ISO/IEC DIS 27070

DRAFT INTERNATIONAL STANDARD
ISO/IEC DIS 27070
ISO/IEC JTC 1/SC 27 Secretariat: DIN
Voting begins on: Voting terminates on:
2020-12-14 2021-03-08
Information technology — Security techniques —
Requirements for establishing virtualized roots of trust
ICS: 35.030
THIS DOCUMENT IS A DRAFT CIRCULATED
FOR COMMENT AND APPROVAL. IT IS
THEREFORE SUBJECT TO CHANGE AND MAY
NOT BE REFERRED TO AS AN INTERNATIONAL
STANDARD UNTIL PUBLISHED AS SUCH.
IN ADDITION TO THEIR EVALUATION AS
BEING ACCEPTABLE FOR INDUSTRIAL,
This document is circulated as received from the committee secretariat.
TECHNOLOGICAL, COMMERCIAL AND
USER PURPOSES, DRAFT INTERNATIONAL
STANDARDS MAY ON OCCASION HAVE TO
BE CONSIDERED IN THE LIGHT OF THEIR
POTENTIAL TO BECOME STANDARDS TO
WHICH REFERENCE MAY BE MADE IN
Reference number
NATIONAL REGULATIONS.
ISO/IEC DIS 27070:2020(E)
RECIPIENTS OF THIS DRAFT ARE INVITED
TO SUBMIT, WITH THEIR COMMENTS,
NOTIFICATION OF ANY RELEVANT PATENT
RIGHTS OF WHICH THEY ARE AWARE AND TO
PROVIDE SUPPORTING DOCUMENTATION. ISO/IEC 2020
---------------------- Page: 1 ----------------------
ISO/IEC DIS 27070:2020(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2020

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting

on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address

Foreword ........................................................................................................................................................................................................................................iv

Introduction ..................................................................................................................................................................................................................................v

1 Scope ................................................................................................................................................................................................................................. 1

2 Normative references ...................................................................................................................................................................................... 1

3 Terms and definitions ..................................................................................................................................................................................... 1

3.1 General ........................................................................................................................................................................................................... 1

3.2 Terms relating to security and privacy............................................................................................................................... 1

4 Symbols and abbreviated terms ........................................................................................................................................................... 2

5 Functional view ...................................................................................................................................................................................................... 3

5.1 Overview ...................................................................................................................................................................................................... 3

5.2 Hardware layer components ....................................................................................................................................................... 4

5.2.1 Functional requirements of key components ......................................................................................... 5

5.2.2 Security requirements of key components ............................................................................................... 5

5.3 VMM layer components ................................................................................................................................................................... 5

5.3.1 Functional requirements of key components ......................................................................................... 6

5.3.2 Security requirements of key components ............................................................................................... 7

5.4 VM layer components ........................................................................................................................................................................ 8

5.5 Cloud OS layer components ......................................................................................................................................................... 8

5.5.1 Functional requirements of key components ......................................................................................... 9

5.5.2 Security requirements of key components ............................................................................................... 9

6 Activity view .............................................................................................................................................................................................................. 9

6.1 Introduction .............................................................................................................................................................................................. 9

6.2 Transitive trust........................................................................................................................................................................................ 9

6.2.1 Transitive trust in host ............................................................................................................................................10

6.2.2 Transitive trust in VMM ..........................................................................................................................................10

6.2.3 Transitive trust in VM ...............................................................................................................................................11

6.3 Integrity measurement .................................................................................................................................................................11

6.4 Remote attestation ...........................................................................................................................................................................11

6.5 Data protection ....................................................................................................................................................................................12

6.5.1 Data binding ......................................................................................................................................................................13

6.5.2 Data sealing .......................................................................................................................................................................13

6.6 vTM migration ......................................................................................................................................................................................14

Annex A (informative) Relationship between Activity and Functional views .........................................................17

ISO (the International Organization for Standardization) and IEC (the International Electrotechnical

Commission) form the specialized system for worldwide standardization. National bodies that are

members of ISO or IEC participate in the development of International Standards through technical

committees established by the respective organization to deal with particular fields of technical

activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international

organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the

work. In the field of information technology, ISO and IEC have established a joint technical committee,

International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.

The main task of the joint technical committee is to prepare International Standards. Draft International

Standards adopted by the joint technical committee are circulated to national bodies for voting.

Publication as an International Standard requires approval by at least 75 % of the national bodies

Attention is drawn to the possibility that some of the elements of this document may be the subject of

patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.

ISO/IEC 27070 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,

Trusted computing is a kind of security technology based on hardware trusted modules, which aims to

ensure that a computer behaves as expected. The trusted computing technology is developing fast since

The emergence of cloud computing provides a new application scenario for trusted computing

technology. Trusted Virtual Machines (VMs) based on a physical Root of Trust (RoT) is an effective

way to ensure the secure and trusted migration of VMs in cloud. However, in the cloud computing

environment, a single physical RoT only provides limited resources and computing efficacy, which

is not enough for the large number of VMs on one server.To address this issue, virtualized RoTs are

utilized. Using virtualization technology to create multiple virtualized RoTs on a single physical

platform, providing a virtualized RoT for each VM, combined with cryptographic technology to support

secure and trusted migration of VMs, thereby building a trusted cloud computing environment. The

establishment procedure of virtualized RoTs consists of multiple steps, and any security problem in

each step will diminish the robustness of virtualized RoTs, resulting in the failure of trusted functions.

This document specifies functional requirements and security requirements for establishment and

operation of virtualized RoTs. The development of this standard also provides a reference for applying

the trusted computing technology in the cloud computing environment. The goal of the document is to

This document specifies requirements for establishing virtualized roots of trust.

The following documents, in whole or in part, are normatively referenced in this document and are

indispensable for its application. For dated references, only the edition cited applies. For undated

references, the latest edition of the referenced document (including any amendments) applies.

ISO/IEC 11889-1:2015, Information technology — Trusted platform module library — Part 1: Architecture

ISO/IEC 10118-3, IT Security techniques — Hash-functions — Part 3: Dedicated hash-functions

For the purposes of this document, the terms and definitions given in ISO/IEC 27070 apply.

ISO and IEC maintain terminological databases for use in standardization at the following addresses:

particular type of trusted module (3.2.8) signing key that has a restriction on its use, in order to

a key that is used in a process for the issuance of attestation key (3.2.1) credentials and to establish a

process of calculating the hash value of the measured object using the cryptographic hash algorithm

shielded locations are places (memory, register, etc.) where it is safe to operate on sensitive

component that needs to always behave in the expected manner because its misbehavior cannot be

Note 1 to entry: The complete set of roots of trust has at least the minimum set of functions to enable a description

process of evaluating integrity measurements generated using a root of trust (3.2.5) for measurement,

information that, as determined by a competent authority, must be protected because its disclosure,

modification, destruction, or loss will cause perceivable damage to someone or something

hardware module for trusted computing providing integrity measurement, integrity report,

cryptographic service, random number generation, secure storage functions and a set of platform

Note 1 to entry: There are several implementations of trusted module, such as TPM, TCM, etc.

a virtualized hardware environment in which an operating system may execute, but whose functions

component associated with a single virtual machine (3.2.9) that provides the functionality described in

one or more platform configuration registers within a virtualized trusted module (3.2.10)

This clause provides a neutral architectural view of functional components required by trusted

computing activities in the cloud computing environment, and presents the functional and security

Figure 1 shows a framework of the required functional components, where specific types of functions

At the bottom of the architecture, the hardware layer that includes hardware resources and devices

is the base for building a trusted computing platform. This layer provides a Root of Trust (RoT) for

the physical machine that typically offers trusted platform services for the Virtual Machine Monitor

This layer also includes the Core Root of Trust for Measurement (CRTM), the initial set of instructions

executed for establishing a new chain of trust for integrity measurement. Typically, the CRTM is

— Power: Powering the computer system for booting and running. TM does not monitor the power

supply level, in some circumstances, TM will control the power, such as power off when trusted

— TM: A trusted module on a special co-processor or chip with capabilities that include but not limited

to integrity measurement, integrity reporting, generation of signatures for measured integrity

— BIOS/UEFI: A firmware with capabilities of initializing the platform, starting an Operating System

The Power, BIOS/UEFI and Central Processing Unit (CPU) have no special functional or security features

to support virtualized RoTs. Hence this document only lists the functional and security requirements

— Support the integrity measurement, storing, generation of signatures for measured integrity values

— Support cryptographic algorithms, such as hash algorithm, encryption/decryption algorithm, but

— Protect integrity measurements in the Platform Configuration Register (PCR) during system start-up.

— Process the instructions using the internal firmware and logic circuits, which does not depend on

NOTE This document does not preclude integrated TPM designs prevalent in the industry today.

— Ensure the security of confidential information, such as PCR values, keys, etc.

— Provide the secure storage area to store a Storage Root Key (SRK) to ensure the security of the key

The VMM layer provides virtualization services to VMs and ensures that VMs can operate independently.

This layer also provides virtualized RoTs for VMs, which includes virtual Root of Trust for Measurement

(vRTM), virtual Root of Trust for Reporting (vRTR) and virtual Root of Trust for Storage (vRTS).

— VMM: It virtualizes the underlying hardware platform to enable multiple VMs to run in isolated

— Unified TSS-1: It provides a unified interface for upper layer applications to utilize TM functions

without considering heterogeneous Trusted Software Stack (TSS) implementations specifically.

— vTM Manager: It establishes and maintains the binding list between each vTM instance and VM.

It is responsible for creation, instantiation, deletion, start, stop and migration of the vTM instance

— vTM Instance: It emulates a hardware TM. Each vTM instance imitates interfaces and functions

— RA Client: It retrieves and transmits the integrity evidence of host and VMM layer. It does not leak

the sensitive information during communication with Remote Attestation (RA) server.

— Migration Engine: It provides capabilities of package, serialization and protection for vTM state

data during transmission. It guarantees that only one vTM instance is active during transmission

The VMM, Unified TSS-1 and RA Client have no special functional or security features to support