In recent years, services provided over a network have grown to include provision of copyrighted works such as music and videos, viewing of classified material retained by corporations, online banking, etc. The value of the information contained in these services has also become considerably high. To accommodate this wide range of services, a plurality of software modules provided by a plurality of providers are installed on a terminal device, such as a personal computer, a mobile terminal device, a mobile telephone and a digital home appliance.
A mobile telephone, for example, can be installed with the following module groups: a module group that relates to the basic functions of the mobile telephone and is provided by the manufacture of the mobile telephone; a module group that relates to communication functions of the mobile telephone and is provided by the mobile network operator; and a mobile group that constitutes a service application operating on the mobile telephone and is provided by an ISP (Internet Service Provider).
Also, to securely handle valuable information, each module group in a terminal device, such as a personal computer, a mobile terminal, a mobile telephone and a digital home appliance, is provided with a mechanism for preventing improper acts such as tampering with the software modules. An example of such a mechanism is the use of certificates issued by the respective providers of the software modules. The completeness of each software module is verified at the startup, by using the certificate. Such a mechanism is also effective in the case of separately updating each of the software modules constituting the module group. If the provider of the module group provides a new software module together with the certificate of the new software module, the terminal device can verify the new software module received from the provider.
Similar technology to this mechanism for preventing improper acts using a certificate is disclosed, for example, in Patent Literature 1.
Furthermore, the Trusted Computing Group (TCG) has been established for the purpose of developing and spreading a secure computer platform. The TCG realizes a secure terminal environment by using a security module, which is called a Trusted Platform Module (TPM). With TPM, the terminal device starts up the software modules by a method called secure boot, while verifying the completeness of the software modules. The secure boot is performed for verifying that the startup order of the software modules is correct (See Non-Patent Literatures 1-5).