CN1813244A - Dual virtual machine and trusted platform module architecture for next generation media players - Google Patents
Dual virtual machine and trusted platform module architecture for next generation media players Download PDFInfo
- Publication number
- CN1813244A CN1813244A CN 200480018214 CN200480018214A CN1813244A CN 1813244 A CN1813244 A CN 1813244A CN 200480018214 CN200480018214 CN 200480018214 CN 200480018214 A CN200480018214 A CN 200480018214A CN 1813244 A CN1813244 A CN 1813244A
- Authority
- CN
- China
- Prior art keywords
- virtual machine
- computing environment
- media player
- irrelevant
- copy protection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The present invention provides a software computing based environment for providing secured authentication of media downloaded from a network or loaded from a media player includes two peer-mode operating virtual machines. The low-level virtual machine provides decoding and decryption functions whereas the high-level virtual machine provides application level functions such as user interface, input/output.
Description
Technical field
The present invention relates to develop new security system and method, comprise Copy Protection the removable media player.
Background technology
Virtual machine (VM) is to be used for explanation to serve as compiler and microprocessor (or " interface between the hardware platform "), and the term of the software of actual execution of program instructions.Compiler is to handle the statement write out according to the certain programmed language and it is become the separate procedure or the computer processor employed " code " of scale-of-two machine language.
The developer of Java programming language and running environment, Sun Microsystems is famous because of the exploitation of its Java Virtual Machine.Java Virtual Machine is the Java binary code (being called syllabified code) that computer processor (or " hardware platform ") is explained compiling, so that it can carry out the java applet instruction.
Java is designed to allow the structure application program, and application program can be moved on any platform and not need the programmer to rewrite or recompilate at each independent platform.When providing Java Virtual Machine to platform, any java applet can move on this platform.Java Virtual Machine makes this become possibility, because it considers other characteristic of specific instruction length and platform.
Virtual machine is a kind of abstract computing machine.The same with real computing machine, it has, and instruction is provided with and operate various storage areas when operation.Use virtual machine to realize that programming language is quite general; Perhaps, foremost virtual machine is the P-Code machine of UCSD Pascal.
In addition, more generally, virtual machine can be described as any program of operating system or operation computing machine.
In next generation media players, for example DVD or CD Player need improving one's methods of development Copy Protection for a long time.
The content safety system of a known DVD of being used for is Content Scrambling System (CSS), and wherein the data on the DVD are encrypted.When reading to coil, DVD player uses 40 bit decruption keys to come data decryption then.Yet the major defect of CSS is that its key and algorithm fix.The reverse design cryptographic algorithm, and each feasible solution decryption key of the existing DVD dish of broadcast is available.When betraying a secret, system will be subjected to eternal threat, and this is because have no idea to upgrade security algorithm or key.Now, the program that exists a plurality of consumers to use, it utilizes single " click " to remove all securities from dvd content.
The content owner does not wish that this thing happens once more, and especially the fidelity along with content increases.Therefore, content safety system of future generation should be not vulnerable like this.
The software retailer also faces problem of piracy, yet because the essence of computing machine, they take to be different from the employed mode of DVD entertainment company.In history, software packaging program (for example computer game) manufacturer utilizes " program safety " to protect its content.That is, do not have the fixing preordering method that is used for defence program, but each software vendor writes or obtains " security code " and protects its content.This program safety code changes according to program is different with technical in complexity, but most important ground, because each program has different fail-safe software embodiments, can not write out general " removal safety " program, just as writing out the program that is used to attack DVD safety.
The method of another kind of known Copy Protection is to write the hardware special instruction.The problem of this method is that it is extremely limited.Utilize this method,, must present not instruction on the same group for each hardware configuration.This is somewhat unrealistic.
Therefore, need a kind of hardware that the method for Copy Protection is provided to for example media player (not being specialized hardware).
Summary of the invention
Therefore, a kind of system and method for program Copy Protection of and platform independence is provided to media player.The disclosure proposes a kind of solution, wherein provides the dual virtual machine framework to next generation media players.The disclosure also proposes to use hardware based embedded security subsystem, and trusted platform module architecture module (TPM) for example connects the particular aspects of virtual machine architecture.
Form by senior virtual machine and low level virtual machine according to dual virtual machine framework of the present disclosure.Low level virtual machine is designed to support rudimentary medium deciphering and decoding function, and senior virtual machine is designed to handle the behavior of application layer.Therefore, this framework is isolated fail-safe software from application software.
Usually, the virtual machine that is suitable for program safety most more is similar to the instruction group of actual hardware CPU.That is, its supporting pointer, and between executable code and data, have fundamental difference.Therefore, this first kind virtual machine is called as " rudimentary VM ", or " safe VM ".Low level virtual machine is designed to and supports to resist the traditional C PU that distorts (tamper resistant) software engineering similar.
The unfavorable aspect of similar this virtual machine is that misprogrammed or unexpected service condition are serious.For security system, this can think strong point, but for using (more complicated, and have the lower test covering of intensity usually), this is a shortcoming.
For application, " the senior VM " of the most of computing details of " on the backstage " management allows exploitation according to more reliable application program more measurable and the robust fashion running.The prominent example of " senior " virtual machine is Java.For example, Java does not need to support the notion of " pointer " or clear and definite storage administration (the general source of misprogrammed), yet supports " exception is handled ", handles unexpected service condition according to measurable mode helper and programmer.
Senior or application layer virtual machine is designed to have all characteristics, and abundant application interface is provided.
Therefore, it is desirable to make up the advantage of rudimentary VM and senior VM, combine the platform independence security function of carrying out work so that provide with other application.In addition, the trusted platform module architecture module provides hardware based foundation of trust by inquiring and verify execution environment safely.
In exemplary embodiments, the disclosure is used to renewable safety and the purpose of copy protection in DVD and the CD Player.Yet this framework is also supported to be stored in hard disk, the solid-state memory or the playback of the medium that send on network.
As mentioned above, low level virtual machine is designed to support rudimentary medium deciphering and decoding function.In medium of future generation (NGM) were used, this low level virtual machine also was responsible for the senior VM of guiding.Senior VM handles the behavior of application layer, for example sophisticated user interface, misc, IO and network behavior.
Of the present disclosure pair of VM framework is novel.Two VM frameworks provide " equity " relation and concern unlike traditional " piling up (stacked) VM ".An example of the stacked relation that VM moves on another is the PowerPC (as among the Mac) of human window simulated program (x86 simulated program or VM), and the window simulated program is carried out JavaVM successively.
In addition, this pair of VM framework innovated with combining of hardware based trust computing module.
The disclosure expands to for example medium of CD and DVD with the use of program safety.In addition, program safety also allows the content holder to have than system's copyright management more flexibly of announcing.Fixedly the simple Copy Protection (CP) that provided of security system (similar CSS) is relative with prior art, and this dirigibility can be used to realize complete digital copyright management (DRM) system.
The following examples show characteristics of the present disclosure and advantage, from the detailed description of reading exemplary embodiments, and apparent above-mentioned and other purpose, characteristics and advantage of the present invention.
Description of drawings
Fig. 1 is the figure according to the media player framework of exemplary embodiments in the computing environment.
Fig. 2 shows the mutual and functional block scheme according to the rudimentary virtual manager of exemplary embodiments and senior virtual manager.
Need to understand,, needn't draw the unit shown in the figure in proportion for the simplification demonstrated and clear.For example, for clear, relative to each other, amplify the size of some unit.In addition, in the time of with due regard to, repeat reference numerals is represented units corresponding in the accompanying drawings.
Embodiment
Detailed explanation is disclosed at this; Yet, it is to be understood that disclosed embodiment is an example of the present invention, the present invention can realize according to various forms.Therefore, the details of special construction disclosed herein and function should not be understood that restriction, and just as the basic of claim and as representing the basis, instruction those skilled in the art reality is differently used the disclosure according to any suitably detailed structure.Reference is in the disclosure shown in the accompanying drawing (Fig. 1-2) in detail.
System and method of the present disclosure provides the dual virtual machine framework that uses media player.A VM is designed to support security function, for example medium deciphering and decoding.In media application of future generation, perhaps rudimentary VM is responsible for direct application level VM.Senior or application layer VM handles the behavior of application layer, for example advanced level user interface, misc, IO and network behavior.
Fig. 1 and 2 shows according to the media player framework in the computing environment 10 of exemplary embodiments.Particularly, show the source of media (for example DVD, CD, solid condition apparatus or network) that comprises media data or content 18, security code 12 and the importing code 16 that is used to allow playback media on media player.
Comprise the CPU (central processing unit) 25 that to move at least one virtual machine (VM) according to media-playback device of the present disclosure.In exemplary embodiments, virtual machine is the dual virtual machine framework, is included in rudimentary VM (for example safe VM) 22 and senior VM (for example using VM) 24 that CPU26 goes up operation.Service regeulations can be carried out and implement to the program of moving in VM, and upgrade cryptographic algorithm.Computing environment 10 can also comprise application programming interfaces (API) 40-44, and 40-44 is used to allow various programs communicate mutually one group of routine or agreement.
In a scheme, one of VM (22 or 24) controls another VM.In another scheme, senior and low level virtual machine is as reciprocity virtual machine, according to non-grade mode pass-along message between it.Can realize these message with " external function calls ", the routine in another virtual machine of one of them virtual machine call perhaps realizes with the conventional message along the communication channel transmission.
For example, use VM (or senior VM) 24 and can call safe VM (or rudimentary VM) 22, so that the playback of beginning media content 18 (and therefore transparent decoding).
Similarly, the code among the safe VM22 can call uses VM22, makes it understand synchronous event or decoding problem (for example, but safety perhaps problem).
For example, from it under situation of original optical media copy medium, safe VM22 notice is used VM24: need key and play so that continue.Respond it, use VM24 via application-level functions 25 display messages, notify the user they can pass through this film special time length of user interface 27 " lease ".If the user selects so to do, the user must conclude the business with operating room's server, so that obtain to comprise " opaque message " (only can be understood by VM) of key.Then, the message that application VM24 will comprise key passes to safe VM22 and Copy Protection algorithm 23, so that authentication.
Media player device also comprises processing module (for example trusting processing module or TPM) 32.The TPM standard be by the part of trust calculate platform alliance (TCPA) standard of trusting computing tissue (TCG) creation (
Http:// www.trustedcomputinggroup.org).TPM32 comprises decruption key, and handles the security password computing.Media-playback device also comprises API40,42, allows any program inquiry unit IO hardware and the TPM that move in virtual machine.This makes the program of carrying out in VM make Intelligence Selection for service regeulations.The decoder module 34 that is attached on the CPU26 also is provided, is used to decompose decoded audio/video flowing.
Usually, trusted platform module architecture makes entity can determine the application state exclusive disjunction environment 10 in this platform and data can be sealed in the specific software environment of this platform.Entity infers that whether the state of computing environment is acceptable and carries out some transaction with platform.If transaction relates to the sensitive data that must be stored on this platform, entity is guaranteed according to these data of secret format analysis processing, unless the state of the computing environment in this platform is acceptable for entity.
In order to realize this condition, trusted platform module architecture provides information, makes entity can infer software environment in the trusted platform module architecture.Measure this information reliably and inform entity.Simultaneously, trusted platform module architecture provides a kind of device, is used for Crypted password and is described in the software environment that must enter before the decruption key.
" trust and measure foundation (root) " and measure the particular platform feature, measurement data is charged to measured the storehouse, and net result is stored in TPM (comprising the trust foundation that is used to store and inform perfect measurement).Therefore, TPM is the secure memory location of all decruption keys.TPM also handles most of crypto-operations and function.
In addition, media-playback device have safety, shielded input and output 28, with the ability and the memory device (for example RAM36 and ROM38) of other player 30 networkings.
Therefore, according to exemplary embodiments, independent virtual machine (VM) runs in the identical operation environment that comprises CPU.This framework separates two virtual machines (being senior or application layer VM and rudimentary or safe VM), and wherein application and secure virtual manager communicate by standard A PI.Applying virtual manager functional comprises to the security code of just carrying out in the secure virtual manager to be provided in order to serve, and access of safe VM coordinating media and decoding function, so that content safety is transparent for using the author.
For computational complexity, safe VM has lower influence to system resource, is simple, light weight, rudimentary and safe, and can provides appropriate software for this VM by the safety retailer.Use VM and have relatively large CPU and storage influence, and responsible user interface and I/O function.
The disclosure is not limited in the media player of for example traditional C D and DVD player and uses, and moves but can expand on PC, perhaps is extended to comprise functional hardware system of playing removable media.
In order to demonstrate and to illustrate, presented the above-mentioned explanation of preferred embodiment of the present disclosure.The appendix below reading, apparent other purpose of the present disclosure, characteristics and advantage.Be not to be intended to be detailed or the disclosure is limited to disclosed precise forms.In the above teachings, various modifications and variations are possible.
Claims (18)
1, a kind of dual virtual machine framework that resides in the computing environment, described framework comprises:
Low level virtual machine is used to carry out at least decoded media or one of security function is provided; And
Senior virtual machine is used to carry out application-level functions;
Wherein, low level virtual machine and senior virtual machine have peer-to-peer.
2, dual virtual machine framework according to claim 1, wherein, senior virtual machine comprises the application program that is used for user interface.
3, dual virtual machine framework according to claim 1, wherein, application-level functions comprises at least providing with user's interface or with the network with medium and one of communicates.
4, dual virtual machine framework according to claim 1 wherein, will send to rudimentary virtual manager from the security code of medium by senior virtual manager, be used for deciphering.
5, dual virtual machine framework according to claim 4, wherein, medium are available from one of DVD, CD, network or solid condition apparatus at least.
6, dual virtual machine framework according to claim 1 also comprises processing module, and processing module comprises at least one decruption key.
7, dual virtual machine framework according to claim 6, wherein, processing module is carried out the security password computing.
8, dual virtual machine framework according to claim 6, wherein, processing module is used to monitor the computing environment.
9, dual virtual machine framework according to claim 1, wherein, the computing environment comprises CPU (central processing unit) (CPU).
10, a kind of and computing environment irrelevant, for media player provides the method for program Copy Protection, the method comprising the steps of:
Low level virtual machine is set, is used to carry out security function;
Senior virtual machine is set, is used to carry out user interface and application-level functions;
Wherein, low level virtual machine and senior virtual machine have peer-to-peer.
11, a kind of and computing environment according to claim 10 irrelevant, for media player provides the method for program Copy Protection, comprise that also senior virtual machine has the application program that is used for user interface.
12, a kind of and computing environment according to claim 10 irrelevant, for media player provides the method for program Copy Protection, wherein, application-level functions comprises at least providing with user's interface or with the network with medium and one of communicates.
13, a kind of and computing environment according to claim 10 irrelevant, for media player provides the method for program Copy Protection, also comprise by senior virtual manager sending to rudimentary virtual manager from the security code of medium, be used for deciphering.
14, a kind of and computing environment according to claim 13 irrelevant, for media player provides the method for program Copy Protection, wherein, medium are available from one of DVD, CD, network or solid condition apparatus at least.
15, a kind of and computing environment according to claim 10 irrelevant, for media player provides the method for program Copy Protection, also comprise processing module, processing module provides at least one decruption key.
16, a kind of and computing environment according to claim 15 irrelevant, for media player provides the method for program Copy Protection, wherein, processing module is carried out the security password computing.
17, a kind of and computing environment according to claim 15 irrelevant, for media player provides the method for program Copy Protection, also comprise by processing module monitoring computing environment.
18, a kind of and computing environment according to claim 10 irrelevant, for media player provides the method for program Copy Protection, wherein, the computing environment comprises CPU (central processing unit) (CPU).
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US48103403P | 2003-06-27 | 2003-06-27 | |
US60/481,034 | 2003-06-27 | ||
US60/481,066 | 2003-07-07 | ||
US60/493,072 | 2003-08-05 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1813244A true CN1813244A (en) | 2006-08-02 |
CN100451983C CN100451983C (en) | 2009-01-14 |
Family
ID=36845369
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNB2004800182146A Active CN100451983C (en) | 2003-06-27 | 2004-06-28 | Dual virtual machine and trusted platform module architecture for next generation media players |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN100451983C (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103858131A (en) * | 2011-10-07 | 2014-06-11 | 信特尼有限公司 | Microprocessor system with secured runtime environment |
US9489505B2 (en) | 2011-04-21 | 2016-11-08 | Trustonic Limited | Method for displaying information on a display device of a terminal |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4792895A (en) * | 1984-07-30 | 1988-12-20 | International Business Machines Corp. | Instruction processing in higher level virtual machines by a real machine |
JPS62159239A (en) * | 1985-12-30 | 1987-07-15 | インタ−ナショナル ビジネス マシ−ンズ コ−ポレ−ション | Editing system for virtual machine |
JPH10301773A (en) * | 1997-04-30 | 1998-11-13 | Sony Corp | Information processor and method therefor and recording medium |
US7308717B2 (en) * | 2001-02-23 | 2007-12-11 | International Business Machines Corporation | System and method for supporting digital rights management in an enhanced Java™ 2 runtime environment |
US6922774B2 (en) * | 2001-05-14 | 2005-07-26 | The United States Of America As Represented By The National Security Agency | Device for and method of secure computing using virtual machines |
-
2004
- 2004-06-28 CN CNB2004800182146A patent/CN100451983C/en active Active
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9489505B2 (en) | 2011-04-21 | 2016-11-08 | Trustonic Limited | Method for displaying information on a display device of a terminal |
CN103858131A (en) * | 2011-10-07 | 2014-06-11 | 信特尼有限公司 | Microprocessor system with secured runtime environment |
CN103858131B (en) * | 2011-10-07 | 2017-03-29 | 信特尼有限公司 | Micro controller system with secure runtime environment |
US9875366B2 (en) | 2011-10-07 | 2018-01-23 | Trustonic Limited | Microprocessor system with secured runtime environment |
Also Published As
Publication number | Publication date |
---|---|
CN100451983C (en) | 2009-01-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9003539B2 (en) | Multi virtual machine architecture for media devices | |
KR100950007B1 (en) | Dual virtual machine and trusted platform module architecture for next generation media players | |
Jang et al. | SafeDispatch: Securing C++ Virtual Calls from Memory Corruption Attacks. | |
US10255414B2 (en) | Software self-defense systems and methods | |
EP1942431B1 (en) | Software or other information integrity verification using variable block length and selection | |
KR101569308B1 (en) | Validation of applications for graphics processing unit | |
KR101503785B1 (en) | Method And Apparatus For Protecting Dynamic Library | |
US20160055337A1 (en) | Suspicious program detection | |
JP2007529044A5 (en) | ||
US11474954B2 (en) | Cache unit useful for secure execution | |
KR20070001893A (en) | Tamper-resistant trusted virtual machine | |
US20130007889A1 (en) | Trusted computing source code escrow and optimization | |
EP3924848A1 (en) | Securing virtual-machine software applications | |
US7350235B2 (en) | Detection of decryption to identify encrypted virus | |
CN100451983C (en) | Dual virtual machine and trusted platform module architecture for next generation media players | |
Shi et al. | Vanguard: A cache-level sensitive file integrity monitoring system in virtual machine environment | |
Marco-Gisbert et al. | SSPFA: effective stack smashing protection for Android OS | |
WO2006011888A1 (en) | Dual virtual machine architecture for media devices | |
Harris | Spectre: Attack and Defense | |
MXPA06000204A (en) | Dual virtual machine and trusted platform module architecture for next generation media players | |
Wurster | A generic attack on hashing-based software tamper resistance | |
Pistol | Practical dynamic information-flow tracking on mobile devices | |
Srinivasan et al. | Multi factored approach towards malware resistance |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant |