1. Field of Invention
The field of invention relates generally to computer systems and, more specifically but not exclusively, relates to sharing trusted hardware across multiple operational environments.
2. Background Information
In today's modern society, privacy issues have become a major concern. Modern technologies such as computers and the Internet enable people to access more information at rates never before possible. However, many of the tasks for which people use the Internet are considered highly private or confidential matters. For example, the Internet has streamlined tasks such as banking, filing tax returns, conferencing with business associates, and communicating with friends and family.
Coupled with the advantages that accrue from the Internet is an increased susceptibility to malicious eavesdropping and/or cyber-attack. Thus, as the tools with which people conduct their daily affairs advance in complexity, so too must the means by which private or confidential matters are safeguarded. As such, industry leaders have organized a Trusted Computing Group (TCG) to address these concerns.
TCG is an industry standards body, including computer manufacturers, device manufacturers, and software vendors, who are promoting the security of computing platforms and devices (see, https://www.trustedcomputinggroup.org). One goal of TCG is to promote a security hardware device called the trusted platform module (TPM). The TPM is described in specifications published by the TCG, such as the TPM Main Specification, Parts 1-3, Version 1.2, Oct. 2, 2003. The TPM is an isolated device built into the motherboard of a computer system for establishing trust and trust metrics in a Trusted Computing Environment.
Software vendors, such as Microsoft, have begun developing software platforms that will take advantage of the security features provided by a TPM device. Future versions of Microsoft Windows® are expected to provide numerous security functions, including encryption, privacy safeguards, and digital rights management with use of the TPM. However, today's Virtual Machine Monitors (VMMs) do not provide an abstraction to the physical TPM hardware of a platform to allow multiple Virtual Machines (VMs) to share a single physical TPM.