WO2011149329A1 - Procédé de fourniture de services d'application sécurisée - Google Patents

Procédé de fourniture de services d'application sécurisée Download PDF

Info

Publication number
WO2011149329A1
WO2011149329A1 PCT/MY2010/000328 MY2010000328W WO2011149329A1 WO 2011149329 A1 WO2011149329 A1 WO 2011149329A1 MY 2010000328 W MY2010000328 W MY 2010000328W WO 2011149329 A1 WO2011149329 A1 WO 2011149329A1
Authority
WO
WIPO (PCT)
Prior art keywords
trusted
application
measurement
agents
tpm
Prior art date
Application number
PCT/MY2010/000328
Other languages
English (en)
Inventor
Anuar Bin Mat Isa Mohd
Mahmod Ramlan
Mariam Ruzila Raja Ahmad Sufian Raja
Hazwan Halim Muhamad
Original Assignee
Mimos Berhad
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mimos Berhad filed Critical Mimos Berhad
Publication of WO2011149329A1 publication Critical patent/WO2011149329A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities

Definitions

  • the present invention relates generally to method of providing security services in computing, more particularly to a method of providing trusted application services via trusted platform module.
  • TPM Trusted platform module
  • TPM Before a software can use the functionality of TPM, the software has to be modified to suit the requirements of TPM. Effort is needed to review, design, code and test the software according to trusted platform module specification. Hence, TPM is not widely used in security software.
  • a virtual TPM is described in US patent application 2006/0020781.
  • a virtual TPM service creates a virtual TPM for use in a processing system that contains physical TPM.
  • the virtual TPM service stores a key for the virtual TPM in physical TPM and emulates physical TPM features.
  • the present invention proposes a solution which incorporates trusted application services and trusted agents that utilize TPM for software application.
  • the trusted service is a platform that enables the software application to use TPM.
  • a user does not directly invoke the trusted services because the user does not need to know about the existence of TPM.
  • the user shall notify trusted application service if the user applications software wants to be measured by TPM and allows the trusted application services to perform attestation on behalf of the non-trusted application.
  • the trusted services can support numerous applications running simultaneously to use TPM and it has multiple trusted agents to perform trusted computing activities to any application associated to this trusted services. Trusted agent will collect information from non-trusted application and pass the information to the trusted application service which consequently provides integrity measurement.
  • FIG. 1 shows an overview of trusted application service according to the invention
  • Fig. 2 shows a diagram of trusted application service system architecture
  • Fig. 3 show diagrams of possible embodiments of implementation
  • Fig. 4 shows a flow chart of checking the existence of trusted platform module
  • Fig. 5 shows a flow chart of checking and starting trusted application services
  • Fig. 6 shows a flow chart of verifying application
  • Fig. 7 shows a flow chart of starting and closing trusted agent.
  • Fig. 1 shows a block diagram of proposed trusted application services (TAS) in computing.
  • TAS trusted application services
  • the primary objective of TAS is to allow applications which do not have support for trusted platform module (TPM) to be integrated with access to TPM.
  • Trusted platform initialization 001 is a method for checking the existence of TPM in a computer system.
  • TAS integrity measurement 002 is a method for checking and verifying the integrity of TAS while application integrity measurement 003 is a method for checking and verifying the integrity of software application.
  • Trusted agents and application 004 is a method for starting and closing the application via trusted agents. Each method will be described in detail.
  • Fig. 2 is a block diagram showing a proposed architecture of the system.
  • the system uses TPM or virtual TP 1 17 as root of trust for integrity measurement which enables TAS switches user application to be in a secure trusted application.
  • Virtual TPM is a software that emulates hardware TPM.
  • Trusted boot loader 116 performs integrity measurement at operating system TSS and TAS. The measurement is then stored in TPM in program configuration register array. Every time a machine boots, this process will capture the stored integrity measurement and compare with actual measurement. This process will ensure TAS runs at trusted state.
  • the invention can be ported on multiple operating systems 115 such as Windows, Linux, Mobile operating system and any platform that has TPM.
  • Trusted software stack (TSS) 114 can be used as interface between TAS and TPM.
  • Trusted application service (TAS) 112 is a system tools that provide trusted computing functionality to any user application that intends to use TPM. This trusted service provides solution for facilitating applications to use TPM.
  • TAS has multiple managers 109, 1 10, 1 11 to perform specific task and every manager is capable to spawn multiple trusted agents 103, 104, 105, 106, 107, 108 in order to extend the application function.
  • Application A 101 and application B 102 are independent user applications such as system services, network application or system tools. These user applications may or may not support trusted computing functions.
  • Trusted Application is a software designed to support TPM and maintains trust.
  • a non-trusted software application is a program without trusted computing features.
  • Token 113 may take form of a physical device or software used for user authorization for the use of TAS.
  • Token can store encrypted data and configuration, cryptographic keys, migration key, digital signature, biometric data or any other information.
  • TAS can be implemented in one of the three following modes, as shown in Fig. 3. In Mode 1 , TAS runs on a machine with hardware TPM. The layers involved are TAS, TSS, Operating System, TGrub and hardware TPM. In Mode 2, TAS runs on virtual machine using virtual TPM. The layers involved are TAS, TSS, guest Operating System, TGrub virtual TPM, hypervisor/virtualization and hardware with or without TPM. In Mode 3, TAS runs on virtual machine using hardware TPM.
  • Fig. 4 shows a flow chart for checking the existence of trusted platform module in a computer. This flow chart shows how TAS is started by verifying the existence of TPM in the computer. Enabling trusted application services 201 will start the trusted services on the system and consequently check the existence of TPM hardware 202. If hardware TPM does not exist, the existence of virtual TPM 206 is next checked. If virtual TPM does not exist, then the TAS is disabled 205. The existence of at least trusted platform module, or virtual trusted platform is verified.
  • Boot trusted application services 203 if TPM or virtual TPM exist in the computer system.
  • TPM owner is checked 204.
  • TPM ownership is provided 207 if it does not exist.
  • Stage 1 is preceded in the next stage.
  • Stage 1 , 2, 3, 4, 5 is used to provide various entry and exit stage.
  • Fig. 5 shows a flow chart for verifying and running TAS.
  • TAS integrity is verified by checking the integrity measurement of TAS and system configuration. Measurements include operating system, file library and other related information.
  • the valid owner of TPM is checked 301. A typical way of checking the owner is by providing login identification and password.
  • the owner logs into TAS 302.
  • administrator account is configured in trusted service 306.
  • the configuration process includes configuring trusted boot loader by pointing trusted grub to perform integrity measurement on this trusted service. Integrity measurement is performed on kernel, memory buffer register and trusted application services.
  • TAS and system configuration is then measured 307. Additionally, a token 308 can be used to increase security fortification by binding token 309 with trusted services. Later, the integrity measurement is stored in trusted storage 310. The computer needs to be rebooted 311 to apply the new integrity measurement. After login, authorization 304 is performed with token 316 if this feature is enabled in system configuration. Token is inserted 317 as a form of authorization. The system can be configured 305. Otherwise, TAS and system configuration is measured 312. Original integrity measurement from trusted storage is loaded and compared with current integrity measurement 313. If it is a valid measurement 314, TAS is run 315.
  • Fig. 6 shows the process to check the status or integrity of user application and platform configuration.
  • the integrity measurement includes measurement of application, library file and other related files to the application based on the configuration of the application.
  • the application to be loaded is chosen 401 by TAS. If the application is run for the first time 402, then it needs to be configured over TPM. It is given a choice if it prefers auto configuration 403. Default configuration is loaded 404 for auto configuration. Choice of configuration 405 is given if auto configuration is not desired.
  • the application and configuration is measured 406. The measurement is stored in trusted storage 407 for later use. If configuration is not desired, the integrity measurement for this application and configuration is proceeded 409. Original integrity measurement from trusted storage is loaded and compared with current integrity measurement 410. For valid measurements 412, the application is allowed to run 414. Otherwise, the application and trusted agent is halted 413.
  • Fig. 7 shows the process for starting and closing the trusted agents after the application has been executed.
  • TAS spawns trusted agents 501 based on the defined configuration for the application. After the agent completes the task, TAS closes the relevant trusted agents 502 to free system resources.
  • the application is closed 503.
  • Trusted agents collect information, store information and share information. Trusted agents collect information from user application, credential, operating system, network, or related library files to execute the application. Information is stored in trusted storage upon completing trusted action. The trusted agents can share information with other trusted agents. Accordingly, the invention disclosed a trusted application service which utilize trusted platform module for security applications. Trusted application services allow application to be executed if integrity measurement is valid.
  • the trusted application services, application, trusted boot loader and trusted agents areis a machine instructions executeds in athe physical machine or virtual machine to do integrity measurements on the platform with at least a security devices or virtual security devices to store integrity measurements. Approaches were described for applications to be verified. It is the combination of the above features and its technical advantages give rise to the uniqueness of such invention. Although the descriptions above contain much specificity, these should not be construed as limiting the scope of the embodiment but as merely providing illustrations of some of the presently preferred embodiments.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

Un module de plateforme sécurisée est un processeur qui stocke des clés cryptographiques conformément à une spécification. La présente invention porte sur un procédé permettant à une application logicielle d'accéder à une fonction de module de plateforme sécurisée. Un service d'application sécurisée (TAS) et une application logicielle sont configurés (306) pour être mesurés afin de vérifier l'intégrité du service d'application sécurisée et de l'application logicielle. Le service d'application sécurisée mesuré et une configuration système sont stockés dans un dispositif de stockage sécurisé (310). Les informations mesurées sont comparées chaque fois qu'un identifiant d'utilisateur ou une application est utilisé(e). En conséquence, un utilisateur et une application sont authentifiés à l'aide du module de plateforme sécurisée.
PCT/MY2010/000328 2010-05-26 2010-12-20 Procédé de fourniture de services d'application sécurisée WO2011149329A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
MYPI2010700032 2010-05-26
MYPI2010700032A MY181899A (en) 2010-05-26 2010-05-26 Method of providing trusted application services

Publications (1)

Publication Number Publication Date
WO2011149329A1 true WO2011149329A1 (fr) 2011-12-01

Family

ID=45004147

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/MY2010/000328 WO2011149329A1 (fr) 2010-05-26 2010-12-20 Procédé de fourniture de services d'application sécurisée

Country Status (2)

Country Link
MY (1) MY181899A (fr)
WO (1) WO2011149329A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014153635A1 (fr) * 2013-03-26 2014-10-02 Irdeto Canada Corporation Méthode et système de sécurité de plateforme et d'application d'utilisateur sur un dispositif
CN110647740A (zh) * 2018-06-27 2020-01-03 复旦大学 一种基于tpm的容器可信启动方法及装置

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116340956B (zh) * 2023-05-25 2023-08-08 国网上海能源互联网研究院有限公司 一种电力嵌入式终端设备的可信防护优化方法和装置

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060015717A1 (en) * 2004-07-15 2006-01-19 Sony Corporation And Sony Electronics, Inc. Establishing a trusted platform in a digital processing system
US20070192864A1 (en) * 2006-02-10 2007-08-16 Bryant Eric D Software root of trust
US20090165081A1 (en) * 2007-12-21 2009-06-25 Samsung Electronics Co., Ltd. Trusted multi-stakeholder environment
US20100082991A1 (en) * 2008-09-30 2010-04-01 Hewlett-Packard Development Company, L.P. Trusted key management for virtualized platforms
US20100175112A1 (en) * 2009-01-07 2010-07-08 Telcordia Technologies, Inc. System, method, and computer program products for enabling trusted access to information in a diverse service environment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060015717A1 (en) * 2004-07-15 2006-01-19 Sony Corporation And Sony Electronics, Inc. Establishing a trusted platform in a digital processing system
US20070192864A1 (en) * 2006-02-10 2007-08-16 Bryant Eric D Software root of trust
US20090165081A1 (en) * 2007-12-21 2009-06-25 Samsung Electronics Co., Ltd. Trusted multi-stakeholder environment
US20100082991A1 (en) * 2008-09-30 2010-04-01 Hewlett-Packard Development Company, L.P. Trusted key management for virtualized platforms
US20100175112A1 (en) * 2009-01-07 2010-07-08 Telcordia Technologies, Inc. System, method, and computer program products for enabling trusted access to information in a diverse service environment

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014153635A1 (fr) * 2013-03-26 2014-10-02 Irdeto Canada Corporation Méthode et système de sécurité de plateforme et d'application d'utilisateur sur un dispositif
CN110647740A (zh) * 2018-06-27 2020-01-03 复旦大学 一种基于tpm的容器可信启动方法及装置
CN110647740B (zh) * 2018-06-27 2023-12-05 复旦大学 一种基于tpm的容器可信启动方法及装置

Also Published As

Publication number Publication date
MY181899A (en) 2021-01-12

Similar Documents

Publication Publication Date Title
US8201239B2 (en) Extensible pre-boot authentication
US8909940B2 (en) Extensible pre-boot authentication
US8332930B2 (en) Secure use of user secrets on a computing platform
US8522018B2 (en) Method and system for implementing a mobile trusted platform module
US10152600B2 (en) Methods and systems to measure a hypervisor after the hypervisor has already been measured and booted
US10148429B2 (en) System and method for recovery key management
US8978127B2 (en) Virtual appliance pre-boot authentication
CN109669734B (zh) 用于启动设备的方法和装置
JP5802337B2 (ja) アウトオブバンドリモート認証
JP5957004B2 (ja) 信頼できるホスト環境が仮想計算機(vm)の要件に準拠しているという妥当性確認を提供するためのシステム、方法、コンピュータ・プログラム製品、およびコンピュータ・プログラム
KR100989977B1 (ko) 신뢰된 공존 환경을 런칭하기 위한 방법 및 장치
US8539551B2 (en) Trusted virtual machine as a client
US9202062B2 (en) Virtual machine validation
JP4323473B2 (ja) コンピュータセキュリティシステムおよび方法
US8850212B2 (en) Extending an integrity measurement
US8464047B2 (en) Method and apparatus for authorizing host to access portable storage device
US9164925B2 (en) Method and apparatus for authorizing host to access portable storage device
WO2019095357A1 (fr) Procédé et système de vérification au démarrage d'un système, dispositif électronique et support de stockage informatique
US20070300069A1 (en) Associating a multi-context trusted platform module with distributed platforms
CN108595983B (zh) 一种基于硬件安全隔离执行环境的硬件架构、及应用上下文完整性度量方法
WO2007130182A1 (fr) déverrouillage sélectif d'une racine de noyau de confiance pour la mesure (CRTM)
KR20150048810A (ko) 펌웨어의 도난 방지
US20170147801A1 (en) Pre-boot authentication credential sharing system
US8108905B2 (en) System and method for an isolated process to control address translation
CN115470477A (zh) 智能终端及其处理器系统、可信执行方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10852267

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10852267

Country of ref document: EP

Kind code of ref document: A1