METHOD FOR ENABLING SIMULTANEOUS CONTROL OF A PLURALITY OF TPMs AND RELATED COMPONENTS
First Claim
1. A method, performed in a trusted computing component, for enabling simultaneous control of a plurality of trusted platform, modules (TPMs), the plurality of TPMs comprising a first TPM and a second TPM, the method comprising:
- obtaining from an application program an interface instance reference to an interface instance associated with the first TPM;
obtaining from the application program an application request, the application request comprising application request parameters and/or a function to be requested to the first TPM, the application request parameters comprising setup parameters indicative of the first TPM;
determining (S3) a type of the obtained application request, the type comprising a context initialization request or a function request;
when it is determined that the type of the obtained application request corresponds to a context initialization request,obtaining (S4) an instance context of the interface instance indicated by the interface instance reference and a trusted computing component context associated with the application program; and
transmitting (S5) the instance context and the trusted computing component context to the application program;
when it is determined that the type of the obtained application request corresponds to a function request,requesting (S6), via the interface instance, the first TPM to perform the function, and/or computing an application response based on the application request parameters; and
transmitting (S7) the application response to the application program.
1 Assignment
0 Petitions
Accused Products
Abstract
This disclosure provides a method for enabling or supporting simultaneous control of a plurality of TPMs. The plurality of TPMs comprises a first TPM and a second TPM. The method comprises obtaining from an application program an interface instance reference to an interface instance associated with the first TPM. The method comprises obtaining from the application program an application request. The application request comprises application request parameters and/or a function to be requested to the first TPM. The application request parameters comprise setup parameters indicative of the first TPM. The method comprises determining a type of the obtained application request. The type comprises a context initialization request or a function request. When it is determined that the type of the obtained application request corresponds to a context initialization request, the method comprises obtaining an instance context of the interface instance indicated by the interface instance reference and a trusted computing component, TCC, context associated with the application program; and transmitting the instance context and the trusted computing component context to the application program. When it is determined that the type of the obtained application request corresponds to a function request, the method comprises requesting, via the interface instance, the first TPM to perform the function, and/or computing an application response based on the application request parameters. The method comprises transmitting the application response to the application program.
35 Citations
32 Claims
-
1. A method, performed in a trusted computing component, for enabling simultaneous control of a plurality of trusted platform, modules (TPMs), the plurality of TPMs comprising a first TPM and a second TPM, the method comprising:
-
obtaining from an application program an interface instance reference to an interface instance associated with the first TPM; obtaining from the application program an application request, the application request comprising application request parameters and/or a function to be requested to the first TPM, the application request parameters comprising setup parameters indicative of the first TPM; determining (S3) a type of the obtained application request, the type comprising a context initialization request or a function request; when it is determined that the type of the obtained application request corresponds to a context initialization request, obtaining (S4) an instance context of the interface instance indicated by the interface instance reference and a trusted computing component context associated with the application program; and transmitting (S5) the instance context and the trusted computing component context to the application program; when it is determined that the type of the obtained application request corresponds to a function request, requesting (S6), via the interface instance, the first TPM to perform the function, and/or computing an application response based on the application request parameters; and transmitting (S7) the application response to the application program. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method, performed in an interfacing component, for enabling simultaneous access to a plurality of trusted platform modules (TPMs), the plurality of TPMs comprising a first TPM and a second TPM, the method comprising:
-
receiving from a trusted computing component a request to connect to the first TPM; invoking an interface instance associated with the first TPM; obtaining an instance context corresponding to the invoked interface instance; receiving a command from a trusted computing component, the command comprising a function; requesting the first TPM to execute the function by transmitting the command to the first TPM; receiving a command response from the first TPM; and transmitting the command response to the trusted computing component. - View Dependent Claims (18, 19)
-
-
20. A trusted computing component comprising:
-
a processor; a memory; and a component interface operatively connected to an application program and to at least one of a plurality trusted platform modules (TPMs) using an interface instance, the plurality of TPMs comprising a first TPM and a second TPM; wherein the trusted computing component is configured to; obtain from the application program an interface instance reference to the interface instance associated with the first TPM; obtain an application request from the application program, the application request comprising application request parameters and/or a function to be requested to the first TPM, the application request parameters comprising setup parameters indicative of the first TPM; determine whether the obtained application request is a context initialization request or a function request; when it is determined that the obtained application request is the context initialization request, obtain an instance context of the interface instance indicated by the interface instance reference and a trusted computing component context associated with the application program; and transmit the instance context and the trusted computing component context to the application program; when it is determined that the obtained application request is the function request, request, via the interface instance, the first TPM to perform the function, and/or compute an application response based on the application request parameters; and transmit the application response to the application program. - View Dependent Claims (21, 22, 23, 27, 28)
-
-
24. An interfacing component comprising:
-
a processor; a memory; an interface operatively connected to a trusted computing component and to at least one of a plurality of trusted platform modules (TPMs), wherein the interfacing component is configured to; receive from the trusted computing component a request to connect to the first TPM; invoke an interface instance associated with the first TPM; obtain an instance context corresponding to the invoked interface instance; receive a command from the trusted computing component, the command comprising a function; request the first TPMs to execute the function, and/or compute a command response; and transmit the command response to the trusted computing component. - View Dependent Claims (25, 26, 29, 30)
-
-
31. A nontransitory computer readable storage medium comprising a computer program product for supporting simultaneous access to a plurality of TPMs, the computer program product comprising program code, that, when executed on a trusted computing component, cause the trusted computing component to perform a method for enabling simultaneous control of a plurality of trusted platform modules (TPMs), the plurality of TPMs comprising a first TPM and a second TPM, the method comprising:
-
obtaining from an application program an interface instance reference to an interface instance associated with the first TPM; obtaining from the application program an application request, the application request comprising application request parameters and/or a function to be requested to the first TPM, the application request parameters comprising setup parameters indicative of the first TPM; determining a type of the obtained application request, the type comprising a context initialization request or a function request; when it is determined that the type of the obtained application request corresponds to a context initialization request, obtaining (an instance context of the interface instance indicated by the interface instance reference and a trusted computing component context associated with the application program; and transmitting the instance context and the trusted computing component context to the application program; when it is determined that the type of the obtained application request corresponds to a function request, requesting, via the interface instance, the first TPM to perform the function, and/or computing an application response based on the application request parameters; and transmitting the application response to the application program.
-
-
32. A nontransitory computer readable storage medium comprising a computer program product for supporting simultaneous access to a plurality of trusted platform modules (TPMs), the computer program product comprising program code that, when executed on an interfacing component, cause the interfacing component to perform a method for enabling simultaneous access to a plurality of trusted platform modules (TPMs), the plurality of TPMs comprising a first TPM and a second TPM, the method comprising:
-
receiving from a trusted computing component a request to connect to the first TPM; invoking an interface instance associated with the first TPM; obtaining an instance context corresponding to the invoked interface instance; receiving a command from a trusted computing component, the command comprising a function; requesting the first TPM to execute the function by transmitting the command to the first TPM; receiving a command response from the first TPM; and transmitting the command response to the trusted computing component.
-
Specification