WO2009051471A2 - Trusted computer platform method and system without trust credential - Google Patents

Trusted computer platform method and system without trust credential Download PDF

Info

Publication number
WO2009051471A2
WO2009051471A2 PCT/MY2008/000112 MY2008000112W WO2009051471A2 WO 2009051471 A2 WO2009051471 A2 WO 2009051471A2 MY 2008000112 W MY2008000112 W MY 2008000112W WO 2009051471 A2 WO2009051471 A2 WO 2009051471A2
Authority
WO
WIPO (PCT)
Prior art keywords
platform module
trusted platform
virtual
computer
trusted
Prior art date
Application number
PCT/MY2008/000112
Other languages
French (fr)
Other versions
WO2009051471A3 (en
Inventor
Hau Keong Wong
Galoh Rashidah Haron
Fui Bee Tan
Chong Seak Sea
Kang Siong Ng
Azhar Bin Abu Talib
Original Assignee
Mimos Berhad
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mimos Berhad filed Critical Mimos Berhad
Publication of WO2009051471A2 publication Critical patent/WO2009051471A2/en
Publication of WO2009051471A3 publication Critical patent/WO2009051471A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine

Definitions

  • TC trusted computing
  • the word “trusted” means that the computer is trusted by the software and system designers and developers that developed the computer system to ensure that unauthorized programs are blocked from running on the "trusted” computer.
  • TC generally encompasses five key technology concepts, of which all are required for a fully trusted computer system: 1) endorsement key; 2) secure input and output; 3) memory curtaining / protected execution; 4) sealed storage; and 5) remote attestation.
  • An embodiment of the invention creates this same inductive trust within a computer such as a PC that is not previously equipped with a TPM.
  • a virtual TPM (VTPM) 100 is shown in FIG. 2.
  • the software based VTPM will perform the same or substantially the same function as the TPM which is defined in the TPM Design Version 1.2 Part 1, 2, 3.
  • the first action of the network boot protocol is to send to the virtual trusted computer proxy with the hash network boot protocol stack and sign it with the network boot key and the network boot certificate (NBC), for example, (SIGN VPWT (HASH(NBTS)), NBC), where PWT is personal computer without trusted platform, PT is personal computer with trusted platform, VPWT is virtual personal computer without trusted platform, NBT is network boot protocol.
  • SIGN VPWT HASH(NBTS)
  • NBC network boot certificate
  • the AIK of the VTPM is generated 266, and the encryption key of the VTPM certificate is sent to the certificate authority 268.
  • the AlK of the VTPM certificate is received from the CA 270, and the signature is stored in the non-volatile storage of the VTPM 272.
  • the AIK of TPM and the TPM quote command is used to issue a signature over the current state of the platform configuration register (PCR) stored in the non-volatile storage of the TPM and a user provided 160 bit number.
  • PCR platform configuration register
  • the SHA1 content of the endorsement key for VTPM (endorsement key VTPM) is the sign PCR and the 160 bit number. This links the endorsement key VTPM to the AIK of TPM (AIKTPM).
  • the AIK of the VTPM (AIKVTPM) is then created by CA using the endorsement key VTPM.

Abstract

A trusted computer platform method and system is disclosed for a secure computer system without a trust credential. The platform provides a functionality of a secure or 'trusted computing' (TC) environment to prevent or block unauthorized computer programs or applications from running within the computer system and provide a fully trusted computer system having 1) endorsement key; 2) secure input and output; 3) memory curtaining / protected execution; 4) sealed storage; and 5) remote attestation. The trusted computer platform is an implementation that achieves at least a mechanism to proactively establish more trusted relationships for remote or local access through secure user authentication and machine attestation, protect encryption keys and digital signature keys to maintain data confidentiality and integrity, protect key operations and other security tasks that would otherwise be performed on unprotected interfaces in unprotected communications, or protect platform and user authentication information from software- based attacks.

Description

TRUSTED COMPUTER PLATFORM METHOD AND SYSTEM WITHOUT TRUST
CREDENTIAL
FIELD OF THE INVENTION This invention relates computer systems having embedded functionality to prevent or block unauthorized computer programs and applications from running within the computer system.
BACKGROUND OF THE INVENTION Attempts have been made in hardware and software applications by computer system designers and developers to secure computer systems to prevent or block unauthorized computer programs or applications from running within the computer system. One term used in the industry to define this attempt to secure computer systems in this manner is "trusted computing" (TC). The word "trusted" means that the computer is trusted by the software and system designers and developers that developed the computer system to ensure that unauthorized programs are blocked from running on the "trusted" computer. TC generally encompasses five key technology concepts, of which all are required for a fully trusted computer system: 1) endorsement key; 2) secure input and output; 3) memory curtaining / protected execution; 4) sealed storage; and 5) remote attestation.
One such effort of implementing TC into hardware has been from a group of software developers and semiconductor designers and manufacturers in the computer industry that have worked together in the Trusted Computing Group (TCG). At the heart of TCG's trusted computing implementation is a hardware module called Trusted Platform Module (TPM)1 which is the ultimate hardware system where the core "roof of trust in the platform must lie. Such a system 10 is shown in F(G. 1, where the TPM 12 is a hardware implementation that is designed by TCG to enhance platform security beyond the capabilities of current software-only solutions. The TPM chip is a secure key generator and key cache management component that supports industry-standard cryptographic application program interfaces (APIs) and operating system 14. TPM's generate, store, and manage cryptographic keys in hardware (within the TPM). This leverages the resources of the platform and allows hardening of the many applications (16i, 162, 163, ...,16n). TPM-capable products are built with the TPM chips soldered onto their printed circuit boards. The encryption keys and other critical security information are stored in non-volatile memory within the TPMs. The private keys stored in the TPM chips are also protected by the TPM even when in use, which provides secure key management. Protected key storage enables TPM-capable systems to support user authentication and platform attestation for secure local as well as remote access. The "root of trust" is based in hardware -the TPM- but can be extended to software. TPM-capable systems make storage of sensitive digital data (passwords, credit card numbers, digital signatures, etc.) more secure by protecting them from unauthorized use.
In other previous software based TC efforts, attempts have been made to rely on software implemented on existing "non-TC" platforms to achieve TC functionalities. These previous attempts rely solely on software encryption algorithms with keys. However, often the encryption algorithms with keys are stored in unsecured memory. In these instances, when security is provided by traditional, non-TC general-purpose central processing units (CPUs), encryption keys and related security information are stored in general system memory. Such use of system memory is no guarantee of secure key management, and provides system managers with a false sense of trust.
Therefore, there is a need for a software implementation that overcomes at least one of the problems associated with current TC systems. For example, an implementation that can proactively establish more trusted relationships for remote or local access through secure user authentication and machine attestation, protect encryption keys and digital signature keys to maintain data confidentiality and integrity, protect key operations and other security tasks that would otherwise be performed on unprotected interfaces in unprotected communications, and/or protect platform and user authentication information from software-based attacks.
SUMMARY
In accordance with an aspect of the invention, a method for creating a virtual trusted computer platform with a trust credential comprises providing a trusted platform module on a first computer, wherein the trusted platform module is a hardware device dedicated to trusted computing that protects data from unauthorized use, accessing the trusted platform module on the first computer from a second computer unequipped with a trusted platform module, and replicating the trusted platform module on the second computer, thereby virtualizing a virtual trusted platform module in software on the second computer based on the trusted platform module on the first computer.
In an embodiment, the accessing the trusted platform module comprises providing a private key and a certificate from an authorized certification authority. Accessing the trusted platform module comprises sending to the second computer a virtual trusted computer proxy with a hash network boot protocol stack. The virtual trusted computer proxy may be signed with a network boot key and a network' boot certificate. An instance of the virtual trusted platform module may be created for the second computer, verifying the network boot certificate received from the second computer, and sending back to the hash network boot protocol stack a hash. An encryption key may be generated of the virtual trusted platform module based on a signature given by the trusted platform module. The trusted platform module may be defined by the Trusted Computing Group. The virtual trusted platform module may indicate to an operating system on the second computer that the second computer is equipped with a trusted platform module although the second computer remains unequipped with a trusted platform module. The trusted computing may require at least one of an endorsement key, secure input and output, memory curtaining and protected execution, sealed storage, and remote attestation. The second computer may lack a trust credential before, and obtains a trust credential by, replicating the trusted platform module to virtualize the virtual trusted platform module.
In accordance with an aspect of the invention, a system for creating a trusted computer platform with a trust credential, comprises a first computer installed with a trusted platform module, and a second computer in communication with the first computer, wherein the second computer is unequipped with a trusted platform module and accesses the trusted platform module on the first computer for replicating the trusted platform module on the second computer, thereby virtualizing a virtual trusted platform module on the second computer.
In an embodiment, the trusted platform module provides a private key and a certificate from an authorized certification authority for accessing the trusted platform module. The second computer sends a virtual trusted computer proxy with a hash network boot protocol stack for accessing the trusted platform module. The virtual trusted computer proxy may be signed with a network boot key and a network boot certificate. An instance of the virtual trusted platform module may be created for the second computer, for verifying the network boot certificate received from the second computer, and sending back to the hash network boot protocol stack a hash. An encryption key may be generated of the virtual trusted platform module based on a signature given by the trusted platform module. The trusted platform module may be defined by the Trusted Computing
Group. The virtual trusted platform module indicates to an operating system on the second computer that the second computer is equipped with a trusted platform module although the second computer remains unequipped with a trusted platform module. The trusted computing may require at least three of an endorsement key, secure input and output, memory curtaining and protected execution, sealed storage, and remote attestation. The second computer may lack a trust credential before, and obtains a trust credential by, replicating the trusted platform module to virtualize the virtual trusted platform module.
Advantageously, the trusted computer platform method and system provides a secure computer system without a trust credential. The trusted computer platform provides a secure or "trusted computing" (TC) environment to prevent or block unauthorized computer programs or applications from running within the computer system. The trusted computer platform also provides a fully trusted computer system having 1) endorsement key; 2) secure input and output; 3} memory curtaining / protected execution; 4) sealed storage; and 5) remote attestation. The trusted computer platform achieves a mechanism to proactively establish more trusted relationships for remote or local access through secure user authentication and machine attestation, protect' encryption keys and digital signature keys to maintain data confidentiality and integrity, protect key operations and other security tasks that would otherwise be performed on unprotected interfaces in unprotected communications, and/or protect platform and user authentication information from software-based attacks.
BRIEF DESCRIPTION OF THE INVENTION
In order that the present invention may be fully understood and readily put into practical effect, there shall now be described by way of non-limitative example only embodiments of the present invention, the description referring to the following illustrative drawings.
FlG. 1 shows a block diagram of a system in accordance with a previous prior art trusted computing system;
FlG. 2 shows a block diagram of a virtual trusted platform module (VTPM) in accordance with an embodiment of the invention;
FIG. 3 shows the architecture of a virtual machine in accordance with an embodiment of the invention;
FIG. 4 shows a trusted computing sequence in accordance with an embodiment of the invention;
FIG. 5 illustrates a process flow in accordance with an embodiment of the invention; FIG. 6 shows a flow chart of a method in accordance with an embodiment of the invention;
FIG. 7 shows a network boot as part of the trusted building block and trusted root of trust in accordance with an embodiment of the invention; and
FIG. 8 shows connection of the endorsement key of the virtual trusted platform module to the attestation identity key (AIK) of the trusted platform module in accordance with an embodiment of the invention.
DETAILED DESCRIPTION
A method and system for trusted computer platform with a trust credential is disclosed. An embodiment of the invention is shown in FIG. 2 of a system architecture 100 that can be incorporated in or implemented by the system 10. FIG. 1 and the following discussion are intended to provide a brief, general description of a suitable computing environment in which the present invention may be implemented. Although not required, the invention will be described in the general context of computer-executable instructions, such as program modules, being executed by a personal computer. Generally, program modules include routines, programs, characters, components, data structures, to perform particular tasks or implement particular abstract data types. As those skilled in the art will appreciate, the invention may be practiced with other computer system configurations, including hand-held devices, multiprocessor systems, microprocessor-based or programmable user electronics, network PCs, minicomputers, mainframe computers, and the like. The invention may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote memory storage devices.
In a normal scenario, a trusted platform module (TPM) will create a chain of trust. This chain of trust called the inductive trust is a process where the root of trust gives a trustworthy description of a second group of functions. Based on this description, an interested entity can determine the trust it is to place in this second group of functions. If the interested entity determines that the trust level of the second group of functions is acceptable, the trust boundary is extended from the root of trust to include the second group of functions. This is illustrated in FIG. 1. For a conventional computer such as a personal computer (PC) this chain of trust will start with a printed circuit board that is equipped with the proper BIOS and TPM and built inductive trust as the functionality goes up as shown in FIG, 4.
An embodiment of the invention creates this same inductive trust within a computer such as a PC that is not previously equipped with a TPM. Compared with a PC that is equipped with a TPM, a virtual TPM (VTPM) 100 is shown in FIG. 2. The software based VTPM will perform the same or substantially the same function as the TPM which is defined in the TPM Design Version 1.2 Part 1, 2, 3.
The architecture of the VTPM 100 is shown in the FIG. 2. The VTPM 100 comprises virtual input/output (I/O) 102 that receives and/or sends data as determined by the CPU of the computer. The virtual I/O 102 provides data via virtual bus 112 to virtual non-volatile storage 104, virtual platform configuration register (VPCR) 106, virtual attestation identity key (VAIK) 108, virtual program code 110, virtual random number generator 114, virtual SHA-1 engine 116, virtual key generation 118, virtual RSA engine 120, virtual opt-in 122, and virtual execution engine 124.
The entire virtual machine 136 is shown in FIG. 3 of the virtual non-trusted PC (VNTP). The VNPT is created because the operating system has complete control of the underlying resources and thus would know that the underlying hardware does not include the necessary TPM. The virtual machine creates the necessary illusion for the operating system that the TPM is present even though it is physically located elsewhere. The architecture of a platform 130 with the virtual machine 136m is shown in the FIG. 3. The virtual machine and TC are combined into a platform 130 for creating trust where some of the underlying architecture is not necessarily trustabie. The platform 130 shows a computer 132, such as personal computer, hyperviser 134, virtual machine 136i.n, and guest operating system and applications 138i.n. It will be appreciated that the number n of guest operating system and applications may differ from the number of virtual machines n.
In FIG. 5, system 140 includes two computers, one computetihat is trusted with a TPM hardware 12 shown in FIG. 1, and a virtualized non-trusted computer 130 having VTPM 100. The VTPM is created according to the number of insecure platforms that wish to use the facility. The functionality of the VTPM is not directly accessible VTNC. Instead, proxies negotiate the activity between virtual non-trusted computer and the trusted computer for the VTPM services. The VTPM reside on the virtual trusted computer because the virtual trusted computer can provide memory curtaining what is crucial to the VTPM activity. The virtual non-trusted computer 10 comprises TPM 12, hyperviser 20, client side TPM driver 22, virtual machine 24, virtual machine server side TPM driver 28, VTPM manager 26 and VTPM instance 28 and proxy 164. The virtual non-trusted computer 130 comprises hypervisor 134, virtual machine client side TPM' driver 142, virtual machine server side TPM driver, virtual machine 136, proxy 162 and application 138.
The two process flows P1 30,170 and P2 28,172 are indicated by non-dashed and dashed arrows, respectively. P1 non-dashed arrow occurs when the system first boots up. The boot up sequence in this architecture may boot from the network. Instead of network boot sequence (NBS), in this embodiment the boot image also contains a private key (PK) and a certificate (Cert) from an authorized certification authority (CA). The first action of the network boot protocol (NBP) is to send to the virtual trusted computer proxy with the hash network boot protocol stack and sign it with the network boot key and the network boot certificate (NBC), for example, (SIGN VPWT (HASH(NBTS)), NBC), where PWT is personal computer without trusted platform, PT is personal computer with trusted platform, VPWT is virtual personal computer without trusted platform, NBT is network boot protocol. Once the virtual trusted computer proxy is received the hash network boot protocol stack, for example (SIGN VPWT (HASH (NBTS)), NBC), the trusted virtual trusted computer 10 will then create an instance of VTPM for the non-trusted computer 130 and verify the network boot certificate, for example, SIGN PWT(HASH (NBTS)) and send back to the network boot protocol a hash of SIGNVTPMPWT(SlGN VPWT(HASH (NBTS)) and this stored by network boot protocol. This process occurs initially upon boot up.
FIG. 6 illustrates the flow of this process in accordance with an embodiment of the invention. The non-trusted computer 130 prepares hash of binary image or stack, and signs it with the private key (PK1) 222. The hash binary image or stack and private key is sent to proxy in trusted computer, hash signs with private key2 (PK2) and certificate2 (Cert2) 224. The non-trusted computer receives the signed with private key2 and certificate from the trusted computer 226, and the hash signed with private key2 and certificate is stored 228.
For the later the boot process, the NBT will only need to send, for example, SIGN VTPM
PWT (SIGNVPWT(HASH(NBTS)) , SIGNVPWT(HASH(NBTS)) and network boot certificate as shown in the process flow 240 of FIG. 7. The non-trusted computer receives the hash previously signed with the private key2 and private key1 242, and prepares hash signed with private key1 244. The two hashes are sent to proxy of trusted computer 246, and the trusted computer and non trusted computer receives a notification of trust 248.
Once network boot is established as part of the trusted building block (TBB) and trusted root of trust 202, the chain of trust is progressed using the normal TC sequence 200 as shown in FIG.4. From the CRTM code 204 to the next links in the chain, for example, the operating system loader code 206, the operating system code 208, the application code 210.
In another process flow P2, a trust model is created from the application on VPWT to the VTPM on VPT. The trust establishment in context is built upon the necessary information and keys on the TPM itself. The main keys and certificate for the VTPM is to provide a certificate for an endorsement key (EK) of a VTPM by connecting the endorsement key of the VTPM to the attestation identity key (AIK) of the TPM. This is shown in the process flow 260 in FIG. 8. The quote command and AlKTPM is used to generate a signature and send to VTPM 262. The encryption key of the VTPM is generated and the certificate base on the signature is given by the TPM with the proper metric 264. The AIK of the VTPM is generated 266, and the encryption key of the VTPM certificate is sent to the certificate authority 268. The AlK of the VTPM certificate is received from the CA 270, and the signature is stored in the non-volatile storage of the VTPM 272. In this embodiment the AIK of TPM and the TPM quote command is used to issue a signature over the current state of the platform configuration register (PCR) stored in the non-volatile storage of the TPM and a user provided 160 bit number. The SHA1 content of the endorsement key for VTPM (endorsement key VTPM) is the sign PCR and the 160 bit number. This links the endorsement key VTPM to the AIK of TPM (AIKTPM). The AIK of the VTPM (AIKVTPM) is then created by CA using the endorsement key VTPM.
As discussed, the process is shown in FIG. 5. Using this technology on an insecure platform builds a chain of trust to the application level using the trusted computing technology even though there is no trusted component on the system prior to boot up. It will be appreciated that the devices and subsystems of the exemplary methods and systems described with respect to the figures may communicate, for example, over a communication network, and may include any suitable servers, workstations, personal computers (PCs), laptop computers, handheld devices, with visual displays and/or monitors, telephones, cellular telephones, wireless devices, PDAs, Internet appliances, set top boxes, modems, other devices, and the like, capable of performing the processes of the disclosed exemplary embodiments. The devices and subsystems, for example, may communicate with each other using any suitable protocol and may be implemented using a general-purpose computer system and the like. One or more interface mechanisms may be employed, for example, including Internet access, telecommunications in any suitable form, such as voice, modem, and the like, wireless communications media, and the like. Accordingly, network may include, for example, wireless communications networks, cellular communications network, Public Switched Telephone Networks (PSTNs), Packet Data Networks (PDNs), the Internet, intranets, hybrid communications networks, combinations thereof, and the like.
It is to be understood that the embodiments, as described with respect to the figures, are for exemplary purposes, as many variations of the specific hardware used to implement the disclosed exemplary embodiments are possible. For example, the functionality of the devices and the subsystems of the embodiments may be implemented via one or more programmed computer system or devices. To implement such variations as well as other variations, a single computer system may be programmed to perform the functions of one or more of the devices and subsystems of the exemplary systems. On the other hand, two or more programmed computer systems or devices may be substituted for any one of the devices and subsystems of the exemplary systems. Accordingly, principles and advantages of distributed processing, such as redundancy, replication, and the like, also may be implemented, as desired, for example, to increase robustness and performance of the exemplary systems described with respect to the figures. *
The exemplary systems described with respect to the figures may be used to store information relating to various processes described herein. This information may be stored in one or more memories, such as hard disk, optical disk, magneto-optical disk, RAM, and the like, of the devices and sub-systems of the embodiments. One or more databases of the devices and subsystems may store the information used to implement the exemplary embodiments. The databases may be organized using data structures, such as records, tables, arrays, fields, graphs, trees, lists, and the like, included in one or more memories, such as the memories listed above.
All or a portion of the exemplary systems described with respect to figures may be conveniently implemented using one or more general-purpose computer systems, microprocessors, digital signal processors, micro-controllers, and the like, programmed according to the teachings of the disclosed exemplary embodiments. Appropriate software may be readily prepared by programmers of ordinary skill based on the teachings of the disclosed exemplary embodiments. In addition, the exemplary systems may be implemented by the preparation of application-specific integrated circuits or by interconnecting an appropriate network of component circuits.-
Whilst there has been described in the foregoing description preferred embodiments of the present invention, it will be understood by those skilled in the technology concerned that many variations or modifications in details of design or construction may be made without departing from the present invention.

Claims

CLAIMS:
1. A method for creating a virtual trusted computer platform with a trust credential, comprising: providing a trusted platform module on a first computer, wherein the trusted platform module is a hardware device dedicated to trusted computing that protects data from unauthorized . use; accessing the trusted platform module on the first computer from a second computer unequipped with a trusted platform module; and replicating the trusted platform module on the second computer, thereby virtualizing a virtual trusted platform module in software on the second computer based on the trusted platform module on the first computer.
2. The method of claim 1 wherein accessing the trusted platform module is through a network.
3. The method of claim 2 wherein the network is the Internet.
4. The method of any preceding claim wherein accessing the trusted platform module comprises providing a private key and a certificate from an authorized certification authority.
5. The method of any preceding claim wherein accessing the trusted platform module comprises sending to the second computer a virtual trusted computer proxy with a hash network boot protocol stack.
6. The method of claim 5 further comprising signing the virtual trusted computer proxy with a network boot key and a network boot certificate.
7. The method of claim 6 further comprising: creating by the first computer an instance of the virtual trusted platform module for the second computer; verifying the network boot certificate received from the second computer; and sending back to the hash network boot protocol stack a hash.
8. The method of any preceding claim further comprising generating an encryption key of the virtual trusted platform module based on a signature given by the trusted platform module.
S 9. The method of claim 8 further comprising sending the encryption key to the certificate authority.
10. The method of claim 1 , wherein the trusted platform module includes a secure key generator and a key cache manager. 0
11. The method of claim 1, wherein the trusted platform module establishes trusted relationships for accessing the data through secure user authentication and machine attestation. 5
12. The method of claim 1, wherein the trusted platform module creates a chain of trust.
13. The method of claim 12, wherein the chain of trust is an inductive trust. 0
14. The method of claim 12, wherein the chain of trust includes a root of trust that gives a trustworthy description of a group of functions.
15. The method of claim 14, wherein the trustworthy description permits an interested entity to determine trust in the group of functions. 5
16. The method of claim 1, wherein the trusted platform module protects security tasks.
17. The method of claim 1, wherein the trusted platform module protects against0 unauthorized software execution.
18. The method of claim 1, wherein the trusted platform module protects against unauthorized software-based attacks. 5
19. The method of claim 1, wherein the trusted platform module supports an industry- standard cryptographic application program interface.
20. The method of claim 1 , wherein the trusted platform module is defined by the Trusted Computing Group.
21. The method of claim 1, wherein the trusted platform module is an integrated circuit chip.
22. The method of claim 1, wherein the virtual trusted platform module includes a virtual non-volatile storage.
23. The method of claim 1, wherein the virtual trusted platform module includes a virtual platform configuration register.
24. The method of claim 1, wherein the virtual trusted platform module includes a virtual key attestation identity key.
25. The method of claim 1, wherein the virtual trusted platform module includes a virtual program code.
26. The method of claim 1, wherein the virtual trusted platform module includes a virtual random number generator.
27. The method of claim 1, wherein the virtual trusted platform module includes a virtual SHA-1 engine.
28. The method of claim 1, wherein the virtual trusted platform module includes a virtual key generator.
29. The method of claim 1, wherein the virtual trusted platform module includes a virtual RSA engine.
30. The method of claim 1 , wherein the virtual trusted platform module includes a virtual opt-in.
31. The method of claim 1 , wherein the virtual trusted platform module includes a virtual execution engine.
32. The method of claim 1, wherein the virtual trusted platform module performs substantially the same function as the trusted platform module.
33. The method of claim 1 , wherein the virtual trusted platform module performs the same function as the trusted platform module.
34. The method of claim 1, wherein the virtual trusted platform module indicates to an operating system on the second computer that the second computer is equipped with a trusted platform module although the second computer remains unequipped with a trusted platform module.
35. The method of claim 1, wherein the trusted computing requires at least three of an endorsement key, secure input and output, memory curtaining and protected execution, sealed storage, and remote attestation.
36. The method of claim 1 , wherein the trusted computing requires at least four of an endorsement key, secure input and output, memory curtaining and protected execution, sealed storage, and remote attestation.
37. The method of claim 1, wherein the trusted computing requires an endorsement key, secure input and output, memory curtaining and protected execution, sealed storage, and remote attestation.
38. The method of claim 1, wherein the second computer lacks a trust credential before, and obtains a trust credential by, replicating the trusted platform module to virtualize the virtual trusted platform module.
39. The method of claim 1 , wherein the second computer is a personal computer.
40. A system for creating a trusted computer platform with a trust credential, comprising: a first computer installed with a trusted platform module; and a second computer in communication with the first computer, wherein the second computer is unequipped with a trusted platform module and accesses the trusted platform module on the first computer for replicating the trusted platform module on the second computer, thereby virtualizing a virtual trusted platform module on the second computer.
41. The system of claim 40 wherein the trusted platform module is accessed through a network.
42. The system of claim 41 wherein the network is the Internet.
43. The system of any one of claims 40 to 42 wherein the trusted platform module provides a private key and a certificate from an authorized certification authority for accessing the trusted platform module.
44. The system of any one of claims 40 to 43 wherein "the trusted platform module sends to the second computer a virtual trusted computer proxy with a hash network boot protocol stack for accessing the trusted platform module.
45. The system of claim 44 wherein the trusted platform module signs a virtual trusted computer proxy with a network boot key and a network boot certificate.
46. The system of claim 45 wherein the first computer creates an instance of the virtual trusted platform module for the second computer, the network boot certificate received from the second computer is verified by the first computer and the hash network boot protocol stack a hash is returned.
47. The system of any one of claims 40 to 46 wherein the second computer generates an encryption key of the virtual trusted platform module based on a signature given by the trusted platform module.
48. The system of claim 47 wherein the encryption key is sent to a certificate authority.
49. The system of claim 40, wherein the trusted platform module includes a secure key generator and a key cache manager.
50. The system of claim 40, wherein the trusted platform module establishes trusted relationships for accessing the data through secure user authentication and machine attestation.
51. The system of claim 40, wherein the trusted platform module creates a chain of trust.
52. The system of claim 51 , wherein the chain of trust is an inductive trust.
53. The system of claim 51, wherein the chain of trust includes a root of trust that gives a trustworthy description of a group of functions.
54. The system of claim 53, wherein the trustworthy description permits an interested entity to determine trust in the group of functions.
55. The system of claim 40, wherein the trusted platform module protects security tasks.
56. The system of claim 40, wherein the trusted platform module protects against unauthorized software execution.
57. The system of claim 40, wherein the trusted platform module protects against unauthorized software-based attacks.
58. The system of claim 40, wherein the trusted platform module supports an industry- standard cryptographic application program interface.
59. The system of claim 40, wherein the trusted platform module is defined by the Trusted Computing Group.
60. The system of claim 40, wherein the trusted platform module is an integrated circuit chip.
61. The system of claim 40, wherein the virtual trusted platform module includes a virtual non-volatile storage.
62. The system of claim 40, wherein the virtual trusted platform module includes a virtual platform configuration register.
63. The system of claim 40, wherein the virtual trusted platform module includes a virtual key attestation identity key.
64. The system of claim 40, wherein the virtual trusted platform module includes a virtual program code.
65. The system of claim 40, wherein the virtual trusted platform module includes a virtual random number generator.
66. The system of claim 40, wherein the virtual trusted platform module includes a virtual SHA-1 engine.
67. The system of claim 40, wherein the virtual trusted platform module includes a virtual key generator.
68. The system of claim 40, wherein the virtual trusted .platform module includes a virtual RSA engine.
69. The system of claim 40, wherein the virtual trusted platform module includes a virtual opt-in.
70. The system of claim 40, wherein the virtual trusted platform module includes a virtual execution engine.
71. The system of claim 40, wherein the virtual trusted platform module performs substantially the same function as the trusted platform module.
72. The system of claim 40, wherein the virtual trusted platform module performs the same function as the trusted platform module.
73. The system of claim 40, wherein the virtual trusted platform module indicates to an operating system on the second computer that the second computer is equipped with a trusted platform module although the second computer remains unequipped with a trusted platform module.
74. The system of claim 40, wherein the trusted computing requires at least three of an endorsement key, secure input and output, memory curtaining and protected execution, sealed storage, and remote attestation.
75. The system of claim 40, wherein the trusted computing requires at least four of an endorsement key, secure input and output, memory curtaining and protected execution, sealed storage, and remote attestation.
76. The system of claim 40, wherein the trusted computing requires an endorsement key, secure input and output, memory curtaining and protected execution, sealed storage, and remote attestation.
77. The system of claim 40, wherein the second computer lacks a trust credential before, and obtains a trust credential by, replicating the trusted platform module to virtualize the virtual trusted platform module.
78. The system of claim 40, wherein the second computer is a personal computer.
PCT/MY2008/000112 2007-09-20 2008-09-22 Trusted computer platform method and system without trust credential WO2009051471A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
MYPI20071578 2007-09-20
MYPI20071578 MY145949A (en) 2007-09-20 2007-09-20 Trusted computer platform method and system without trust credential

Publications (2)

Publication Number Publication Date
WO2009051471A2 true WO2009051471A2 (en) 2009-04-23
WO2009051471A3 WO2009051471A3 (en) 2009-07-16

Family

ID=40567995

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/MY2008/000112 WO2009051471A2 (en) 2007-09-20 2008-09-22 Trusted computer platform method and system without trust credential

Country Status (2)

Country Link
MY (1) MY145949A (en)
WO (1) WO2009051471A2 (en)

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102262599A (en) * 2011-09-02 2011-11-30 南京博智软件科技有限公司 Trusted root-based portable hard disk fingerprint identification method
WO2012084837A1 (en) * 2010-12-21 2012-06-28 International Business Machines Corporation Virtual machine validation
US8396990B2 (en) 2008-10-10 2013-03-12 Afilias Technologies Limited Transcoding web resources
US20140033285A1 (en) * 2002-05-15 2014-01-30 Gerard A. Gagliano Enterprise security system
US9141724B2 (en) 2010-04-19 2015-09-22 Afilias Technologies Limited Transcoder hinting
US9727740B2 (en) 2012-01-30 2017-08-08 Hewlett-Packard Development Company, L.P. Secure information access over network
WO2019005327A1 (en) * 2017-06-28 2019-01-03 Microsoft Technology Licensing, Llc De/encrypting network communications between virtual machines at tghe virtualization layer based on keys snet after verifying health data for a computer
US10229272B2 (en) 2014-10-13 2019-03-12 Microsoft Technology Licensing, Llc Identifying security boundaries on computing devices
US10275268B2 (en) 2013-08-26 2019-04-30 Red Hat, Inc. Providing entropy to a guest operating system
CN110263532A (en) * 2019-05-06 2019-09-20 阿里巴巴集团控股有限公司 Trusted computing method, equipment and system
CN110442422A (en) * 2019-07-03 2019-11-12 阿里巴巴集团控股有限公司 Active response formula is credible Python virtual machine and its method of execution
US10705862B2 (en) 2010-07-08 2020-07-07 Afilias Technologies Limited Server-based generation of user interfaces for delivery to mobile communication devices
CN111865568A (en) * 2019-04-29 2020-10-30 华控清交信息科技(北京)有限公司 Data transmission oriented certificate storing method, transmission method and system
CN112615841A (en) * 2020-12-11 2021-04-06 辽宁电力能源发展集团有限公司 Layered security management and control system and method based on trusted computing
US11010387B2 (en) 2017-10-06 2021-05-18 Microsoft Technology Licensing, Llc Join operation and interface for wildcards
CN114553428A (en) * 2022-01-11 2022-05-27 北京三快在线科技有限公司 Credible verification system, device, storage medium and electronic equipment
US20220255934A1 (en) * 2021-02-05 2022-08-11 Cisco Technology, Inc. Sponsor delegation for multi-factor authentication

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB0802585D0 (en) 2008-02-12 2008-03-19 Mtld Top Level Domain Ltd Determining a property of communication device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6185678B1 (en) * 1997-10-02 2001-02-06 Trustees Of The University Of Pennsylvania Secure and reliable bootstrap architecture
US6408163B1 (en) * 1997-12-31 2002-06-18 Nortel Networks Limited Method and apparatus for replicating operations on data
EP1484891A2 (en) * 2003-06-03 2004-12-08 Broadcom Corporation Online trusted platform module
US7216369B2 (en) * 2002-06-28 2007-05-08 Intel Corporation Trusted platform apparatus, system, and method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6185678B1 (en) * 1997-10-02 2001-02-06 Trustees Of The University Of Pennsylvania Secure and reliable bootstrap architecture
US6408163B1 (en) * 1997-12-31 2002-06-18 Nortel Networks Limited Method and apparatus for replicating operations on data
US7216369B2 (en) * 2002-06-28 2007-05-08 Intel Corporation Trusted platform apparatus, system, and method
EP1484891A2 (en) * 2003-06-03 2004-12-08 Broadcom Corporation Online trusted platform module

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
SAILER ET AL.: 'The Role of TPM in Enterprise Security' IBM RESEARCH REPORT RC23363, [Online] 06 October 2004, pages 2 - 5 Retrieved from the Internet: <URL:http://domino.research.ibm.com/comm/re searchprojects.nsf/pages/ssd ima.index.html/$FILE/rc2 3363.pdf> *

Cited By (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140033285A1 (en) * 2002-05-15 2014-01-30 Gerard A. Gagliano Enterprise security system
US8984601B2 (en) * 2002-05-15 2015-03-17 Gerard A. Gagliano Enterprise security system
US8396990B2 (en) 2008-10-10 2013-03-12 Afilias Technologies Limited Transcoding web resources
US9141724B2 (en) 2010-04-19 2015-09-22 Afilias Technologies Limited Transcoder hinting
US11385913B2 (en) 2010-07-08 2022-07-12 Deviceatlas Limited Server-based generation of user interfaces for delivery to mobile communication devices
US10705862B2 (en) 2010-07-08 2020-07-07 Afilias Technologies Limited Server-based generation of user interfaces for delivery to mobile communication devices
WO2012084837A1 (en) * 2010-12-21 2012-06-28 International Business Machines Corporation Virtual machine validation
CN103270518A (en) * 2010-12-21 2013-08-28 国际商业机器公司 Virtual machine validation
GB2501205A (en) * 2010-12-21 2013-10-16 Ibm Virtual machine validation
US9081600B2 (en) 2010-12-21 2015-07-14 International Business Machines Corporation Virtual machine validation
CN102262599A (en) * 2011-09-02 2011-11-30 南京博智软件科技有限公司 Trusted root-based portable hard disk fingerprint identification method
CN102262599B (en) * 2011-09-02 2013-11-20 江苏博智软件科技有限公司 Trusted root-based portable hard disk fingerprint identification method
US9727740B2 (en) 2012-01-30 2017-08-08 Hewlett-Packard Development Company, L.P. Secure information access over network
US10275268B2 (en) 2013-08-26 2019-04-30 Red Hat, Inc. Providing entropy to a guest operating system
US10229272B2 (en) 2014-10-13 2019-03-12 Microsoft Technology Licensing, Llc Identifying security boundaries on computing devices
WO2019005327A1 (en) * 2017-06-28 2019-01-03 Microsoft Technology Licensing, Llc De/encrypting network communications between virtual machines at tghe virtualization layer based on keys snet after verifying health data for a computer
US10771439B2 (en) 2017-06-28 2020-09-08 Microsoft Technology Licensing, Llc Shielded networks for virtual machines
US11010387B2 (en) 2017-10-06 2021-05-18 Microsoft Technology Licensing, Llc Join operation and interface for wildcards
CN111865568B (en) * 2019-04-29 2022-10-04 华控清交信息科技(北京)有限公司 Data transmission oriented certificate storing method, transmission method and system
CN111865568A (en) * 2019-04-29 2020-10-30 华控清交信息科技(北京)有限公司 Data transmission oriented certificate storing method, transmission method and system
CN110263532A (en) * 2019-05-06 2019-09-20 阿里巴巴集团控股有限公司 Trusted computing method, equipment and system
CN110263532B (en) * 2019-05-06 2023-03-10 创新先进技术有限公司 Trusted computing method, device and system
CN110442422A (en) * 2019-07-03 2019-11-12 阿里巴巴集团控股有限公司 Active response formula is credible Python virtual machine and its method of execution
CN110442422B (en) * 2019-07-03 2023-01-31 创新先进技术有限公司 Active response type trusted Python virtual machine and execution method thereof
CN112615841A (en) * 2020-12-11 2021-04-06 辽宁电力能源发展集团有限公司 Layered security management and control system and method based on trusted computing
US20220255934A1 (en) * 2021-02-05 2022-08-11 Cisco Technology, Inc. Sponsor delegation for multi-factor authentication
US11811762B2 (en) * 2021-02-05 2023-11-07 Cisco Technology, Inc. Sponsor delegation for multi-factor authentication
CN114553428A (en) * 2022-01-11 2022-05-27 北京三快在线科技有限公司 Credible verification system, device, storage medium and electronic equipment
CN114553428B (en) * 2022-01-11 2023-09-22 北京三快在线科技有限公司 Trusted verification system, trusted verification device, trusted verification storage medium and electronic equipment

Also Published As

Publication number Publication date
WO2009051471A3 (en) 2009-07-16
MY145949A (en) 2012-05-31

Similar Documents

Publication Publication Date Title
WO2009051471A2 (en) Trusted computer platform method and system without trust credential
US10885197B2 (en) Merging multiple compute nodes with trusted platform modules utilizing authentication protocol with active trusted platform module provisioning
US9361462B2 (en) Associating a signing key with a software component of a computing platform
US8595483B2 (en) Associating a multi-context trusted platform module with distributed platforms
EP1975836B1 (en) Server active management technology (AMT) assisted secure boot
US8060934B2 (en) Dynamic trust management
KR100930218B1 (en) Method, apparatus and processing system for providing a software-based security coprocessor
US8909940B2 (en) Extensible pre-boot authentication
US8201239B2 (en) Extensible pre-boot authentication
Krautheim et al. Introducing the trusted virtual environment module: a new mechanism for rooting trust in cloud computing
US11206141B2 (en) Merging multiple compute nodes with trusted platform modules utilizing provisioned node certificates
US20110246778A1 (en) Providing security mechanisms for virtual machine images
CN113886809A (en) Computing device
US20100082991A1 (en) Trusted key management for virtualized platforms
US20100115625A1 (en) Policy enforcement in trusted platforms
US11714895B2 (en) Secure runtime systems and methods
US11252193B2 (en) Attestation service for enforcing payload security policies in a data center
Muñoz et al. TPM, a pattern for an architecture for trusted computing
England Practical techniques for operating system attestation
Narayanan et al. Remote attestation of SEV-SNP confidential VMs using e-vTPMs
US20230237155A1 (en) Securing communications with security processors using platform keys
Pedone et al. Trusted computing technology and proposals for resolving cloud computing security problems
Manferdelli et al. The cloudproxy tao for trusted computing
Dongliang et al. TrustVP: construction and evolution of trusted chain on virtualization computing platform
Narayanan et al. Remote attestation of confidential VMs using ephemeral vTPMs

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08840662

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase in:

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08840662

Country of ref document: EP

Kind code of ref document: A2