Secure communications between peers using a verified virtual trusted platform module
First Claim
1. A method for establishing secure communications over a network in accordance with verifiable secure software key management, comprising:
- verifying a virtual trusted platform module (TPM) being software that emulates operations of a hardware TPM, the virtual TPM is configured to manifest a security property that enforces a security policy preventing alteration of content within a secure memory by software external to the virtual TPM, wherein the security property is manifested by subjecting code including at least a first portion of the virtual TPM to enhanced verification analyses to confirm that (i) the code conforms to an operational model including key elements of the code and (ii) the virtual TPM demonstrates the security property; and
providing the virtual TPM for deployment within a node, wherein the virtual TPM being configured to generate one or more cryptographic keys on the node, store the one or more cryptographic keys within the secure memory, and safeguard content of the secure memory including the one or more cryptographic keys for use in establishing secure communications over the network.
7 Assignments
0 Petitions
Accused Products
Abstract
The embodiments herein are directed to a technique for providing secure communication between nodes of a network environment or within a node of the network using a verified virtual trusted platform module (TPM) of each node. The verified virtual TPM illustratively emulates a hardware TPM device to provide software key management of cryptographic keys used to provide the secure communication over a computer network of the network environment. Illustratively, the verified virtual TPM is configured to enforce a security policy of a trusted code base (TCB) that includes the virtual TPM. Trustedness denotes a predetermined level of confidence that the security property is demonstrated by the verified virtual TPM. The predetermined level of confidence is based on an assurance (i.e., grounds) that the verified virtual TPM demonstrates the security property. Trustedness of the virtual TPM may be verified by subjecting the virtual TPM to enhanced verification analysis configured to ensure conformance to an operational model with an appropriate level of confidence over an appropriate range of activity. The operational model may then be configured to analyze conformance to the security property. A combination of conformance by the virtual TPM to the operational model and to the security property provides assurance (i.e., grounds) for the level of confidence and, thus, verifies trustedness.
-
Citations
31 Claims
-
1. A method for establishing secure communications over a network in accordance with verifiable secure software key management, comprising:
-
verifying a virtual trusted platform module (TPM) being software that emulates operations of a hardware TPM, the virtual TPM is configured to manifest a security property that enforces a security policy preventing alteration of content within a secure memory by software external to the virtual TPM, wherein the security property is manifested by subjecting code including at least a first portion of the virtual TPM to enhanced verification analyses to confirm that (i) the code conforms to an operational model including key elements of the code and (ii) the virtual TPM demonstrates the security property; and providing the virtual TPM for deployment within a node, wherein the virtual TPM being configured to generate one or more cryptographic keys on the node, store the one or more cryptographic keys within the secure memory, and safeguard content of the secure memory including the one or more cryptographic keys for use in establishing secure communications over the network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 14, 15, 16, 18, 19, 20, 21)
-
-
13. A system comprising:
-
a central processing unit (CPU) adapted to execute a verified virtual trusted platform module (TPM) being software that emulates operations of a hardware TPM; a memory configured to store code operating as a trusted computing base (TCB), and the virtual TPM being a part of the TCB; and a secure memory configured from a portion of the memory by the TCB, wherein the virtual TPM having been configured to manifest a security property that enforces a security policy preventing alteration of content within the secure memory by software external to the virtual TPM, the security property is manifested by subjecting at least a first portion of the virtual TPM to enhanced verification analyses to confirm that (i) the code conforms to an operational model including key elements of the TCB and (ii) the virtual TPM demonstrates the security property. - View Dependent Claims (17)
-
-
22. A non-transitory computer readable medium including program instructions for execution on a processor of a node on a network, the program instructions when executed operable to:
-
generate at least a cryptographic key using a verified virtual trusted platform module (TPM) being a portion of code that emulates a hardware TPM, wherein the virtual TPM manifesting a security property that enforces a security policy to prevent alteration of a state related to security of the virtual TPM by software external to the virtual TPM, wherein the security property is verified to a predetermined level of confidence based on a state comparison of at least states of a first portion of the virtual TPM to states produced by an operational model including key elements of the code and the virtual TPM safeguards contents of a secure memory accessible by the virtual TPM; store the cryptographic key in the secure memory; and communicate securely over the network with a peer using the cryptographic key. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31)
-
Specification