The present invention relates generally to method of providing security services in computing, more particularly to a method of providing trusted application services via trusted platform module.

BACKGROUND

Trusted platform module (TPM) is specification of a processor that stores cryptographic keys. All TPM hardware follows Trusted Computing Group specification. Most of the computer devices such as laptops follow TPM specification. Hence, each hardware has a unique cryptographic key. TPM can be used to authenticate hardware which can be useful in authenticating a user, base or subscriber.

Before a software can use the functionality of TPM, the software has to be modified to suit the requirements of TPM. Effort is needed to review, design, code and test the software according to trusted platform module specification. Hence, TPM is not widely used in security software.

A virtual TPM is described in US patent application 2006/0020781. A virtual TPM service creates a virtual TPM for use in a processing system that contains physical TPM. The virtual TPM service stores a key for the virtual TPM in physical TPM and emulates physical TPM features.

There are many security software such as network application which can be strengthen by using TPM functionality. It is an object of the invention to allow software application which does not have TPM function to be provided with TPM function. The trusted application service is developed to run on various operating systems.

SUMMARY OF INVENTION

The present invention proposes a solution which incorporates trusted application services and trusted agents that utilize TPM for software application. The trusted service is a platform that enables the software application to use TPM. A user does not directly invoke the trusted services because the user does not need to know about the existence of TPM. The user shall notify trusted application service if the user applications software wants to be measured by TPM and allows the trusted application services to perform attestation on behalf of the non-trusted application. The trusted services can support numerous applications running simultaneously to use TPM and it has multiple trusted agents to perform trusted computing activities to any application associated to this trusted services. Trusted agent will collect information from non-trusted application and pass the information to the trusted application service which consequently provides integrity measurement.

BRIEF DESCRIPTION OF DRAWINGS

The invention will now be described in greater detail, by way of an example, with reference to the accompanying drawings, in which:

Fig. 1 shows an overview of trusted application service according to the invention; Fig. 2 shows a diagram of trusted application service system architecture; Fig. 3 show diagrams of possible embodiments of implementation;

Fig. 4 shows a flow chart of checking the existence of trusted platform module; Fig. 5 shows a flow chart of checking and starting trusted application services;

Fig. 6 shows a flow chart of verifying application; and

Fig. 7 shows a flow chart of starting and closing trusted agent. DESCRIPTION OF EMBODIMENTS

Fig. 1 shows a block diagram of proposed trusted application services (TAS) in computing. The primary objective of TAS is to allow applications which do not have support for trusted platform module (TPM) to be integrated with access to TPM. Trusted platform initialization 001 is a method for checking the existence of TPM in a computer system. TAS integrity measurement 002 is a method for checking and verifying the integrity of TAS while application integrity measurement 003 is a method for checking and verifying the integrity of software application. Trusted agents and application 004 is a method for starting and closing the application via trusted agents. Each method will be described in detail. Fig. 2 is a block diagram showing a proposed architecture of the system. The system uses TPM or virtual TP 1 17 as root of trust for integrity measurement which enables TAS switches user application to be in a secure trusted application. Virtual TPM is a software that emulates hardware TPM. Trusted boot loader 116 performs integrity measurement at operating system TSS and TAS. The measurement is then stored in TPM in program configuration register array. Every time a machine boots, this process will capture the stored integrity measurement and compare with actual measurement. This process will ensure TAS runs at trusted state.

The invention can be ported on multiple operating systems 115 such as Windows, Linux, Mobile operating system and any platform that has TPM. Trusted software stack (TSS) 114 can be used as interface between TAS and TPM. Trusted application service (TAS) 112 is a system tools that provide trusted computing functionality to any user application that intends to use TPM. This trusted service provides solution for facilitating applications to use TPM.

TAS has multiple managers 109, 1 10, 1 11 to perform specific task and every manager is capable to spawn multiple trusted agents 103, 104, 105, 106, 107, 108 in order to extend the application function.

Application A 101 and application B 102 are independent user applications such as system services, network application or system tools. These user applications may or may not support trusted computing functions. Trusted Application is a software designed to support TPM and maintains trust. A non-trusted software application is a program without trusted computing features.

Token 113 may take form of a physical device or software used for user authorization for the use of TAS. Token can store encrypted data and configuration, cryptographic keys, migration key, digital signature, biometric data or any other information. TAS can be implemented in one of the three following modes, as shown in Fig. 3. In Mode 1 , TAS runs on a machine with hardware TPM. The layers involved are TAS, TSS, Operating System, TGrub and hardware TPM. In Mode 2, TAS runs on virtual machine using virtual TPM. The layers involved are TAS, TSS, guest Operating System, TGrub virtual TPM, hypervisor/virtualization and hardware with or without TPM. In Mode 3, TAS runs on virtual machine using hardware TPM. This is possible with hypervisor or virtualization features that allow communication between upper layers of TAS, trusted software stack (TSS) and trusted boot loader (TGrub). Fig. 4 shows a flow chart for checking the existence of trusted platform module in a computer. This flow chart shows how TAS is started by verifying the existence of TPM in the computer. Enabling trusted application services 201 will start the trusted services on the system and consequently check the existence of TPM hardware 202. If hardware TPM does not exist, the existence of virtual TPM 206 is next checked. If virtual TPM does not exist, then the TAS is disabled 205. The existence of at least trusted platform module, or virtual trusted platform is verified.

Boot trusted application services 203 if TPM or virtual TPM exist in the computer system. Next, the existence of TPM owner is checked 204. TPM ownership is provided 207 if it does not exist. Stage 1 is preceded in the next stage. Stage 1 , 2, 3, 4, 5 is used to provide various entry and exit stage.

Fig. 5 shows a flow chart for verifying and running TAS. TAS integrity is verified by checking the integrity measurement of TAS and system configuration. Measurements include operating system, file library and other related information. First, the valid owner of TPM is checked 301. A typical way of checking the owner is by providing login identification and password. Then, the owner logs into TAS 302. For first time login 303, administrator account is configured in trusted service 306. The configuration process includes configuring trusted boot loader by pointing trusted grub to perform integrity measurement on this trusted service. Integrity measurement is performed on kernel, memory buffer register and trusted application services.

The TAS and system configuration is then measured 307. Additionally, a token 308 can be used to increase security fortification by binding token 309 with trusted services. Later, the integrity measurement is stored in trusted storage 310. The computer needs to be rebooted 311 to apply the new integrity measurement. After login, authorization 304 is performed with token 316 if this feature is enabled in system configuration. Token is inserted 317 as a form of authorization. The system can be configured 305. Otherwise, TAS and system configuration is measured 312. Original integrity measurement from trusted storage is loaded and compared with current integrity measurement 313. If it is a valid measurement 314, TAS is run 315.

Fig. 6 shows the process to check the status or integrity of user application and platform configuration. When the measurement of both application and configuration matches the stored measurement, the system can then run the application. The integrity measurement includes measurement of application, library file and other related files to the application based on the configuration of the application.

First, the application to be loaded is chosen 401 by TAS. If the application is run for the first time 402, then it needs to be configured over TPM. It is given a choice if it prefers auto configuration 403. Default configuration is loaded 404 for auto configuration. Choice of configuration 405 is given if auto configuration is not desired. The application and configuration is measured 406. The measurement is stored in trusted storage 407 for later use. If configuration is not desired, the integrity measurement for this application and configuration is proceeded 409. Original integrity measurement from trusted storage is loaded and compared with current integrity measurement 410. For valid measurements 412, the application is allowed to run 414. Otherwise, the application and trusted agent is halted 413.

Fig. 7 shows the process for starting and closing the trusted agents after the application has been executed. TAS spawns trusted agents 501 based on the defined configuration for the application. After the agent completes the task, TAS closes the relevant trusted agents 502 to free system resources. When the trusted agents have been terminated, the application is closed 503. Trusted agents collect information, store information and share information. Trusted agents collect information from user application, credential, operating system, network, or related library files to execute the application. Information is stored in trusted storage upon completing trusted action. The trusted agents can share information with other trusted agents. Accordingly, the invention disclosed a trusted application service which utilize trusted platform module for security applications. Trusted application services allow application to be executed if integrity measurement is valid. The trusted application services, application, trusted boot loader and trusted agents areis a machine instructions executeds in athe physical machine or virtual machine to do integrity measurements on the platform with at least a security devices or virtual security devices to store integrity measurements. Approaches were described for applications to be verified. It is the combination of the above features and its technical advantages give rise to the uniqueness of such invention. Although the descriptions above contain much specificity, these should not be construed as limiting the scope of the embodiment but as merely providing illustrations of some of the presently preferred embodiments.