1. Field of the Invention
Aspects of the present invention relate to a method of mutually authenticating between a software mobility device and a local host and a method of forming an input/output (I/O) channel.
2. Description of the Related Art
Software mobility is a technology that stores software and data in a mobile storage medium, such as a USB Flash Drive or a storage medium contained within a mobile device (for example, a mobile phone or personal entertainment device) or downloads a client through a network connection, thereby enabling seamless computing in other personal computers (PCs) or Consumer Electronics (CE) devices. Such technology is an example of a new computing paradigm that can replace devices such as laptops. The technology is developing as a way of simply storing data through the mobile storage medium or a network connection to a moving personal computing environment. Various advanced companies, such as Microsoft, EMC, IBM, SanDisk, and RingCube, are in the process of developing solutions of the same kinds, such as Virtual PC, VMWare, SoulPad, U3, and MojoPac, based on current hardware or a virtualization technology of an operating system.
However, in supporting seamless computing in other PCs or CE devices, users' software and data and stability of personal computing environment are not considered in most cases according to infection to a local host by a malicious code (malware), such as Trojan Horses, Worms, and Viruses in PCs or CE devices, so that supporting various services such as DRM and e-Trading is limited.
Virtualization can generally be defined as a technology serviced to a high level as if various “real single computing devices” exist, instead of directly correcting the real single computing devices in which arbitrary software is executed. FIG. 1 shows a concept of virtualization. Referring to FIG. 1A, a general computing system includes a real computing machine 100 and software 110. When a concept of virtualization is introduced to the general computing system of FIG. 1A, a virtualization layer 120 is interposed between the real computing machine 100 and the software 110, as shown in FIG. 1B.
Virtualization can be classified into system virtualization and operating system (OS) virtualization according to the subject of virtualization. The system virtualization is for a physical hardware platform and provides a separate system for various operating systems. The OS virtualization virtualizes an operating system of a local host so as to provide a separate operating system for arbitrary applications.
FIG. 2 shows virtualization types according to subjects for virtualization. The OS virtualization 210 indicates that a virtualization layer 240 is interposed between an operating system 250 and an application 230. System virtualization 220 indicates that a virtualization layer 260 is interposed between a hardware platform 270 and the operating system 250.
Software mobility solutions based on such virtualization technologies can be mainly represented by adjusting an application so as to be executed by a specific API owned by each company (for example, U3 manufactured by SanDisk) or joint moving of a specific operating system (for example, VMWare manufactured by EMC) based on a system virtualization technology, in order to perform seamless computing for users' software and data after moving to other PCs or CE device via a mobile storage medium or a network connection.
However, in such conventional cases, only applications having open source code can be adjusted, so that an application range for moving software is hardly expanded. Research and development for improving a system overhead due to joint moving of the specific operating system are in progress. The software mobility solutions which move through current mobile storage media or network connections are applied to improve use of various software or applications such as DRM (Digital Rights Management) and e-Trading in moving not only simple data, but also a personal computing environment. Accordingly, supporting stability for executing environment on the related software mobility solution is continuously required.
Technology based on a conventional network connection is a streaming type from a server to a client and are mostly a server authentication through a user account and a password, instead of stability relating to execution of the software mobility solutions on the moved local host. Technology based on mobile storage media provides limited stability by supporting user authentication and encryption for data access control according to a threat to lose the storage medium.
However, while executing software such as DRM and e-Trading through the software solutions, integrity based mutual authentication for providing a safe execution environment without malware such in the local host cannot be provided by using only the security functions in the conventional technologies. Providing secure channels to prevent leakage of malicious information and forgery is limited. For example, while executing DRM content on the software mobility solutions using resources of a local host (for example, sound and video), multimedia content decoded by a stealth attack due to malware on the local host may be easily obtained. Moreover, while executing web based e-trading service on the software mobility solutions, information on user account, password, and transaction details on internet can be obtained due to an attack by malware on the local host and relating service sites may be forged.