公开(公告)号：US20200322158A1

公开(公告)日：2020-10-08

申请号：US16908617

申请日：2020-06-22

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Fanglong Men ,  Honglei Wang ,  Fangzhan Li

IPC: H04L9/32 ,  H04L9/08

Abstract: This application discloses a method and an apparatus for determining a trust status of a TPM, and a storage medium, and pertains to the field of data security technologies. The method includes: sending, by a verifier (102), an unsealing request to a host (101), so that the host (101) unseals current PCR values in the TPM based on a seal key handle carried in the unsealing request, and sends verification information to the verifier (102) based on the unseal verification key obtained after the unsealing. Therefore, any verifier (102) that establishes an encrypted channel with the host (101) can determine the trust status of the TPM in the host (101) based on a second verification key transmitted on the encrypted channel, and there is no need to pre-deploy a remote attestation server to determine the trust status of the TPM.

公开(公告)号：US11637704B2

公开(公告)日：2023-04-25

申请号：US16908617

申请日：2020-06-22

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Fanglong Men ,  Honglei Wang ,  Fangzhan Li

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/08

Abstract: Various embodiments provide a method and an apparatus for determining a trust status of a TPM, and a storage medium, and pertains to the field of data security technologies. In those embodiments, a verifier send an unsealing request to a host, so that the host unseals current PCR values in the TPM based on a seal key handle carried in the unsealing request, and sends verification information to the verifier based on the unseal verification key obtained after the unsealing. Therefore, any verifier that establishes an encrypted channel with the host can determine the trust status of the TPM in the host based on a second verification key transmitted on the encrypted channel, and there is no need to pre-deploy a remote attestation server to determine the trust status of the TPM.

公开(公告)号：US11025594B2

公开(公告)日：2021-06-01

申请号：US16456065

申请日：2019-06-28

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Fanglong Men ,  Mihai Serb ,  Fangzhan Li

IPC: H04L29/06 ,  G06F9/455 ,  G06F21/64 ,  H04L12/24 ,  H04L12/911 ,  H04L29/08

Abstract: Embodiments of the present disclosure disclose a secret information distribution method. The method includes: receiving, by a network functions virtualization infrastructure NFVI, secret information sent by management and orchestration (MANO); creating a virtual trusted platform module (vTPM) in the NFVI, and writing the secret information into the vTPM; receiving, by the network functions virtualization infrastructure NFVI, a virtualized network function VNF initialization command from the MANO, and creating a VNF; and obtaining, by the VNF, the secret information from the vTPM.