Login| Sign Up| Help| Contact|

Patent Searching and Data


Title:
A METHOD AND SYSTEM FOR A REMOTE ATTESTATION IN A TRUSTED FOUNDATION PLATFORM
Document Type and Number:
WIPO Patent Application WO/2011/126357
Kind Code:
A1
Abstract:
A method and system (100) for providing a remote attestation in a trusted foundation platform through the use of a trust hash list. The system comprising at least one foundation server (101), at least one trusted certificate authority (102), at least one client platform (104) and at least one application server (103). The at least one foundation server (101) having means for creating at least one hash list and maintaining the at least one hash list. The at least one trusted certificate authority (102) having means for protecting integrity of a trust hash list through a certification process available in an installation media package. The at least one client platform (104) having means for installing a trusted package platform and booting the trust hash list. The at least one application server (103) having means for executing the remote attestation process.

Inventors:
NORAZAH ABD AZIZ (MY)
LUCYANTIE MAZALAN (MY)
MOHD AZZUDIN PARMAN (MY)
ABDUL MUZAIRIE ABDUL MUTALIB (MY)
PUTRI SHAHNIM KHALID (MY)
Application Number:
MY2010/000192
Publication Date:
October 13, 2011
Filing Date:
September 30, 2010
Export Citation:
Click for automatic bibliography generation   Help
Assignee:
MIMOS BERHAD (MY)
NORAZAH ABD AZIZ (MY)
LUCYANTIE MAZALAN (MY)
MOHD AZZUDIN PARMAN (MY)
ABDUL MUZAIRIE ABDUL MUTALIB (MY)
PUTRI SHAHNIM KHALID (MY)
International Classes:
G06F11/22; G06F11/30
Foreign References:
US20070136814A12007-06-14
US6574729B12003-06-03
US20060005009A12006-01-05
US20100058431A12010-03-04
Attorney, Agent or Firm:
MIRANDAH, Patrick (Suite 3B-19-3 Plaza SentralJalan Stesen Sentral 5, Kuala Lumpur, MY)
Download PDF:
Claims:
CLAIMS

1. A method (100) for providing a remote attestation in a trusted foundation platform through the use of a trust hash list, the method comprising the steps of: creating at least one hash list (200); maintaining the at least one hash list (300); protecting integrity of a trust hash list through a certification process available in an installation media package (400); installing a trusted package platform at a client platform (500); booting the trust hash list into the client platform (600); and executing the remote attestation process (700). characterized in that maintaining the at least one hash list further comprises the steps of: storing the created hash list (302); comparing the hash list with an untrust hash list through a hash operation (304); and removing black list which exists in the hash list to obtain a trust hash list indicating a clean platform (306).

2. A method according to claim 1 , wherein installing a trusted package platform at a client platform further comprises the following steps: booting information from the installation media package (502); extracting an endorsement public key from a Trusted Platform Module (504); requesting an endorsement key certificate from a trusted certificate authority (506); receiving the endorsement key certificate and the trust hash list license key (508); and sealing the endorsement key certificate with the client's trusted platform module key (510).

A method according to claim 1, wherein booting the trust hash list into the client platform further comprises the following steps: initiating the remote attestation process if the hash value in the client platform is in the trust hash list (602); reporting failure of the hash value if the hash value in the client platform is not in the trust hash list (604); and terminating the booting process if the hash value in the client platform is not in the trust hash list (606).

A method according to claim 1 wherein executing a remote attestation process further comprises the steps of: generating attestation parameters at the client platform and a server platform based on information of the endorsement public key (702); forwarding attestation parameters to the trusted certificate authority for endorsement (704); forwarding endorsed attestation parameters to the application server for an attestation process (706); and verifying validity of the remote attestation process (708).

5. A method according to claim 4 wherein verifying validity of the remote attestation process further comprises the steps of: receiving attestation parameters of the application server (802); identifying a status of the attestation parameters of the application server with the trusted certificate authority (804); reiterating a status check of the attestation parameters of the application server if an invalid status is obtained (806); and terminating the remote attestation process if the status check is invalid (808).

6. A method according to claim 1 wherein the step involve creating multiple hash list and maintaining multiple hash list.

7. A system (100) for providing a remote attestation in a trusted foundation platform through the use of a trust hash list, the system comprising: at least one foundation server (101); at least one trusted certificate authority (102); at least one client platform (104); and at least one application server (103). characterized in that the at least one foundation server (101) having means for: creating at least one hash list; and maintaining the at least one hash list. the at least one trusted certificate authority (102) having means for protecting integrity of a trust hash list through a certification process available in an installation media package; the at least one client platform (104) having means for: installing a trusted package platform; and booting the trust hash list. the at least one application server (103) having means for executing the remote attestation process.

8. A system (100) according to claim 7 wherein the at least one foundation server (101) further comprises means for. storing the created hash list; comparing the hash list with an untrust hash list through a hash operation; and removing black list which exists in the hash list to obtain a trust hash list indicating a clean platform.

9. A system according to claim 7 wherein the at least one client platform (104) having means for: booting information from the installation media package; extracting an endorsement public key from a Trusted Platform Module; requesting an endorsement key certificate from a trusted certificate authority; receiving the endorsement key certificate and the trust hash list license key; and sealing the endorsement key certificate with the client's trusted platform module key.

10. A system according to claim 7 wherein the at least one client platform (104) further comprises means for: generating attestation parameters based on information of the endorsement public key; forwarding attestation parameters to the trusted certificate authority for endorsement; forwarding endorsed attestation parameters to the application server for an attestation process; and verifying validity of the remote attestation process.

11. A system according to claim 7 wherein the at least one trusted certificate authority (102) further comprises means for: receiving attestation parameters of the application server; identifying a status of the attestation parameters of the application server with the trusted certificate authority; reiterating a status check of the attestation parameters of the application server if an invalid status is obtained; and terminating the remote attestation process if the status check is invalid.

12. The system according to claim 7 and claim 9 wherein the at least one client platform (104) further comprising means for: initiating the remote attestation process if the hash value in the client platform is in the trust hash list; reporting failure of the hash value if the hash value in the client platform is not in the trust hash list; and terminating the booting process if the hash value in the client platform is not in the trust hash list.

13. A system according to claim 7 wherein the step involve creating multiple hash list and maintaining multiple hash list.

Description:
A METHOD AND SYSTEM FOR A REMOTE ATTESTATION IN A TRUSTED

FOUNDATION PLATFORM

FIELD OF INVENTION

The present invention relates to a method and a system for providing a remote attestation in a trusted foundation platform through the use of a trust hash list.

BACKGROUND ART

Existing computing platforms stand under various security problems because of the weaknesses in the complexity of the architectural of the configuration of the hardware and software. Thus, Trusted Computing Group (TCG) which develops trusted computing technology came out with a new approach of computing platforms in order to enhance the security of the hardware and software building block.

Remote attestation is recommended as an essential feature in Trusted Platform Module (TPM). Remote attestation allows changes to the user's computing platform to be detected by authorized parties wherein the hardware generates a certificate which states the type of software which is currently running. The said computer platform then presents the certificate to a remote party as a proof that the software has not been tampered with. In addition, remote attestation is usually combined with public-key encryption which allows information sent to be read by the programs that presented and requested the attestation and not by a third party (i.e. an eavesdropper).

In general, attestation is a process of assuring that information is accurate and is critical for the trusted platform. If a system is not able to attest the accuracy of that information, then the trust to the platform does not exist. Attestation is closely related to authentication. In a networked environment, anonymous authentication access would facilitate the security mechanism. The authentication concept performed by the access requestor requires an access to the facilities without necessarily revealing their identities to external parties. This requirement stems from the possible need for each individual to maintain some degree of plausible deniability. One of the approaches to perform this requirement is by using protocols proposed by the said Trusted Computing Group.

The protocol of remote attestation implementation is necessary in order to guarantee the trustworthiness of trusted platform as well as vouching the accuracy of the information and protecting the privacy of the host platform.

The approach of the present invention is an enhanced system and protocol for remote attestation which guarantees the trustworthiness and privacy of remote platform. The present invention involves the creation of the trust hash list.

The subject matter claimed herein is not limited to embodiments that solve any disadvantages or that operate only in environments such as those described above. Rather, this background is only provided to illustrate one exemplary technology area where some embodiments described herein may be practice.

SUMMARY OF INVENTION

One aspect of the present invention is a method for providing a remote attestation in a trusted foundation platform through the use of a trust hash list. The method comprising the steps of creating at least one hash list (200), maintaining the at least one hash list (300), protecting integrity of a trust hash list through a certification process available in an installation media package (400), installing a trusted package platform at a client platform (500), booting the trust hash list into the client platform (600) and executing the remote attestation process (700). The method for maintaining the at least one hash list further comprises the steps of storing the created hash list (302), comparing* the hash list with an untrust hash list through a hash operation (304) and removing blaek list which exists in the hash list to obtain a trust hash list indicating a clean platform (306).

Preferably, the trusted package platform further comprises booting information from the installation media package (502), extracting an endorsement public key from a Trusted Platform Module (504), requesting an endorsement key certificate from a trusted certificate authority (506), receiving the endorsement key certificate and the trust hash list license key (508) and sealing the endorsement key certificate with- the client's trusted platform module key (510).

Another aspect of the present invention is a system (100) for providing a remote attestation in a trusted foundation platform through the use of a trust hash list. The system comprising at least one foundation server (101), at least one trusted certificate authority (102), at least one client platform (104) and at least one application server (103). The at least one foundation server (101) having means for creating at least one hash list and maintaining the at least one hash list. The at least one trusted certificate authority (102) having means for protecting integrity of a trust >ash list through a certification process available in an installation media package. The at least one client platform (104) having means for installing a trusted package platform and booting the trust hash list. The at least one application server (103) having means for executing the remote attestation process.

Preferably the foundation server (101) further comprises means for storing the created hash list, comparing the hash list with an untrust hash list through a hash operation and removing black list which exists in the hash list to obtain a trust hash list indicating a clean platform.

The present invention consists of features and a combination of parts hereinafter fully described and illustrated in the accompanying drawings, it being understood that various changes in the details may be made without departing from the scope of the invention or sacrificing any of the advantages of the present invention.

-

5

BRIEF DESCRIPTION OF ACCOMPANYING DRAWINGS

To further clarify various aspects of some embodiments of the present invention, a more particular description of the invention will be rendered by references to specific embodiments thereof, which are illustrated in the appended drawings. It is appreciated that these drawings depict only typical embodiments of the invention and are therefore not to be considered limiting of its scope. The invention will be described and explained with additional specificity and detail through the accompanying drawings in which:

FIG. 1 illustrates system architecture for remote attestation in a trusted foundation platform.

FIG. 2 is a flowchart illustrating a method for providing a remote attestation in a trusted foundation platform through the use of a trust hash list.

FIG. 3 is a flowchart illustrating a method for maintaining the at least one hash list.

FIG. 4 is a flowchart illustrating a method for installing a trusted package platform at a client platform.

FIG. 5 is a flowchart illustrating a method for booting the trust hash list into the client platform.

FIG. 6 is a flowchart illustrating a method for executing a remote attestation process.

FIG. 7 is a flowchart illustrating a method for verifying validity of the remote attestation process. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

The invention relate to a method and system for providing a remote attestation in a trusted foundation platform through the use of a trust hash list. Hereinafter, this specification will describe the present invention according to the preferred embodiments. It is to be understood that limiting the description to the preferred embodiments of the invention is merely to facilitate discussion of the present invention and it is envisioned without departing from the scope of the appended claims.

Reference is first being made to FIG. 1. FIG. 1 illustrates architecture of a system for remote attestation in a trusted foundation platform. The system arrangement for remote attestation in a trusted foundation platform comprises four major parts, a Foundation Server (101), a Trusted Certificate Authority (102), a Client Platform (104) and an Application Server (103).

The Foundation Server (101) comprises of a Database List which stores blacklisted data which contains the Database List to store all blacklisted data while the deployment positions a Trusted Certificate Authority (Trusted CA) (102) which contains a Storage Database (Storage DB) to maintain the latest trust hash list, PCR data and certificate for each client platform. A Trusted Platform Module (TPM) is embedded in multiple machine platforms which communicate through a secured channel.

Trust hash list is typically a list of hashes of data blocks in a file or set of files used for different purposes, such as fast table lookup (hash tables) and distributed databases (distributed hash tables) to guarantee data integrity.

Trusted Certificate Authority is a trusted third party provider. Certificate Authorities are characteristic of infrastructure schemes. The present disclosure deploys a Trusted Certificate Authority (102) which functions to manage the mechanism of handling the interoperability and accuracy of the configuration of a computing platform as well as signing the Endorsement Key of trusted platform clients and validates all certificates involved in the attestation process. The attestation mechanism implements a system to maintain the accuracy and interoperability of computing platform configuration by having the foundation server which interacts with the Trusted Certificate Authority (102) as an entity which handles the trust hash list of an uncompromised foundation server.

The Trusted Certificate Authority (102) comprises a Storage Database which maintains the latest trust hash list, Platform Configuration Registers (PCR) data and certificate for each client platform. Each embodiment may have Trusted Platform Module (TPM) and with communicate each other by a secure channel.

Reference is now being made to FIG. 2 and FIG. 3 collectively. FIG. 2 is a flowchart illustrating a method for providing a remote attestation in a trusted foundation platform through the use of a trust hash list while FIG.3 is a flowchart illustrating a method for maintaining the at least one hash list. The method (100) for providing a remote attestation in a trusted foundation platform through the use of a trust hash list comprising the steps of creating at least one hash list (200), maintaining the at least one hash list (300), protecting integrity of a trust hash list through a certification process available in an installation media package (400), installing a trusted package platform at a client platform (500), booting the trust hash list into the client platform (600) and executing the remote attestation process (700). The method for maintaining the at least one hash list further comprises storing the created hash list (302), comparing the hash list with an untrust hash list through a hash operation (304) and removing black list which exists in the hash list to obtain a trust hash list indicating a clean platform (306). The removal of all blacklisted entries from the database list provides a 'trusted hash' indicating a clean platform. The trust hash list is further sealed and signed by the Trusted Certificate Authority to protect the integrity of the said list.

Reference is now being made to FIG. 4. FIG. 4 is a flowchart illustrating a method for installing a trusted package platform at a client platform. The method for installing a trusted package platform at a client platform further comprises booting information from the installation media package (502). The booting process will invoke a trusted application to extract the endorsement public key from the trusted platform module (504). The application will request for an endorsement certificate (506) by providing an endorsement public key, PCR values of a trusted platform module and serial numbers of the registers to the Trusted Certificate Authority. Subsequently, the endorsement key certificate and the trust hash list license key are sent to the client machine (508). Thereafter, the endorsement key certificate is sealed with the client's trusted platform module key (510).

Validation of an application is based on a trust hash list which begins when the client platform attempts to execute the application. The installed module will check and compare the hash value of a running application with the hash value of the trust hash list. Reference is now being made to FIG. 5. FIG. 5 is a flowchart illustrating a method for booting the trust hash list into the client platform. If the hash value of that application is listed in the trust hash list then the remote attestation module will initiate the remote attestation process (602).The application can only execute after the module receives the success status of remote attestation. If the matching hash value procedure fails wherein the hash value in the client platform is not in the trust hash list, the module will check the policy regarding severity of hash value and will report the failure of the hash value if (604). Thereafter, the booting process will be terminated if the hash value in the client platform is not in the trust hash list (606).

Reference is now being made to FIG.6 and FIG.7 collectively. FIG. 6 is a flowchart illustrating a method for executing a remote attestation process while FIG. 7 is a flowchart illustrating a method for verifying validity of the remote attestation process. The method for executing a remote attestation process comprises generating attestation parameters at the client platform and a server platform based on information of the endorsement public key (702), forwarding attestation parameters to the trusted certificate authority for endorsement (704), forwarding endorsed attestation parameters to the application server for an attestation process (706) and verifying validity of the remote attestation process (708). The method for verifying validity of the remote attestation process further comprises receiving attestation parameters of the application server (802), identifying a status of the attestation parameters of the application server with the trusted certificate authority (804), reiterating a status check of the attestation parameters of the application server if an invalid status is obtained (806) and terminating the remote attestation process if the status check is invalid (808).

The methodology and system for providing a remote attestation in a trusted foundation platform lies in the content of the trust hash list which is created by comparing a list of data (in the physical machine) against a database of blacklisted data. The present invention may be embodied in other specific forms without departing from its essential characteristics. The described embodiments are to be considered in all respects only as illustrative and not restrictive. The scope of the invention is, therefore indicated by the appended claims rather than by the foregoing description. All changes, which come within the meaning and range of equivalency of the claims, are to be embraced within their scope.