Key managing method for trusted root server based virtual trusted platform module (VTPM)

A platform module and key management technology, applied in the field of information security, can solve the problem of not many trusted root servers, and achieve the effect of avoiding unauthorized use, ensuring security, and ensuring standardization

Active Publication Date: 2016-04-27
BEIJING UNIV OF TECH
View PDF2 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, there are not many related researches on the trusted root server at present. The key management function is the premise and basis for realizing various functions of the trusted server, and it is the primary problem to be solved.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Key managing method for trusted root server based virtual trusted platform module (VTPM)
  • Key managing method for trusted root server based virtual trusted platform module (VTPM)

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] 1. Key generation mechanism

[0037] Such as figure 1 As shown, in the entire key derivation diagram, there are two special keys:

[0038] (1) Endorsement key EK. The endorsement key in the VTPM directly adopts the endorsement key in the physical TPM, and its generation method is similar to that of the physical TPM. There are two generation methods: one is to use the TPM command TPM_CreateEndorsementKeyPair Key "injection" technology, under the premise of trusting the manufacturer, is generated by the manufacturer and then injected into the TPM.

[0039] (2) Store the root key SRK. As the only user of the physical TPM, the VTPM manager stores the root key generated when the user is created, manages all key data of the user, and only serves the physical TPM.

[0040] Other keys:

[0041] (1) Virtual platform identity authentication key VAIK. The VAIK is actually the AIK of the physical TPM, and its generation requires the support of a trusted third-party PCA. PCA ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a key managing method for a trusted root server based virtual trusted platform module (VTPM), the method takes a frame of a trusted root server as a basis, combines functions of a physical trusted platform module (TPM) and a key managing mechanism, meets VTPM demands and ensures key safety. In the method, all keys are generated by the physical TPM, and normalization and legality of key generation are ensured; the keys are stored by the physical TPM and are managed by a key buffering mechanism, thus ensuring key safety; a VTPM manager is a unique user of the physical TPM, and manages the keys of the VTPM in a concentrated manner, and provides password service for the VTPM.

Description

technical field [0001] The invention relates to a key management method of a virtual trusted platform module based on a trusted root server in a cloud environment, and belongs to the field of information security. Background technique [0002] In recent years, cloud computing technology has developed rapidly, but the security problems it faces are becoming more and more serious. The trusted root server solution is a technology that uses trusted computing technology to ensure the security of the cloud environment. This scheme separates the virtual root of trust module VTPM from the cloud server and concentrates it on a root of trust server. The root of trust server includes a physical trusted computing module TPM chip, and then generates multiple virtual trusted modules VTPM through virtualization technology to provide trusted services externally. Each VTPM must have the same functions as the physical TPM, and can provide external functions such as key management, identity ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F9/455G06F21/33G06F21/60G06F21/57H04L29/06
CPCG06F9/45558G06F21/33G06F21/57G06F21/602G06F2009/45587H04L63/06H04L63/062
Inventor 王冠袁华浩王子祎
Owner BEIJING UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap