Field of the Invention

The present invention relates to a verification system for detecting tampering and performing attestation on a client platform in a communication between a client machine and a server machine.

Background of the Invention

Most computer systems use proprietary software and hardware components. Typically, proprietary operating system of a computer does not provide a single security measure to detect any tempering on a client platform either at hardware, firmware, boot loader, kernel or user layers. In addition, the existing system performs attestation at application layer only as such attestation between layers in a client platform are not performed. This may risk the computer as some proprietary software may include defects or malicious features which would compromise sensitive information in the computer system. Furthermore, the computer is exposed to security vulnerabiUties since the computer is connected to a network. Since most proprietary software restrict use and modification of the source code, it is not possible to detect the malicious features or look for security vulnerabilities.

In view of the above, a verification system is needed to validate the integrity information of the individual software and hardware components of a client platform. This is yery cruicial in a client-server network because most people use prorietory system in their computers to perform online transaction such as online banking and online shopping.

According to the present invention, a verification system is provided in a computer system that comprises a chain of trust that uses remote verification for detecting tampering and performing attestation on every layer (stage) of a client platform to ensure that each layer runs in trusted computing environment. A chain of trust is established by validating individual hardware and software components to ensure that only trusted software and hardware have access to a resource on a network. For instance, hardware will only boot from software that is digitally , signed or verified. This verification process will continue for several layers before a client platform can have access to the network.

In US2007/0143629, the verification of individual hardware and software components of a client platform is based on overall score generated by an integrity report which collects digests from the components. An integrity score generated and compared to a threshold to determine whether the client platform should be granted access to a resource or service on a network. In the contrary, the verification process according to the present invention is based on the server instructions whereby the verification system provides the proprietary operating system with integrity information to allow remote server to perform necessary security action on a client platform. It is an objective of the present invention to provide a chain of trust on a client platform using remote verification in every stage of the running platform and to perform attestation in every stage in order to ensure that each stage runs in a trusted state. It is yet another objective of the present invention to provide a verification system for detecting tampering and performing attestation on every layer (stage) of a client platform to ensure that each layer runs in trusted computing environment.

Summary of the Invention

According to the present invention, a verification system is provided for detecting tampering and performing attestation on a client platform in a communication between a client machine and server machine. The client machine is referred to as a user computer which includes computer unit with and without Trusted Platform Module (TPM) chip. The verification system comprises a chain of trust that use remote verification for detecting tampering and performing atesttation on every layer (stage) of a client platform to ensure that each layer runs in trusted computing environment wherein the system provide integrity information to a remote server in the server machine to perform a remote attestation process.

In operation, the verification system will first perform verification on booting areas and bios configuration integrity. Next, the verification system will run as part of the operating system and measure the intergrity information in order to provide trusted element in kernel and user environment. After the verification system is up and running, the verification system will check integrity of each files (machine instructions) running in the operating system. The existing integrity value will be checked and compared with substantiation evidences values at a database (security descriptors). If the value is different from the substantiation evidences, the verification system of the present invention will invoke integrity validation to make security decision via remote attestation. Brief Description of the Drawing

The present invention will be further described by way of example with reference to the accompanying drawing, in which:

Fig. 1 shows a diagram of a verification system according to the present invention.

Detailed Description of the Invention

The present invention provides a verification system for detecting tampering and performing attestation on a client platform in a communication between a client machine and server machine. The verification system (105) as shown in Fig. 1 comprises a chain of trust on the client platform, a remote verification in every stage of the chain of trust wherein the system provide integrity information to a remote server to perform a remote attestation process.

In Fig. 4, a client platform is shown with four layers. As shown, Stage 0 (101) is a layer for collecting integrity, measuring integrity and attestation of hardware and firmware in a client platform. Stage 1 (102) is a layer for collecting integrity, measuring integrity and attestation of boot loader in a client platform. Stage 2 (103) is a layer for collecting integrity, measuring integrity and attestation of kernel and operating system in the client platform. Stage 3 (104) is a layer for collecting integrity, measuring integrity and attestation of application in the client platform. Each stage transfers sequence of digests and integrity measurements to the verification system using a secured communication channel. Each stage is measured and verified before executing further instruction in the client platform. The verification system (105) performs attestation on client platform in every stage to detect any tempering on every stage of the client platform. The verification system (105) comprises a chain of trust performed between the layers. To maintain the chain of trust, the initial layer must verify integrity of the corresponding layer whether the corresponding layer can be trusted or not before passing control to the corresponding layer. Remote attestation will ensure each stage runs in secure and trusted environment. Each stage must complete the attestation process before proceed to a corresponding stage. An integrity baseline from the server machine storage is used for attestation process and stages verification.

This attestation process is performed by using Virtual Trusted Platform Module (vTPM) (106) which is a virtualized of physical hardware of Trusted Platform Module (TPM). Data storage (107) is the primary information used for verification and attestation. This storage (107) is protected from unauthorized access. It can be protected via encryption algorithms. This storage may contain files, configurations and policies that describing the evidence of the platform including sequence of information, integrity digests, platform behavior, platform properties and platform trusted measurements. The communication between client and server must be running in the trusted and encrypted channel. The verification system of the present system also supports virtual machine or hypervisor as a part of software stages in the client platform.