Data integrity monitoring in trusted computing entity

US 7,457,951 B1
Filed: 05/25/2000
Issued: 11/25/2008
Est. Priority Date: 05/28/1999
Status: Expired due to Fees

First Claim

Patent Images

1. A method of security monitoring of a computing platform, said method comprising the steps of:

(i) creating a data file in a portion of a memory area of said computing platform that is reserved for use by a trusted component associated with said computing platform;

(ii) generating a first digest data describing a data content of said data file;

(iii) waiting a predetermined time period;

(iv) repeating step (ii) to generate a second digest data;

(v) comparing said second digest data with said first digest data to determine a security status of the computing platform; and

(vi) repeating steps (iii) to (vi) if said second digest data is identical to said first digest data.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of security monitoring of data files in a computer platform is carried out by a trusted component having a processor and trusted memory area. The method comprises creating one or a plurality of data files in an untrusted memory area of said computing platform, for each created data file, periodically generating a digest data by applying a hash function to each data file, storing the digest data in a trusted memory area and for each file periodically comparing a current digest data of the file with a previously generated digest data of the file. Any differences between a previous and a current digest data indicate that a file in the untrusted memory area has been corrupted.

161 Citations

View as Search Results

32 Claims

1. A method of security monitoring of a computing platform, said method comprising the steps of:
- (i) creating a data file in a portion of a memory area of said computing platform that is reserved for use by a trusted component associated with said computing platform;
  
  (ii) generating a first digest data describing a data content of said data file;
  
  (iii) waiting a predetermined time period;
  
  (iv) repeating step (ii) to generate a second digest data;
  
  (v) comparing said second digest data with said first digest data to determine a security status of the computing platform; and
  
  (vi) repeating steps (iii) to (vi) if said second digest data is identical to said first digest data.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method as claimed in claim 1, further comprising the step of:
    - (vii) if said second digest data is not identical to said first digest data, storing an error data.
  - 3. The method as claimed in claim 1, wherein said step of generating a first digest data comprises applying a hash function to said data file to produce a hash function data corresponding to said data file.
  - 4. The method as claimed in claim 1, wherein said step of creating a data file in a reserved portion of a memory area of said computer platform comprises copying an existing user data file into the reserved portion of said memory area of said computer platform.
  - 5. The method as claimed in claim 1, wherein said step of creating a data file in a reserved portion of said memory area comprises generating a random or pseudo random data in the reserved portion of said memory area of said computer platform.
  - 6. The method as claimed in claim 1, wherein said step of generating a digest data corresponding to said data file is carried out by an algorithm operating on said computer platform.
  - 7. The method as claimed in claim 1, wherein said step of generating a digest data comprises sending said data file to a trusted component comprising a trusted processor and a trusted memory area, and generating said digest data by applying an algorithm to said data file in said trusted component.

8. A computer entity comprising:
- a computer platform comprising a first data processing means and a first memory means;
  
  a monitoring component comprising a second data processing means and a second memory means;
  
  wherein said monitoring component comprises means for receiving a monitor data, said monitor data describing a content of a plurality of data files stored in said computer platform in a portion of said first memory means that is reserved for use by a trusted component associated with said computer platform;
  
  means for storing said plurality of monitor data in said monitoring component; and
  
  means for making comparisons of said monitor data,wherein said monitoring component periodically receives for each of a plurality of data files, a historical monitor data representing a state of said data file at a previous point in time, and a current monitor data representing a current state of said data file.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
- - 9. The computer entity as claimed in claim 8, wherein said historical monitor data and said current monitor data are stored in said second memory means of said monitoring component.
  - 10. The computer entity as claimed in claim 8, wherein said monitoring component comprises a set of agent code stored in said second data storage means, wherein said set of agent code may be transferred to said first data storage means for operation and control by said first data processing means in said computer platform.
  - 11. The computer entity as claimed in claim 8, wherein said monitoring component comprises a dictionary means, said dictionary means comprising a text generator device operable to generate a plurality of text data representing a plurality of words, and said monitoring means transferring said text data to a plurality of said data files created in a reserved area of said first memory means.
  - 12. The computer entity as claimed in claim 11, wherein said dictionary means is operable to generate a plurality of names identifying said plurality of data files created in said reserved area of said first memory means.
  - 13. The computer entity as claimed in claim 11, wherein said dictionary means is operable to generate a plurality of names of directories containing said plurality of data files created in said reserved area of said first memory means.
  - 14. The computer entity as claimed in claim 8, further comprising an agent means, said agent means resident and operating on said computer platform wherein,said agent means creates a plurality of said data files in a reserved region of said first memory area;
    - said agent means substantially continuously monitors said created data files in said reserved memory region; and
      
      said agent reports said monitor data describing a content of said data files in said reserved memory region periodically to said monitoring component.
  - 15. The computer entity as claimed in claim 8, comprising a random data generator, wherein said random data generator generates random data which is stored in a plurality of said data files created in a reserved region of said first memory area of said computer platform.
  - 16. The computer entity as claimed in claim 8, comprising an agent device resident on said computer platform, and a smart card reader device, wherein said agent device communicates with said smart card reader device for receiving a file name data from said smart card reader device, said file name data describing one or a plurality of file names of user data files for which permission to copy said user data files is granted to said agent device.

17. A method of security monitoring a computer platform comprising a first data processing means and a first memory means, said method comprising the steps of:
- (i) receiving a first monitor data, said first monitor data describing a data content of a data file stored in a portion of a memory of said computer platform that is reserved for use by a trusted component associated with said computer platform;
  
  (ii) storing said first monitor data in a trusted memory area physically and logically distinct from said computer platform;
  
  (iii) receiving a second monitor data, said second monitor data describing a data content of said same data file stored in said computer platform;
  
  (iv) comparing said first monitor data with said second monitor data;
  
  (v) if said first monitor data differs from said second monitor data, generating an error data; and
  
  (vi) if said first monitor data does not differ from said second monitor data, repeating steps (iii) to (vi).
- View Dependent Claims (18, 19, 20, 21)
- - 18. The method as claimed in claim 17, further comprising the step of generating said first monitor data by applying a one-way function algorithm to a data content of said data file.
  - 19. The method as claimed in claim 17, further comprising the step of:
    - generating an alarm display when a said error data is created.
  - 20. The method as claimed in claim 17, further comprising the step of:
    - comparing said error data against a predetermined measure of error data allowable in a predetermined time, to determine if said error data is statistically significant.
  - 21. The method as claimed in claim 20, further comprising the step of:
    - if said error data is determined to be statistically significant, generating an alarm display indicating an error has occurred in said data file.

22. A method of monitoring a computer platform comprising a first data processing means and first memory means, said method comprising the steps of:
- a) allocating a region of said first memory means for use by a monitoring entity comprising a second data processing means and a second memory means;
  
  b) creating in said allocated memory area a plurality of data files, each allocated to said monitoring entity;
  
  c) entering data into said plurality of allocated data files in said reserved memory region;
  
  d) creating for each of said data files a monitor data describing a data content of each of said data file;
  
  e) storing said monitor data in a second memory device, said second memory device being physically and logically distinct from said first memory device;
  
  f) repeating steps d) and e); and
  
  g) periodically comparing a recently received said monitor data for said data file with a previously received monitor data for the same said data file.
- View Dependent Claims (23, 24, 25, 26)
- - 23. The method as claimed in claim 22, wherein said step of entering data into a said data file comprises:
    - copying an existing data file from an unreserved area of said first memory device into said data file.
  - 24. The method as claimed in claim 23, further comprising the step of:
    - assigning a file name of said data file in said reserved memory area said file name being a different file name to a file name of said original user file from said unreserved area of said first memory area from which said data file was copied.
  - 25. The method as claimed in claim 23, further comprising the step of:
    - assigning a directory name of a directory used for storing said data file in said reserved memory area said directory name being a different directory name to a directory name of said original user directory from said unreserved area of said first memory area in which said data file was originally located.
  - 26. The method as claimed in claim 22, wherein said step of creating a monitor data comprises:
    - applying a one-way function algorithm to data in said data file, to produce said monitor data from said data stored in said data file.

27. A computer entity programmed for security monitoring, comprising one or more processors and one or more memories, wherein:
- one of said processors is programmed to generate random or pseudo-random data files in of one of said memories reserved for use by a trusted component; and
  
  one of said processors is programmed to monitor said data files by repeatedly obtaining digests of said data files and detecting when changes to said data files have occurred.
- View Dependent Claims (28, 29, 30, 31, 32)
- - 28. A computer entity as claimed in claim 27 comprising at least two processors, wherein a first processor of said processors is a main processor and a second processor of said processors is a monitoring processor retained within a monitoring component physically and logically protected against unauthorised modification, wherein the monitoring processor is adapted to monitor said data files.
  - 29. A computer entity as claimed in claim 28, wherein the computer entity comprises at least two memories, wherein a first memory of said memories is a main memory and a second memory of said memories is a monitor memory retained within the monitoring component, wherein the results of monitoring said data files are retained within the monitor memory.
  - 30. A computer entity as claimed in claim 28, wherein the data files are generated by an agent operating on the main processor in coordination with code operating on the monitoring processor.
  - 31. A computer entity as claimed in claim 27, wherein the data files are stored in a memory area reserved for monitoring purposes.
  - 32. A computer entity as claimed in claim 27, wherein an error datum is generated when said monitoring indicates a change to one of said data files, and whereby said processor adapted to monitor said data files is adapted to report data corruption when a statistically significant number of said error data have been generated.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Proudler, Graeme John, Balacheff, Boris
Primary Examiner(s)
Barron, Jr.; Gilberto
Assistant Examiner(s)
Gelagay; Shewaye

Application Number

US09/979,903
Time in Patent Office

3,106 Days
Field of Search

713/200, 713/165, 713/164, 726/26, 726/22
US Class Current

713/164
CPC Class Codes

G06F 21/566   Dynamic detection, i.e. det...

G06F 21/567   using dedicated hardware

G06F 21/57   Certifying or maintaining t...

G06F 21/64   Protecting data integrity, ...

G06F 2207/7219   Countermeasures against sid...

G06F 2211/009   Trust

G06F 2211/1097   Boot, Start, Initialise, Power

Data integrity monitoring in trusted computing entity

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

161 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Data integrity monitoring in trusted computing entity

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

161 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links