Secure boot method for executing a software component including updating a current integrity measurement based on whether the software component is enabled
    1.
    发明授权
    Secure boot method for executing a software component including updating a current integrity measurement based on whether the software component is enabled 有权
    用于执行软件组件的安全引导方法,包括基于软件组件是否被启用来更新当前的完整性度量

    公开(公告)号:US08892862B2

    公开(公告)日:2014-11-18

    申请号:US13375047

    申请日:2010-07-01

    IPC分类号: G06F9/00 G06F21/00 G06F21/57

    摘要: A method for executing a predetermined software component which is verifiable against integrity measurements, the method including (i) providing a first mapping from logical identifiers to software component enabled status flags, (ii) providing a second mapping from the logical identifiers and previous software component statuses information to actual integrity measurement certificates containing verification data, (iii) looking up the first mapping for a given logical identifier identifying the predetermined software component to get a status flag indicating whether the predetermined software component is enabled, (iv) if the status flag indicates that the predetermined software component is not enabled, updating a current integrity measurement stored within a disabled integrity measurement certificate, and (v) if the status flag indicates that the predetermined software component is enabled and verification of the predetermined software component is successful, updating a current integrity measurement stored within an integrity measurement certificate.

    摘要翻译: 一种用于执行可针对完整性测量验证的预定软件组件的方法,所述方法包括(i)提供从逻辑标识符到启用软件组件的状态标志的第一映射,(ii)从逻辑标识符和先前软件组件提供第二映射 (iii)查找用于识别预定软件组件的给定逻辑标识符的第一映射,以获得指示预定软件组件是否被使能的状态标志,(iv)如果状态标志 指示预定软件组件未被启用,更新存储在禁用完整性测量证书内的当前完整性度量,以及(v)如果状态标志指示预定软件组件被启用并且预定软件组件的验证成功,则更新 当前int 质量测量存储在完整性测量证书中。

    SECURE BOOT WITH OPTIONAL COMPONENTS METHOD
    3.
    发明申请
    SECURE BOOT WITH OPTIONAL COMPONENTS METHOD 有权
    安全启动与可选组件方法

    公开(公告)号:US20090320110A1

    公开(公告)日:2009-12-24

    申请号:US12484537

    申请日:2009-06-15

    IPC分类号: G06F21/00 H04L9/32

    摘要: A method is executed which is for managing the optional trusted components that are active within a device, such that the device itself controls the availability of trusted components. The device includes: a storing unit which stores a plurality of pieces of software and a plurality of certificates; a receiving unit which receives the certificates; and a selecting unit which selects one of the certificates. The device further includes an executing unit which verifies an enabled one of the plurality of pieces of software using the selected and updated one of the certificates.

    摘要翻译: 执行用于管理在设备内活动的可选可信组件的方法,使得设备本身控制可信组件的可用性。 该装置包括:存储单元,存储多个软件和多个证书; 接收证书的接收单元; 以及选择单元,其选择证书之一。 该设备还包括执行单元,其使用所选择和更新的一个证书来验证多个软件中启用的一个软件。

    Starts up of modules of a second module group only when modules of a first group have been started up legitimately
    4.
    发明授权
    Starts up of modules of a second module group only when modules of a first group have been started up legitimately 有权
    仅当第一组的模块合法启动时,才启动第二个模块组的模块

    公开(公告)号:US08510544B2

    公开(公告)日:2013-08-13

    申请号:US12991516

    申请日:2009-05-25

    IPC分类号: G06F9/00 G06F9/24 H04L29/06

    摘要: The present invention provides an information processing apparatus that is capable of continuously performing secure boot between module groups in the case where software of a terminal device consists of module groups provided by a plurality of providers, while keeping independence between the providers. The information processing apparatus is provided with a linkage certificate that contains a first configuration comparison value, which indicates a cumulative hash value of the first module group to be started up by secure boot, and a module measurement value, which indicates a hash value of the first module of the second module group to be started up by secure boot. After the secure boot of the first module group, it is verified that the first module group has been started up by comparison with the first configuration comparison value.

    摘要翻译: 本发明提供一种信息处理装置,其能够在终端装置的软件由多个提供者提供的模块组成的情况下连续地执行模块组之间的安全引导,同时保持提供者之间的独立性。 该信息处理装置具有包含第一配置比较值的连接证书,该第一配置比较值指示通过安全引导来启动的第一模块组的累积散列值,以及指示所述第一配置比较值的散列值 第二个模块组的第一个模块通过安全启动启动。 在第一模块组的安全引导之后,通过与第一配置比较值进行比较来验证第一模块组是否被启动。

    Secure boot with optional components
    6.
    发明授权
    Secure boot with optional components 有权
    使用可选组件进行安全启动

    公开(公告)号:US08219827B2

    公开(公告)日:2012-07-10

    申请号:US12484537

    申请日:2009-06-15

    IPC分类号: H04L29/06

    摘要: A method manages optional trusted components that are active within a device, such that the device itself controls the availability of trusted components. The device includes: a storing unit storing a plurality of pieces of software and a plurality of certificates; a receiving unit receiving the certificates; and a selecting unit selecting one of the certificates. The device further includes an executing unit verifying an enabled one of the plurality of pieces of software using the selected and updated one of the certificates.

    摘要翻译: 方法管理在设备内活动的可选可信组件,使得设备本身控制受信任组件的可用性。 该装置包括:存储单元,存储多个软件和多个证书; 接收单元接收证书; 以及选择单元,选择证书之一。 所述设备还包括执行单元,其使用所选择和更新的所述证书来验证所述多个软件中的启用的一个软件。

    INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING METHOD, AND COMPUTER PROGRAM AND INTEGRATED CIRCUIT FOR THE REALIZATION THEREOF
    7.
    发明申请
    INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING METHOD, AND COMPUTER PROGRAM AND INTEGRATED CIRCUIT FOR THE REALIZATION THEREOF 有权
    信息处理设备,信息处理方法,计算机程序和集成电路实现

    公开(公告)号:US20110066838A1

    公开(公告)日:2011-03-17

    申请号:US12991516

    申请日:2009-05-25

    IPC分类号: G06F9/24

    摘要: The present invention provides an information processing apparatus that is capable of continuously performing secure boot between module groups in the case where software of a terminal device consists of module groups provided by a plurality of providers, while keeping independence between the providers. The information processing apparatus is provided with a linkage certificate that contains a first configuration comparison value 503, which indicates a cumulative hash value of the first module group to be started up by secure boot, and a module measurement value 505, which indicates a hash value of the first module of the second module group to be started up by secure boot. After the secure boot of the first module group, it is verified that the first module group has been started up by comparison with the first configuration comparison value 503. Then, the second module group is started up by secure boot by starting up the first module of the second module group whose completeness has been verified by comparison with the module measurement value 505. When a module of the first module group is updated, the linkage certificate update unit 135 updates the linkage certificate.

    摘要翻译: 本发明提供一种信息处理装置,其能够在终端装置的软件由多个提供者提供的模块组成的情况下连续地执行模块组之间的安全引导,同时保持提供者之间的独立性。 该信息处理装置设置有连接证书,该连接证书包含表示通过安全引导启动的第一模块组的累积哈希值的第一配置比较值503以及指示散列值的模块测量值505 通过安全启动来启动第二个模块组的第一个模块。 在第一模块组的安全引导之后,通过与第一配置比较值503进行比较来验证第一模块组已经被启动。然后,通过启动第一模块来启动第二模块组, 通过与模块测量值505进行比较来验证其完整性的第二模块组。当第一模块组的模块被更新时,连接证书更新单元135更新连接证书。

    INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING METHOD, INFORMATION PROCESSING PROGRAM, AND INTEGRATED CIRCUIT
    9.
    发明申请
    INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING METHOD, INFORMATION PROCESSING PROGRAM, AND INTEGRATED CIRCUIT 有权
    信息处理设备,信息处理方法,信息处理程序和集成电路

    公开(公告)号:US20110185165A1

    公开(公告)日:2011-07-28

    申请号:US13121770

    申请日:2009-10-09

    IPC分类号: G06F9/24

    CPC分类号: G06F21/57

    摘要: It is possible to update and re-seal sealed data having a usability condition of matching with predetermined terminal environment information during a secure boot without rebooting a terminal when a program using the sealed data is updated. An information processing terminal (10) has first sealed data (310, 320, 330) respectively having usability conditions (312, 322, 332) of matching with predetermined terminal environment information during a secure boot and second sealed data (340, 350, 360) respectively having usability conditions (342, 352, 362) of matching with terminal environment information upon completion of the secure boot. Upon completion of the secure boot, the second sealed data is unsealed and the first sealed data is resealed using the unsealed data (341, 351, 361).

    摘要翻译: 可以在安全引导期间更新和重新密封具有与预定终端环境信息匹配的可用性条件的密封数据,而不使用密封数据的程序更新时重新启动终端。 信息处理终端(10)具有在安全引导期间分别具有与预定终端环境信息匹配的可用性条件(312,322,332)的第一密封数据(310,320,330)和第二密封数据(340,350,360 )分别具有在安全引导完成时与终端环境信息匹配的可用性条件(342,352,362)。 完成安全启动后,第二密封数据被开封,并且使用未密封的数据(341,351,361)重新密封第一密封数据。