Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

TOCTOU attack response method aiming at TPM trusted computation

A technology of trusted computing and equipment, applied in computing, computer security devices, instruments, etc., can solve the problem of not reflecting the current security status of the customer virtual domain platform, achieve strong scalability, maintain effective utilization, and defend against TOCTOU attacks. Effect

Inactive Publication Date: 2010-06-02
BEIJING JIAOTONG UNIV
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Due to the uncertainty of CPU scheduling, the above response method has security flaws in the following cases: Assuming that a client in the network wants to remotely verify the virtual domain being detected, the virtual domain sends A read PCR value request packet, this request is put into the communication pipeline between the vTPM backend driver and the vTPM device management tool; at the same time, the virtual machine monitor detects that the memory of the virtual domain has been tampered with, and then notifies the vTPM backend driver to generate A request to update the PCR, this request is also put into the request queue, possibly placed after the previous read PCR request packet; this will cause a problem, the PCR information returned to the virtual domain for remote verification does not reflect that the memory has been updated. Has been tampered with, that is, does not reflect the current security status of the customer's virtual domain platform

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • TOCTOU attack response method aiming at TPM trusted computation
  • TOCTOU attack response method aiming at TPM trusted computation
  • TOCTOU attack response method aiming at TPM trusted computation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] The invention assumes figure 2 system and image 3 The detection system has been deployed, and the deployment steps of the response method of the present invention are provided below:

[0023] Step 1, replace the vTPM device program with enhanced functions figure 2 method provided by the vTPM device program.

[0024] Step 2, loading the privileged domain proxy module in the privileged domain.

[0025] Combine below Figure 4 and Figure 5 The workflow of the present invention's design TOCTOU attack response method is described in detail:

[0026] (1) When the privileged domain proxy module receives the TOCTOU attack message from the virtual machine monitor, it will immediately create a specific flag file in the / proc directory, and set the content to 1, indicating that the virtual domain memory has been tampered with.

[0027] (2) When the function-enhanced vTPM device program receives the TPM command from the customer's virtual domain, it does not process the T...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a method for responding TOCTOU attack aiming at a TPM credible computer. The components of the method comprise a virtual TPM device program and a privileged domain proxy module which both have more powerful functions. Just as the prior methods, the method of the invention adopts a method of PCR register information updating, but the methods for enabling and executing eventupdate is different from the prior methods so that a TPM command in the following two conditions can correctly indicate the current state of a client virtual domain platform: the first TPM command condition is that a TPM command processing result is not sent out of the virtual TPM device program when the TOCTOU attack is detected, and the second TPM command condition is that the TPM command is not received by the virtual TPM device program when the TOCTOU attack is detected. While considering the security, the invention also takes the system performance into full consideration and ensures theutilization effectiveness and the expandability of system resources by adopting event drive and avoiding process scheduling of an extra user space.

Description

technical field [0001] The invention relates to the field of computer information security trusted computing, in particular to a TOCTOU attack response method for TPM trusted computing. The response method of the invention uses the Xen virtual machine technology to defend against TOCTOU attacks on TPM trusted computing by updating the platform information stored in the trusted platform module. Background technique [0002] The security of computer information is difficult to solve by software alone. In order to solve the insecure problem of the existing PC structure, the Trusted Computing Platform Alliance TCPA (later renamed TCG) proposed to ensure the security of the entire system by enhancing the security of the existing terminal architecture. A trusted platform module (also known as a trusted chip) TPM with secure storage and encryption functions is introduced into the terminal hardware platform; the process of starting the operating system is divided into several relat...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/00G06F21/55
Inventor 常晓林刘吉强韩臻刘博何帆邢彬
Owner BEIJING JIAOTONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com