WO2011149329A1 - Procédé de fourniture de services d'application sécurisée - Google Patents
Procédé de fourniture de services d'application sécurisée Download PDFInfo
- Publication number
- WO2011149329A1 WO2011149329A1 PCT/MY2010/000328 MY2010000328W WO2011149329A1 WO 2011149329 A1 WO2011149329 A1 WO 2011149329A1 MY 2010000328 W MY2010000328 W MY 2010000328W WO 2011149329 A1 WO2011149329 A1 WO 2011149329A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- trusted
- application
- measurement
- agents
- tpm
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
Definitions
- the present invention relates generally to method of providing security services in computing, more particularly to a method of providing trusted application services via trusted platform module.
- TPM Trusted platform module
- TPM Before a software can use the functionality of TPM, the software has to be modified to suit the requirements of TPM. Effort is needed to review, design, code and test the software according to trusted platform module specification. Hence, TPM is not widely used in security software.
- a virtual TPM is described in US patent application 2006/0020781.
- a virtual TPM service creates a virtual TPM for use in a processing system that contains physical TPM.
- the virtual TPM service stores a key for the virtual TPM in physical TPM and emulates physical TPM features.
- the present invention proposes a solution which incorporates trusted application services and trusted agents that utilize TPM for software application.
- the trusted service is a platform that enables the software application to use TPM.
- a user does not directly invoke the trusted services because the user does not need to know about the existence of TPM.
- the user shall notify trusted application service if the user applications software wants to be measured by TPM and allows the trusted application services to perform attestation on behalf of the non-trusted application.
- the trusted services can support numerous applications running simultaneously to use TPM and it has multiple trusted agents to perform trusted computing activities to any application associated to this trusted services. Trusted agent will collect information from non-trusted application and pass the information to the trusted application service which consequently provides integrity measurement.
- FIG. 1 shows an overview of trusted application service according to the invention
- Fig. 2 shows a diagram of trusted application service system architecture
- Fig. 3 show diagrams of possible embodiments of implementation
- Fig. 4 shows a flow chart of checking the existence of trusted platform module
- Fig. 5 shows a flow chart of checking and starting trusted application services
- Fig. 6 shows a flow chart of verifying application
- Fig. 7 shows a flow chart of starting and closing trusted agent.
- Fig. 1 shows a block diagram of proposed trusted application services (TAS) in computing.
- TAS trusted application services
- the primary objective of TAS is to allow applications which do not have support for trusted platform module (TPM) to be integrated with access to TPM.
- Trusted platform initialization 001 is a method for checking the existence of TPM in a computer system.
- TAS integrity measurement 002 is a method for checking and verifying the integrity of TAS while application integrity measurement 003 is a method for checking and verifying the integrity of software application.
- Trusted agents and application 004 is a method for starting and closing the application via trusted agents. Each method will be described in detail.
- Fig. 2 is a block diagram showing a proposed architecture of the system.
- the system uses TPM or virtual TP 1 17 as root of trust for integrity measurement which enables TAS switches user application to be in a secure trusted application.
- Virtual TPM is a software that emulates hardware TPM.
- Trusted boot loader 116 performs integrity measurement at operating system TSS and TAS. The measurement is then stored in TPM in program configuration register array. Every time a machine boots, this process will capture the stored integrity measurement and compare with actual measurement. This process will ensure TAS runs at trusted state.
- the invention can be ported on multiple operating systems 115 such as Windows, Linux, Mobile operating system and any platform that has TPM.
- Trusted software stack (TSS) 114 can be used as interface between TAS and TPM.
- Trusted application service (TAS) 112 is a system tools that provide trusted computing functionality to any user application that intends to use TPM. This trusted service provides solution for facilitating applications to use TPM.
- TAS has multiple managers 109, 1 10, 1 11 to perform specific task and every manager is capable to spawn multiple trusted agents 103, 104, 105, 106, 107, 108 in order to extend the application function.
- Application A 101 and application B 102 are independent user applications such as system services, network application or system tools. These user applications may or may not support trusted computing functions.
- Trusted Application is a software designed to support TPM and maintains trust.
- a non-trusted software application is a program without trusted computing features.
- Token 113 may take form of a physical device or software used for user authorization for the use of TAS.
- Token can store encrypted data and configuration, cryptographic keys, migration key, digital signature, biometric data or any other information.
- TAS can be implemented in one of the three following modes, as shown in Fig. 3. In Mode 1 , TAS runs on a machine with hardware TPM. The layers involved are TAS, TSS, Operating System, TGrub and hardware TPM. In Mode 2, TAS runs on virtual machine using virtual TPM. The layers involved are TAS, TSS, guest Operating System, TGrub virtual TPM, hypervisor/virtualization and hardware with or without TPM. In Mode 3, TAS runs on virtual machine using hardware TPM.
- Fig. 4 shows a flow chart for checking the existence of trusted platform module in a computer. This flow chart shows how TAS is started by verifying the existence of TPM in the computer. Enabling trusted application services 201 will start the trusted services on the system and consequently check the existence of TPM hardware 202. If hardware TPM does not exist, the existence of virtual TPM 206 is next checked. If virtual TPM does not exist, then the TAS is disabled 205. The existence of at least trusted platform module, or virtual trusted platform is verified.
- Boot trusted application services 203 if TPM or virtual TPM exist in the computer system.
- TPM owner is checked 204.
- TPM ownership is provided 207 if it does not exist.
- Stage 1 is preceded in the next stage.
- Stage 1 , 2, 3, 4, 5 is used to provide various entry and exit stage.
- Fig. 5 shows a flow chart for verifying and running TAS.
- TAS integrity is verified by checking the integrity measurement of TAS and system configuration. Measurements include operating system, file library and other related information.
- the valid owner of TPM is checked 301. A typical way of checking the owner is by providing login identification and password.
- the owner logs into TAS 302.
- administrator account is configured in trusted service 306.
- the configuration process includes configuring trusted boot loader by pointing trusted grub to perform integrity measurement on this trusted service. Integrity measurement is performed on kernel, memory buffer register and trusted application services.
- TAS and system configuration is then measured 307. Additionally, a token 308 can be used to increase security fortification by binding token 309 with trusted services. Later, the integrity measurement is stored in trusted storage 310. The computer needs to be rebooted 311 to apply the new integrity measurement. After login, authorization 304 is performed with token 316 if this feature is enabled in system configuration. Token is inserted 317 as a form of authorization. The system can be configured 305. Otherwise, TAS and system configuration is measured 312. Original integrity measurement from trusted storage is loaded and compared with current integrity measurement 313. If it is a valid measurement 314, TAS is run 315.
- Fig. 6 shows the process to check the status or integrity of user application and platform configuration.
- the integrity measurement includes measurement of application, library file and other related files to the application based on the configuration of the application.
- the application to be loaded is chosen 401 by TAS. If the application is run for the first time 402, then it needs to be configured over TPM. It is given a choice if it prefers auto configuration 403. Default configuration is loaded 404 for auto configuration. Choice of configuration 405 is given if auto configuration is not desired.
- the application and configuration is measured 406. The measurement is stored in trusted storage 407 for later use. If configuration is not desired, the integrity measurement for this application and configuration is proceeded 409. Original integrity measurement from trusted storage is loaded and compared with current integrity measurement 410. For valid measurements 412, the application is allowed to run 414. Otherwise, the application and trusted agent is halted 413.
- Fig. 7 shows the process for starting and closing the trusted agents after the application has been executed.
- TAS spawns trusted agents 501 based on the defined configuration for the application. After the agent completes the task, TAS closes the relevant trusted agents 502 to free system resources.
- the application is closed 503.
- Trusted agents collect information, store information and share information. Trusted agents collect information from user application, credential, operating system, network, or related library files to execute the application. Information is stored in trusted storage upon completing trusted action. The trusted agents can share information with other trusted agents. Accordingly, the invention disclosed a trusted application service which utilize trusted platform module for security applications. Trusted application services allow application to be executed if integrity measurement is valid.
- the trusted application services, application, trusted boot loader and trusted agents areis a machine instructions executeds in athe physical machine or virtual machine to do integrity measurements on the platform with at least a security devices or virtual security devices to store integrity measurements. Approaches were described for applications to be verified. It is the combination of the above features and its technical advantages give rise to the uniqueness of such invention. Although the descriptions above contain much specificity, these should not be construed as limiting the scope of the embodiment but as merely providing illustrations of some of the presently preferred embodiments.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
Un module de plateforme sécurisée est un processeur qui stocke des clés cryptographiques conformément à une spécification. La présente invention porte sur un procédé permettant à une application logicielle d'accéder à une fonction de module de plateforme sécurisée. Un service d'application sécurisée (TAS) et une application logicielle sont configurés (306) pour être mesurés afin de vérifier l'intégrité du service d'application sécurisée et de l'application logicielle. Le service d'application sécurisée mesuré et une configuration système sont stockés dans un dispositif de stockage sécurisé (310). Les informations mesurées sont comparées chaque fois qu'un identifiant d'utilisateur ou une application est utilisé(e). En conséquence, un utilisateur et une application sont authentifiés à l'aide du module de plateforme sécurisée.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
MYPI2010700032 | 2010-05-26 | ||
MYPI2010700032A MY181899A (en) | 2010-05-26 | 2010-05-26 | Method of providing trusted application services |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2011149329A1 true WO2011149329A1 (fr) | 2011-12-01 |
Family
ID=45004147
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/MY2010/000328 WO2011149329A1 (fr) | 2010-05-26 | 2010-12-20 | Procédé de fourniture de services d'application sécurisée |
Country Status (2)
Country | Link |
---|---|
MY (1) | MY181899A (fr) |
WO (1) | WO2011149329A1 (fr) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2014153635A1 (fr) * | 2013-03-26 | 2014-10-02 | Irdeto Canada Corporation | Méthode et système de sécurité de plateforme et d'application d'utilisateur sur un dispositif |
CN110647740A (zh) * | 2018-06-27 | 2020-01-03 | 复旦大学 | 一种基于tpm的容器可信启动方法及装置 |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116340956B (zh) * | 2023-05-25 | 2023-08-08 | 国网上海能源互联网研究院有限公司 | 一种电力嵌入式终端设备的可信防护优化方法和装置 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060015717A1 (en) * | 2004-07-15 | 2006-01-19 | Sony Corporation And Sony Electronics, Inc. | Establishing a trusted platform in a digital processing system |
US20070192864A1 (en) * | 2006-02-10 | 2007-08-16 | Bryant Eric D | Software root of trust |
US20090165081A1 (en) * | 2007-12-21 | 2009-06-25 | Samsung Electronics Co., Ltd. | Trusted multi-stakeholder environment |
US20100082991A1 (en) * | 2008-09-30 | 2010-04-01 | Hewlett-Packard Development Company, L.P. | Trusted key management for virtualized platforms |
US20100175112A1 (en) * | 2009-01-07 | 2010-07-08 | Telcordia Technologies, Inc. | System, method, and computer program products for enabling trusted access to information in a diverse service environment |
-
2010
- 2010-05-26 MY MYPI2010700032A patent/MY181899A/en unknown
- 2010-12-20 WO PCT/MY2010/000328 patent/WO2011149329A1/fr active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060015717A1 (en) * | 2004-07-15 | 2006-01-19 | Sony Corporation And Sony Electronics, Inc. | Establishing a trusted platform in a digital processing system |
US20070192864A1 (en) * | 2006-02-10 | 2007-08-16 | Bryant Eric D | Software root of trust |
US20090165081A1 (en) * | 2007-12-21 | 2009-06-25 | Samsung Electronics Co., Ltd. | Trusted multi-stakeholder environment |
US20100082991A1 (en) * | 2008-09-30 | 2010-04-01 | Hewlett-Packard Development Company, L.P. | Trusted key management for virtualized platforms |
US20100175112A1 (en) * | 2009-01-07 | 2010-07-08 | Telcordia Technologies, Inc. | System, method, and computer program products for enabling trusted access to information in a diverse service environment |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2014153635A1 (fr) * | 2013-03-26 | 2014-10-02 | Irdeto Canada Corporation | Méthode et système de sécurité de plateforme et d'application d'utilisateur sur un dispositif |
CN110647740A (zh) * | 2018-06-27 | 2020-01-03 | 复旦大学 | 一种基于tpm的容器可信启动方法及装置 |
CN110647740B (zh) * | 2018-06-27 | 2023-12-05 | 复旦大学 | 一种基于tpm的容器可信启动方法及装置 |
Also Published As
Publication number | Publication date |
---|---|
MY181899A (en) | 2021-01-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8201239B2 (en) | Extensible pre-boot authentication | |
US8909940B2 (en) | Extensible pre-boot authentication | |
US8332930B2 (en) | Secure use of user secrets on a computing platform | |
US8522018B2 (en) | Method and system for implementing a mobile trusted platform module | |
US10152600B2 (en) | Methods and systems to measure a hypervisor after the hypervisor has already been measured and booted | |
US10148429B2 (en) | System and method for recovery key management | |
US8978127B2 (en) | Virtual appliance pre-boot authentication | |
CN109669734B (zh) | 用于启动设备的方法和装置 | |
JP5802337B2 (ja) | アウトオブバンドリモート認証 | |
JP5957004B2 (ja) | 信頼できるホスト環境が仮想計算機(vm)の要件に準拠しているという妥当性確認を提供するためのシステム、方法、コンピュータ・プログラム製品、およびコンピュータ・プログラム | |
KR100989977B1 (ko) | 신뢰된 공존 환경을 런칭하기 위한 방법 및 장치 | |
US8539551B2 (en) | Trusted virtual machine as a client | |
US9202062B2 (en) | Virtual machine validation | |
JP4323473B2 (ja) | コンピュータセキュリティシステムおよび方法 | |
US8850212B2 (en) | Extending an integrity measurement | |
US8464047B2 (en) | Method and apparatus for authorizing host to access portable storage device | |
US9164925B2 (en) | Method and apparatus for authorizing host to access portable storage device | |
WO2019095357A1 (fr) | Procédé et système de vérification au démarrage d'un système, dispositif électronique et support de stockage informatique | |
US20070300069A1 (en) | Associating a multi-context trusted platform module with distributed platforms | |
CN108595983B (zh) | 一种基于硬件安全隔离执行环境的硬件架构、及应用上下文完整性度量方法 | |
WO2007130182A1 (fr) | déverrouillage sélectif d'une racine de noyau de confiance pour la mesure (CRTM) | |
KR20150048810A (ko) | 펌웨어의 도난 방지 | |
US20170147801A1 (en) | Pre-boot authentication credential sharing system | |
US8108905B2 (en) | System and method for an isolated process to control address translation | |
CN115470477A (zh) | 智能终端及其处理器系统、可信执行方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 10852267 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 10852267 Country of ref document: EP Kind code of ref document: A1 |