WO2012064176A1 - A system and method for providing access control - Google Patents

A system and method for providing access control Download PDF

Info

Publication number
WO2012064176A1
WO2012064176A1 PCT/MY2011/000108 MY2011000108W WO2012064176A1 WO 2012064176 A1 WO2012064176 A1 WO 2012064176A1 MY 2011000108 W MY2011000108 W MY 2011000108W WO 2012064176 A1 WO2012064176 A1 WO 2012064176A1
Authority
WO
WIPO (PCT)
Prior art keywords
sealing
data
integrity
platform module
trusted platform
Prior art date
Application number
PCT/MY2011/000108
Other languages
French (fr)
Inventor
Ahmed Abdu Muthana Abdulrahman
Abd Manan Jamalul-Lail
Mahmod Ramlan
Faizal Bin Mubarak Mohd
Original Assignee
Mimos Berhad
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mimos Berhad filed Critical Mimos Berhad
Publication of WO2012064176A1 publication Critical patent/WO2012064176A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token

Definitions

  • the present invention relates to a system and method for providing access control through data sealing and unsealing using Trusted Platform Module.
  • Multilevel security relates to processing of information with different sensitivities (i.e., at different security levels), permit simultaneous access by users with different security clearances and prevent users from obtaining access to information for which authorization is lack.
  • Multilevel security allows access to less-sensitive information by high security users and allows high security users to share documents with lower security users by delegation, declassification, downgrading or empowerment.
  • the main drawback to multilevel security system is downgrading.
  • the Bell-La Padula model is a system which implements restrictions of multilevel security that allows sharing when security restrictions are not obviously violated. Users with lower security levels can easily share information/documents with users of higher security level but not vice versa. It does not provide for an efficient and reliable mechanism by which "Top Secret” user can edit “Top Secret” file, remove “Top Secret” information and deliver it to users with "Secret” or lower security levels.
  • multilevel security systems overcome the said drawback via privileged functions that allows trustworthy user to bypass multilevel security mechanism and changes security of information. However, the said procedure is not reliable.
  • the system and method of the present invention provides for access control through data sealing using trusted platform module (TPM).
  • TPM trusted platform module
  • the approach of the present invention seals data using trusted platform module and binds data to binding token and security level of owner.
  • the present invention provides for each user to protect data and allows owner of data to transfer ownership of data to others while publicizing selected data to others and maintains selected data as private. Transfer of ownership of data is conducted by delegating authorization token associated with sealed data to the other authorized user whom owner of data wishes to share the said data.
  • the present invention provides a system (100) for providing access control through data sealing and unsealing using Trusted Platform Module.
  • the system comprising at least one Trusted Platform Module (18) and at least one Access Control Manager (10).
  • the said Access Control Manager (10) comprises at least one user information table (12), at least one sealing table (14) and at least one sealing service (16).
  • the said Access Control Manager (10) enforces access control policy through multi-level sealing and unsealing using trusted platform module (18) while the said user information table (12) contains credential information of users.
  • the said sealing table (14) contains sealed data information which includes owner of data, binding token, authorization token and delegation information.
  • the said sealing service (16) performs binary sealing and unsealing for access control of data.
  • the said Trusted Platform Module (18) measures integrity of the said Access Control Manager (10) continuously and during boot time; stores integrity value of said Access Control Manager (10), sealing table and sealing service; stores cryptographic keys used for sealing and unsealing; and performs sealing and unsealing.
  • the said Access Control Manager (10) further comprising measuring integrity of said sealing table (14) and said sealing service (16) before sealing and unsealing data, measuring integrity of said sealing table (14) upon sealing and storing values of integrity measurement in trusted platform module (18), providing data for sealing and unsealing and binding token of requester to trusted platform module (18) and receiving sealed and/or unsealed data from trusted platform module (18).
  • Another aspect of the present invention provides a method (200) for providing access control through data sealing using Trusted Platform Module.
  • the method comprising steps of receiving sealing command to seal data (202), validating requesters information using information table (204), determining validity of requester information (206),verifying integrity of sealing table by consulting trusted platform module when requester information is valid (208), determining integrity of sealing table (210), verifying integrity of sealing service by consulting trusted platform module when sealing table is integral (212), determining integrity of sealing service (214), providing data to be sealed and binding token of requester to be used for sealing to trusted platform module when sealing service is integral (216), performing data sealing (218), receiving sealed data from trusted platform module (220), returning sealed data to requester (222) and updating sealing table, measuring integrity of sealing table and storing integrity measurement in trusted platform module (224).
  • a further aspect of the present invention is a method (300) for unsealing data for access control using Trusted Platform Module.
  • the method comprising steps of receiving unsealing command to unseal data (302), validating requesters information using information table (304), determining validity of requester information (306), verifying integrity of sealing table by consulting trusted platform module when requester information is valid (308), determining integrity of sealing table (310), determining clearance of requester by looking up in sealing table for authorization token provided with unsealing command when integrity of sealing table is valid (312), determining if requester is allowed to unseal data (314), verifying integrity of sealing service by consulting trusted platform module if requester is allowed to unseal data (316), determining integrity of sealing service (318), providing sealed data and binding token to trusted platform module for unsealing data when sealing service is integral (320), performing data unsealing (322), receiving unsealed data from trusted platform module (324) and returning unsealed data to requester (326).
  • sealed data is revealed to other authorized user by delegating authorization token associated with sealed data to the other authorized user.
  • FIG. 1 illustrates a system for multilevel sealing.
  • FIG. 2 is a flowchart illustrating sealing process.
  • FIG. 3 is a flowchart illustrating unsealing process.
  • the invention relates to a system and method for providing access control through data sealing and unsealing using Trusted Platform Module.
  • This specification will describe the present invention according to the preferred embodiments. It is to be understood that limiting the description to the preferred embodiments of the invention is merely to facilitate discussion of the present invention and it is envisioned without departing from the scope of the appended claims.
  • FIG. 1 illustrates a system for multilevel sealing.
  • the system comprises of host and trusted computing base (TCB).
  • the system comprises at least one Trusted Platform Module (TPM) (18) and at least one Access Control Manager (ACM) (10) which resides in trusted computing based (TCB).
  • the said Access Control Manager (ACM) (10) further comprises at least one user information table (12), at least one sealing table (14) and at least one sealing service (16).
  • the said Access Control Manager (ACM) (1 ) enforces access control policy through multi-level sealing and unsealing using trusted platform module (TPM) (18).
  • TPM Trusted Platform Module
  • ACM Access Control Manager
  • Access Control Manager (14) measures integrity of sealing table (14) and sealing service (SS) (16) before sealing and unsealing data, measures integrity of sealing table (ST) (14) upon sealing and storing values of integrity measurement in trusted platform module (TPM) (18), provides data for sealing and unsealing and binding token of requester to trusted platform module (18) and receives sealed and/or unsealed data from trusted platform module (18).
  • Access Control Manager (ACM) 10 controls operation of all components which resides in trusted computing based (TCB).
  • the said user information table (UT) (12) contains credential information of users which includes names, passwords, security levels and other credential information.
  • the said sealing table (ST) (14) maintains record for each sealing operation by storing necessary information about each owner wherein the said sealing table (ST) (14) contains information which includes owner of data, binding token, authorization token and delegation information. This information is required and is necessary for performing unsealing operation as well as to delegate ownership of data to others.
  • the said sealing service (SS) (16) performs binary sealing and unsealing for access control of data wherein sealing service (SS) (16) receives from Access Control Manager (ACM) (10) data to be sealed D and binding token BT in which data D is bounded during sealing process .
  • ACM Access Control Manager
  • Binding token BT is places in Platform Configuration Registers (PCRs) in trusted platform module (TPM) (18).
  • the said user information table (UT) (12), sealing table (ST) (14) and sealing service (SS) (16) are protected by Access Control Manager (ACM) (10).
  • ACM Access Control Manager
  • User information table (UT) (12) and service table (14) can be stored in trusted platform module (TPM) (18).
  • Access Control Manager (ACM) (10) provides an interface with users or requesters to receive commands and returns sealed or unsealed data.
  • the said Access Control Manager (ACM) (10) interfaces with users or requesters through login service which authenticates requesters by accessing user information table (UT) (12) and communicates with trusted platform module (TPM) (18) through sealing service (SS) (16).
  • TPM trusted platform module
  • SS sealing service
  • ACM Access Control Manager
  • trusted platform module (18) measures integrity of Access Control Manager (ACM) (10). Further, Access Control Manager (ACM) (10) measures integrity of sealing table (ST) (14) and sealing service (SS) (16) before initiating sealing and unsealing operation.
  • ACM Access Control Manager
  • ST sealing table
  • SS sealing service
  • FIG. 2 is a flowchart illustrating sealing process.
  • ACM Access Control Manager
  • ACM Access Control Manager
  • ST integrity of sealing table
  • TPM trusted platform module
  • Access Control Manager (ACM) 10
  • ACM verifies integrity of sealing service (SS) (16) by consulting trusted platform module (TPM) (18) (212). Subsequently, integrity of sealing service (SS) is determined (214) wherein sealing command is terminated if sealing service (SS) (16) is not integral.
  • Access Control Manager (ACM) 10
  • Trusted platform module (TPM) (18) seals data (218) and returns sealed data D s to Access Control Manager (ACM) (10) (220). Thereafter, Access Control Manager (ACM) (10) returns sealed data to requester (222).
  • Access Control Manager 10
  • ACM Access Control Manager
  • ACM Access Control Manager
  • ST sealing table
  • TPM trusted platform module
  • FIG. 3 is a flowchart illustrating unsealing process.
  • the methodology of unsealing is analogous to methodology of sealing.
  • owner of data or authorized user/ requester issues unsealing command to Access Control Manager (ACM) to unsealed sealed data D s (302).
  • Access Control Manager (ACM) validates information of requester using user information table (UT) (12) (304).
  • Validity of information of requester is determined (306) wherein Access Control Manager (ACM) (10) verifies integrity of sealing table (ST) (14) by consulting trusted platform module (TPM) (18) if requester information is valid (308). Otherwise, sealing command is terminated if requester information is not valid.
  • integrity of sealing table (ST) (14) is determined (310) and if integrity of sealing table is found to be compromised and not valid, sealing operation is terminated.
  • Access Control Manager (ACM) determines clearance of requester by looking up in sealing table (ST) (14) for authorization token provided with unsealing command when integrity of sealing table is valid (312). Subsequently, it is determined if requester is allowed to unseal data (314) wherein unsealing command is terminated when authorization token is not found. Otherwise, Access Control Manager (ACM) verifies integrity of sealing service (SS) (16) by consulting trusted platform module (TPM) (18) if requester is allowed to unseal data (316). Further, integrity of sealing service (SS) (16) is determined (318) wherein unsealing command is terminated if integrity of sealing service is not valid.
  • TPM trusted platform module
  • Access Control Manager (ACM) 10
  • TPM trusted platform module
  • ACM Access Control Manager
  • TPM trusted platform module
  • ACM Access Control Manager
  • the system and method of the present invention provides for access control through data sealing and unsealing using trusted platform module (TPM).
  • TPM trusted platform module
  • the approach of the present invention seals data using trusted platform module and binds data to binding token and security level of owner.

Abstract

A system (100) for providing access control through data sealing and unsealing using Trusted Platform Module (TPM). The system comprises at least one Trusted Platform Module (18) and at least one Access Control Manager (10) comprising at least one user information table (12), at least one sealing table (14) and at least one sealing 10 service (16). The method (200) for providing access control through data sealing/unsealing using TPM comprises steps of receiving sealing/unsealing command to seal/unseal data (202), validating requesters information using information table (204), determining validity of requester information (206), verifying integrity of sealing table/sealing service, providing data to be sealed and binding token of requester to be used for sealing to TPM (216), performing data sealing (218), 20 receiving sealed data from TPM (220), returning sealed data to requester (222) and updating, measuring integrity of sealing table and storing integrity measurement in TPM (224).

Description

A SYSTEM AND METHOD FOR PROVIDING ACCESS CONTROL FIELD OF INVENTION
The present invention relates to a system and method for providing access control through data sealing and unsealing using Trusted Platform Module.
BACKGROUND ART
Multilevel security (MLS) relates to processing of information with different sensitivities (i.e., at different security levels), permit simultaneous access by users with different security clearances and prevent users from obtaining access to information for which authorization is lack. Multilevel security allows access to less-sensitive information by high security users and allows high security users to share documents with lower security users by delegation, declassification, downgrading or empowerment. The main drawback to multilevel security system is downgrading.
The Bell-La Padula model is a system which implements restrictions of multilevel security that allows sharing when security restrictions are not obviously violated. Users with lower security levels can easily share information/documents with users of higher security level but not vice versa. It does not provide for an efficient and reliable mechanism by which "Top Secret" user can edit "Top Secret" file, remove "Top Secret" information and deliver it to users with "Secret" or lower security levels. In practice, multilevel security systems overcome the said drawback via privileged functions that allows trustworthy user to bypass multilevel security mechanism and changes security of information. However, the said procedure is not reliable.
The system and method of the present invention provides for access control through data sealing using trusted platform module (TPM). The approach of the present invention seals data using trusted platform module and binds data to binding token and security level of owner. In addition, the present invention provides for each user to protect data and allows owner of data to transfer ownership of data to others while publicizing selected data to others and maintains selected data as private. Transfer of ownership of data is conducted by delegating authorization token associated with sealed data to the other authorized user whom owner of data wishes to share the said data.
The subject matter claimed herein is not limited to embodiments that solve any disadvantages or that operate only in environments such as those described above. Rather, this background is only provided to illustrate one exemplary technology area where some embodiments described herein may be practice.
SUMMARY OF INVENTION
The present invention provides a system (100) for providing access control through data sealing and unsealing using Trusted Platform Module. The system comprising at least one Trusted Platform Module (18) and at least one Access Control Manager (10). The said Access Control Manager (10) comprises at least one user information table (12), at least one sealing table (14) and at least one sealing service (16). The said Access Control Manager (10) enforces access control policy through multi-level sealing and unsealing using trusted platform module (18) while the said user information table (12) contains credential information of users. The said sealing table (14) contains sealed data information which includes owner of data, binding token, authorization token and delegation information. The said sealing service (16) performs binary sealing and unsealing for access control of data. The said Trusted Platform Module (18) measures integrity of the said Access Control Manager (10) continuously and during boot time; stores integrity value of said Access Control Manager (10), sealing table and sealing service; stores cryptographic keys used for sealing and unsealing; and performs sealing and unsealing.
Preferably, the said Access Control Manager (10) further comprising measuring integrity of said sealing table (14) and said sealing service (16) before sealing and unsealing data, measuring integrity of said sealing table (14) upon sealing and storing values of integrity measurement in trusted platform module (18), providing data for sealing and unsealing and binding token of requester to trusted platform module (18) and receiving sealed and/or unsealed data from trusted platform module (18).
Another aspect of the present invention provides a method (200) for providing access control through data sealing using Trusted Platform Module. The method comprising steps of receiving sealing command to seal data (202), validating requesters information using information table (204), determining validity of requester information (206),verifying integrity of sealing table by consulting trusted platform module when requester information is valid (208), determining integrity of sealing table (210), verifying integrity of sealing service by consulting trusted platform module when sealing table is integral (212), determining integrity of sealing service (214), providing data to be sealed and binding token of requester to be used for sealing to trusted platform module when sealing service is integral (216), performing data sealing (218), receiving sealed data from trusted platform module (220), returning sealed data to requester (222) and updating sealing table, measuring integrity of sealing table and storing integrity measurement in trusted platform module (224).
A further aspect of the present invention is a method (300) for unsealing data for access control using Trusted Platform Module. The method comprising steps of receiving unsealing command to unseal data (302), validating requesters information using information table (304), determining validity of requester information (306), verifying integrity of sealing table by consulting trusted platform module when requester information is valid (308), determining integrity of sealing table (310), determining clearance of requester by looking up in sealing table for authorization token provided with unsealing command when integrity of sealing table is valid (312), determining if requester is allowed to unseal data (314), verifying integrity of sealing service by consulting trusted platform module if requester is allowed to unseal data (316), determining integrity of sealing service (318), providing sealed data and binding token to trusted platform module for unsealing data when sealing service is integral (320), performing data unsealing (322), receiving unsealed data from trusted platform module (324) and returning unsealed data to requester (326).
Preferably, sealed data is revealed to other authorized user by delegating authorization token associated with sealed data to the other authorized user.
The present invention consists of features and a combination of parts hereinafter fully described and illustrated in the accompanying drawings, it being understood that various changes in the details may be made without departing from the scope of the invention or sacrificing any of the advantages of the present invention. BRIEF DESCRIPTION OF ACCOMPANYING DRAWINGS
To further clarify various aspects of some embodiments of the present invention, a more particular description of the invention will be rendered by references to specific embodiments thereof, which are illustrated in the appended drawings. It is appreciated that these drawings depict only typical embodiments of the invention and are therefore not to be considered limiting of its scope. The invention will be described and explained with additional specificity and detail through the accompanying drawings in which: FIG. 1 illustrates a system for multilevel sealing.
FIG. 2 is a flowchart illustrating sealing process.
FIG. 3 is a flowchart illustrating unsealing process.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
The invention relates to a system and method for providing access control through data sealing and unsealing using Trusted Platform Module. Hereinafter, this specification will describe the present invention according to the preferred embodiments. It is to be understood that limiting the description to the preferred embodiments of the invention is merely to facilitate discussion of the present invention and it is envisioned without departing from the scope of the appended claims.
Reference is first being made to FIG. 1. FIG. 1 illustrates a system for multilevel sealing. The system comprises of host and trusted computing base (TCB). The system comprises at least one Trusted Platform Module (TPM) (18) and at least one Access Control Manager (ACM) (10) which resides in trusted computing based (TCB). The said Access Control Manager (ACM) (10) further comprises at least one user information table (12), at least one sealing table (14) and at least one sealing service (16). The said Access Control Manager (ACM) (1 ) enforces access control policy through multi-level sealing and unsealing using trusted platform module (TPM) (18). Further, the said Access Control Manager (ACM) (14) measures integrity of sealing table (14) and sealing service (SS) (16) before sealing and unsealing data, measures integrity of sealing table (ST) (14) upon sealing and storing values of integrity measurement in trusted platform module (TPM) (18), provides data for sealing and unsealing and binding token of requester to trusted platform module (18) and receives sealed and/or unsealed data from trusted platform module (18). Access Control Manager (ACM) (10) controls operation of all components which resides in trusted computing based (TCB).
The said user information table (UT) (12) contains credential information of users which includes names, passwords, security levels and other credential information. The said sealing table (ST) (14) maintains record for each sealing operation by storing necessary information about each owner wherein the said sealing table (ST) (14) contains information which includes owner of data, binding token, authorization token and delegation information. This information is required and is necessary for performing unsealing operation as well as to delegate ownership of data to others. The said sealing service (SS) (16) performs binary sealing and unsealing for access control of data wherein sealing service (SS) (16) receives from Access Control Manager (ACM) (10) data to be sealed D and binding token BT in which data D is bounded during sealing process . Binary sealing results in sealed data Ds and result of unsealing operation is unsealed data. Binding token BT is places in Platform Configuration Registers (PCRs) in trusted platform module (TPM) (18). The said user information table (UT) (12), sealing table (ST) (14) and sealing service (SS) (16) are protected by Access Control Manager (ACM) (10). User information table (UT) (12) and service table (14) can be stored in trusted platform module (TPM) (18).
Access Control Manager (ACM) (10) provides an interface with users or requesters to receive commands and returns sealed or unsealed data. The said Access Control Manager (ACM) (10) interfaces with users or requesters through login service which authenticates requesters by accessing user information table (UT) (12) and communicates with trusted platform module (TPM) (18) through sealing service (SS) (16). In addition, Access Control Manager (ACM) (10) provides for access to data storage.
As part of chain of trust, trusted platform module (TPM) (18) measures integrity of Access Control Manager (ACM) (10). Further, Access Control Manager (ACM) (10) measures integrity of sealing table (ST) (14) and sealing service (SS) (16) before initiating sealing and unsealing operation.
Reference is now being made to FIG. 2. FIG. 2 is a flowchart illustrating sealing process. To perform sealing operation, user of requester issues sealing command to Access Control Manager (ACM) (10) to seal data D (202). Thereafter, Access Control Manager (ACM) (10) validates information of requester using user information table (UT) (12) (204). Validity of information of requester is determined (206) wherein Access Control Manager (ACM) (10) verifies integrity of sealing table (ST) (14) by consulting trusted platform module (TPM) (18) if requester information is valid (208). Otherwise, sealing command is terminated if requester information is not valid. Thereafter, integrity of sealing table (ST) (14) is determined (210) and if integrity of sealing table is found to be compromised and not valid, sealing operation is terminated. Otherwise, Access Control Manager (ACM) (10) verifies integrity of sealing service (SS) (16) by consulting trusted platform module (TPM) (18) (212). Subsequently, integrity of sealing service (SS) is determined (214) wherein sealing command is terminated if sealing service (SS) (16) is not integral. Otherwise, Access Control Manager (ACM) (10) provides sealing service (SS) (16) with data D to be sealed and binding token BT of requester to trusted platform module (TPM) (18) (216). Trusted platform module (TPM) (18) seals data (218) and returns sealed data Ds to Access Control Manager (ACM) (10) (220). Thereafter, Access Control Manager (ACM) (10) returns sealed data to requester (222). Requester may supply Access Control Manager (ACM) (10) with binding token BT or requests Access Control Manager (ACM) (10) to construct it. Once sealing process succeeded, Access Control Manager (ACM) (10) updates sealing table (ST) (14) and stores integrity measurement in trusted platform module (TPM) (18) (224).
Reference is now being made to FIG. 3. FIG. 3 is a flowchart illustrating unsealing process. The methodology of unsealing is analogous to methodology of sealing. To perform unsealing operation or to retrieve sealed data, owner of data or authorized user/ requester issues unsealing command to Access Control Manager (ACM) to unsealed sealed data Ds (302). Thereafter, Access Control Manager (ACM) (10) validates information of requester using user information table (UT) (12) (304). Validity of information of requester is determined (306) wherein Access Control Manager (ACM) (10) verifies integrity of sealing table (ST) (14) by consulting trusted platform module (TPM) (18) if requester information is valid (308). Otherwise, sealing command is terminated if requester information is not valid. Thereafter, integrity of sealing table (ST) (14) is determined (310) and if integrity of sealing table is found to be compromised and not valid, sealing operation is terminated.
Otherwise, Access Control Manager (ACM) (10) determines clearance of requester by looking up in sealing table (ST) (14) for authorization token provided with unsealing command when integrity of sealing table is valid (312). Subsequently, it is determined if requester is allowed to unseal data (314) wherein unsealing command is terminated when authorization token is not found. Otherwise, Access Control Manager (ACM) verifies integrity of sealing service (SS) (16) by consulting trusted platform module (TPM) (18) if requester is allowed to unseal data (316). Further, integrity of sealing service (SS) (16) is determined (318) wherein unsealing command is terminated if integrity of sealing service is not valid. Otherwise, Access Control Manager (ACM) (10) provides sealed data Ds and binding token BT to trusted platform module (TPM) (18) for unsealing data when sealing service is integral (320). Finally, trusted platform module (TPM) (18) unseals data Ds (322) and Access Control Manager (ACM) (10) receives unsealed data D from trusted platform module (TPM) (18). Finally, Access Control Manager (ACM) (10) returns unsealed data D to requester.
The system and method of the present invention provides for access control through data sealing and unsealing using trusted platform module (TPM). The approach of the present invention seals data using trusted platform module and binds data to binding token and security level of owner.
The present invention may be embodied in other specific forms without departing from its essential characteristics. The described embodiments are to be considered in all respects only as illustrative and not restrictive. The scope of the invention is, therefore indicated by the appended claims rather than by the foregoing description. All changes, which come within the meaning and range of equivalency of the claims, are to be embraced within their scope.

Claims

1. A system (100) for providing access control through data sealing and unsealing using Trusted Platform Module comprising:
at least one Trusted Platform Module (18); and
at least one Access Control Manager (10);
wherein said Access Control Manager (10) comprises at least one user information table (12), at least one sealing table (14) and at least one sealing service (16).
2. A system according to Claim 1 , wherein the said Access Control Manager (10) enforces access control policy through multi-level sealing and unsealing using trusted platform module (18).
3. A system according to Claim 1 , wherein the said user information table (12) contains credential information of users.
4. A system according to Claim 1 , wherein the said sealing table (14) according to Claim 1 contains sealed data information which includes owner of data, binding token, authorization token and delegation information.
5. A system according to Claim 1 , wherein the said sealing service (16) performs binary sealing and unsealing for access control of data.
6. A system according to Claim 1 , wherein the said Trusted Platform Module (18) measures integrity of the at least one Access Control Manager (18) continuously and during boot time; stores integrity value of Access Control Manager (18), sealing table and sealing service; stores cryptographic keys used for sealing and unsealing; and performs sealing and unsealing.
7. A system according to Claim 1 and Claim 2, wherein the said Access Control Manager (10) further comprising:
measuring integrity of sealing table (14) and sealing service (16) before sealing and unsealing data; measuring integrity of sealing table (14) upon sealing and storing values of integrity measurement in trusted platform module (18);
providing data for sealing and unsealing and binding token of requester to trusted platform module (18); and
receiving sealed and/or unsealed data from trusted platform module ( 8).
8. A system (100) according to Claim 1 , wherein user information table (12) and service table (14) can be stored in trusted platform module (18).
9. A system ( 00) according to Claim 4, wherein binding token is placed in Platform Configuration Registers in trusted platform module (18) for data sealing and unsealing.
10. A method (200) for providing access control through data sealing using Trusted Platform Module comprising steps of:
receiving sealing command to seal data (202);
validating requesters information using information table (204); determining validity of requester information (206);
verifying integrity of sealing table by consulting trusted platform module when requester information is valid (208);
determining integrity of sealing table (210);
verifying integrity of sealing service by consulting trusted platform module when sealing table is integral (212)
determining integrity of sealing service (214);
providing data to be sealed and binding token of requester to be used for sealing to trusted platform module when sealing service is integral (216); performing data sealing (218);
receiving sealed data from trusted platform module (220);
returning sealed data to requester (222); and
updating sealing table, measuring integrity of sealing table and storing integrity measurement in trusted platform module (224).
1 1. A method according to Claim 10, wherein determining validity of requester information (206) further comprising terminating sealing command when requester information is not valid.
12. A method according to Claim 10, wherein determining integrity of sealing table (210) further comprising terminating sealing command if integrity of sealing table is not valid.
13. A method according to Claim 10, wherein determining integrity of sealing service (214) further comprising terminating sealing command if integrity of sealing service is not valid.
14. A method (300) for unsealing data for access control using Trusted Platform Module comprising steps of:
receiving unsealing command to unseal data (302);
validating requesters information using information table (304); determining validity of requester information (306);
verifying integrity of sealing table by consulting trusted platform module when requester information is valid (308);
determining integrity of sealing table (310);
determining clearance of requester by looking up in sealing table for authorization token provided with unsealing command when integrity of sealing table is valid (312);
determining if requester is allowed to unseal data (314);
verifying integrity of sealing service by consulting trusted platform module if requester is allowed to unseal data (316);
determining integrity of sealing service (318);
providing sealed data and binding token to trusted platform module for unsealing data when sealing service is integral (320);
performing data unsealing (322);
receiving unsealed data from trusted platform module (324); and returning unsealed data to requester (326).
15. A method (300) according to Claim 14, wherein determining validity of requester information (306) further comprising terminating unsealing command when requester information is not valid.
16. A method (300) according to Claim 14, wherein determining integrity of sealing table (310) further comprising terminating unsealing command when integrity of sealing table is not valid.
17. A method (300) according to Claim 14, wherein determining if requester is allowed to unseal data (314) further comprising terminating unsealing command if requester is not allowed to unseal data.
18. A method (300) according to Claim 14, wherein determining integrity of sealing service (318) further comprising terminating unsealing command when integrity of sealing service is not valid.
19. A method according to Claim 10 and Claim 14, wherein sealed data is revealed to other authorized user by delegating authorization token associated with sealed data to the other authorized user.
PCT/MY2011/000108 2010-11-11 2011-06-17 A system and method for providing access control WO2012064176A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
MYPI2010005300A MY181101A (en) 2010-11-11 2010-11-11 A system and method for providing access control
MYPI2010005300 2010-11-11

Publications (1)

Publication Number Publication Date
WO2012064176A1 true WO2012064176A1 (en) 2012-05-18

Family

ID=46051152

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/MY2011/000108 WO2012064176A1 (en) 2010-11-11 2011-06-17 A system and method for providing access control

Country Status (2)

Country Link
MY (1) MY181101A (en)
WO (1) WO2012064176A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2866166A1 (en) * 2013-09-25 2015-04-29 Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V. Systems and methods for enforcing third party oversight data anonymization
US11194823B2 (en) 2016-05-10 2021-12-07 Aircloak Gmbh Systems and methods for anonymized statistical database queries using noise elements

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050081065A1 (en) * 2003-10-14 2005-04-14 Ernie Brickell Method for securely delegating trusted platform module ownership
US20050138393A1 (en) * 2003-12-22 2005-06-23 Challener David C. Determining user security level using trusted hardware device

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050081065A1 (en) * 2003-10-14 2005-04-14 Ernie Brickell Method for securely delegating trusted platform module ownership
US20050138393A1 (en) * 2003-12-22 2005-06-23 Challener David C. Determining user security level using trusted hardware device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"Trusted computing platform alliance (TCPA)", TRUSTED COMPUTING GROUP, 22 February 2002 (2002-02-22) *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2866166A1 (en) * 2013-09-25 2015-04-29 Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V. Systems and methods for enforcing third party oversight data anonymization
US9542568B2 (en) 2013-09-25 2017-01-10 Max Planck Gesellschaft Zur Foerderung Der Wissenschaften E.V. Systems and methods for enforcing third party oversight of data anonymization
US11194823B2 (en) 2016-05-10 2021-12-07 Aircloak Gmbh Systems and methods for anonymized statistical database queries using noise elements

Also Published As

Publication number Publication date
MY181101A (en) 2020-12-17

Similar Documents

Publication Publication Date Title
US11301575B2 (en) Secure data synchronization
US11126754B2 (en) Personalized and cryptographically secure access control in operating systems
KR102217941B1 (en) Method of authorizing an operation to be performed on a targeted computing device
US10157286B2 (en) Platform for adopting settings to secure a protected file
US20080114990A1 (en) Usable and secure portable storage
EP1946238B1 (en) Operating system independent data management
AU2005201995B2 (en) System and method for protected operating system boot using state validation
US7577840B2 (en) Transferring application secrets in a trusted operating system environment
US7865947B2 (en) Computer system lock-down
US7137004B2 (en) Manifest-based trusted agent management in a trusted operating system environment
EP1391802B1 (en) Saving and retrieving data based on symmetric key encryption
US7565641B2 (en) Securely providing extensible third-party plug-ins
US7529946B2 (en) Enabling bits sealed to an enforceably-isolated environment
US20050060561A1 (en) Protection of data
US8060744B2 (en) Computer architecture for an electronic device providing single-level secure access to multi-level secure file system
US20050289348A1 (en) System and method for providing security to an application
US20090055918A1 (en) Method of mutually authenticating between software mobility device and local host and a method of forming input/output (i/o) channel
US7873835B2 (en) Accessing data storage devices
CA2623141A1 (en) Content cryptographic firewall system
KR20160055208A (en) Mobile communication device and method of operating thereof
JP2002351661A (en) Method and system for architecting secure solution
US7765407B2 (en) Method and apparatus for providing centralized user authorization to allow secure sign-on to a computer system
US7568102B2 (en) System and method for authorizing the use of stored information in an operating system
US7779452B2 (en) Computer access security
WO2012064176A1 (en) A system and method for providing access control

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11839670

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11839670

Country of ref document: EP

Kind code of ref document: A1