WO2012096558A1 - System and method to provide integrity measurement of a machine without tpm using trusted agent - Google Patents

System and method to provide integrity measurement of a machine without tpm using trusted agent Download PDF

Info

Publication number
WO2012096558A1
WO2012096558A1 PCT/MY2011/000168 MY2011000168W WO2012096558A1 WO 2012096558 A1 WO2012096558 A1 WO 2012096558A1 MY 2011000168 W MY2011000168 W MY 2011000168W WO 2012096558 A1 WO2012096558 A1 WO 2012096558A1
Authority
WO
WIPO (PCT)
Prior art keywords
machine
tpm
integrity measurement
integrity
trusted agent
Prior art date
Application number
PCT/MY2011/000168
Other languages
French (fr)
Inventor
Mohd Anuar MAT ISA
Mohd Saufy ROHMAD
Zakaria Wira Zanoramy ANSIRY
Original Assignee
Mimos Berhad
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mimos Berhad filed Critical Mimos Berhad
Publication of WO2012096558A1 publication Critical patent/WO2012096558A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities

Definitions

  • the present invention relates generally to a system and method to provide integrity measurement of a machine without TPM using trusted agents, wherein said trusted agents comprise of at least one Local Trusted Agent (LTA), at least one Remote Trusted Agent (RTA) and at least one Virtual Machine Monitor Trusted Agent (VTA) for capturing integrity measurements and thereby create a chain of trust between client machines without TPM and machine with TPM.
  • LTA Local Trusted Agent
  • RTA Remote Trusted Agent
  • VTA Virtual Machine Monitor Trusted Agent
  • Trusted Platform Module is used in machine as one of the security features to ensure trustworthy of the machine.
  • Trusted Platform Module offers facilities for the secure generation of cryptographic keys and limitation of their use as well as to authenticate hardware devices. It is capable of performing platform authentication, for example, it can be used to verify that a system seeking access is the expected system. In the absence of TPM, machine could not provide platform integrity measurement which is used by application during attestation process and therefore may create the possibility of confidentiality violations.
  • TCG Trusted Computing Groups
  • Yet a further object of the present invention is to provide a system and method for integrity measurement of a machine without TPM which is capable of preventing information leakage when a client is accessing to cloud infrastructure.
  • a system to provide integrity measurement of a machine with TPM comprising: at least a server (101); at least a client machine (111); characterised in that said server is a vTPM server (101) which comprises of at least one trusted agent; said client machine (111) comprises of at least one trusted agent; said system is able to perform integrity measurement without the use of TPM in said client machines (111).
  • a method to provide integrity measurement of a machine without TPM comprising steps of: i. capturing integrity measurement of the vTPM server (101) by at least one Local Trusted Agent (103) and transmitting the said integrity measurement to at least one Resource Manager (105); ii. measuring integrity measurement of client machine (111) without TPM by at least one Remote Trusted Agent (113) and transmitting said integrity measurement to at least one Resource Manager (105); iii. measuring integrity measurement of virtual machine (119) in said client machine (111) by Virtual Machine Monitor Trusted Agent (115) and transmitting the said integrity measurement to at least one Resource Manager (105); iv. assembling said integrity measurements from said Trusted Agent by Resource Manager (105) and utilizing the said integrity measurement as initial value for at least one vTPM instances (107).
  • FIG. 1 shows a schematic diagram illustrating a system to provide integrity measurement of a machine without TPM.
  • FIG. 2 shows a schematic diagram of a system to provide integrity measurement of a machine without TPM in accordance with the preferred embodiment of the present invention.
  • FIG. 3 shows a flowchart of a process flow that happens between the client machine, vTPM server and its subcomponents.
  • FIG. 1 there is shown a schematic diagram illustrating a system to provide integrity measurement of a machine without TPM.
  • vTPM Virtual Trusted Platform Module
  • a security module comprises of at least one Local Trusted Agent (LTA) (103), at least one Resource Manager (RM) (105), at least one Virtual Trusted Platform Module (vTPM) Instance (107) and at least one Trusted Platform Module (TPM) (109).
  • LTA Local Trusted Agent
  • RM Resource Manager
  • vTPM Virtual Trusted Platform Module
  • TPM Trusted Platform Module
  • Said client machine (111) comprises of Virtual Machine Monitor (VMM) (117) and trusted agents such as Remote Trusted Agent (RTA) (113) and Virtual Machine Monitor Trusted Agent (VTA) (115).
  • VMM Virtual Machine Monitor
  • RTA Remote Trusted Agent
  • VTA Virtual Machine Monitor Trusted Agent
  • LTA Local Trusted Agent
  • RTA Remote Trusted Agent
  • VTA Virtual Machine Monitor Trusted Agent
  • Each of the trusted agents plays a role in collecting platform information.
  • LTA Local Trusted Agent
  • RTA Remote Trusted Agent
  • VTA Virtual Machine Monitor Trusted Agent
  • the trusted agents collect platform information and extend this information into vTPM.
  • FIG. 2 there is shown a system to provide integrity measurement of a machine without TPM in accordance with the preferred embodiment of the present invention.
  • the system comprises of two parties, which are the client machine (111) without TPM and the vTPM server (101).
  • the purpose of the system architecture is to provide chain of trust from the physical TPM in vTPM server (101) to the physical client machine (111) and eventually up to the virtual machine (119) in said client machine (111).
  • Two client machines (111) without TPM are shown in FIG. 2, in which one is for Client Machine 1 and one is for Client Machine 2.
  • a plurality of the said client machine (111) without TPM can be used in the present invention, wherein each of the said client machine (111) comprises of at least one Remote Trusted Agent (RTA) (113), at least one Virtual Trusted Agent (VTA) (115), at least one VMM BIOS (211) and at least one virtual machine (VM) (119).
  • RTA Remote Trusted Agent
  • VTA Virtual Trusted Agent
  • VM virtual machine
  • Said RTA (113) in client machine (111) communicates with said LTA (103) in vTPM server (101) to establish root chain of trust in client machine (111).
  • Said RTA (113) is first check for low level integrity value in client machine (111) such as BIOS and bootloader value. The control is then passed to virtual machine (119) and after all the value is validated and trust is established, the virtual machine (119) can utilize vTPM that created for it.
  • Said vTPM Server (101) comprises of at least one physical TPM (109), at least one vTPM resource manager (RM) (105), at least one Local Trusted Agent (LTA) (103) and a plurality of vTPM instance (107) with vTPM Secure Storage (201).
  • Each of the virtual machine (119) is assigned to respective vTPM instance (107). Therefore, the number of vTPM and vTPM Secure Storage (201) contained in said vTPM server (101) is depending on the number of virtual machine which is connected to it.
  • LTA Local Trusted Agent
  • MLR Memory Buffer Register
  • RTA Remote Trusted Agent
  • VTA Virtual Machine Monitor Trusted Agent
  • VTA Virtual Machine Monitor Trusted Agent
  • PCRs Platform Configuration Registers
  • Resource Manager (105) assembles integrity measurement from the Trusted Agents and utilizes these integrity measurements as initial value for vTPM instances (107).
  • FIG. 3 there is shown a process flow that happens between the client machine (111), vTPM server (101) and its subcomponents.
  • the process starts with the commencing of vTPM server (101) and Resource Manager (105) ) to receive client's request or demand and to response by providing vTPM instance.
  • Local Trusted Agent (LTA) (103) is used to capture the integrity measurement of the vTPM server (101), at least a Remote Trusted Agent (RTA) (113) is used to measure the integrity of client machine (111) without TPM, and Virtual Machine Monitor Trusted Agent
  • VTA virtual machine
  • RM Resource Manager
  • the chain of trust which is extended from the physical TPM in vTPM server (101) to each of the physical client machine (111) and up to the virtual machine (119) is properly established.
  • the integrity data stored in the vTPM Secure Storage (201) is securely maintained and could not be accessed by unauthorized parties or other virtual machines (119).

Abstract

The present invention relates generally to a system and method to provide integrity measurement of a machine without TPM using trusted agents, wherein said trusted agents comprise of at least one Local Trusted Agent (LTA) (103), at least one Remote Trusted Agent (RTA) (113) and at least one Virtual Machine Monitor Trusted Agent (VTA) (115) for capturing integrity measurements and thereby create a chain of trust between client machines (111) without TPM and machine with TPM.

Description

SYSTEM AND METHOD TO PROVIDE INTEGRITY MEASUREMENT OF A MACHINE WITHOUT TPM USING TRUSTED AGENT
TECHNICAL FIELD OF THE INVENTION
The present invention relates generally to a system and method to provide integrity measurement of a machine without TPM using trusted agents, wherein said trusted agents comprise of at least one Local Trusted Agent (LTA), at least one Remote Trusted Agent (RTA) and at least one Virtual Machine Monitor Trusted Agent (VTA) for capturing integrity measurements and thereby create a chain of trust between client machines without TPM and machine with TPM.
2. BACKGROUND OF THE INVENTION
Trusted Platform Module (TPM) is used in machine as one of the security features to ensure trustworthy of the machine. Generally Trusted Platform Module offers facilities for the secure generation of cryptographic keys and limitation of their use as well as to authenticate hardware devices. It is capable of performing platform authentication, for example, it can be used to verify that a system seeking access is the expected system. In the absence of TPM, machine could not provide platform integrity measurement which is used by application during attestation process and therefore may create the possibility of confidentiality violations.
Most of the TPMs today are conforming to the Trusted Computing Groups (TCG). Consequently, a client is not able to execute the TCG enable application such as Trusted Online Banking on the machine without TPM. Furthermore, machine without the TPM could not provide privacy protection for the online application which is running in cloud computing environment because all the client information or some private information may be exposed to a third party during online transaction. Subsequently, there is high possibility of information leakage when a client is trying to access cloud infrastructure. Therefore, stringent security requirements must always be complied for workloads that share the same platform or when client is accessing to cloud infrastructure.
Nowadays, cloud service providers are making substantial efforts to secure their systems in order to minimize the threat of insider attacks as well as to reinforce the confidence of customers. However, no method or system is available to provide integrity measurement and chain of trust between machine without TPM and machine with TPM for ensuring the confidentiality and integrity of computations. Thus there is an essential need to seek for a technical solution that could secure the confidentiality and integrity of computation, in a way that is verifiable by the customers of the service.
It would hence be extremely advantageous if the above shortcoming is alleviated by having a proactive approach to provide integrity measurement of a machine without TPM by using of trusted agents, whereby the trusted agents collect platform information and extend this information into vTPM.
SUMMARY OF THE INVENTION
Accordingly, it is the primary aim of the present invention to provide a system and method for integrity measurement of a machine without TPM by using of trusted agents for capturing integrity measurement.
It is yet another object of the present invention to provide a system and method for integrity measurement of a machine without TPM whereby chain of trust between machine without TPM and machine with TPM is generated.
It is yet another object of the present invention to provide a system and method for integrity measurement of a machine without TPM whereby trusted agents are able to establish chain of trust by collecting integrity measurement from vTPM server, client machine and client virtual machine.
It is yet a further object of the present invention to provide a system and method for integrity measurement of a machine without TPM which is capable to provide privacy protection for online application running in cloud computing environment.
Yet a further object of the present invention is to provide a system and method for integrity measurement of a machine without TPM which is capable of preventing information leakage when a client is accessing to cloud infrastructure.
Other and further objects of the invention will become apparent with an understanding of the following detailed description of the invention or upon employment of the invention in practice.
According to an embodiment of the present invention there is provided,
A system to provide integrity measurement of a machine with TPM comprising: at least a server (101); at least a client machine (111); characterised in that said server is a vTPM server (101) which comprises of at least one trusted agent; said client machine (111) comprises of at least one trusted agent; said system is able to perform integrity measurement without the use of TPM in said client machines (111).
In another aspect there is provided,
A method to provide integrity measurement of a machine without TPM comprising steps of: i. capturing integrity measurement of the vTPM server (101) by at least one Local Trusted Agent (103) and transmitting the said integrity measurement to at least one Resource Manager (105); ii. measuring integrity measurement of client machine (111) without TPM by at least one Remote Trusted Agent (113) and transmitting said integrity measurement to at least one Resource Manager (105); iii. measuring integrity measurement of virtual machine (119) in said client machine (111) by Virtual Machine Monitor Trusted Agent (115) and transmitting the said integrity measurement to at least one Resource Manager (105); iv. assembling said integrity measurements from said Trusted Agent by Resource Manager (105) and utilizing the said integrity measurement as initial value for at least one vTPM instances (107). BRIEF DESCRIPTION OF THE DRAWINGS
Other aspect of the present invention and their advantages will be discerned after studying the Detailed Description in conjunction with the accompanying drawings in which:
FIG. 1 shows a schematic diagram illustrating a system to provide integrity measurement of a machine without TPM.
FIG. 2 shows a schematic diagram of a system to provide integrity measurement of a machine without TPM in accordance with the preferred embodiment of the present invention. FIG. 3 shows a flowchart of a process flow that happens between the client machine, vTPM server and its subcomponents.
DETAILED DESCRIPTION OF THE DRAWINGS
In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the invention. However, it will be understood by those or ordinary skill in the art that the invention may be practised without these specific details. In other instances, well known methods, procedures and/or components have not been described in detail so as not to obscure the invention.
The invention will be more clearly understood from the following description of the embodiments thereof, given by way of example only with reference to the accompanying drawings which are not drawn to scale.
Referring to FIG. 1, there is shown a schematic diagram illustrating a system to provide integrity measurement of a machine without TPM. At least a Virtual Trusted Platform Module (vTPM) server (101) and a plurality of client machines (111) is shown in FIG. 1 wherein said vTPM server (101) includes a security module comprises of at least one Local Trusted Agent (LTA) (103), at least one Resource Manager (RM) (105), at least one Virtual Trusted Platform Module (vTPM) Instance (107) and at least one Trusted Platform Module (TPM) (109). Said client machine (111) comprises of Virtual Machine Monitor (VMM) (117) and trusted agents such as Remote Trusted Agent (RTA) (113) and Virtual Machine Monitor Trusted Agent (VTA) (115). Each of the trusted agents plays a role in collecting platform information. For example, Local Trusted Agent (LTA) (103) is used to capture the integrity measurement of the vTPM server (101), at least a Remote Trusted Agent (RTA) (113) is used to measure the integrity of client machine (111) without TPM, and Virtual Machine Monitor Trusted Agent (VTA) (115) is used to measure integrity of virtual machine (119) in said client machine (111). The trusted agents collect platform information and extend this information into vTPM.
Referring to FIG. 2, there is shown a system to provide integrity measurement of a machine without TPM in accordance with the preferred embodiment of the present invention. The system comprises of two parties, which are the client machine (111) without TPM and the vTPM server (101). The purpose of the system architecture is to provide chain of trust from the physical TPM in vTPM server (101) to the physical client machine (111) and eventually up to the virtual machine (119) in said client machine (111). Two client machines (111) without TPM are shown in FIG. 2, in which one is for Client Machine 1 and one is for Client Machine 2. A plurality of the said client machine (111) without TPM can be used in the present invention, wherein each of the said client machine (111) comprises of at least one Remote Trusted Agent (RTA) (113), at least one Virtual Trusted Agent (VTA) (115), at least one VMM BIOS (211) and at least one virtual machine (VM) (119). Said RTA (113) in client machine (111) communicates with said LTA (103) in vTPM server (101) to establish root chain of trust in client machine (111). Said RTA (113) is first check for low level integrity value in client machine (111) such as BIOS and bootloader value. The control is then passed to virtual machine (119) and after all the value is validated and trust is established, the virtual machine (119) can utilize vTPM that created for it.
Said vTPM Server (101) comprises of at least one physical TPM (109), at least one vTPM resource manager (RM) (105), at least one Local Trusted Agent (LTA) (103) and a plurality of vTPM instance (107) with vTPM Secure Storage (201). Each of the virtual machine (119) is assigned to respective vTPM instance (107). Therefore, the number of vTPM and vTPM Secure Storage (201) contained in said vTPM server (101) is depending on the number of virtual machine which is connected to it.
In said vTPM server (101), Local Trusted Agent (LTA) (103) is used to capture the integrity measurement of the vTPM server (101). This is further comprises of at least measuring BIOS, option ROM, Memory Buffer Register (MBR), Boot Loader, CMOS Memory, PCRs Integrity Metrics and Firmware instruction. In client machine (111) without TPM, at least a Remote Trusted Agent (RTA) (113) is used to measure the said client machine (111) without TPM. This is further comprises of at least measuring BIOS, option ROM, Memory Buffer Register (MBR), Boot Loader, CMOS Memory and Firmware instruction. In addition, Virtual Machine Monitor Trusted Agent (VTA) (115) is used to measure integrity of virtual machine (119) in said client machine
(111). These integrity measurements of physical hardware components are then combined using hashing algorithm. The collected platform information by the said Trusted Agents is then transmitted as integrity measurement to the Resource Manager (RM) (105) using secure communication channel. On the vTPM server (101), said Resource Manager (RM) (105) generates a virtual
Platform Configuration Registers (PCRs) value through combination of the integrity measurement using hashing algorithm to concatenate multiple integrity measurements into single digest, wherein at least these measurement consist of physical machine PCR(s), physical machine measurement of remote machine and virtual machine measurement.
Resource Manager (RM) (105) assembles integrity measurement from the Trusted Agents and utilizes these integrity measurements as initial value for vTPM instances (107).
Referring to FIG. 3, there is shown a process flow that happens between the client machine (111), vTPM server (101) and its subcomponents. The process starts with the commencing of vTPM server (101) and Resource Manager (105) ) to receive client's request or demand and to response by providing vTPM instance. Local Trusted Agent (LTA) (103) is used to capture the integrity measurement of the vTPM server (101), at least a Remote Trusted Agent (RTA) (113) is used to measure the integrity of client machine (111) without TPM, and Virtual Machine Monitor Trusted Agent
(VTA) (115) is used to measure integrity of virtual machine (119) in said client machine (111). The Trusted Agents are then independently transmitting its integrity measurement to the Resource Manager (RM) (105). Resource Manager (105) assembles integrity measurements that are obtained from the Trusted Agents and utilizes this integrity measurement as initial value for vTPM instances (107).
By having such methodology, the chain of trust, which is extended from the physical TPM in vTPM server (101) to each of the physical client machine (111) and up to the virtual machine (119) is properly established. In addition, the integrity data stored in the vTPM Secure Storage (201) is securely maintained and could not be accessed by unauthorized parties or other virtual machines (119).
While the preferred embodiment of the present invention and its advantages has been disclosed in the above Detailed Description, the invention is not limited thereto but only by the spirit and scope of the appended claim.

Claims

WHAT IS CLAIMED IS:
1. A system to provide integrity measurement of a machine without
Trusted Platform Module (TPM) comprising; at least a server (101); at least a client machine (111); characterised in that said server (101) is a Virtual Trusted Platform Module (vTPM) server (101) which comprises of at least one trusted agent; said client machine (111) comprises of at least one trusted agent; said system is able to perform integrity measurement without the use of TPM in said client machine (111).
2. A system to provide integrity measurement of a machine without
TPM as in Claim 1 wherein said trusted agent comprises of at least one of the following:
Local Trusted Agent (LTA) (103);
Remote Trusted Agent (RTA) (113); Virtual Machine Monitor Trusted Agent (VTA) (115).
3. A system to provide integrity measurement of a machine without
TPM as in Claim 1 or Claim 2 wherein said vTPM server (101) comprises of at least one said Local Trusted Agent (103) to capture the integrity measurement of said vTPM server (101).
4. A system to provide integrity measurement of a machine without
TPM as in Claim 3 wherein said vTPM server (101) further comprises of at least one physical TPM (109), at least one vTPM Resource Manager (RM) (105) and a plurality of vTPM instance (107) with vTPM Secure Storage (201)
5. A system to provide integrity measurement of a machine without
TPM as in Claim 1 or Claim 2 wherein said client machine (111) comprises of at least one said Remote Trusted Agent (113) for measuring integrity of said client machine (111) without TPM.
6. A system to provide integrity measurement of a machine without
TPM as in Claim 5 wherein said client machine (111) further comprises of at lea&t one VMM BIOS (211) and at least one virtual machine (119).
7. A system to provide integrity measurement of a machine without TPM as in Claim 5 or Claim 6 wherein said client machine (111) further comprises of at least one Virtual Machine Monitor Trusted Agent (115) for measuring integrity of said virtual machine (119) in said client machine (111).
8. A system to provide integrity measurement of a machine without
TPM as in Claim 1 wherein said trusted agents transmit the captured integrity measurement to at least one Resource Manager (RM) (105) in said vTPM server (101).
9. A system to provide integrity measurement of a machine without
TPM as in Claim 8 wherein said Resource Manager (105) assembles integrity measurements from the said trusted agents and utilizes the said integrity measurements as initial value for said vTPM instances (107).
10 A method to provide integrity measurement of a machine without
TPM comprising steps of: i. capturing integrity measurement of the vTPM server (101) by at least one Local Trusted Agent (103) and transmitting the said integrity measurement to at least one Resource Manager (105); ii. measuring integrity measurement of client machine (111) without TPM by at least one Remote Trusted Agent (113) and transmitting said integrity measurement to at least one Resource Manager (105); iii. measuring integrity measurement of virtual machine (119) in said client machine (111) by Virtual Machine Monitor Trusted Agent (115) and transmitting the said integrity measurement to at least one Resource Manager (105); iv. assembling said integrity measurements from said Trusted Agent by Resource Manager (105) and utilizing the said integrity measurement as initial value for at least one vTPM instances (107).
11. A method to provide integrity measurement of a machine without
TPM as in Claim .10 wherein said step of capturing integrity measurement of the vTPM server (101) by Local Trusted Agent (103) further comprises of at least measuring of hardware components such as BIOS, option ROM, Memory Buffer Register (MBR), Boot Loader, CMOS Memory, PCRs Integrity Metrics and Firmware instruction by Local Trusted Agent (103).
12. A method to provide integrity measurement of a machine without
TPM as in Claim 10 wherein said step of measuring client machine (111) without TPM by Remote Trusted Agent (113) further comprises of at least measuring hardware components such as BIOS, option ROM, Memory Buffer Register (MBR), Boot Loader, CMOS Memory and Firmware instruction by Remote Trusted Agent (113).
13. A method to provide integrity measurement of a machine without
TPM as in Claim 11 or Claim 12 further comprises of concatenating the integrity measurements of hardware components using hashing algorithm and then transferring the said integrity measurements to the Resource Manager (105) using secure communication channel.
14. A method to provide integrity measurement of a machine without
TPM as in Claim 10 wherein said Resource Manager (105) generates a virtual Platform Configuration Registers (PCRs) value through a combination of the integrity measurements from LTA (103) and RTA (113) using hashing algorithm, wherein at least the said measurement comprises of physical machine PCR(s), physical machine measurement of remote machine and virtual machine measurement.
PCT/MY2011/000168 2011-01-13 2011-07-11 System and method to provide integrity measurement of a machine without tpm using trusted agent WO2012096558A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
MYPI2011000166A MY155582A (en) 2011-01-13 2011-01-13 System and method to provide integrity measurement of a machine without tpm using trusted agent
MYPI2011000166 2011-01-13

Publications (1)

Publication Number Publication Date
WO2012096558A1 true WO2012096558A1 (en) 2012-07-19

Family

ID=46507311

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/MY2011/000168 WO2012096558A1 (en) 2011-01-13 2011-07-11 System and method to provide integrity measurement of a machine without tpm using trusted agent

Country Status (2)

Country Link
MY (1) MY155582A (en)
WO (1) WO2012096558A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114666103A (en) * 2022-03-04 2022-06-24 阿里巴巴(中国)有限公司 Credible measuring device, equipment and system and credible identity authentication method

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060020781A1 (en) * 2004-06-24 2006-01-26 Scarlata Vincent R Method and apparatus for providing secure virtualization of a trusted platform module
US20090307487A1 (en) * 2006-04-21 2009-12-10 Interdigital Technology Corporation Apparatus and method for performing trusted computing integrity measurement reporting

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060020781A1 (en) * 2004-06-24 2006-01-26 Scarlata Vincent R Method and apparatus for providing secure virtualization of a trusted platform module
US20090307487A1 (en) * 2006-04-21 2009-12-10 Interdigital Technology Corporation Apparatus and method for performing trusted computing integrity measurement reporting

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114666103A (en) * 2022-03-04 2022-06-24 阿里巴巴(中国)有限公司 Credible measuring device, equipment and system and credible identity authentication method
CN114666103B (en) * 2022-03-04 2023-08-15 阿里巴巴(中国)有限公司 Trusted measurement device, equipment, system and trusted identity authentication method

Also Published As

Publication number Publication date
MY155582A (en) 2015-11-03

Similar Documents

Publication Publication Date Title
US10380346B2 (en) Technologies for secure bootstrapping of virtual network functions
CN108351937B (en) Computing device
US10885197B2 (en) Merging multiple compute nodes with trusted platform modules utilizing authentication protocol with active trusted platform module provisioning
US9678774B2 (en) Secure migration of virtual machines
US9575790B2 (en) Secure communication using a trusted virtual machine
US9819496B2 (en) Method and system for protecting root CA certificate in a virtualization environment
US8850212B2 (en) Extending an integrity measurement
US8572692B2 (en) Method and system for a platform-based trust verifying service for multi-party verification
US20160350534A1 (en) System, apparatus and method for controlling multiple trusted execution environments in a system
US11206141B2 (en) Merging multiple compute nodes with trusted platform modules utilizing provisioned node certificates
CN102244684B (en) EFI (Extensible Firmware Interface) trusted Cloud chain guiding method based on USBKey
CN104081407A (en) Remote trust attestation and geo-location of servers and clients in cloud computing environments
EP3317875B1 (en) Keyless signature infrastructure based virtual machine integrity
CN101523401A (en) Secure use of user secrets on a computing platform
US11509480B2 (en) Remote attestation based on runtime configuration
US20210067520A1 (en) Cross-attestation of electronic devices
Velten et al. Secure and privacy-aware multiplexing of hardware-protected tpm integrity measurements among virtual machines
WO2012096558A1 (en) System and method to provide integrity measurement of a machine without tpm using trusted agent
EP4072094A1 (en) Method for proving trusted state and related device
Sechkova et al. Cloud & edge trusted virtualized infrastructure manager (vim)-security and trust in openstack
Niemi et al. Platform attestation in consumer devices
Nolte et al. A Secure Workflow for Shared HPC Systems
Zheng et al. SwitchMan: An Easy-to-Use Approach to Secure User Input and Output
Li et al. Formal analysis of trust chain
Schiffman Practical system integrity verification in cloud computing environments

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11855560

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11855560

Country of ref document: EP

Kind code of ref document: A1