TRUSTED VIRTUAL MACHINE AS A CLIENT

US 20090172781A1
Filed: 12/02/2008
Published: 07/02/2009
Est. Priority Date: 12/20/2007
Status: Active Grant

First Claim

Patent Images

1. A trusted computing method, comprising:

generating a dedicated virtual machine image (DVMI) including only functionality for a single target service provider;

storing the DVMI in a portable computing device;

communicably connecting by the portable computing device to a host device;

verifying the host device;

launching the DVMI in the host device as a dedicated virtual machine (DVM) according to a successful result of the verifying;

determining by the target service provider a trust level for the TDVM, based upon the verifying; and

providing a level of service by the target service provider server to the TDVM, according to the trust level of the TDVM.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The embodiments provide generating a dedicated virtual machine image (DVMI) including functionality for a target service provider and launching the DVMI in the host device as a dedicated virtual machine (DVM). A measurement of the DVMI and/or the launched DVM, as a Trusted Dedicated Virtual Machine (TDVM), is transmitted to the target service provider server. The target service provider determines a trust level for the TDVM, based upon the measurement and provides a level of service by the target service provider server to the TDVM, according to the trust level of the TDVM.

Citations

20 Claims

1. A trusted computing method, comprising:
- generating a dedicated virtual machine image (DVMI) including only functionality for a single target service provider;
  
  storing the DVMI in a portable computing device;
  
  communicably connecting by the portable computing device to a host device;
  
  verifying the host device;
  
  launching the DVMI in the host device as a dedicated virtual machine (DVM) according to a successful result of the verifying;
  
  determining by the target service provider a trust level for the TDVM, based upon the verifying; and
  
  providing a level of service by the target service provider server to the TDVM, according to the trust level of the TDVM.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 14)
- - 2. The method according to claim 1, wherein the verifying of the host device comprises upon accessing a server of the target service provider through the launched DVM, transmitting a certifiable report of a measurement of the DVMI, the launched DVM, the host device, or the portable computer device, or any combinations thereof, as a Trusted Dedicated Virtual Machine (TDVM), to the target service provider server.
  - 3. The method according to claim 1, wherein the verifying of the host device comprises:
    - executing a host verifier on the portable computing device,retrieving by the host verifier a host measurement from the host device, andverifying by the host verifier the host device based upon the host measurement.
  - 4. The method according to claim 1, further comprising discarding all changes to the launched DVM and shutting down the launched DVM after the discarding.
  - 5. The method according to claim 1, wherein the generating of the DVMI comprises:
    - installing in the DVMI software required for a task with the target service provider, andperforming any combinations of;
      
      eliminating functionality of an operating system (OS) of the DVMI, the functionality eliminating including eliminating an accessory, a peripheral, an add-in for an application, an add-in for a Web browser, or any combinations thereof,limiting access to certificate stores of the OS, the application and/or the Web browser,restricting a number of IP addresses or DNS names the DVM accesses to the service provider,applying a high protection-level setting for the OS, the application, and/or the Web browser, orlimiting OS and/or application modification and/or navigation authority of a user.
  - 6. The method according to claim 1, whereinthe storing of the DVMI in the portable computing device comprises encrypting the DVMI with a key, andthe launching of the DVMI in the host device comprises retrieving the key for decrypting the DVMI, from the portable computing device and/or from another server.
  - 7. The method according claim 6, wherein the key is sealed in the portable computing device by a Trusted Platform Module.
  - 8. The method according to claim 1, wherein the measuring of the launched DVM is a white list based measurement and/or Hash based measurement.
  - 9. The method according to claim 1,wherein the storing of the DVMI in the portable computing device comprises securing the DVMI;
    - wherein the verifying of the host device comprises;
      
      executing a host verifier on the portable computing device,retrieving by the host verifier a host measurement from the host device,verifying by the host verifier the host device based upon the host measurement, andunlocking the secured DVMI according to a successful result of the verifying of the host device and launching the DVMI in the host device;
      
      wherein the launching of the DVMI in the host device comprises;
      
      requesting by the host device a token from the service provider server,transmitting a measurement of both the host device and the portable computing device to the service provider server,determining by the service provider whether to issue a token based on the measurement information sent from the host device,upon issuance of the token by the service provider, transmitting the token to the host device, andupon receipt of the token by the host device, launching the DVMI in the host device; and
      
      wherein the accessing the service provider server further comprises any combination of transmitting the certifiable report or the token.
  - 10. The method according to claim 9, wherein the DVMI is secured by encrypting the DVMI with a key and/or by a Trusted Platform Module.
  - 11. The method according to claim 1,wherein the storing of the DVMI in the portable computing device comprises securing the DVMI with a Trusted Platform Module;
    - wherein the verifying of the host device comprises;
      
      executing a host verifier on the portable computing device,retrieving by the host verifier a host measurement from the host device,transmitting the host measurement to the service provider server,verifying by the service provider server the host device based upon the host measurement,transmitting by the service provider server a key to the portable computing device, according to a successful result of the verifying of the host device, andunlocking by the portable computing device the secured DVMI using the key and launching the DVMI in the host device;
      
      wherein the launching of the DVMI in the host device comprises;
      
      requesting by the host device a token from the service provider server,transmitting a measurement of both the host device and the portable computing device to the service provider server,determining by the service provider whether to issue a token based on the measurement information sent from the host device,upon issuance of the token by the service provider, transmitting the token to the host device, andupon receipt of the token by the host device, launching the DVM; and
      
      wherein the accessing the service provider server further comprises any combination of transmitting the certifiable report or the token.
  - 12. The method according to claim 1,wherein the measurement of the DVMI comprises:
    - designating the launched DVMI as read-only andbefore launching the DVMI, calculating a hash value of the DVMI, andverifying integrity of the DVMI by comparing the calculated DVMI hash value with a another hash value for the DVMI; and
      
      wherein the measurement of the launched DVM comprises;
      
      selecting one or more files of the launched DVM,calculating a hash value of the selected files of the launched DVM, andverifying integrity of the launched DVM by comparing the calculated selected files hash value with another hash value for the selected files.
  - 14. The method according to claim 1, wherein the TDVM is a trusted authenticator verifying a user identity according to information and/or biometric technologies.

13. A trusted computing transaction method, comprising:
- generating a dedicated virtual machine image (DVMI) including only functionality for a single target service provider;
  
  launching the DVMI in a host device as a read-only dedicated virtual machine (RODVM);
  
  transmitting a measurement of the RODVMI, as a Trusted Dedicated Virtual Machine (TDVM), to the target service provider server;
  
  determining by the target service provider a trust level for the TDVM, based upon the measurement; and
  
  providing a level of service by the target service provider server to the TDVM, according to the trust level of the TDVM.

15. A computer system for accessing a server of a target service provider, comprising:
- a host device; and
  
  a portable computing device in communication with the host device and storing a dedicated virtual machine image (DVMI) including only functionality for the target service provider server,wherein the host device and/or the portable computing device comprise a computer processor executing;
  
  verifying the host device, andcontrolling launching of the DVMI by the host device as a trusted read-only dedicated virtual machine (TRODVM), according to a trust level designation received from the service provider server based upon the verifying of the host device.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer system according to claim 15, wherein the host device verifies itself by:
    - transmitting a measurement of the RODVMI and/or the portable computing device, as the Trusted Dedicated Virtual Machine (TRODVM), to the target service provider server;
      
      receiving from the target service provider the trust level of the TRODVM, based upon the transmitted measurement; and
      
      providing a level of service with the target service provider server, according to the trust level of the TRODVM.
  - 17. The computer system according to claim 15, wherein the host device verifies itself by upon accessing a server of the target service provider through the launched RODVM, transmitting a certifiable report of a measurement of the DVMI, the launched RODVM, or the portable computer device, or any combinations thereof, as the TRODVM, to the target service provider server.
  - 18. The computer system according to claim 15, wherein the portable computing device verifies the host device by:
    - executing a host verifier on the portable computing device,retrieving by the host verifier a host measurement from the host device, andverifying by the host verifier the host device based upon the host measurement.
  - 19. The computer system according to claim 15, wherein the portable computing device stores the DVMI by:
    - installing in the DVMI, software required for a task with the target service provider, and performing any combinations of;
      
      eliminating functionality of an operating system (OS) of the DVMI, the functionality eliminating including eliminating an accessory, a peripheral, an add-in for an application, an add-in for a Web browser, or any combinations thereof,limiting access to certificate stores of the OS, the application and/or the Web browser,restricting a number of IP addresses or DNS names the DVM accesses to the service provider,applying a high protection-level setting for the OS, the application, and/or the Web browser, orlimiting OS and/or application modification and/or navigation authority of a user.
  - 20. The computer system according to claim 15,wherein the portable computing device comprises security securing the DVMI;
    - wherein the portable computing device verifies the host device by;
      
      executing a host verifier on the portable computing device,retrieving by the host verifier a host measurement from the host device,verifying by the host verifier the host device based upon the host measurement, andunlocking the secured DVMI according to a successful result of the verifying of the host device and launching the DVMI in the host device;
      
      wherein host device controls the launching of the DVMI in the host device by;
      
      requesting by the host device a token from the service provider server,transmitting a measurement of both the host device and the portable computing device to the service provider server,receiving a token as the trust level designation from the service provider server based on the measurement information sent from the host device, and launching the DVMI in the host device based upon the token; and
      
      wherein the accessing the service provider server further comprises any combination of transmitting the token to the service provider server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Fujitsu Limited
Original Assignee
Fujitsu Limited
Inventors
MASUOKA, Ryusuke, Song, Zhexuan

Granted Patent

US 8,539,551 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/3
CPC Class Codes

H04L 63/0823   using certificates cryptogr...

H04L 63/083   using passwords cryptograph...

H04L 63/105   Multiple levels of security

TRUSTED VIRTUAL MACHINE AS A CLIENT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

TRUSTED VIRTUAL MACHINE AS A CLIENT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links