WO2011046422A1 - Method and network infrastructure for establishing dynamic trusted execution environment - Google Patents

Method and network infrastructure for establishing dynamic trusted execution environment Download PDF

Info

Publication number
WO2011046422A1
WO2011046422A1 PCT/MY2010/000203 MY2010000203W WO2011046422A1 WO 2011046422 A1 WO2011046422 A1 WO 2011046422A1 MY 2010000203 W MY2010000203 W MY 2010000203W WO 2011046422 A1 WO2011046422 A1 WO 2011046422A1
Authority
WO
WIPO (PCT)
Prior art keywords
machine
tvm
service provider
client
configuration
Prior art date
Application number
PCT/MY2010/000203
Other languages
French (fr)
Inventor
Mariam Ruzila Raja Ahmad Sufian Raja
Bin Parman Mohd Azuddin
Original Assignee
Mimos Berhad
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mimos Berhad filed Critical Mimos Berhad
Publication of WO2011046422A1 publication Critical patent/WO2011046422A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/562Brokering proxy services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2153Using hardware token as a secondary aspect
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal

Definitions

  • the present invention relates generally to a method and network infrastructure for establishing dynamic trusted execution environment comprising of attestation broker, client and server; whereby said attestation broker provides trust between said client and server for secured communication between said client and server.
  • SO A Service Oriented Architecture
  • the service should be provided to the requesting client and should not be hijacked or intruded by anyone else who merely connects to the SOA infrastructure. This is to euminate private information to be given by the client to be leaked to an unauthorized or fake application. This is also to eliminate already available information in the application to be accessed by unauthorized users.
  • For the requesting client there must be some level of trust that must to be , ⁇ " ' established before accepting the application provided by the service provider or server.
  • ⁇ " ' established before accepting the application provided by the service provider or server.
  • the service provider there must be some level of confidence that the application works within acceptable service level agreement (SLA) provided that the client configuration can be trusted. For example, if the application misbehaved because the client computing environment has been compromised with malware codes, the service provider should not be hold responsible.
  • SLA service level agreement
  • SOA is through the use of standard authentication such as user name or password. Furthermore, the authentication tends to be on user and application level. If the computer has been compromised with malware codes, the authentication will not display any warning of such. It would hence be extremely advantageous if the above shortcoming is alleviated by having a method and network infrastructure for establishing dynamic trusted execution environment comprising of attestation broker, client and server; whereby said attestation broker provides trust between said client and server for secured communication between said client and server.
  • a network infrastructure for establishing dynamic trusted execution environment comprising: at least one attestation broker machine; at least one client machine; at least one trusted virtual machine (TVM); at least one execution component; at least one service provider.
  • at least one attestation broker machine comprising: at least one client machine; at least one trusted virtual machine (TVM); at least one execution component; at least one service provider.
  • TVM trusted virtual machine
  • the method of establishing dynamic trusted execution environment comprising steps of, a. attestation broker machine receiving request from client machine for execution components from service provider machine (106); b. attestation broker machine attesting said client machine configuration and said service provider machine (106) configuration against list of approved and blacklisted configuration (105); c. attestation broker machine configuring a trusted virtual machine (TVM) to connect to only said attested service provider machine; d. attestation broker machine sealing said TVM to said client machine's configuration; e. attestation broker machine signing said TVM with at least one attestation broker signing key; f. attestation broker machine pushing said TVM to said client machine; g. client machine unsealing said TVM on said client machine; h.
  • a. attestation broker machine receiving request from client machine for execution components from service provider machine (106); b. attestation broker machine attesting said client machine configuration and said service provider machine (106) configuration against list of approved and blacklisted configuration (105); c. attestation broker machine configuring a trusted virtual
  • chent machine executing said TVM on said client machine; i. TVM establishing network connection with said service provider machine by user entering authentication information at said TVM to connect said TVM to said service provider machine; j. service provider machine authenticating and authorizing against user's authentication information; k. service provider retrieving said execution component;
  • FIG. 1 shows a network infrastructure for establishing dynamic trusted execution environment.
  • FIG 2 shows a method of establishing dynamic trusted execution environment. DETAILED DESCRIPTION OF THE DRAWINGS
  • the said network infrastructure is adopting both Trusted Computing and Virtualization technology to improve the process of validation and to protect the infrastructure from any computer threats such as key logger, virus and etc. Besides that, the said network infrastructure also protects the user from any connection to any server which is not yet being authenticated, which might lead to the user disclosing private and confidential information to unwanted parties.
  • the said network infrastructure comprises of, but not limited to, the following components: client machine (100), attestation broker machine (104), approved and blacklisted list of client and service provider configurations (105), service provider machine (106) and a second trusted platform module (TPM) (107).
  • Said client machine (100) can be a computing device, which provides computing capabilities to execute machine readable codes that accepts inputs and produces outputs.
  • the said client machine (100) is connected to the attestation broker machine (104) and service provider machine (106).
  • the said client machine (100) comprises, but not limited to, the following sub-components: application request (101), trusted virtual machine (TVM) (102) and first TPM (103).
  • Sub-component of application request (101) is a computer program initiated at the said client machine (100) that requests for an application or service from another computing device, preferably a server over a network.
  • Another sub-component of the client machine (100) is the TVM (102), which functions alike to a computing device, but does not have physical components associated to it. It generally has an underlying hypervisor or operating system that virtualizes the physical component required for any computing operations.
  • the advantage of having a TVM (102) inside the said client machine (100) instead of using the existing physical computing device is that each TVM (102) can be isolated and multiple operating systems (OS) can be used in a single machine.
  • OS operating systems
  • trusted applications can be executed which are provided by the service provider machine or server (106) that is running within the safe environment provided by said TVM (102).
  • Another subcomponent of the client machine (100) is the first TPM (103), which provides an independent attestation of said computing device (100) to another remote computing device.
  • the implementation of a TPM (103, 107) can be done by means of a hardware device mounted on the motherboard of the computing device (100) as well as by software that enables support of TVM (102).
  • the attestation broker (104) acts like a proxy server that processes the client request for application or service from another computing device such as an application server.
  • the said attestation broker (104) also validates the client and the server's configuration against a Ust of approved and blacklisted client and server configurations (105). After the validation, the said attestation broker (104) sets up a TVM (102) image that is pushed to the client. For added protection, the TVM (102) is sealed to the client platform configuration.
  • Additional protection is also added to ensure that the TVM (102) only communicates to the designated server.
  • the attestation broker (104) is corrected to the list of approved and blacklisted client and server configuration (105), which contains a database of computing device of clients and application servers that have been blacklisted either by the attestation broker (104) or any other services that maintain another list of blacklisted client and server configuration (105).
  • the said blacklisted configuration is with reference to client machine configuration and service provider machine that have compromised integrity.
  • the said list (105) also comprises a list of approved client and server configuration, called the white-list database, which means if the client and server configuration falls within the white-list database, the configuration can be trusted.
  • the said approved configuration is with reference to chent machine configuration and service provider machine that have valid integrity.
  • the said list of approved and blacklisted configuration (105) are monitored and updated by an Attestation Broker Administrator (not shown).
  • service provider machine which provides application as requested by the client that can be executed at the client's machine (100), such that the said applications may include grid processing job or portable application that does not require installation or other similar type of applications or services.
  • the said service provider machine (106) is also connected to a second TPM (107), which provides an independent attestation of the client machine (100) to another remote computing device.
  • the said second TPM (107) can be implemented as a hardware device mounted on the motherboard of the computing device or implemented as a software implementation that enables support of TVM (102).
  • software implementation or also known as virtual TPM (107) there can be a plurality of virtual TPMs (107) to support the corresponding TVM (102).
  • FIG 2 there is shown a method of establishing dynamic trusted execution environment.
  • the user in the client's machine sends an application request (101) to the attestation broker machine (104) for a service from the service provider machine or server (106).
  • step 2 the attestation broker (104) attests the client configuration available at the client's machine.
  • step 3 the said attestation broker (104) checks the client configuration obtained from step 2 (201) against the list of approved or blacklisted client configuration (105).
  • step 4 the said attestation broker (104) attests the service provider machine or server's (106) configuration and checks it against the list of approved and blacklisted server configuration (105) in step 5 (204). If both the client and server configurations are listed in the approved list (105), the attestation broker (104) will set up a TVM (102) in step 6 (205) that is signed by the attestation broker (104) who vouches that the TVM (102) can be trusted.
  • the TVM (102) can only connect to the server bearing the same configuration as the application server. This will assure that the TVM (102) will not be hijacked to connect to a phishing server. TVM (102) is also sealed to the client configuration as such that the TVM (102) can only run on computer that has the same configuration as the client. This will assure that even if the TVM (102) is hijacked by a third party, it will be not be able to run on the third party computer.
  • the client unseals the TVM (102) and executes said TVM (102) on the client machine (100).
  • Step 8 (207) happens when the TVM (102) first executes, it establishes trusted communication with service provider machine or server (106). The user utilizes this trusted communication to authenticate the user to the server.
  • Authentication is done by the server whereas the attestation broker (104) only provides the trusted environment that attests that the client configuration is in the approved list (105) at the time of the TVM (102) setup.
  • the service provider or server (106) seals the application according to the client's configuration whereby in step 10 (209), the said service provider or server (106) sends the requested application to the TVM (102).
  • the TVM (102) unseals the application and executes it in the TVM (102) on the client machine (100). The user is now able to execute the application within the TVM (102). Once the user exits the application, the TVM (102) is safely closed and cleared from the client. In order to execute the application again, the user repeats step 1 (200) whereby the attestation broker (104) will provide another TVM (102).

Abstract

The present invention relates generally to a method and network infrastructure for establishing dynamic trusted execution environment comprising of attestation broker (104), client and server; whereby said attestation broker (104) provides trust between said client and server for secured communication between said client and server.

Description

METHOD AND NETWORK INFRASTRUCTURE FOR ESTABLISHING DYNAMIC TRUSTED EXECUTION ENVIRONMENT . TECHNICAL FIELD OF THE INVENTION
The present invention relates generally to a method and network infrastructure for establishing dynamic trusted execution environment comprising of attestation broker, client and server; whereby said attestation broker provides trust between said client and server for secured communication between said client and server. . BACKGROUND OF THE INVENTION
In Service Oriented Architecture (SO A), the service should be provided to the requesting client and should not be hijacked or intruded by anyone else who merely connects to the SOA infrastructure. This is to euminate private information to be given by the client to be leaked to an unauthorized or fake application. This is also to eliminate already available information in the application to be accessed by unauthorized users. For the requesting client, there must be some level of trust that must to be , ·"' established before accepting the application provided by the service provider or server. For the service provider, there must be some level of confidence that the application works within acceptable service level agreement (SLA) provided that the client configuration can be trusted. For example, if the application misbehaved because the client computing environment has been compromised with malware codes, the service provider should not be hold responsible. Current design of addressing the
SOA is through the use of standard authentication such as user name or password. Furthermore, the authentication tends to be on user and application level. If the computer has been compromised with malware codes, the authentication will not display any warning of such. It would hence be extremely advantageous if the above shortcoming is alleviated by having a method and network infrastructure for establishing dynamic trusted execution environment comprising of attestation broker, client and server; whereby said attestation broker provides trust between said client and server for secured communication between said client and server. SUMMARY OF THE INVENTION
Accordingly, it is the primary aim of the present invention to provide a method and network infrastructure for establishing dynamic trusted execution environment which provides a level of trust required by the client and server. It is yet another object of the present invention to provide a method and network infrastructure for establishing dynamic trusted execution environment whereby the application is only executed on authorized client machine.
It is yet another object of the present invention to provide a method and network infrastructure for establishing dynamic trusted execution environment whereby the user of the client's machine is assured that the data is protected from unauthorized application.
It is yet another object of the present invention to provide a method and network infrastructure for establishing dynamic trusted execution environment whereby the client is able to execute applications safely in a trusted virtualized environment.
Other and further objects of the invention will become apparent with an understanding of the following detailed description of the invention or upon employment of the invention in practice.
According to a preferred embodiment of the present invention there is provided,
A network infrastructure for establishing dynamic trusted execution environment, comprising: at least one attestation broker machine; at least one client machine; at least one trusted virtual machine (TVM); at least one execution component; at least one service provider.
In another preferred embodiment the method of establishing dynamic trusted execution environment comprising steps of, a. attestation broker machine receiving request from client machine for execution components from service provider machine (106); b. attestation broker machine attesting said client machine configuration and said service provider machine (106) configuration against list of approved and blacklisted configuration (105); c. attestation broker machine configuring a trusted virtual machine (TVM) to connect to only said attested service provider machine; d. attestation broker machine sealing said TVM to said client machine's configuration; e. attestation broker machine signing said TVM with at least one attestation broker signing key; f. attestation broker machine pushing said TVM to said client machine; g. client machine unsealing said TVM on said client machine; h. chent machine executing said TVM on said client machine; i. TVM establishing network connection with said service provider machine by user entering authentication information at said TVM to connect said TVM to said service provider machine; j. service provider machine authenticating and authorizing against user's authentication information; k. service provider retrieving said execution component;
1. service provider sealing said execution component to said client configuration; m. service provider pushing said execution component to said TVM; n. TVM unsealing said execution component on said TVM; o. TVM executing said execution component. BRIEF DESCRIPTION OF THE DRAWINGS
Other aspect of the present invention and their advantages will be discerned after studying the Detailed Description in conjunction with the accompanying drawings in which:
FIG. 1 shows a network infrastructure for establishing dynamic trusted execution environment.
FIG 2 shows a method of establishing dynamic trusted execution environment. DETAILED DESCRIPTION OF THE DRAWINGS
In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the invention. However, it will be understood by those or ordinary skill in the art that the invention may be practised without these specific details. In other instances, well known methods, procedures and/ or components have not been described in detail so as not to obscure the invention.
The invention will be more clearly understood from the following description of the embodiments thereof, given by way of example only with reference to the accompanying drawings which are not drawn to scale.
Referring to FIG 1, there is shown a network infrastructure for establishing dynamic trusted execution environment. The said network infrastructure is adopting both Trusted Computing and Virtualization technology to improve the process of validation and to protect the infrastructure from any computer threats such as key logger, virus and etc. Besides that, the said network infrastructure also protects the user from any connection to any server which is not yet being authenticated, which might lead to the user disclosing private and confidential information to unwanted parties.
The said network infrastructure comprises of, but not limited to, the following components: client machine (100), attestation broker machine (104), approved and blacklisted list of client and service provider configurations (105), service provider machine (106) and a second trusted platform module (TPM) (107). Said client machine (100) can be a computing device, which provides computing capabilities to execute machine readable codes that accepts inputs and produces outputs. The said client machine (100) is connected to the attestation broker machine (104) and service provider machine (106). The said client machine (100) comprises, but not limited to, the following sub-components: application request (101), trusted virtual machine (TVM) (102) and first TPM (103). Sub-component of application request (101) is a computer program initiated at the said client machine (100) that requests for an application or service from another computing device, preferably a server over a network. Another sub-component of the client machine (100) is the TVM (102), which functions alike to a computing device, but does not have physical components associated to it. It generally has an underlying hypervisor or operating system that virtualizes the physical component required for any computing operations. Conventionally, there can be multiple TVMs (102) running in a single computing device (100). The advantage of having a TVM (102) inside the said client machine (100) instead of using the existing physical computing device is that each TVM (102) can be isolated and multiple operating systems (OS) can be used in a single machine. In the said TVM (102), trusted applications can be executed which are provided by the service provider machine or server (106) that is running within the safe environment provided by said TVM (102). Another subcomponent of the client machine (100) is the first TPM (103), which provides an independent attestation of said computing device (100) to another remote computing device. The implementation of a TPM (103, 107) can be done by means of a hardware device mounted on the motherboard of the computing device (100) as well as by software that enables support of TVM (102).
Another component of the said network infrastructure is the attestation broker (104), which acts like a proxy server that processes the client request for application or service from another computing device such as an application server. The said attestation broker (104) also validates the client and the server's configuration against a Ust of approved and blacklisted client and server configurations (105). After the validation, the said attestation broker (104) sets up a TVM (102) image that is pushed to the client. For added protection, the TVM (102) is sealed to the client platform configuration.
Additional protection is also added to ensure that the TVM (102) only communicates to the designated server.
The attestation broker (104) is corrected to the list of approved and blacklisted client and server configuration (105), which contains a database of computing device of clients and application servers that have been blacklisted either by the attestation broker (104) or any other services that maintain another list of blacklisted client and server configuration (105). The said blacklisted configuration is with reference to client machine configuration and service provider machine that have compromised integrity. Besides the list of blacklisted client and server configuration (105), the said list (105) also comprises a list of approved client and server configuration, called the white-list database, which means if the client and server configuration falls within the white-list database, the configuration can be trusted. The said approved configuration is with reference to chent machine configuration and service provider machine that have valid integrity. The said list of approved and blacklisted configuration (105) are monitored and updated by an Attestation Broker Administrator (not shown).
Another major component of the network infrastructure is the service provider machine (106), which provides application as requested by the client that can be executed at the client's machine (100), such that the said applications may include grid processing job or portable application that does not require installation or other similar type of applications or services.
The said service provider machine (106) is also connected to a second TPM (107), which provides an independent attestation of the client machine (100) to another remote computing device. The said second TPM (107) can be implemented as a hardware device mounted on the motherboard of the computing device or implemented as a software implementation that enables support of TVM (102). In software implementation or also known as virtual TPM (107), there can be a plurality of virtual TPMs (107) to support the corresponding TVM (102). Referring now to FIG 2, there is shown a method of establishing dynamic trusted execution environment. In the first step (200), the user in the client's machine sends an application request (101) to the attestation broker machine (104) for a service from the service provider machine or server (106). In step 2 (201), the attestation broker (104) attests the client configuration available at the client's machine. In step 3 (202), the said attestation broker (104) checks the client configuration obtained from step 2 (201) against the list of approved or blacklisted client configuration (105). In step 4 (203), the said attestation broker (104) attests the service provider machine or server's (106) configuration and checks it against the list of approved and blacklisted server configuration (105) in step 5 (204). If both the client and server configurations are listed in the approved list (105), the attestation broker (104) will set up a TVM (102) in step 6 (205) that is signed by the attestation broker (104) who vouches that the TVM (102) can be trusted. The TVM (102) can only connect to the server bearing the same configuration as the application server. This will assure that the TVM (102) will not be hijacked to connect to a phishing server. TVM (102) is also sealed to the client configuration as such that the TVM (102) can only run on computer that has the same configuration as the client. This will assure that even if the TVM (102) is hijacked by a third party, it will be not be able to run on the third party computer. In step 7 (206), the client unseals the TVM (102) and executes said TVM (102) on the client machine (100). Step 8 (207) happens when the TVM (102) first executes, it establishes trusted communication with service provider machine or server (106). The user utilizes this trusted communication to authenticate the user to the server. Authentication is done by the server whereas the attestation broker (104) only provides the trusted environment that attests that the client configuration is in the approved list (105) at the time of the TVM (102) setup. After that, in step 9 (208), the service provider or server (106) seals the application according to the client's configuration whereby in step 10 (209), the said service provider or server (106) sends the requested application to the TVM (102). In the last step, which is step 11 (210), the TVM (102) unseals the application and executes it in the TVM (102) on the client machine (100). The user is now able to execute the application within the TVM (102). Once the user exits the application, the TVM (102) is safely closed and cleared from the client. In order to execute the application again, the user repeats step 1 (200) whereby the attestation broker (104) will provide another TVM (102).
While the preferred embodiment of the present invention and its advantages has been disclosed in the above Detailed Description, the invention is not limited thereto but only by the spirit and scope of the appended claim.

Claims

WHAT IS CLAIMED IS:
1. A network infrastructure for establishing dynamic trusted execution environment, comprising: a. at least one attestation broker machine (104), which provides at least one trusted virtual machine (TVM) (102) on at least one client machine (100) to run at least one execution component provided by at least one service provider (106); b. at least one client machine (100), which requests for said execution component from said service provider (106) through said attestation broker machine (104); c. at least one trusted virtual machine (TVM) (102), which executes said execution component provided by said service provider (106) on said client machine (100); d. at least one execution component, which is the service provided by said service provider (106) to said client machine (100); e. at least one service provider (106), which offers at least one execution component that can be executed on said client machine (100) via said trusted virtual machine (102).
2. A network infrastructure for establishing dynamic trusted execution environment as claimed in claim 1, further comprising at least one machine with trusted platform module (TPM) (107) capability.
3. A network infrastructure for establishing dynamic trusted execution environment as claimed in claim 2, whereby said TPM (107) can be hardware or software based.
4. A network infrastructure for establishing dynamic trusted execution environment as claimed in any of claims 1 to 3, further comprising at least one list of approved client and service provider configuration (105).
5. A network infrastructure for establishing dynamic trusted execution environment as claimed in any of claims 1 to 4, further comprising at least one list of blacklisted client and service provider configuration (105).
6. A method of establishing dynamic trusted execution environment, comprising the steps of: attestation broker machine (104) receiving request from client machine (100) for execution components from service provider machine (106) (200); attestation broker machine (104) attesting said client machine (100) configuration and said service provider machine (106) configuration against list of approved and blacklisted configuration (105)(201 - 204); attestation broker machine (104) configuring a trusted virtual machine (TVM) (102) to connect to only said attested service provider machine (106); attestation broker machine (104) sealing said TVM (102) to said client machine (100)' s configuration (205); attestation broker machine (104) signing said TVM (102) with at least one attestation broker signing key (205); attestation broker machine (104) pushing said TVM (102) to said client machine (100) (205); client machine (100) unsealing said TVM (102) on said client machine (100) (205); h. client machine (100) executing said TVM (102) on said client machine (100) (205); i. TVM (102) establishing network connection with said service provider machine (106) by user entering authentication information at said TVM (102) to connect said TVM (102) to said service provider machine (106) (207); j. service provider machine (106) authenticating and authorizing against user's authentication information (209); k. service provider (106) retrieving said execution component (209);
1. service provider (106) sealing said execution component to said client configuration (209); m. service provider (106) pushing said execution component to said TVM (102) (209); n. TVM (102) unsealing said execution component on said TVM (102); o. TVM (102) executing said execution component. A method of establishing dynamic trusted execution environment as claimed in claim 6, whereby said list of approved and blacklisted configuration (105) are monitored and updated by an Attestation Broker Administrator.
A method of establishing dynamic trusted execution environment as claimed in any of Claims 6 to 7, whereby said list of approved and blacklisted configuration (105) comprises: a. approved configuration with reference to client machine configuration and service provider machine that have valid integrity; b. blacklisted configuration with reference to client machine configuration and service provider machine that have compromised integrity;.
A method of establishing dynamic trusted execution environment as claimed in any of Claims 6 to 8, further comprising the steps of: a. user exiting said execution component on said TVM (102); b. TVM (102) cleaning-up by exiting said TVM (102) from said client machine (100). A method of establishing dynamic trusted execution environment as claimed in any of Claims 6 to 9, whereby if the user needs to use the application again, said user repeats the process and another TVM (102) will be created.
PCT/MY2010/000203 2009-10-13 2010-10-11 Method and network infrastructure for establishing dynamic trusted execution environment WO2011046422A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
MYPI20094283 2009-10-13
MYPI20094283 2009-10-13

Publications (1)

Publication Number Publication Date
WO2011046422A1 true WO2011046422A1 (en) 2011-04-21

Family

ID=43876321

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/MY2010/000203 WO2011046422A1 (en) 2009-10-13 2010-10-11 Method and network infrastructure for establishing dynamic trusted execution environment

Country Status (1)

Country Link
WO (1) WO2011046422A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8365297B1 (en) 2011-12-28 2013-01-29 Kaspersky Lab Zao System and method for detecting malware targeting the boot process of a computer using boot process emulation

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070186212A1 (en) * 2006-01-24 2007-08-09 Citrix Systems, Inc. Methods and systems for providing access to a computing environment
US20080046581A1 (en) * 2006-08-18 2008-02-21 Fujitsu Limited Method and System for Implementing a Mobile Trusted Platform Module
US20090204964A1 (en) * 2007-10-12 2009-08-13 Foley Peter F Distributed trusted virtualization platform

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070186212A1 (en) * 2006-01-24 2007-08-09 Citrix Systems, Inc. Methods and systems for providing access to a computing environment
US20080046581A1 (en) * 2006-08-18 2008-02-21 Fujitsu Limited Method and System for Implementing a Mobile Trusted Platform Module
US20090204964A1 (en) * 2007-10-12 2009-08-13 Foley Peter F Distributed trusted virtualization platform

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
H. RAJAN ET AL.: "Tisa: Towards Trustworthy Services in a Service-oriented Architecture", IEEE TRANSACTIONS ON SERVICES COMPUTING (SOC), vol. 1, no. 2, 2008 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8365297B1 (en) 2011-12-28 2013-01-29 Kaspersky Lab Zao System and method for detecting malware targeting the boot process of a computer using boot process emulation

Similar Documents

Publication Publication Date Title
US20240098097A1 (en) Secure over-the-air updates
US9698988B2 (en) Management control method, apparatus, and system for virtual machine
US8312272B1 (en) Secure authentication token management
US10103892B2 (en) System and method for an endpoint hardware assisted network firewall in a security environment
US9819496B2 (en) Method and system for protecting root CA certificate in a virtualization environment
KR100800346B1 (en) Method and apparatus for establishing virtual endorsement credentials for dynamically generated endorsement keys in a trusted computing platform, and computer readable recording medium recording a program
US8505083B2 (en) Remote resources single sign on
US20170149839A1 (en) Real-time mobile security posture
US9948616B2 (en) Apparatus and method for providing security service based on virtualization
US20210344651A1 (en) Split Tunnel-Based Security
Panos et al. A security evaluation of FIDO’s UAF protocol in mobile and embedded devices
US9864853B2 (en) Enhanced security mechanism for authentication of users of a system
Prünster et al. Fides: Unleashing the Full Potential of Remote Attestation.
Dorjmyagmar et al. Security analysis of samsung knox
US10771462B2 (en) User terminal using cloud service, integrated security management server for user terminal, and integrated security management method for user terminal
WO2023088925A1 (en) Trusted execution environment for service mesh
Gligor Security limitations of virtualization and how to overcome them
Park et al. A tiny hypervisor-based trusted geolocation framework with minimized TPM operations
Hao et al. Trusted block as a service: Towards sensitive applications on the cloud
WO2011046422A1 (en) Method and network infrastructure for establishing dynamic trusted execution environment
KR20150089696A (en) Integrity Verification System and the method based on Access Control and Priority Level
Zhou et al. Using asynchronous collaborative attestation to build a trusted computing environment for mobile applications
Lucyantie et al. Attestation with trusted configuration machine
Celesti et al. Remote and deep attestations to mitigate threats in cloud mash-up services
Adam et al. Partially Trusting the Service Mesh Control Plane

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10823659

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10823659

Country of ref document: EP

Kind code of ref document: A1