Trusted execution method and apparatus for virtual trusted platform module (vTPM)

A platform module and execution method technology, applied in the electronic field, can solve security problems, key leakage and other problems, and achieve the effect of realizing security isolation and ensuring computing security.

Active Publication Date: 2016-03-09
HUAWEI CLOUD COMPUTING TECH CO LTD
View PDF7 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The key-related calculation process of the hardware TPM is credible because they are all executed inside the closed hardware and will not be leaked or tampered with; however, the key generation and encryption and decryption processes of the vTPM implemented by software are all implemented in the host memory. ,like Figure 4 As shown, when malicious code is implanted in the memory of the vTPM emulator and vTPM instance, the key may be leaked, which causes a great security problem

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Trusted execution method and apparatus for virtual trusted platform module (vTPM)
  • Trusted execution method and apparatus for virtual trusted platform module (vTPM)
  • Trusted execution method and apparatus for virtual trusted platform module (vTPM)

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0043] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are some of the embodiments of the present invention, but not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0044] Please refer to Figure 5 , Figure 5 It is a schematic flowchart of a trusted execution method of a virtual trusted platform module vTPM proposed by an embodiment of the present invention. As shown, the method includes:

[0045] S501. The first vTPM emulator running on the operating system sends a first creation request to the SGX module, so that the SGX module creates a first memory protection area enclave according to the first creation req...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention discloses a trusted execution method and apparatus for a virtual trusted platform module (vTPM). An operating system loads an SGX module, and the operating system runs a first vTPM simulator. The method comprises: the first vTPM simulator run by the operating system sending a first creation request to the SGX module, so that the SGX module establishes a first memory protection region enclave according to the first creation request and generates a first communication key, so as to execute program code of the first vTPM simulator in the first enclave to implement a second vTPM simulator; and the second vTPM simulator using the first communication key to decrypt data subsequently forwarded by the SGX module. According to the method and apparatus disclosed by the embodiments of the present invention, security isolation of a vTPM simulator from a non-trusted operating system is realized by using an SGX module and a hardware protection function of an enclave, thereby ensuring computing security of the vTPM simulator.

Description

technical field [0001] The invention relates to the field of electronic technology, in particular to a trusted execution method and device of a virtual trusted platform module vTPM. Background technique [0002] Due to the advantages of reasonable resource sharing, good isolation mechanism, easy maintenance and low cost, virtualization technology has been widely used, but virtual machine technology also faces problems such as data security storage, sensitive information protection and integrity. measurement issues, etc. The goal of trusted computing technology is to establish a security verification system for computer systems. The TPM (Trusted Platform Module, Trusted Platform Module) embedded on the motherboard of physical equipment can provide hardware-based trusted metrics, trusted proofs and trusted packaging for computer systems. and other safety features. Therefore, the combination of virtualization and trusted computing is an inevitable result of technological deve...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/57
CPCG06F21/57
Inventor 施迅严飞赵波
Owner HUAWEI CLOUD COMPUTING TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap