
PCT/IB2006/002313
Other languages
French (fr)
Inventor
Hiroaki Yasuda
Eitaroh Kasamatsu
Shinji Matsushima
Seiichi Kawano
Original Assignee
Lenovo (Singapore) Pte. Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Lenovo (Singapore) Pte. Ltd. filed Critical Lenovo (Singapore) Pte. Ltd.
Priority to JP2007545101A priority Critical patent/JP4728343B2/en
Publication of WO2007000670A1 publication Critical patent/WO2007000670A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]

Definitions

  • Thepresent invention relates toan informationupdatingmethod, a program for causing an information processing unit to execute the method, and an information processing unit with a function of executing the method. More specifically, the present invention relates to a method for updating a mechanism which is a root of reliability of an information processing unit or an information processing system, or information on the mechanism in the device or the system.
  • CRTM Core Root of Trust for Measurement
  • TCG Trusted Computing Group
  • computer architecture has a security chip, which is a device for guaranteeing reliability of the computer architecture .
  • a security chip When the security chip is subjected to initialization or the like, an authorized mechanism causes the security chip to execute a privileged instruction to communicate or update information to the security chip . The authorized mechanism also sets the security chip to suspend the execution of the privileged instruction.
  • Such a security chip typically has a mechanism (module) which is authorized to change a privileged setting of the security chip as a higher level mechanism. That is to say, a higher level mechanism performs a lower level authentication to maintain reliability of the entire of the computer architecture.
  • the architecture where reliability is maintained in such a chain reaction has a problem of how information maintained in a mechanism with the highest authority (CRTM) is changed, updated and communicated.
  • the CRTM is a module consisting of program codes for realizing a mechanism called CRTM, which includes information on security of an encryption key as an embodiment.
  • the CRTM must be protected against being tampered by an unauthorized user modifying the CRTM, as the CRTM is a root of reliabilityof theentire computer architecture provided with the CRTM. Therefore, updating the CRTM data, updating a program included in the CRTM, or communicating information to the CRTM data are processes exceptionally performed only when a predetermined permission is granted.
  • Patent Document 1 describes a methodwith non-volatile memory (flashmemory) dedicated to updating a BIOS (Basic Input Output System) for storing updating information of a BIOS in the non-volatile memory, reading out the updating information from the non-volatile memory and performing the update after resetting the computer architecture.
  • BIOS Basic Input Output System
  • the amount of information forming the CRTM (module) to be updated depends on the capacity of the non-volatile memory. That is to say, as data or program capacity of the CRTM increases, the capacity of the non-volatile memory should be reserved for the data or the program. As much information will need to be communicated due to extension of the CRTM functions or from many application software programs in future, information forming the CRTM will grow. From viewpoints of a cost and an area for implementing memory, it is not preferable to temporarily reserve the non-volatile memory in a size required to update the CRTM. [0008]
  • An object of the present invention is to provide a method for updating information which can address increase of information on a CRTM to be updated without requiring the device to add special hardware for realizing a method for updating the CRTM in providing the method for updating the CRTM.
  • the present invention provides an information updating method for updating a CRTM which is a root for performing Chain of Trust by using an information processing unit, which uses a system of guaranteeing validity of the entire information processing unit by performing the Chain of Trust, comprising the steps of: extracting an update CRTM which is information on said CRTM from information to be updated; storing said update CRTM in main memory of said information processing unit; authenticating the update CRTM stored in said main memory; and updating said CRTM by said authenticated update CRTM.
  • the present invention usually uses main memory with much capacity provided for the information processing unit as hardware required for realizing the method for updating the CRTM in providing the method.
  • the present invention can provide an information updating method which can address increase of information on the CRTM to be updated without requiring the device to add special hardware.
  • the present invention provides an information updating method for updating said CRTM, wherein all the devices of said information processing unit except for said main memory are reset at said updating step, and said main memory is maintained in a self refresh mode during said reset process so that all the devices of said information processing unit except for said main memory are reset and said CRTM is updated.
  • the present invention uses a self refresh mode for main memory in updating the CRTM. That is to say, as main memory is maintained in a self refresh mode when information on the CRTM to be updated is stored in main memory and updated, the CRTM can be updated without loosing information stored in the main memory while the devices are reset.
  • the present invention can provide a method for updating information which can address the increase of information on the CRTMto be updatedwithout requiringthe device to add special hardware for realizing a method for updating the CRTM in providing the method for updating the CRTM.
  • FIG.1 is a functional block diagram of an information processing unit 1, which is an embodiment of the present invention.
  • FIG. 2 is a flowchart for showing an operation operated before the information processing unit 1, which is an embodiment of the present invention, is resumed;
  • FIG. 3 a flowchart for showing an operation operated before the information processing unit 1, which is an embodiment of the present invention, is resumed;
  • FIG. 4 is a diagram showing a hardware configuration of the information processing unit 1, which is an embodiment of the present invention.
  • FIG. 1 shows a functional block diagram of an information processing unit 1, which is a preferred embodiment of the present invention•
  • the information processing unit 1 includes a controlling unit 10 for controlling, calculating and storing information, main memory 20 which can be arbitrarily accessed, non-volatile memory 30 and ROM 40 *
  • the information processing unit 1 may be a typical computer or an information processing terminal such as a compact portable terminal device (e.g. , PDA) , a cell phone and an electrical home appliance which performs information processing.
  • the information processing unit 1 realizes a method for updating the CRTM.
  • the CRTM described here is a module consisting of program codes for realizing a mechanism called CRTM, which includes information on security of an encryption key as an embodiment.
  • the ' CRTM may be a part of a code of a BIOS. That is to say, the CRTM may be a BIOS boot block (the code first read out when the information processing unit 1 starts) .
  • the CRTM may be the entire of a BIOS.
  • the CRTM is a root ofreliabilityofthe entire of computerarchitecture provided with the CRTM.
  • the other modules (authenticated modules) are authenticated based on the CRTM as a root, and reliability of the entire of the information processing unit 1 is guaranteed.
  • the information processing unit 1 needs to be reset. If the CRTM is not a BIOS boot block but a module relating to boot-up is updated, the information processing unit 1 also needs to be reset. [0019]
  • the controlling unit 10 executes an information updatingmethod according to the present invention and controls a program operating in the information processing unit 1-
  • the controlling unit 10 may be a typical central processing unit (CPU) .
  • the controlling unit 10 includes an updating unit 11 for updating information, an authenticating unit 13 for performing authentication and an extracting unit 15 for extracting information. [0020]
  • the updating unit 11 updates the CRTM and an authenticatedmodule, which is a module authenticated by the CRTM.
  • the terminology "to update the CRTM” here means to update a program for realizing a mechanism of the CRTM and to update the CRTM data (for example, data such as an encryption key) .
  • the updating unit 11 may include the CRTM updating unit 12 for updating the CRTM.
  • the updating unit 11 updates information or the like stored in CRTM storage 41 but the updating information needs not overwrite the information to be updated. That is to say, both of the information stored in the CRTM storage 41 before the information is updated and the updating information may be stored after the updating unit 11 updates information (The updating unit 11 may simply communicate information to the CRTM storage 41) .
  • the authenticating unit 13 authenticates the CRTM to be updated and an authenticated module to be updated.
  • the authenticating unit 13 may include an update module authenticating unit 14 for authenticating a module to be updated.
  • the extracting unit 15 extracts predetermined information from information to be updated. That is to say, the extracting unit 15 determines whether the information to be updated is information on the CRTM or information on an authenticated module or the other information, and extracts the information on the CRTM or the information on an authenticated module.
  • the main memory 20 stores the CRTM to be updated (update CRTM) .
  • the main memory 20 is main memory of a computer and may be RAM (Random Access Memory) .
  • the main memory 20 includes update CRTM storage 21. That is to say, the controlling unit 10 temporarily stores the CRTM to be updated in the update CRTM storage 21 of the main memory 20.
  • Thenon-volatilememory 30 is storage inwhich storedinformation is not deleted when the information processing unit 1 is reset.
  • the non-volatile memory 30 has flag storage 31.
  • the controlling unit 10 stores a flag in flag storage 31 of the non-volatile memory 30 when it updates the CRTM, and determines whether it needs to update the CRTM when it resets the device.
  • the terminology "reset” here means to resume the initial state of all the devices of the information processing unit 1.
  • the ROM (Read Only Memory) 40 is memory which can set to enable or disable the controlling unit 10 to write by certain size and can set to disable to change the setting.
  • the ROM 40 has the CRTM storage
  • the ROM 40 may store a boot block of the information processing unit 1.
  • the authenticated module storage 42 stores an authenticated module.
  • the term "authenticated module” here may be a code of a BIOS except for the boot block when the CRTM is a boot block, for example. In such a case, the CRTM is authenticated for a root, and then the code of the BIOS except for the boot block is authenticated.
  • the ROM 40 of the information processing unit 1 has the CRTM storage 41 and the authenticated module storage 42 in this embodiment, the CRTM storage 41 and the authenticated module storage
  • An authenticated module can be realized by an application program in the case that the authenticatedmodule storage 42 is included in a hard disk or the like.
  • memory such as a hard disk or the like has a function of setting to enable or disable the controlling unit 10 to write by certain size, and setting to disable to change the setting.
  • FIG. 2 is a flowchart of information processing performed by the information processing unit 1, which is a preferred embodiment of the present invention.
  • an update program for updating the CRTM and an authenticated module is started (step SOl) .
  • the update program is recorded on a hard disk and executed by the controlling unit 10.
  • the extracting unit 15 extracts information on the CRTM (update CRTM) from information to be updated (step S02) .
  • the controlling unit 10 copies the update CRTM from the hard disk or the like to main memory (step S03) .
  • the extracting unit 15 extracts information on an authenticated module (update module) from information to be updated (step S04) . Then, the controlling unit 10 sets a flag ON to the non-volatile memory 30 so that the CRTM is updated at the next reset (step S05) . That is to say, the controlling unit 10 stores a flag to update the CRTM in the flag storage 31 of the non-volatile memory 30 at the next reset.
  • the updating unit 11 does setting so that all the devices except for the main memory 20 are reset in resuming process (step S06) .
  • the term “resume” here means a function of starting the information processing unit 1 from its standby state, suspend state or shutdown state, or a state of the information processing unit 1 which is currently starting from one of the states.
  • the term “suspend state” in this specification means a state of devices of the information processing unit 1 other than the main memory 20 suspending.
  • the controlling unit 10 When the controlling unit 10 starts (resumes) a device from the suspend state, it stores information on and a state of the information processing unit 1 before it enters into the suspend state in the main memory 20, invokes the information on the information processing unit 1 before it enters into the suspend state from the main memory 20 when it resumes the device, and resumes the operating state of the device of the information processing unit 1 before it enters into the suspend state. [0030]
  • the controlling unit 10 resets a device when it resumes the device (step S06) , but it does not resets the main memory 20 as it stores the update CRTM and needs to maintain it.
  • a method using a self refresh mode is known.
  • the self refresh mode is a function to maintain information on the main memory 20 independent of a memory controller.
  • the self refresh mode is realized by an inner circuit (self refresh circuit 25) which is added to the main memory 20.
  • the self refreshmode is executedwhen the informationprocessing unit 1 is in the suspend state.
  • the method takes advantage of the feature of the self refreshmode that it is guaranteed to bemaintained when the information processing unit 1 is resumed from the suspend mode (suspend/resume function) to save the CRTM to be updated in the main memory 20 even if the device is reset. ⁇ That is to say, the method can secure the update CRTM as it secures the self refresh mode even if it resets the memory controller as one of the devices.
  • the controlling unit 10 transfers the state to the suspend state by continuing to operate the update program (step S07) .
  • the controlling unit 10 receives a signal for resuming the state from the suspend state (step SlO) . It is assumed that the information processing unit 1 enters into the suspend state in response to a request to enter into the suspend state from the update program, and the mainmemory 20 is in the self refresh mode. If the controlling unit 10 determines that the information processing unit 1 enters into the suspend state to shorten a time of staying in the self refresh mode, it may set the information processing unit 1 to resume the state immediately.
  • the controlling unit 10 starts all the devices (step SIl) .
  • the boot block is started first.
  • the CRTM is a boot block
  • the old CRTM is stated first.
  • the authenticating unit 13 authenticates an update module by the old CRTM (step S13) .
  • the updating module is authenticated
  • the controlling unit 10 updates the authenticated module by replacing the authenticated module with the update module (stepS14) .
  • the authenticated module is stored in the authenticated module storage 42 of the ROM 40
  • the authenticated module is updated for the authenticated module storage 42.
  • the authenticated module needs to be authenticated by the CRTM before updated (hereinafter referred to as "old CRTM") before the CRTM is updated.
  • An authenticated module may be authenticated by the old CRTM and the authenticated module may be updated after step SO4 of FIG. 2.
  • the controlling unit 10 releases writing protection of the CRTM of the CRTM storage 41 (step S15) . That is to say, an authenticated module such as a BIOS to be updated is authenticated by the old CRTM. Therefore, the controlling unit 10 determines that the valid subject (authenticated module such as authenticated BIOS or the like) is appropriate to be updated to update information and releases writing protection.
  • the CRTM is updated only when the update CRTM is authenticated for updating the BIOS module execute by the CRTM updating unit 12, to be described later. That is to say, if either a subject to be updated or information to be updated is not authenticated, the controlling unit 10 determines that the CRTM is invalid to be updated and gives up updating the CRTM.
  • the CRTM updating unit 12 updates the CRTM by executing the update module which is authenticated by the old CRTM (step S16) . That is to say, the CRTM updating unit 12 rewrites old CRTM information in the CRTM storage 41 of the ROM 40 with the update CRTM. Then the CRTM updating unit 12 may delete the update CRTM stored in the update CETM storage 21 of the main memory 20.
  • the CRTM updating unit 12 determines whether the information processing unit 1 needs to be rebooted or not due to updating of the CRTM (step S17) . If it is determined that the information processing unit 1 needs to be rebooted, the CRTM updating unit 12 executes the rebooting (step S18) . After the step S17 or S18, the information processing unit 1 operates by the updated CRTM. [0038]
  • the information processing unit 1 includes a CPU 15 corresponding to the controlling unit 10, a host/PCI bridge 50 for bridging with the CPU 15 to connect with the CPU 15, mainmemory 20, a mainmemory controller 51 for controlling themainmemory 20, a refresh controller 52 for controlling refreshing process of the main memory, a disk controller 60, a hard disk 61 connected therewith via the disk controller 60, a CD-ROM/DVD 62, a PCI/ISA bridge or a PCI/LPC bridge 70 for bridging with an ISA to connect with the ISA, non-volatile memory 30 connected therewith via the PCI/ISA bridge or the PCI/LPC bridge 70, ROM 40 and a power source controller 71.
  • a CPU 15 corresponding to the controlling unit 10
  • mainmemory controller 51 for controlling themainmemory 20
  • a refresh controller 52 for controlling refreshing process of the main memory
  • the main memory 20 is usually controlled by the main memory controller 51.
  • the refresh controller 52 switches themainmemory20 froma normal refresh mode to a self refresh mode.
  • a self refresh circuit 25 of the main memory 20 receives the signal indicating that the mode is switched and switches the main memory 20 to self refresh mode.
  • Each device connected with the host/PCI bridge 50 is reset when it is resumed from a suspend state or a shutdown state.
  • the hard disk 61 stores a program for updating. A part or the entire of the program for updating may be written in the main memory
  • the non-volatile memory 30 may store a flag for updating the CRTM or the ROM 40 may store the CRTM and the authenticated module.
  • the power source controller 71 controls the state of the power source of the information processing unit 1.
  • the power source controller 71 includes a function of causing the information processing unit 1 to enter into a suspend state or a shutdown state or a function of resuming the information processing unit 1 from one of the states .
  • FIG. 4 The block diagram of hardware shown in FIG. 4 is a preferred example of the present invention, in which the non-volatile memory 30, the ROM 40 and the power source controller 71 may operate via the PCI/ISA bridge or the PCI/LPC bridge 70. ' [0044]
  • An information processing unit and an information processing method for realizing the embodiment may be realized by a program which is executed in a computer or a server.
  • Storage media for the program may include an optical storage medium, a tape medium, semiconductor memory and the like.
  • Memory such as a hard disk, RAM or the like provided for a server system connected with a dedicated network or the Internet may be used as a storage medium for providing a program via a network.

Abstract

To provide a method for updating information and an information processing unit which can address increase of information on a CRTM to be updated without requiring the device to add special hardware for realizing a method for updating the CRTM in providing the method for updating the CRTM. An information updating method for updating a CRTM which is a root for performing Chain of Trust by using an information processing unit, which uses a system of guaranteeing validity of the entire information processing unit by performing the Chain of Trust, comprising the steps of: extracting an update CRTM which is information on said CRTM from information to be updated; storing said update CRTM inmain memory of said information processing unit; authenticating the update CRTM stored in said main memory; and updating said CRTM by said authenticated update CRTM is provided .

Description

TITLE OF THE INVENTION
INFORMATION UPDATING METHOD, PROGRAM FOR THE SAME AND INFORMATION
PROCESSING UNIT
CROSS-REFERENCE TO RELATED APPLICATIONS
Japanese Patent Application No. 2005-33286 filed February 9, 2005
STATEMENT REGARDING FEDERALLY SPONSORED RESEARCH OR DEVELOPMENT Not Applicable
THE NAMES OF THE PARTIES TO A JOINT RESEARCH AGREEMENT Not Applicable
INCORPORATION-BY-REFERENCE OF MATERIAL SUBMITTED ON A COMPACT DISK Not Applicable
BACKGROUND OF THE INVENTION
(1) Field of the invention [0001]
Thepresent invention relates toan informationupdatingmethod, a program for causing an information processing unit to execute the method, and an information processing unit with a function of executing the method. More specifically, the present invention relates to a method for updating a mechanism which is a root of reliability of an information processing unit or an information processing system, or information on the mechanism in the device or the system.
(2) Description of Related Art [0002]
Highly reliable computer mechanisms have been designed. For example, the CRTM (Core Root of Trust for Measurement) is known as a fundamental element for forming a highly-secured platform, which is proposed by the Trusted Computing Group (TCG) . A system for guaranteeing validity of the entire information processing unit or the entire informationprocessing systembyperforming Chain ofTrust starting at the CRTM is also known. [0003]
For example, computer architecture has a security chip, which is a device for guaranteeing reliability of the computer architecture . When the security chip is subjected to initialization or the like, an authorized mechanism causes the security chip to execute a privileged instruction to communicate or update information to the security chip . The authorized mechanism also sets the security chip to suspend the execution of the privileged instruction. [0004]
Such a security chip typically has a mechanism (module) which is authorized to change a privileged setting of the security chip as a higher level mechanism. That is to say, a higher level mechanism performs a lower level authentication to maintain reliability of the entire of the computer architecture. The architecture where reliability is maintained in such a chain reaction has a problem of how information maintained in a mechanism with the highest authority (CRTM) is changed, updated and communicated. [0005]
The CRTM is a module consisting of program codes for realizing a mechanism called CRTM, which includes information on security of an encryption key as an embodiment. The CRTM must be protected against being tampered by an unauthorized user modifying the CRTM, as the CRTM is a root of reliabilityof theentire computer architecture provided with the CRTM. Therefore, updating the CRTM data, updating a program included in the CRTM, or communicating information to the CRTM data are processes exceptionally performed only when a predetermined permission is granted. [0006]
Amethod for communicating information to the CRTM by providing hardware dedicated to computer architecture is known. Patent Document 1 describes a methodwith non-volatile memory (flashmemory) dedicated to updating a BIOS (Basic Input Output System) for storing updating information of a BIOS in the non-volatile memory, reading out the updating information from the non-volatile memory and performing the update after resetting the computer architecture. [Patent Document 1] Published Unexamined Patent Application No. 2002-244874
BRIEF SUMMARY OF THE INVENTION [0007]
With the method for performing an update by using non-volatile memory as described in Patent Document 1, however, the amount of information forming the CRTM (module) to be updated depends on the capacity of the non-volatile memory. That is to say, as data or program capacity of the CRTM increases, the capacity of the non-volatile memory should be reserved for the data or the program. As much information will need to be communicated due to extension of the CRTM functions or from many application software programs in future, information forming the CRTM will grow. From viewpoints of a cost and an area for implementing memory, it is not preferable to temporarily reserve the non-volatile memory in a size required to update the CRTM. [0008]
An object of the present invention is to provide a method for updating information which can address increase of information on a CRTM to be updated without requiring the device to add special hardware for realizing a method for updating the CRTM in providing the method for updating the CRTM. [0009]
The present invention provides an information updating method for updating a CRTM which is a root for performing Chain of Trust by using an information processing unit, which uses a system of guaranteeing validity of the entire information processing unit by performing the Chain of Trust, comprising the steps of: extracting an update CRTM which is information on said CRTM from information to be updated; storing said update CRTM in main memory of said information processing unit; authenticating the update CRTM stored in said main memory; and updating said CRTM by said authenticated update CRTM. [0010]
Therefore, the present invention usually uses main memory with much capacity provided for the information processing unit as hardware required for realizing the method for updating the CRTM in providing the method. As a result, the present invention can provide an information updating method which can address increase of information on the CRTM to be updated without requiring the device to add special hardware. [0011]
Specifically, the present invention provides an information updating method for updating said CRTM, wherein all the devices of said information processing unit except for said main memory are reset at said updating step, and said main memory is maintained in a self refresh mode during said reset process so that all the devices of said information processing unit except for said main memory are reset and said CRTM is updated. [0012]
Therefore, the present invention uses a self refresh mode for main memory in updating the CRTM. That is to say, as main memory is maintained in a self refresh mode when information on the CRTM to be updated is stored in main memory and updated, the CRTM can be updated without loosing information stored in the main memory while the devices are reset. [0013]
The present invention can provide a method for updating information which can address the increase of information on the CRTMto be updatedwithout requiringthe device to add special hardware for realizing a method for updating the CRTM in providing the method for updating the CRTM.
BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWINGS [0014]
FIG.1 is a functional block diagram of an information processing unit 1, which is an embodiment of the present invention;
FIG. 2 is a flowchart for showing an operation operated before the information processing unit 1, which is an embodiment of the present invention, is resumed;
FIG. 3 a flowchart for showing an operation operated before the information processing unit 1, which is an embodiment of the present invention, is resumed; and
FIG. 4 is a diagram showing a hardware configuration of the information processing unit 1, which is an embodiment of the present invention.
DETAILED DESCRIPTION OF THE INVENTION [0016]
Apreferredembodiment of thepresent inventionwillbe described with reference to drawings. [0017]
FIG. 1 shows a functional block diagram of an information processing unit 1, which is a preferred embodiment of the present invention• The information processing unit 1 includes a controlling unit 10 for controlling, calculating and storing information, main memory 20 which can be arbitrarily accessed, non-volatile memory 30 and ROM 40 * The information processing unit 1 may be a typical computer or an information processing terminal such as a compact portable terminal device (e.g. , PDA) , a cell phone and an electrical home appliance which performs information processing. The information processing unit 1 realizes a method for updating the CRTM. [0018]
The CRTM described here is a module consisting of program codes for realizing a mechanism called CRTM, which includes information on security of an encryption key as an embodiment. The 'CRTM may be a part of a code of a BIOS. That is to say, the CRTM may be a BIOS boot block (the code first read out when the information processing unit 1 starts) . The CRTM may be the entire of a BIOS. The CRTM is a root ofreliabilityofthe entire of computerarchitecture provided with the CRTM. The other modules (authenticated modules) are authenticated based on the CRTM as a root, and reliability of the entire of the information processing unit 1 is guaranteed. If the CRTM is a BIOS boot block as mentioned above when the CRTM is updated, the information processing unit 1 needs to be reset. If the CRTM is not a BIOS boot block but a module relating to boot-up is updated, the information processing unit 1 also needs to be reset. [0019]
The controlling unit 10 executes an information updatingmethod according to the present invention and controls a program operating in the information processing unit 1- The controlling unit 10 may be a typical central processing unit (CPU) . The controlling unit 10 includes an updating unit 11 for updating information, an authenticating unit 13 for performing authentication and an extracting unit 15 for extracting information. [0020]
The updating unit 11 updates the CRTM and an authenticatedmodule, which is a module authenticated by the CRTM. The terminology "to update the CRTM" here means to update a program for realizing a mechanism of the CRTM and to update the CRTM data (for example, data such as an encryption key) . The updating unit 11 may include the CRTM updating unit 12 for updating the CRTM. The updating unit 11 updates information or the like stored in CRTM storage 41 but the updating information needs not overwrite the information to be updated. That is to say, both of the information stored in the CRTM storage 41 before the information is updated and the updating information may be stored after the updating unit 11 updates information (The updating unit 11 may simply communicate information to the CRTM storage 41) . [0021]
The authenticating unit 13 authenticates the CRTM to be updated and an authenticated module to be updated. The authenticating unit 13 may include an update module authenticating unit 14 for authenticating a module to be updated. [0022]
The extracting unit 15 extracts predetermined information from information to be updated. That is to say, the extracting unit 15 determines whether the information to be updated is information on the CRTM or information on an authenticated module or the other information, and extracts the information on the CRTM or the information on an authenticated module. [0023] The main memory 20 stores the CRTM to be updated (update CRTM) . The main memory 20 is main memory of a computer and may be RAM (Random Access Memory) . The main memory 20 includes update CRTM storage 21. That is to say, the controlling unit 10 temporarily stores the CRTM to be updated in the update CRTM storage 21 of the main memory 20. [0024]
Thenon-volatilememory 30 is storage inwhich storedinformation is not deleted when the information processing unit 1 is reset. The non-volatile memory 30 has flag storage 31. The controlling unit 10 stores a flag in flag storage 31 of the non-volatile memory 30 when it updates the CRTM, and determines whether it needs to update the CRTM when it resets the device. The terminology "reset" here means to resume the initial state of all the devices of the information processing unit 1. [0025]
The ROM (Read Only Memory) 40 is memory which can set to enable or disable the controlling unit 10 to write by certain size and can set to disable to change the setting. The ROM 40 has the CRTM storage
41 and the authenticated module storage 42. The ROM 40 may store a boot block of the information processing unit 1. The authenticated module storage 42 stores an authenticated module. The term "authenticated module" here may be a code of a BIOS except for the boot block when the CRTM is a boot block, for example. In such a case, the CRTM is authenticated for a root, and then the code of the BIOS except for the boot block is authenticated.
[0026]
Although the ROM 40 of the information processing unit 1 has the CRTM storage 41 and the authenticated module storage 42 in this embodiment, the CRTM storage 41 and the authenticated module storage
42 may be included in a micro device, a hard disk or the like other than the ROM 40. An authenticated module can be realized by an application program in the case that the authenticatedmodule storage 42 is included in a hard disk or the like. In such a case, memory such as a hard disk or the like has a function of setting to enable or disable the controlling unit 10 to write by certain size, and setting to disable to change the setting. [0027]
FIG. 2 is a flowchart of information processing performed by the information processing unit 1, which is a preferred embodiment of the present invention. At first, an update program for updating the CRTM and an authenticated module is started (step SOl) . The update program is recorded on a hard disk and executed by the controlling unit 10. The extracting unit 15 extracts information on the CRTM (update CRTM) from information to be updated (step S02) . Then, the controlling unit 10 copies the update CRTM from the hard disk or the like to main memory (step S03) . [0028]
The extracting unit 15 extracts information on an authenticated module (update module) from information to be updated (step S04) . Then, the controlling unit 10 sets a flag ON to the non-volatile memory 30 so that the CRTM is updated at the next reset (step S05) . That is to say, the controlling unit 10 stores a flag to update the CRTM in the flag storage 31 of the non-volatile memory 30 at the next reset. [0029]
Then, the updating unit 11 does setting so that all the devices except for the main memory 20 are reset in resuming process (step S06) . The term "resume" here means a function of starting the information processing unit 1 from its standby state, suspend state or shutdown state, or a state of the information processing unit 1 which is currently starting from one of the states. The term "suspend state" in this specification means a state of devices of the information processing unit 1 other than the main memory 20 suspending. When the controlling unit 10 starts (resumes) a device from the suspend state, it stores information on and a state of the information processing unit 1 before it enters into the suspend state in the main memory 20, invokes the information on the information processing unit 1 before it enters into the suspend state from the main memory 20 when it resumes the device, and resumes the operating state of the device of the information processing unit 1 before it enters into the suspend state. [0030]
The controlling unit 10 resets a device when it resumes the device (step S06) , but it does not resets the main memory 20 as it stores the update CRTM and needs to maintain it. As a preferred embodiment to maintain the stored update CRTM while the other devices are being reset, a method using a self refresh mode is known. The self refresh mode is a function to maintain information on the main memory 20 independent of a memory controller. The self refresh mode is realized by an inner circuit (self refresh circuit 25) which is added to the main memory 20. [0031]
The self refreshmode is executedwhen the informationprocessing unit 1 is in the suspend state. The method takes advantage of the feature of the self refreshmode that it is guaranteed to bemaintained when the information processing unit 1 is resumed from the suspend mode (suspend/resume function) to save the CRTM to be updated in the main memory 20 even if the device is reset. That is to say, the method can secure the update CRTM as it secures the self refresh mode even if it resets the memory controller as one of the devices. [0032]
The controlling unit 10 transfers the state to the suspend state by continuing to operate the update program (step S07) . [0033]
Next, a flow of setting to update the CRTM of the information processing unit 1, transferring to the suspend state, then resuming the state from the suspend state and updating the CRTM and an authenticated module as mentioned above will be described with reference to FIG. 3. [0034]
The controlling unit 10 receives a signal for resuming the state from the suspend state (step SlO) . It is assumed that the information processing unit 1 enters into the suspend state in response to a request to enter into the suspend state from the update program, and the mainmemory 20 is in the self refresh mode. If the controlling unit 10 determines that the information processing unit 1 enters into the suspend state to shorten a time of staying in the self refresh mode, it may set the information processing unit 1 to resume the state immediately.
[0035]
Next, the controlling unit 10 starts all the devices (step SIl) . The boot block is started first. When the CRTM is a boot block, the old CRTM is stated first. The authenticating unit 13 authenticates an update module by the old CRTM (step S13) . When the update module is authenticated, the controlling unit 10 updates the authenticated module by replacing the authenticated module with the update module (stepS14) . In the embodiment, as an authenticated module is stored in the authenticated module storage 42 of the ROM 40, the authenticated module is updated for the authenticated module storage 42. When the CRTM is updated by an authenticated module, the authenticated module needs to be authenticated by the CRTM before updated (hereinafter referred to as "old CRTM") before the CRTM is updated. An authenticated module may be authenticated by the old CRTM and the authenticated module may be updated after step SO4 of FIG. 2. [0036]
When an authenticated module such as a BIOS for updating the CRTMis authenticatedby the oldCRTM, the controlling unit 10 releases writing protection of the CRTM of the CRTM storage 41 (step S15) . That is to say, an authenticated module such as a BIOS to be updated is authenticated by the old CRTM. Therefore, the controlling unit 10 determines that the valid subject (authenticated module such as authenticated BIOS or the like) is appropriate to be updated to update information and releases writing protection. The CRTM is updated only when the update CRTM is authenticated for updating the BIOS module execute by the CRTM updating unit 12, to be described later. That is to say, if either a subject to be updated or information to be updated is not authenticated, the controlling unit 10 determines that the CRTM is invalid to be updated and gives up updating the CRTM. [0037]
The CRTM updating unit 12 updates the CRTM by executing the update module which is authenticated by the old CRTM (step S16) . That is to say, the CRTM updating unit 12 rewrites old CRTM information in the CRTM storage 41 of the ROM 40 with the update CRTM. Then the CRTM updating unit 12 may delete the update CRTM stored in the update CETM storage 21 of the main memory 20. The CRTM updating unit 12 determines whether the information processing unit 1 needs to be rebooted or not due to updating of the CRTM (step S17) . If it is determined that the information processing unit 1 needs to be rebooted, the CRTM updating unit 12 executes the rebooting (step S18) . After the step S17 or S18, the information processing unit 1 operates by the updated CRTM. [0038]
A hardware configuration of the information processing unit 1, which is a preferred embodiment of the present invention, will be described with reference to FIG. 4. The information processing unit 1 includes a CPU 15 corresponding to the controlling unit 10, a host/PCI bridge 50 for bridging with the CPU 15 to connect with the CPU 15, mainmemory 20, a mainmemory controller 51 for controlling themainmemory 20, a refresh controller 52 for controlling refreshing process of the main memory, a disk controller 60, a hard disk 61 connected therewith via the disk controller 60, a CD-ROM/DVD 62, a PCI/ISA bridge or a PCI/LPC bridge 70 for bridging with an ISA to connect with the ISA, non-volatile memory 30 connected therewith via the PCI/ISA bridge or the PCI/LPC bridge 70, ROM 40 and a power source controller 71. [0039]
The main memory 20 is usually controlled by the main memory controller 51. When the main memory 20 is in a suspend state, the refresh controller 52 switches themainmemory20 froma normal refresh mode to a self refresh mode. A self refresh circuit 25 of the main memory 20 receives the signal indicating that the mode is switched and switches the main memory 20 to self refresh mode. [0040]
Each device connected with the host/PCI bridge 50 is reset when it is resumed from a suspend state or a shutdown state. [0041]
The hard disk 61 stores a program for updating. A part or the entire of the program for updating may be written in the main memory
20 when the CPU 15 starts the program for updating.
[0042]
The non-volatile memory 30 may store a flag for updating the CRTM or the ROM 40 may store the CRTM and the authenticated module. The power source controller 71 controls the state of the power source of the information processing unit 1. The power source controller 71 includes a function of causing the information processing unit 1 to enter into a suspend state or a shutdown state or a function of resuming the information processing unit 1 from one of the states . [0043]
The block diagram of hardware shown in FIG. 4 is a preferred example of the present invention, in which the non-volatile memory 30, the ROM 40 and the power source controller 71 may operate via the PCI/ISA bridge or the PCI/LPC bridge 70.' [0044]
An information processing unit and an information processing method for realizing the embodiment may be realized by a program which is executed in a computer or a server. Storage media for the program may include an optical storage medium, a tape medium, semiconductor memory and the like. Memory such as a hard disk, RAM or the like provided for a server system connected with a dedicated network or the Internet may be used as a storage medium for providing a program via a network. [0045]
Although the embodiment of the present invention has been described above, it merely exemplifies a specific example and does not limit the present invention. Advantages described in the embodiment of the present invention are merely a list of the most preferred advantages of the present invention and advantages of the present invention are not limited to those described inthe embodiment of the present invention.

Claims

1. An information updating method for updating a CRTM which is a root forperforming Chain of Trust byusing an informationprocessing unit, which uses a system of guaranteeing validity of the entire information processing unit by performing the Chain of Trust, comprising the steps of: extracting an update CRTM which is information on said CRTM from information to be updated; storing said update CRTM in main memory of said information processing unit; authenticating the update CRTM stored in said main memory; and updating said CRTM by said authenticated update CRTM.
2. The information updating method according to claim 1, further comprising the step of updating a module by extracting an update module which is a module (authenticated module) to be subjected to Chain of Trust by said CRTM from information to be updated, authenticating said update module by said CRTM before updated and changing a currently stored authenticated module to said update module.
3. The information updating method according to claim 1, wherein said authenticated module is a BIOS of said information processing unit.
4. The information updating method according to claim 1, wherein all the devices of said information processing unit except for said main memory are reset so that said CRTM is updated at said updating step.
5. The information updating method according to claim 4, wherein said main memory is kept in a self refresh mode during said resetting process and all the devices of said informationprocessing unit except for said main memory are reset so that said CRTM is updated at said updating step.
6. The information updating method according to claim 5, wherein said CRTM is updated by the update CRTM stored in said main memory with a resuming function of storing information on and a state of said information processing unit in said main memory; invoking information on the information processing unit before it enters into said suspend state from said main memory when it enters in a suspend state where devices except for said main memory are suspended; and resuming an operating state of said information processing unit before it enters into the suspend state at said updating step.
7. The information updating method according to claim 6, wherein said CRTM is updated by the update CRTM stored in said main memory with a resuming function of resuming immediately after said information processing unit enters into a suspend state at said state of updating the CRTM-.
8. The information updating method according to claim 1, wherein said information processing unit comprises non-volatile memory, and said method further comprises a flag storing step for storing said update CRTM in said main memory and then storing a flag indicating that said update CRTM is stored in said non-volatile memory.
9. The information updating method according to claim 8, wherein said flag is checked when said information processing unit is reset, the update CRTM stored in said main memory is authenticated when the flag is ON, and said CRTM is updated by using said authenticated CRTM at said updating step.
10. The information updating method according to claim 1, wherein said information processing unit is a computer and said method is applied to said computer.
11. A program for updating a CRTM which is a root for performing Chain of Trust for an information processing unit, which uses a system of guaranteeing validity of the entire information processing unit by performing the Chain of Trust, realizing the functions of: extracting an update CRTM which is information on said CRTM from information to be updated; storing said update CRTM in main memory of said information processing unit; authenticating the update CRTM stored in said main memory; and updating said CRTM by said authenticated update CRTM.
12. A storage medium recording the program according to claim 11.
13. An information processing unit which uses a system of guaranteeing validity of the entire information processing unit by performing Chain of Trust, comprising: an extracting unit for extracting an update CRTM which is information on said CRTM from information to be updated; main memory storing said update CRTM; an authenticating unit for authenticating the update CRTM stored in said main memory; and an updating unit for updating said CRTM by said authenticated update CRTM.
14. The information processing unit according to claim 13, wherein said updating unit updates said CRTM by releasing writing protection of said CRTM.
15. The information processing unit according to claim 13, wherein said extracting unit extracts an update module which is a module
(authenticated module) to be subjected to Chain of Trust by said CRTM from information to be updated; said authenticating unit authenticates said update module by the CRTM before updated; and said updating unit updates a module by changing a currently stored authenticated module to said update module.
16. The information processing unit according to claim 13, wherein said updating unit updates said CRTM by resetting all the devices of said information processing unit except for said main memory.
17. The information processing unit according to claim 16, wherein said updating unit updates said CRTM by keeping said main memory in a self refresh mode during said resetting process and all the devices of said information processing unit except for said main memory are reset.
18. The information processing unit according to claim 17, wherein said updating unit updates said CRTM by the update CRTM stored in said main memory with a resuming function of storing information on and a state of said information processing unit in saidmain memory; invoking information on the information processing unit before it enters into said suspend state from said main memory when it enters in a suspend state where devices except for said main memory are suspended; and resuming an operating state of said information processing unit before it enters into the suspend state.
19. The information processing unit according to claim 18, wherein said updating unit updates said CRTM by the update CRTM stored in said main memory with a resuming function of resuming immediately after said information processing unit enters into a suspend state.
20. The information processing unit according to claim 13, further comprising non-volatile memory which stores a flag indicating that said update CRTM is stored after storing said update CRTM in said main memory.
PCT/IB2006/002313 2005-02-09 2006-02-08 Information updating method, program for the same and information processing unit WO2007000670A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2007545101A JP4728343B2 (en) 2005-02-09 2006-02-08 Information updating method, program, and information processing apparatus

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2005033286A JP2006221354A (en) 2005-02-09 2005-02-09 Information update method, program and information processor
JP2005-033286 2005-02-09

Publications (1)

Publication Number Publication Date
WO2007000670A1 true WO2007000670A1 (en) 2007-01-04

Family

ID=36983659

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2006/002313 WO2007000670A1 (en) 2005-02-09 2006-02-08 Information updating method, program for the same and information processing unit

Country Status (2)

Country Link
JP (2) JP2006221354A (en)
WO (1) WO2007000670A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2010524123A (en) * 2007-04-13 2010-07-15 ヒューレット−パッカード デベロップメント カンパニー エル.ピー. Trusted component update system and trusted component update method
JP2019117588A (en) * 2017-12-27 2019-07-18 ブラザー工業株式会社 Electronic apparatus

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5465738B2 (en) * 2012-01-30 2014-04-09 レノボ・シンガポール・プライベート・リミテッド System firmware update method and computer

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001061485A2 (en) * 2000-02-14 2001-08-23 Intel Corporation Modular bios update mechanism
US20020069316A1 (en) * 1998-04-15 2002-06-06 Mattison Phillip E. Method and apparatus for protecting flash memory
US20040015941A1 (en) * 2001-02-15 2004-01-22 Kabushiki Kaisha Toshiba Information-processing apparatus equipped with nonvolatile memory device and firmware-updating method for use in the apparatus
US20050021968A1 (en) * 2003-06-25 2005-01-27 Zimmer Vincent J. Method for performing a trusted firmware/bios update

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11194847A (en) * 1998-01-06 1999-07-21 Toshiba Corp Computer system and initialization controller
JP2000339053A (en) * 1999-05-26 2000-12-08 Hitachi Ltd Saving and recovering method and device for display memory contents
JP3561211B2 (en) * 2000-06-27 2004-09-02 株式会社東芝 Information processing apparatus and non-volatile storage device rewriting control method
JP2004280168A (en) * 2003-03-12 2004-10-07 Fuji Xerox Co Ltd Memory backup device and its method
US7254722B2 (en) * 2003-04-10 2007-08-07 Lenovo (Singapore) Pte. Ltd Trusted platform motherboard having physical presence detection based on activation of power-on-switch

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020069316A1 (en) * 1998-04-15 2002-06-06 Mattison Phillip E. Method and apparatus for protecting flash memory
WO2001061485A2 (en) * 2000-02-14 2001-08-23 Intel Corporation Modular bios update mechanism
US20040015941A1 (en) * 2001-02-15 2004-01-22 Kabushiki Kaisha Toshiba Information-processing apparatus equipped with nonvolatile memory device and firmware-updating method for use in the apparatus
US20050021968A1 (en) * 2003-06-25 2005-01-27 Zimmer Vincent J. Method for performing a trusted firmware/bios update

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
TRUSTED COMPUTING PLATFORM ALLIANCE: "TCG PC Specific Implementation Specification Version 1.0, September 09, 2001", 9 September 2001, XP002294898 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2010524123A (en) * 2007-04-13 2010-07-15 ヒューレット−パッカード デベロップメント カンパニー エル.ピー. Trusted component update system and trusted component update method
JP2019117588A (en) * 2017-12-27 2019-07-18 ブラザー工業株式会社 Electronic apparatus
JP7067057B2 (en) 2017-12-27 2022-05-16 ブラザー工業株式会社 Electronics

Also Published As

Publication number Publication date
JP4728343B2 (en) 2011-07-20
JP2006221354A (en) 2006-08-24
JP2008523494A (en) 2008-07-03

Similar Documents

Publication Publication Date Title
CN107683479B (en) NAND-based verification boot
CN101578609B (en) Secure booting a computing device
KR101974188B1 (en) Firmware-based trusted platform module for arm® trustzone™ implementations
CN110023941B (en) System on chip and method for realizing switching of safety operation system
US8909940B2 (en) Extensible pre-boot authentication
US9703635B2 (en) Method, computer program, and computer for restoring set of variables
US8028174B2 (en) Controlling update of content of a programmable read-only memory
JP4954228B2 (en) Bootloader safety update without knowledge of safety key
US8201239B2 (en) Extensible pre-boot authentication
US8086839B2 (en) Authentication for resume boot path
CN110998578B (en) System and method for booting within a heterogeneous memory environment
US20080168545A1 (en) Method for Performing Domain Logons to a Secure Computer Network
WO2004051444A2 (en) Providing a secure execution mode in a pre-boot environment
CN107567629B (en) Dynamic firmware module loader in trusted execution environment container
WO2022250836A1 (en) Transfer of ownership of a computing device via a security processor
TW201220040A (en) Method to ensure platform silicon configuration integrity
JP2005316599A (en) Interrupt controller
CN116561826A (en) Managing use of management controller secrets based on firmware ownership history
US10725845B2 (en) Methods of operating memory system
WO2007000670A1 (en) Information updating method, program for the same and information processing unit
US11853428B2 (en) Firmware policy enforcement via a security processor
JP2007164681A (en) Authentication method, authentication program, authentication system and memory card
US20130151832A1 (en) Flash memory storage system and data protection method thereof
JP2018049402A (en) Method for protecting variables stored in nonvolatile memory, system firmware and computer

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2007545101

Country of ref document: JP

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06795328

Country of ref document: EP

Kind code of ref document: A1

WWW Wipo information: withdrawn in national office

Ref document number: 6795328

Country of ref document: EP