Apparatus and method for creating a trusted environment

US 7,376,974 B2
Filed: 11/21/2002
Issued: 05/20/2008
Est. Priority Date: 11/22/2001
Status: Active Grant

First Claim

Patent Images

1. A computer apparatus for creating a trusted environment comprising:

a trusted device arranged to acquire a first integrity metric to allow determination as to whether the computer apparatus is operating in a trusted manner, said trusted device being a physical device which binds an identity of the computer apparatus to first reliably measured data by means of said first integrity metric;

a software trust routine which binds an identity of at least a first operating system environment to second reliably measured data by means of at least a second integrity metric;

a processor arranged to allow execution of said software trust routine and said at least a first operating environment, andmeans for restricting a privilege level of the at least a first operating system environment to a lower privilege level than that assigned to the software trust routine, wherein the software trust routine is arranged to acquire (i) the first integrity metric of said trusted device as an indicator of whether a user of said computer apparatus should trust that said computer apparatus is operating consistently with said first reliably measured data and (ii) the second integrity metric to allow determination by the user as to whether the at least a first operating system environment is operating in a trusted manner consistently with said second reliably measured data.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer apparatus for creating a trusted environment comprising a trusted device arranged to acquire a first integrity metric to allow determination as to whether the computer apparatus is operating in a trusted manner; a processor arranged to allow execution of a first trust routine and associated first operating environment, and means for restricting the first operating environment access to resources available to the trust routine, wherein the trust routine being arranged to acquire the first integrity metric and a second integrity metric to allow determination as to whether the first operating environment is operating in a trusted manner.

Citations

25 Claims

1. A computer apparatus for creating a trusted environment comprising:
- a trusted device arranged to acquire a first integrity metric to allow determination as to whether the computer apparatus is operating in a trusted manner, said trusted device being a physical device which binds an identity of the computer apparatus to first reliably measured data by means of said first integrity metric;
  
  a software trust routine which binds an identity of at least a first operating system environment to second reliably measured data by means of at least a second integrity metric;
  
  a processor arranged to allow execution of said software trust routine and said at least a first operating environment, andmeans for restricting a privilege level of the at least a first operating system environment to a lower privilege level than that assigned to the software trust routine, wherein the software trust routine is arranged to acquire (i) the first integrity metric of said trusted device as an indicator of whether a user of said computer apparatus should trust that said computer apparatus is operating consistently with said first reliably measured data and (ii) the second integrity metric to allow determination by the user as to whether the at least a first operating system environment is operating in a trusted manner consistently with said second reliably measured data.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The computer apparatus of claim 1 wherein the trusted device includes means for controlling at least an initiation of a boot process when said computer apparatus is rebooted.
  - 3. The computer apparatus of claim 1 wherein the trusted device is arranged on a motherboard of said computer apparatus along with at least said processor.
  - 4. The computer apparatus of claim 3 wherein the trusted device includes a controller programmed to control its overall operation and to interact with other devices on said motherboard.
  - 5. The computer apparatus of claim 1 wherein the trusted device comprises an integrated circuit device.

6. A computer apparatus for creating a trusted environment, the computer apparatus comprising:
- a trusted device arranged to acquire a first integrity metric to allow determination as to whether the computer apparatus is operating in a trusted manner, said trusted device being a physical device which binds an identity of the computer apparatus to reliably measured data by means of said first integrity metric, anda processor arranged to allow execution of a first trust routine and an associated first operating environment, the processor is arranged to restrict access of the first operating environment from resources available to the trust routine, wherein the trust routine is arranged to acquire the first integrity metric and is further arranged to acquire a second integrity metric to allow determination as to whether the first operating environment is operating in a trusted manner,wherein the trust routine, in response to acguiring the first integrity metric of said trusted device, indicates to a user of said computer apparatus whether the user should trust that said computer apparatus is operating in its trusted manner, andwherein the trust routine, in response to acquiring the second integrity metric, indicates to the user whether the user should trust that the first operating system environment is operating in its trusted manner.

7. A computer apparatus for creating a trusted environment, the computer apparatus comprising:
- a trusted device arranged to acquire a first integrity metric to allow determination as to whether the computer apparatus is operating in a trusted manner, said trusted device being a physical device which binds an identity of the computer apparatus to reliably measured data by means of said first integrity metric, anda processor arranged to allow execution of a plurality trust routines in a first privilege level of the processor and to allow execution of respective associated operating environments in a second privilege level of the processor such that access to resources available to code executed in the first privilege level is restricted to code executed in the second privilege level, wherein each trust routine is arranged to acquire the first integrity metric and an integrity metric associated with the respective associated operating environment to allow determination as to whether the respective operating environment is operating in a trusted manner.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 8. A computer apparatus according to claim 7, wherein the trusted device is a tamper resistant device.
  - 9. A computer apparatus according to claim 7, wherein the trust routine is arranged to incorporate cryptographical functionality for restricting access to data associated with the trust routine.
  - 10. A computer apparatus according to claim 7, wherein the trusted device is arranged to store one or more secrets.
  - 11. A computer apparatus according to claim 10, wherein at least one secret is a private asymmetric encryption key.
  - 12. A computer apparatus according to claim 7, wherein one or more secrets are associated with the trust routine.
  - 13. A computer apparatus according to claim 12, wherein the trusted device is arranged to store secrets, on powering down of the computer apparatus, utilised by a trust routine.
  - 14. A computer apparatus according to claim 7, wherein the code executed in the second privilege level has restricted access to data associated with a trust routine executed in the first privilege level.
  - 15. A computer apparatus according to claim 7, wherein data associated with the trust routine is protected from alteration from code executed in the second privilege level.
  - 16. A computer apparatus according to claim 7, wherein secrets associated with a trust routine are not accessible to code executed in the second privilege level.
  - 17. A computer apparatus according to claim 7, wherein the trusted device vouches for a public key associated with the trust module using a private key of the trusted device.
  - 18. A computer apparatus according to claim 7, wherein a trusted third party vouches for a public key associated with the trust module using a private key of the trusted parties.
  - 19. A computer apparatus according to claim 7, wherein the trusted device is arranged to transfer boot-up sequence instructions to allow initiation of boot-up of the computer apparatus.
  - 20. A computer apparatus according to claim 19, wherein the processor is arranged to cause the boot-up sequence instructions to be the first instructions executed by the processor after release from reset.
  - 21. The method of claim 7,wherein the trust routine, in response to acquiring the first integrity metric of said trusted device, indicates to a user of said computer apparatus whether the user should trust that said computer apparatus is operating in its trusted manner, andwherein the trust routine, in response to acquiring the second integrity metric, indicates to the user whether the user should trust that the first operating system environment is operating in its trusted manner.

22. A method for creating a trusted environment in a computer apparatus, the method comprisingacquiring a first integrity metric to allow determination as to whether a computer apparatus has a trusted device binding an identity of the computer apparatus to first reliably measured data by means of said first integrity metric;
- acquiring a second integrity metric to allow determination as to whether a computer apparatus has a first trusted operating environment binding an identity of the first trusted operating environment to second reliably measured data by means of said second integrity metric;
  
  executing a first trust routine which acquires (i) the first integrity metric as an indicator of whether a user of said computer apparatus should trust that said computer apparatus is operating consistently with said first reliably measured data and (ii) acquires the second integrity metric to allow determination by the user as to whether the at least a first operating system environment is operating in a trusted manner consistently with said second reliably measured data, andrestricting a privilege level of the first operating environment to a lower privilege level than that assigned to the trust routine.

23. A method for creating a trusted environment in a computer apparatus, the method comprising:
- acquiring a first integrity metric to allow determination by a user of the computer apparatus as to whether the computer apparatus is operating in a trusted manner based upon externally obtained reliable data and executing a first trust routine and an associated first operating environment,restricting the first operating environment'"'"'s access from resources available to the trust routine,acquiring the first integrity metric and a second integrity metric to allow determination by said user as to whether the first operating environment is operating in a trusted manner also based upon externally obtained reliable data.

24. A computer system for creating a trusted environment comprising:
- a physical trusted device which is installed in said computer system and is arranged to acquire a first integrity metric to allow determination as to whether the computer system is operating in a trusted manner;
  
  a processor arranged to allow execution of a first trust routine and an associated first operating environment, andmeans for restricting access of the first operating environment from resources available to the trust routine, wherein the trust routine is arranged to acquire (i) the first integrity metric to allow a determination to be made by a user of the computer system whether the hardware of the computer system may be utilized in a trusted manner based upon externally obtained reliable data and (ii) a second integrity metric to allow a determination by said user whether the first operating environment is operating in a trusted manner based upon externally obtained reliable data.

25. A computer apparatus for creating a trusted environment comprising:
- a physical trusted device arranged to acquire a first integrity metric to allow determination as to whether the computer apparatus is operating in a trusted manner, said physical trusted device binding an identity of the computer apparatus to reliably measured data by means of said first integrity metric;
  
  a virtual trusted device arranged to acquire a second integrity metric to allow determination as to whether the computer apparatus has an operating system capable of operating in a trusted manner, said virtual trusted device binding an identity of the operating system to reliably measured data by means of said second integrity metric;
  
  a processor arranged to allow execution of said operating system and at least one application program, said processor having at least four different privilege levels of operation, PL0, PL1, PL2 and PL3, with PL0 being the highest of these four privilege levels and PL4 being the lowest of these four privilege levels, the processor also having certain privileged instructions which may be used only at PL0;
  
  a security kernel which runs at privilege level PL0, the security kernel having code allowing execution of the virtual trusted device and for accessing the physical trusted device, code for trap and interrupt handling as well as code for memory management;
  
  a global service module which runs at privilege level PL1, the global service module having code which does need to respond to trap and interrupt handling but which handles interfacing between the operating system and the security kernel; and
  
  means for restricting the at least one application program to a privilege level no higher than privilege level PL3, and means for restricting the operating system to a privilege level no higher than PL2.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Hyser, Chris D., Worley, John S., Worley, William S Jr., Proudler, Graeme John, Balacheff, Boris
Primary Examiner(s)
Moazzami; Nasser
Assistant Examiner(s)
Abyaneh; Ali S

Application Number

US10/303,690
Publication Number

US 20030226031A1
Time in Patent Office

2,007 Days
Field of Search

726/29, 726/27, 713/164
US Class Current

726/27
CPC Class Codes

G06F 21/57   Certifying or maintaining t...

G06F 21/575   Secure boot

G06F 21/62   Protecting access to data v...

G06F 2221/2105   Dual mode as a secondary as...

G06F 2221/2145   Inheriting rights or proper...

G06F 2221/2149   Restricted operating enviro...

G06F 2221/2153   Using hardware token as a s...

Apparatus and method for creating a trusted environment

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus and method for creating a trusted environment

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links