WO2012050421A1 - Secure external storage system and method thereof - Google Patents
Secure external storage system and method thereof Download PDFInfo
- Publication number
- WO2012050421A1 WO2012050421A1 PCT/MY2011/000121 MY2011000121W WO2012050421A1 WO 2012050421 A1 WO2012050421 A1 WO 2012050421A1 MY 2011000121 W MY2011000121 W MY 2011000121W WO 2012050421 A1 WO2012050421 A1 WO 2012050421A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- host
- attestation
- external storage
- tpm
- aik
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/80—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0877—Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2153—Using hardware token as a secondary aspect
Definitions
- the present invention generally relates to a means for recording and storing data, and more particularly to a secured external storage system.
- US Patent Number 7370166 Bl discloses a secure storage system which includes a removable storage device configured to have a secured storage are, said device having a port for connection to a host. It is mentioned within the document that the removable storage however appears to be non-removable to the host therefore ensuring that the secure storage area remains hidden. For this system, lacking of trusted value verifications or any attestation methods with respect to the stored data is observed; hence the possibility of being hacked is present . In light of the above, it has been difficult to develop an external storage device or means for use with a host within a system which is effectively protected from hackers or unauthorised users.
- one of the objectives of this invention is to provide a method and system for securing data stored within an external storage means which resolves the predicaments or issues associated to integrity and thus maintaining the confidentiality between external storage and host platform.
- AIK attestation identification key
- the present invention discloses a system for securing data within an external storage device comprising: a host (108) comprising a trusted platform module (TPM) ; an external data storage device (100) comprising at least one section for storing secured data and information (102), at least one application section (101) and at least one hidden area (107) ; whereby the application section (101) further comprising authentication and attestation based application; and the hidden area (107) further comprising encrypted PCR values (104) and an attestation identity key ( AI K ) (105); whereby the authentication and attestation based application within the external data storage (100) are launched automatically in the host (108) upon established connection between the host (108) and the external data storage (100).
- TPM trusted platform module
- a method for a method for securing data stored in an external storage device upon connected to a host platform comprising the steps of: automatically launching authentication and attestation based application; retrieving attestation identity key (AIK) from the external storage device (100); executing authentication service within the host platform (108); requesting a user of the host platform (108) to enter a password; executing a TPM command and sending both password and retrieved AIK to a TPM based module; verifying the validation of both password and retrieved AIK; terminating the authentication and attestation application if the combination of AIK, signature and password is not valid; executing an attestation service if the combination of AIK, signature and password is valid; retrieving the PCR measurement value from the TPM based module within the host (108); comparing the PCR measurement value from the host (108) to that of the external storage (100); decrypting the PCR measurement value from the external storage (100) ; verifying both PCR measurement values from the external storage
- FIG 1 shows the overall view of the system in accordance with a preferred embodiment of the present invention, whereby an external storage (100) is connected to a host computer (108) via a USB port (111) located at the host (108);
- FIG 2 shows the structure of the external storage in accordance with a preferred embodiment of the present invention
- FIG 3 shows a flow chart on the overall method in accordance with a preferred embodiment of the present invention
- FIG 4 shows the authentication and attestation (103) being launched automatically upon connection of both USB from the host (108) and external storage (100) is connected;
- FIG 5 shows a section of the overall process involved in the host (108) with respect to sending the TPM quote command with AIK (105) and PCR request (127) to the TPM device (110);
- FIG 6 shows the steps involved in TPM unsealing process which occurs in the host (108), in accordance with a preferred embodiment of the present invention;
- FIG 7 (a) and 7 (b) show the steps involved in another section within the external storage (100) of the overall process, more particularly the authentication and attestation process, based on a preferred embodiment of the present invention
- FIG 8 shows the process involved in another section of the overall process in accordance with a preferred embodiment of the present invention, particularly the steps involved in sending the AIK and the password entered by user to the TPM (110) for verification;
- FIG 9 shows the steps involved with respect to the attestation process in accordance with a preferred embodiment of the present invention.
- FIG 10 shows the steps involved in the process of retrieving PCR measurement value from TPM chip (110); and
- FIG 11 shows the steps involved in sending the TPM Unseal command with the encrypted PCR measurement value.
- one of the primary objects of the present invention is to provide a method and system for use in protecting the data stored in an external storage means from being hacked in or exploited by any malicious program or any unauthorised user.
- FIG 1 shows the overall view of the system in accordance with a preferred embodiment of the present invention, whereby an external storage (100) is connected to a host computer (108) via a USB port (111) located at the host (108).
- the external storage device or means (100) is sectionalised into three main areas; whereby these main areas are a secured storage area (102), a hidden area (107) and an application area (101).
- the application area (101) of the secured external storage device (100) is configured to further comprising an authentication and attestation application (103) and at least one USB port (106) for connection to a host.
- the hidden area (107) comprises an application for retrieving and storing encrypted PCR value (104) and attestation identity key (105) .
- a host (108) may be configured with at least one or a plurality of sections to be launched therein upon connected with the external storage (100); with their respective functions, the primary sections or applications are, a trusted platform module (TPM) (110), an authentication service (114) , an attestation service (113) , and an authentication and attestation application from external storage application (119) .
- TPM trusted platform module
- the authentication and attestation application (103) upon connected (S200) with the host (108) which belongs to a user for instance, the authentication and attestation application (103) is launched automatically (S300) .
- FIG 4 shows the authentication and attestation (103) being launched automatically upon connection of both USB from the host (108) and external storage (100) is connected.
- the authentication and attestation application (103) retrieves the attestation identity key from the external storage (100) . With said key the system proceeds to execute the authentication service (114) within the host (108).
- the authentication and attestation prompts or requests the user to enter a password which may be provided to the user by the system for accessibility.
- the user then accordingly enters the respective password, thus executing a TPM command to verify the entered password and AIK (S400) .
- the TPM (100) is configured to verify whether the combination of AIK (105) and password provided is valid or on the contrary.
- the progress of authentication and attestation application (103) from the external storage (100) is therefore terminated and thus halting the execution of the attestation service (113) task.
- the authentication and attestation application (109) for the external storage which is located in the host (108) is therefore terminated.
- the authentication and attestation proceeds to execute the attestation service (113) of the host (108) to prompt the next task.
- the next step is to execute (S500) the TPM quote command based in the provided AIK (105) and PCR requested value in order to retrieve the right PCR measurement value from the TPM device (110) to be compared with the encrypted PCR measurement value (104) which is hidden in the external storage (100) .
- Such task is carried out by the attestation service (113) .
- the host platform (108) After comparing of the PCR measurement values from both host (108) and external storage (100), and in the event that the values matched, the host platform (108) is allowed to access data within the secured storage area of the external storage (100) (S600) .
- FIG 5 shows a section of the overall process involved in the host (108) with respect to sending the TPM quote command with AIK (105) and PCR request (127) to the TPM device (110).
- the TPM (110) upon receipt of the TPM quote command, the TPM (110) sends instructions to AIK (128) within the TPM to sign the PCR measurement value (129) which is retrieved from the PCR (130) inside the TPM (110) .
- the TPM (110) is configured to send the signed PCR measurement value (131) to the attestation service application (113) .
- the attestation service (113) which received the PCR measurement value (131) from TPM chip (110) is configured to verify it with the decrypted PCR value from secured external storage (100) . It is verified whether the decrypted PCR measurement value is similar to that of the encrypted PCR measurement value after it has been unsealed by TPM.
- FIG 6 shows the steps involved in TPM unsealing process which occurs in the host (108), in accordance with a preferred embodiment of the present invention.
- the attestation service (113) in configured to send the encrypted PCR value (123) from secured external storage (100) to the TPM chip (110) for TPM Unsealing process .
- the storage key (127) is provided and thus unseals the encrypted PCR measurement value (124) into decrypted PCR measurement value (125) inside the TPM (110) .
- the decrypted PCR measurement value (126) will be sent back from TPM (110) to the attestation service (113) . Accordingly, the decrypted PCR measurement value received is compared to that of the one retrieved from PCR inside the TPM (110) . In the event that both values matched, so the host platform (108) can access the data inside the secured storage area inside the secured external storage (100).
- FIG 7 (a) and 7 (b) show the steps involved in another section within the external storage (100) of the overall process, based on a preferred embodiment of the present invention.
- the AI K from hidden area of secured external storage (100) is retrieved by authentication and attestation application (211) after it is launched automatically (210) .
- the authentication and attestation application then executes the authentication service (212) within the host platform (108). After that, the user is prompted to enter the password (213) .
- the AIK and the entered password are then sent to the TPM chip for verification (214). Similar to the situation as explained in preceding paragraphs, in the event that the entered password is invalid for the third attempt (217) , the authentication and attestation application will be terminated. However, if the password is valid, the application will proceed with the attestation process (218) .
- FIG 8 shows the process involved in another section of the overall process in accordance with a preferred embodiment of the present invention, particularly the steps involved in sending the AIK and the password entered by user to the TPM (110) for verification.
- the authentication service sends the TPM command with password and AIK to TPM in step (219) .
- the AIK is verified within the TPM chip in step (220) . If the AIK is invalid, the application will be terminated. And if the AIK is valid, the system proceeds with the attestation process.
- FIG 9 shows the steps involved with respect to the attestation process in accordance with a preferred embodiment of the present invention.
- the authentication and attestation application proceeds to start the attestation service (224).
- the attestation service (224) is configured to retrieve the PCR measurement value from the TPM (110) using the AIK (225) .
- the authentication and attestation application proceeds to retrieve the encrypted PCR measurement value from the external storage (100).
- the encrypted PCR measurement is then sent to TPM (110) for unsealing process in step (227) .
- both PCR measurement values will be compared against each other in step (228) .
- the authentication and attestation application will be terminated. Otherwise, in the event that both PCR measurement values match, as in step (231), the authentication and attestation application proceeds to open the connection with the secured storage area in step (232) inside the secured external storage (100)
- FIG 10 shows the steps involved in the process of retrieving PCR measurement value from TPM chip (110) .
- the authentication service will send the TPM Quote command with AIK, required PCR item number to the TPM chip in step (233) .
- the TPM chip (100) verifies the AIK which received from the attestation service in step (234) .
- the authentication service sends failure result to the authentication and attestation application after which the authentication and attestation application is immediately terminated.
- the authentication service receives the required PCR measurement value from TPM (100) as seen in step (238) .
- the authentication and attestation application then proceeds with the comparison process of the PCR measurement value which received from TPM and the encrypted PCR measurement value from secured external storage (100) .
- FIG 11 shows the steps involved in sending the TPM Unseal command with the encrypted PCR measurement value as seen in step 239. Then, the Storage Key inside the TPM chip (100) proceeds to process the TPM Unseal command in step (240) . It is preferred that the TPM chip is the correct TPM chip so it can easily decrypt the encrypted PCR measurement value as in step (243) . In the next step (244) , the TPM will send the decrypted PCR measurement value to the attestation service.
- the TPM chip is not the right TPM which created the encrypted PCR measurement value it will not be able to decrypt that encrypted PCR measurement value as seen in step (242) . Accordingly, a failure comment or notification is sent to the attestation service and resulting to the authentication and attestation application is terminated.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
There is disclosed a system for securing data within an external storage device comprising: a host (108) comprising a trusted platform module (TPM); an external data storage device (100) comprising at least one section for storing secured data and information (102), at least one application section (101) and at least one hidden area (107); whereby the application section (101) further comprising authentication and attestation based application; and the hidden area (107) further comprising an encrypted PCR values (104) and an attestation identity key (AIK) (105); whereby the authentication and attestation based application within the external data storage (100) are launched automatically in the host (108) upon established connection between the host (108) and the external data storage (100).
Description
SECURE EXTERNAL STORAGE SYSTEM AND METHOD THEREOF
FIELD OF THE INVENTION
The present invention generally relates to a means for recording and storing data, and more particularly to a secured external storage system.
BACKGROUND OF THE INVENTION
The current trend in using external storage means or removable storage means with respect to storage of data within a computer based system is gaining momentum and thus results to advancements in external data based components and applications. Prior to the introduction of external storage capabilities, such storing means is typically fixed or incorporated within a computer or devices of the likes.
The evolution of external data storage capabilities has allowed ease of mobility or portability for users of computing or computer-based devices, in addition to providing expediency in copying and data backup solutions. Nevertheless, the primary challenge in ensuring efficiency in storing data by way of external storage means is ensuring data protected within and not exploited maliciously by unauthorised users other than the intended users within a system.
In many cases, the efficiency in securing data stored within the external storage means or devices and thus ensuring the confidentiality of data are mainly dependent on the structures or construction of data encryption. Known methods to reflect such requirements include password-control mechanisms, encrypted password- control mechanisms, encryption software, and hard disk encryption. Albeit the many advancements in relation to ensuring data within the external storage means is protected, problems with respect to integrity and trust of information have been cropping up due to failures of encryption for the current devices. As a result, hackers are able to force an entry within the system and the stored information is tampered or modified by malicious software or code.
US Patent Number 7370166 Bl discloses a secure storage system which includes a removable storage device configured to have a secured storage are, said device having a port for connection to a host. It is mentioned within the document that the removable storage however appears to be non-removable to the host therefore ensuring that the secure storage area remains hidden. For this system, lacking of trusted value verifications or any attestation methods with respect to the stored data is observed; hence the possibility of being hacked is present .
In light of the above, it has been difficult to develop an external storage device or means for use with a host within a system which is effectively protected from hackers or unauthorised users.
The present invention is provided against the technical prior art background. Therefore, one of the objectives of this invention is to provide a method and system for securing data stored within an external storage means which resolves the predicaments or issues associated to integrity and thus maintaining the confidentiality between external storage and host platform.
In a further object of the present invention, there is provided a system and method for use in securing data stored within an external storage means with strengthen and improved security.
In another object of the present invention, there is provided a system and method for use in securing data stored within an external storage means whereby the system automatically checks the integrity of the host prior to connection with the external storage.
It is yet another object of the present invention to provide a system and method for use in securing data stored within an external storage whereby the integrity, confidentiality and trust of the host platform
is verified by using attestation identification key (AIK) and encrypted PCR measurement value within the external storage means.
It is another object of the present invention to allow only authenticated and attested application or users to access the encrypted area within the secured external storage.
It is a further object of the present invention to ensure that only the authorised user is in control of the external storage means.
Further purposes of the present invention will become evident from review of the following specification.
SUMMARY OF THE INVENTION
The present invention discloses a system for securing data within an external storage device comprising: a host (108) comprising a trusted platform module (TPM) ; an external data storage device (100) comprising at least one section for storing secured data and information (102), at least one application section (101) and at least one hidden area (107) ; whereby the application section (101) further comprising authentication and attestation based application; and the hidden area (107) further comprising encrypted PCR values (104) and an attestation identity key ( AI K ) (105); whereby the authentication
and attestation based application within the external data storage (100) are launched automatically in the host (108) upon established connection between the host (108) and the external data storage (100).
In another aspect of the present invention there is provided a method for a method for securing data stored in an external storage device upon connected to a host platform, said method comprising the steps of: automatically launching authentication and attestation based application; retrieving attestation identity key (AIK) from the external storage device (100); executing authentication service within the host platform (108); requesting a user of the host platform (108) to enter a password; executing a TPM command and sending both password and retrieved AIK to a TPM based module; verifying the validation of both password and retrieved AIK; terminating the authentication and attestation application if the combination of AIK, signature and password is not valid; executing an attestation service if the combination of AIK, signature and password is valid; retrieving the PCR measurement value from the TPM based module within the host (108); comparing the PCR measurement value from the host (108) to that of the external storage (100); decrypting the PCR measurement value from the external storage (100) ; verifying both PCR measurement values from the external storage (100) and host (108); allowing host (108) to access data within the external storage (100) in the event that the PCR values matches.
BRIEF DESCRIPTION OF THE DRAWINGS
This invention will be described by way of non-limiting embodiments of the present invention, with reference to the accompanying drawings, in which :
FIG 1 shows the overall view of the system in accordance with a preferred embodiment of the present invention, whereby an external storage (100) is connected to a host computer (108) via a USB port (111) located at the host (108);
FIG 2 shows the structure of the external storage in accordance with a preferred embodiment of the present invention;
FIG 3 shows a flow chart on the overall method in accordance with a preferred embodiment of the present invention;
FIG 4 shows the authentication and attestation (103) being launched automatically upon connection of both USB from the host (108) and external storage (100) is connected;
FIG 5 shows a section of the overall process involved in the host (108) with respect to sending the TPM quote command with AIK (105) and PCR request (127) to the TPM device (110);
FIG 6 shows the steps involved in TPM unsealing process which occurs in the host (108), in accordance with a preferred embodiment of the present invention;
FIG 7 (a) and 7 (b) show the steps involved in another section within the external storage (100) of the overall process, more particularly the authentication and attestation process, based on a preferred embodiment of the present invention;
FIG 8 shows the process involved in another section of the overall process in accordance with a preferred embodiment of the present invention, particularly the steps involved in sending the AIK and the password entered by user to the TPM (110) for verification;
FIG 9 shows the steps involved with respect to the attestation process in accordance with a preferred embodiment of the present invention. Upon completion of the checking both AIK and password, the authentication and attestation application proceeds to start the attestation service (224);
FIG 10 shows the steps involved in the process of retrieving PCR measurement value from TPM chip (110); and
FIG 11 shows the steps involved in sending the TPM Unseal command with the encrypted PCR measurement value.
DETAILED DESCRIPTION
Hereinafter, an embodied example of the present invention will be explained in detail with reference to the attached drawings. However, those skilled in the art will readily appreciate that the detailed description given herein with respect to these figures is for explanatory purposes as the invention extends beyond these limited embodiments .
As discussed in the preceding sections, conclusively, one of the primary objects of the present invention is to provide a method and system for use in protecting the data stored in an external storage means from being hacked in or exploited by any malicious program or any unauthorised user.
FIG 1 shows the overall view of the system in accordance with a preferred embodiment of the present invention, whereby an external storage (100) is connected to a host computer (108) via a USB port (111) located at the host (108). The external storage device or means (100) is sectionalised into three main areas; whereby these main areas
are a secured storage area (102), a hidden area (107) and an application area (101).
In this embodiment of the present invention and as shown in FIG 2, the application area (101) of the secured external storage device (100) is configured to further comprising an authentication and attestation application (103) and at least one USB port (106) for connection to a host. The hidden area (107) comprises an application for retrieving and storing encrypted PCR value (104) and attestation identity key (105) .
A host (108) may be configured with at least one or a plurality of sections to be launched therein upon connected with the external storage (100); with their respective functions, the primary sections or applications are, a trusted platform module (TPM) (110), an authentication service (114) , an attestation service (113) , and an authentication and attestation application from external storage application (119) .
According to a preferred embodiment of the present invention, in principle and with reference to FIG 3 providing a process flowchart, upon connected (S200) with the host (108) which belongs to a user for instance, the authentication and attestation application (103) is launched automatically (S300) . FIG 4 shows the authentication and attestation (103) being launched automatically upon connection of both
USB from the host (108) and external storage (100) is connected. After which, the authentication and attestation application (103) retrieves the attestation identity key from the external storage (100) . With said key the system proceeds to execute the authentication service (114) within the host (108). Next, the authentication and attestation prompts or requests the user to enter a password which may be provided to the user by the system for accessibility. The user then accordingly enters the respective password, thus executing a TPM command to verify the entered password and AIK (S400) . From there, the TPM (100) is configured to verify whether the combination of AIK (105) and password provided is valid or on the contrary. In the event that the AIK (105) is not valid, the progress of authentication and attestation application (103) from the external storage (100) is therefore terminated and thus halting the execution of the attestation service (113) task. After a third attempt and AIK (105) deemed invalid by the TPM device (110) , the authentication and attestation application (109) for the external storage which is located in the host (108) is therefore terminated.
In the event that the combination of password and AIK (105) is correct, the authentication and attestation proceeds to execute the attestation service (113) of the host (108) to prompt the next task. Following this, the next step is to execute (S500) the TPM quote command based in the provided AIK (105) and PCR requested value in order to retrieve the right PCR measurement value from the TPM device (110) to be compared with the encrypted PCR measurement value (104)
which is hidden in the external storage (100) . Such task is carried out by the attestation service (113) .
After comparing of the PCR measurement values from both host (108) and external storage (100), and in the event that the values matched, the host platform (108) is allowed to access data within the secured storage area of the external storage (100) (S600) .
FIG 5 shows a section of the overall process involved in the host (108) with respect to sending the TPM quote command with AIK (105) and PCR request (127) to the TPM device (110). In accordance with a preferred embodiment of the present invention, upon receipt of the TPM quote command, the TPM (110) sends instructions to AIK (128) within the TPM to sign the PCR measurement value (129) which is retrieved from the PCR (130) inside the TPM (110) . After which, the TPM (110) is configured to send the signed PCR measurement value (131) to the attestation service application (113) .
From the above and still referring to FIG 5, the attestation service (113) which received the PCR measurement value (131) from TPM chip (110) is configured to verify it with the decrypted PCR value from secured external storage (100) . It is verified whether the decrypted PCR measurement value is similar to that of the encrypted PCR measurement value after it has been unsealed by TPM. This process, of verifying the PCR measurement values can be seen in FIG 5.
FIG 6 shows the steps involved in TPM unsealing process which occurs in the host (108), in accordance with a preferred embodiment of the present invention. Referring to Figure 6, the attestation service (113) in configured to send the encrypted PCR value (123) from secured external storage (100) to the TPM chip (110) for TPM Unsealing process .
After this step, the storage key (127) is provided and thus unseals the encrypted PCR measurement value (124) into decrypted PCR measurement value (125) inside the TPM (110) . In response to this, the decrypted PCR measurement value (126) will be sent back from TPM (110) to the attestation service (113) . Accordingly, the decrypted PCR measurement value received is compared to that of the one retrieved from PCR inside the TPM (110) . In the event that both values matched, so the host platform (108) can access the data inside the secured storage area inside the secured external storage (100).
FIG 7 (a) and 7 (b) show the steps involved in another section within the external storage (100) of the overall process, based on a preferred embodiment of the present invention. In this process, the AI K from hidden area of secured external storage (100) is retrieved by authentication and attestation application (211) after it is launched automatically (210) .
The authentication and attestation application then executes the authentication service (212) within the host platform (108). After that, the user is prompted to enter the password (213) . The AIK and the entered password are then sent to the TPM chip for verification (214). Similar to the situation as explained in preceding paragraphs, in the event that the entered password is invalid for the third attempt (217) , the authentication and attestation application will be terminated. However, if the password is valid, the application will proceed with the attestation process (218) .
FIG 8 shows the process involved in another section of the overall process in accordance with a preferred embodiment of the present invention, particularly the steps involved in sending the AIK and the password entered by user to the TPM (110) for verification. Referring to FIG 8, the authentication service sends the TPM command with password and AIK to TPM in step (219) . In this step, the AIK is verified within the TPM chip in step (220) . If the AIK is invalid, the application will be terminated. And if the AIK is valid, the system proceeds with the attestation process.
FIG 9 shows the steps involved with respect to the attestation process in accordance with a preferred embodiment of the present invention. Upon completion of the checking both AIK and password, the authentication and attestation application proceeds to start the attestation service (224). The attestation service (224) is configured to retrieve the PCR measurement value from the TPM (110) using the AIK
(225) . In another step and simultaneous to that of the attestation service (224) , the authentication and attestation application proceeds to retrieve the encrypted PCR measurement value from the external storage (100). The encrypted PCR measurement is then sent to TPM (110) for unsealing process in step (227) .
In the next step, both PCR measurement values will be compared against each other in step (228) . In the event that both PCR measurement values do not match (230), the authentication and attestation application will be terminated. Otherwise, in the event that both PCR measurement values match, as in step (231), the authentication and attestation application proceeds to open the connection with the secured storage area in step (232) inside the secured external storage (100)
FIG 10 shows the steps involved in the process of retrieving PCR measurement value from TPM chip (110) . In this process, the authentication service will send the TPM Quote command with AIK, required PCR item number to the TPM chip in step (233) . Next, the TPM chip (100) verifies the AIK which received from the attestation service in step (234) . In the event that he AIK is invalid which is determined in step (237), the authentication service sends failure result to the authentication and attestation application after which the authentication and attestation application is immediately terminated. On the contrary, in the event that the AIK is valid as determined in step (236) , the authentication service receives the
required PCR measurement value from TPM (100) as seen in step (238) . The authentication and attestation application then proceeds with the comparison process of the PCR measurement value which received from TPM and the encrypted PCR measurement value from secured external storage (100) .
FIG 11 shows the steps involved in sending the TPM Unseal command with the encrypted PCR measurement value as seen in step 239. Then, the Storage Key inside the TPM chip (100) proceeds to process the TPM Unseal command in step (240) . It is preferred that the TPM chip is the correct TPM chip so it can easily decrypt the encrypted PCR measurement value as in step (243) . In the next step (244) , the TPM will send the decrypted PCR measurement value to the attestation service.
In the event that the TPM chip is not the right TPM which created the encrypted PCR measurement value it will not be able to decrypt that encrypted PCR measurement value as seen in step (242) . Accordingly, a failure comment or notification is sent to the attestation service and resulting to the authentication and attestation application is terminated.
It is understood based on the preferred embodiments of the present system and method of the present invention, only the authorised users are allowed to access the secured external storage, in which a
password and TPM based security method is implemented thus reducing the possibility of hacking or unauthorised breaking in.
The invention has been described above by way of illustration, and the specific embodiments disclosed are not intended to limit the invention to the particular forms disclosed. The invention is thus to cover all modifications, equivalents, and alternatives falling with the spirit and scope of the following claims.
Claims
1. A system for securing data within an external storage device comprising:
a host (108) comprising a trusted platform module (TPM);
an external data storage device (100) comprising at least one section for storing secured data and information (102) , at least one application section (101) and at least one hidden area (107); whereby the application section (101) further comprising authentication and attestation based application; and the hidden area (107); said application is configured to retrieve and store encrypted PCR values (104) and attestation identity key (AIK) (105) ;
whereby the authentication and attestation based application within the external data storage (100) are launched automatically in the host (108) upon established connection between the host (108) and the external data storage (100) .
2. The system as claimed in Claim 1 wherein the trusted platform module (TPM) within the host (108) is configured to generate attestation identity key (AIK) and PCR measurement values with respect to the host (108) for matching to that of stored within external storage device (100) .
3. The system as claimed in Claim 1 wherein the encrypted PCR measurement values and attestation keys are stored in the hidden area of the secured external storage (100) .
4. The system as claimed in Claim 1 wherein the authentication and attestation application is configured to verify the encrypted PCR
measurement value from the external storage through the TPM module within the host (108) .
5. The system as claimed in Claim 1 wherein the TPM based module is further configured to verify the retrieved attestation key.
6. The system as claimed in Claim 1 wherein both host (108) and external data storage device (100) comprises at least one USB port for connection with each other.
7. A method for securing data stored in an external storage device upon connected to a host platform, said method comprising the steps of: automatically launching authentication and attestation based application; retrieving attestation identity key (AIK) from the external storage device (100) ; executing authentication service within the host platform (108) ; requesting a user of the host platform (108) to enter a password; executing a TPM command and sending both password and retrieved AIK to a TPM based module; verifying the validation of both password and retrieved AIK;
terminating the authentication and attestation application if the combination of AIK, signature and password is not valid; executing an attestation service if the combination of AIK, signature and password is valid; retrieving the PCR measurement value from the TPM based module within the host (108); comparing the PCR measurement value from the host (108) to that of the external storage (100) ; decrypting the PCR measurement value from the external storage (100) ; verifying both PCR measurement values from the external storage (100) and host (108); allowing host (108) to access data within the external storage (100) in the event that the PCR values matches. The method as claimed in Claim 7 wherein the method further comprising the step of matching of both password and AIK for three attempts, and if all three attempts failed, terminating further progress of the host (108) in accessing the external storage (100) . The method as claimed in Claim 7 wherein executing a TPM command and sending both password and retrieved AIK to a TPM based module further comprising the steps of signing the PCR measurement value retrieved from the TPM based module within the host (108)
10. The method as claimed in Claim 7 further comprising the steps of unsealing the encrypted PCR measurement value into decrypted value.
11. The method as claimed in Claim 7 wherein both AIK and password are sent to an attestation service for verification.
12. The method as claimed in Claim 7 wherein requesting for host (108) to enter password is performed by an authentication and attestation service launched in the host platform (108).
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
MYPI2010004763A MY176457A (en) | 2010-10-11 | 2010-10-11 | Secure external storage system and method thereof |
MYPI2010004763 | 2010-10-11 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2012050421A1 true WO2012050421A1 (en) | 2012-04-19 |
Family
ID=45938492
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/MY2011/000121 WO2012050421A1 (en) | 2010-10-11 | 2011-06-22 | Secure external storage system and method thereof |
Country Status (2)
Country | Link |
---|---|
MY (1) | MY176457A (en) |
WO (1) | WO2012050421A1 (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103236931A (en) * | 2013-05-02 | 2013-08-07 | 深圳数字电视国家工程实验室股份有限公司 | Trusted platform module (TPM)-based identity authentication method and system and related equipment |
CN109495259A (en) * | 2018-12-20 | 2019-03-19 | 成都三零瑞通移动通信有限公司 | A kind of portable mobile termianl encryption equipment |
US11290471B2 (en) * | 2019-08-27 | 2022-03-29 | Hewlett Packard Enterprise Development Lp | Cross-attestation of electronic devices |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020044663A1 (en) * | 2000-08-31 | 2002-04-18 | King James E. | Portable network encryption keys |
US20080046581A1 (en) * | 2006-08-18 | 2008-02-21 | Fujitsu Limited | Method and System for Implementing a Mobile Trusted Platform Module |
US20100082987A1 (en) * | 2008-09-30 | 2010-04-01 | Microsoft Corporation | Transparent trust validation of an unknown platform |
US20100088523A1 (en) * | 2008-10-07 | 2010-04-08 | Microsoft Corporation | Trusted platform module security |
US7743422B2 (en) * | 2006-08-21 | 2010-06-22 | International Business Machines Corporation | System and method for validating a computer platform when booting from an external device |
-
2010
- 2010-10-11 MY MYPI2010004763A patent/MY176457A/en unknown
-
2011
- 2011-06-22 WO PCT/MY2011/000121 patent/WO2012050421A1/en active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020044663A1 (en) * | 2000-08-31 | 2002-04-18 | King James E. | Portable network encryption keys |
US20080046581A1 (en) * | 2006-08-18 | 2008-02-21 | Fujitsu Limited | Method and System for Implementing a Mobile Trusted Platform Module |
US7743422B2 (en) * | 2006-08-21 | 2010-06-22 | International Business Machines Corporation | System and method for validating a computer platform when booting from an external device |
US20100082987A1 (en) * | 2008-09-30 | 2010-04-01 | Microsoft Corporation | Transparent trust validation of an unknown platform |
US20100088523A1 (en) * | 2008-10-07 | 2010-04-08 | Microsoft Corporation | Trusted platform module security |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103236931A (en) * | 2013-05-02 | 2013-08-07 | 深圳数字电视国家工程实验室股份有限公司 | Trusted platform module (TPM)-based identity authentication method and system and related equipment |
CN109495259A (en) * | 2018-12-20 | 2019-03-19 | 成都三零瑞通移动通信有限公司 | A kind of portable mobile termianl encryption equipment |
US11290471B2 (en) * | 2019-08-27 | 2022-03-29 | Hewlett Packard Enterprise Development Lp | Cross-attestation of electronic devices |
Also Published As
Publication number | Publication date |
---|---|
MY176457A (en) | 2020-08-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP4615601B2 (en) | Computer security system and computer security method | |
US11012241B2 (en) | Information handling system entitlement validation | |
US8041947B2 (en) | Computer architecture for an electronic device providing SLS access to MLS file system with trusted loading and protection of program execution memory | |
US7565553B2 (en) | Systems and methods for controlling access to data on a computer with a secure boot process | |
CN100454246C (en) | System and method for protected operating system boot using state validation | |
TWI684890B (en) | System and method for computing device with improved firmware service security using credential-derived encryption key | |
CN102081716B (en) | Method and apparatus for providing upgradeable key binding for trusted platform module (tpm) | |
US7986786B2 (en) | Methods and systems for utilizing cryptographic functions of a cryptographic co-processor | |
US7900252B2 (en) | Method and apparatus for managing shared passwords on a multi-user computer | |
JP4323473B2 (en) | Computer security system and method | |
CN107438849B (en) | System and method for verifying integrity of electronic device | |
US8555075B2 (en) | Methods and system for storing and retrieving identity mapping information | |
CN108604275A (en) | Hardware device and its authentication method | |
US8060744B2 (en) | Computer architecture for an electronic device providing single-level secure access to multi-level secure file system | |
US20090049536A1 (en) | System and method for authentication | |
US8127145B2 (en) | Computer architecture for an electronic device providing a secure file system | |
CN102948114A (en) | Single-use authentication methods for accessing encrypted data | |
JP2010515159A (en) | Upgrade memory cards with security mechanisms to prevent copying of secure content and applications | |
KR20100133953A (en) | System and method for securing data | |
WO2017000648A1 (en) | Authentication method and apparatus for reinforced software | |
US7765407B2 (en) | Method and apparatus for providing centralized user authorization to allow secure sign-on to a computer system | |
WO2012050421A1 (en) | Secure external storage system and method thereof | |
JP2008021021A (en) | License authentication method for software | |
JP2008160325A (en) | User authentication method using removable device, and computer | |
JP2009245135A (en) | Information processing terminal device and start authentication method of application program |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 11832800 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 11832800 Country of ref document: EP Kind code of ref document: A1 |