Search

DE-112020005625-B4 - BIND SECURE OBJECTS OF A SECURITY MODULE TO A SECURE GUEST

DE112020005625B4DE 112020005625 B4DE112020005625 B4DE 112020005625B4DE-112020005625-B4

Abstract

A computer program product for enabling processing within a data processing environment, wherein the computer program product comprises: comprising at least one computer-readable storage medium that is readable by at least one processing circuit and stores instructions for carrying out a procedure: Binding at least one secure object of a security module (150) of the data processing environment to a secure guest (180) of the data processing environment, wherein the secure guest is configured to use the security module (150), and wherein the binding has: Determine (300) through a trusted component (160) of the data processing environment whether metadata of the secure guest (180) contains a confidential binding attribute for the security module (150), wherein the confidential binding attribute is to be used to bind the one or more secure objects generated by the security module (150) to the secure guest (180), wherein the security module (150) is separate from the trusted component and is assigned to the secure guest (180) via a hypervisor (170); Configure (304) by the trusted component (160) based on the finding that the metadata contains the confidential binding attribute, the security module (150) for the secure guest (180) in a selected mode, wherein the selected mode prevents certain operations from being intercepted by a hypervisor (170); Interception (306) of a security module data transmission by the trusted component (160); Performing a cryptographic operation on one or more secure objects of the security module data transmission using the confidential binding attribute to provide a cryptographic result; and Providing a result of the security module data transmission to a recipient, the result being the cryptographic result.

Inventors

  • Reinhard Buendgen
  • Richard Kisley
  • Volker Urban

Assignees

  • INTERNATIONAL BUSINESS MACHINES CORPORATION

Dates

Publication Date
20260513
Application Date
20201210
Priority Date
20200129

Claims (20)

  1. A computer program product for enabling processing within a data processing environment, wherein the computer program product comprises: at least one computer-readable storage medium readable by at least one processing circuit and storing instructions for performing a procedure, comprising: binding at least one secure object of a security module (150) of the data processing environment to a secure guest (180) of the data processing environment, wherein the secure guest is configured to use the security module (150), and wherein the binding comprises: determining (300) by a trusted component (160) of the data processing environment whether metadata of the secure guest (180) contains a confidential binding attribute for the security module (150), wherein the confidential binding attribute is to be used to bind the at least one secure object generated by the security module (150) to the secure guest (180), wherein the security module (150) is separate from the trusted component and assigned to the secure guest (180) via a hypervisor (170). will be; Configure (304) by the trusted component (160) based on the determination that the metadata contains the confidential binding attribute, the security module (150) for the secure guest (180) in a selected mode, wherein the selected mode prevents certain operations from being intercepted by a hypervisor (170); interception (306) of a security module data transmission by the trusted component (160); performing a cryptographic operation on one or more secure objects of the security module data transmission using the confidential binding attribute to provide a cryptographic result; and providing a result of the security module data transmission to a receiver, wherein the result contains the cryptographic result.
  2. Computer program product according to Claim 1 , wherein the security module data transmission is a request from the secure guest (180) to the security module (150), wherein the cryptographic operation includes a decryption operation to decrypt at least a part of a secure object of the one or more secure objects of the request, and wherein the receiver is the security module (150).
  3. Computer program product according to Claim 2 , wherein the decryption operation involves decrypting (408) data within the secure object which contains an encrypted integrity protection, the decryption using a key obtained from the confidential binding attribute.
  4. Computer program product according to Claim 1 , wherein the security module data transmission includes results of a request returned by the security module (150) based on processing of the request, wherein the cryptographic operation includes an encryption operation to encrypt at least a part of a secure object of one or more secure objects of the results, and wherein the receiver is the secure guest.
  5. Computer program product according to Claim 4 , wherein the encryption operation includes an encryption (508) of data within the secure object which contains an integrity protection calculated using a selected key of the security module (150) to invalidate the secure object, wherein the encryption uses a key obtained from the confidential binding attribute.
  6. Computer program product according to Claim 5 , wherein the procedure further comprises receiving a request from the secure guest (180) containing one or more invalidated objects, and wherein the cryptographic operation comprises decrypting data within the one or more invalidated objects in order to validate the one or more invalidated objects, the decryption using the key obtained from the confidential binding attribute.
  7. Computer program product according to Claim 1 , wherein the security module (150) comprises a hardware security module (150).
  8. Computer program product according to Claim 1 , where the selected mode is a hypervisor (170) passthrough mode.
  9. Computer program product according to Claim 1 , wherein the trusted component (160) prevents the hypervisor (170) from modifying a set of security modules configured for the secure guest (180).
  10. Computer program product according to Claim 1 , where the confidential binding attribute includes a key.
  11. Computer program product according to Claim 1 , wherein the one or more secure objects contain at least one or more secure keys (182,220).
  12. Computer program product according to Claim 1 , wherein the procedure further comprises preventing the trusted component (160) from configuring the security module (150) for the secure guest (180) based on a determination that the metadata of the secure guest (180) does not contain the confidential binding attribute.
  13. Computer program product according to Claim 1 , where the confidential binding attribute includes material for deriving the key.
  14. A computer system (102) for enabling processing within a data processing environment, wherein the computer system (102) comprises: a main memory; and a processor (104) for data transfer with the main memory, wherein the computer system (102) is configured to perform a method comprising: binding at least one secure object of a security module (150) of the data processing environment to a secure guest (180) of the data processing environment, wherein the secure guest is configured to access the security module (150). use, and wherein the binding includes: Determining (300) by a trusted component (160) of the data processing environment whether the metadata of the secure guest (180) contains a confidential binding attribute for the security module (150), wherein the confidential binding attribute is to be used to bind the one or more secure objects generated by the security module (150) to the secure guest (180), wherein the security module (150) is separate from the trusted component and is assigned to the secure guest (180) via a hypervisor (170); Configuring (304) by the trusted component (160), based on the determination that the metadata contains the confidential binding attribute, the security module (150) for the secure guest (180) in a selected mode, wherein the selected mode prevents certain operations from being intercepted by a hypervisor (170); Intercepting (306) a security module data transmission by the trusted component (160); Performing a cryptographic operation on one or more secure objects of the security module data transmission using the confidential binding attribute to provide a cryptographic result; and providing a result of the security module data transmission to a receiver, wherein the result contains the cryptographic result.
  15. Computer system (102) according to Claim 14 , wherein the security module data transmission is a request from the secure guest (180) to the security module (150), wherein the cryptographic operation includes a decryption operation to decrypt at least a part of a secure object of the one or more secure objects of the request, and wherein the receiver is the security module (150).
  16. Computer system (102) according to Claim 15 , wherein the decryption operation involves decrypting (408) data within the secure object which contains an encrypted integrity protection, the decryption using a key obtained from the confidential binding attribute.
  17. Computer system (102) according to Claim 14 , wherein the security module data transmission includes results of a request returned by the security module (150) based on processing of the request, wherein the cryptographic operation includes an encryption operation to encrypt at least a part of a secure object of one or more secure objects of the results, and wherein the receiver is the secure guest.
  18. Computer system (102) according to Claim 17 , wherein the encryption operation includes an encryption (508) of data within the secure object which contains an integrity protection calculated using a selected key of the security module (150) to invalidate the secure object, wherein the encryption uses a key obtained from the confidential binding attribute.
  19. Computer system (102) according to Claim 14 , wherein the procedure further comprises preventing the trusted component (160) from configuring the security module (150) for the secure guest (180) based on a determination that the metadata of the secure guest (180) does not contain the confidential binding attribute.
  20. A computer-implemented method for enabling processing within a data processing environment, wherein the computer-implemented method comprises: binding at least one secure object of a security module (150) of the data processing environment to a secure guest (180) of the data processing environment, wherein the secure guest is configured to use the security module (150), and wherein the binding comprises: determining (300) by a trusted component (160) of the data processing environment whether metadata of the secure guest (180) contains a confidential binding attribute for the security module (150), wherein the confidential binding attribute is to be used to bind the at least one secure object generated by the security module (150) to the secure guest (180), wherein the security module (150) is separate from the trusted component and is assigned to the secure guest (180) via a hypervisor (170); Configure (304) by the trusted component (160) based on the determination that the metadata contains the confidential binding attribute, the security module (150) for the secure guest (180) in a selected mode, wherein the selected mode prevents certain operations from being intercepted by a hypervisor (170); Intercept (306) a security module data transmission by the trusted component (160); Perform a cryptographic operation on one or more secure objects of the security module data transmission using the confidential binding attribute to perform a cryptographic to provide a result; and to provide a result of the security module data transmission to a receiver, wherein the result contains the cryptographic result.

Description

BACKGROUND One or more aspects generally relate to processing within a data processing environment and, in particular, to protecting data within such an environment. In data processing environments, cryptographic elements are useful technological components for protecting data. Information can be stored or transmitted in a cryptographically secured form to prevent unauthorized access to the stored or transmitted information. In some cases, software-based methods can be used to implement such data protection; in other cases, hardware support and security-specific elements can be employed. These specific elements can be referred to as hardware security modules (HSMs), which can be used as part of a computer or information transmission system within a data processing environment. A hardware security module can contain specific circuitry to provide data encryption and decryption capabilities. These capabilities can also include generating and storing cryptographic keys for use by guest systems, also known as guests. Different guests (e.g., virtual machines (VMs), virtual servers, etc.) are managed by a hypervisor or VM manager. Different guests managed by a shared hypervisor can be created by different owners. A traditional hypervisor has complete control over the guests it hosts. Specifically, the hypervisor has the ability to inspect and even modify the memory of the hosted guest. In a cloud environment, the hypervisor and its administrators must be completely trustworthy. Some guests managed by a hypervisor are called secure guests. A secure guest is a guest that can be hosted by one or more hypervisors that are not fully trusted. The image of such a guest is protected when it is loaded, and the protection of the contents of the resources allocated to the guest (e.g., memory, central processing unit, CPU, registers, etc.) is maintained throughout the guest's lifetime. Guest protection includes at least integrity protection (e.g., the hypervisor cannot maliciously modify any guest state) and may additionally include maintaining confidentiality of the original image, the original code, and the original data running in the guest. Examples of environments that support secure guests include computing protected by AMD SEV (Advanced Micro Devices Secure Encrypted Virtualization) and POWER® . POWER is a trademark or registered trademark of International Business Machines Corporation in at least one country. WO 2011/ 156 261 A1 describes techniques for securely booting and running a virtual machine (VM) image in an untrusted cloud infrastructure. SUMMARY By providing a computer program product that enables processing within a data processing environment, disadvantages of the prior art are overcome and additional advantages are provided. The computer program product includes at least one computer-readable storage medium, readable by at least one processing circuit, which stores instructions for executing a procedure. The procedure includes binding at least one secure object of a security module of the data processing environment to a secure guest of the data processing environment. The secure guest is configured to use the security module. The binding process includes a determination by a trusted component of the data processing environment as to whether the metadata of the secure guest contains a confidential binding attribute for the security module. Based on a determination that the metadata contains the confidential binding attribute, the trusted component configures the security module for the secure guest in a selected mode. The selected mode prevents certain operations from being intercepted by a hypervisor associated with the secure guest. The trusted component intercepts a security module data transmission. Using the confidential binding attribute, a cryptographic operation is performed on one or more secure objects of the security module data transmission to provide a cryptographic result. This result of the security module data transmission is then provided to a recipient. The result contains the cryptographic outcome. Computer-implemented methods and systems that relate to one or more aspects, are also described and claimed herein. Furthermore, services relating to one or more aspects are also described and, where applicable, claimed herein. The methods described herein achieve additional features and advantages. Further embodiments and aspects are described in detail herein and considered as part of the claimed aspects. BRIEF DESCRIPTION OF THE DRAWINGS One or more aspects are particularly emphasized and expressly claimed as examples in the claims at the end of the description. The above statements, as well as the objects, features, and advantages of one or more aspects, will become apparent from the following detailed description in conjunction with the accompanying drawings, in which: 1A represents an example of a data processing environment that incorporates and utilizes one or more aspects of the pres