| 发明名称 |
METHOD, SYSTEM, AND PROGRAM PRODUCT FOR REMOTELY ATTESTING TO A STATE OF A COMPUTER SYSTEM |
| 摘要 |
A method, system, and program product for remotely attesting to a state of computing system is provided. Specifically, the present invention allows a remote system to establish trust in the properties of the computer system. The properties to be trusted are expanded from the usual system software layers and related configuration files to novel types of data such as static data specific to the computer system, dynamic data determined at system startup, or dynamic data created as the computer system runs applications. |
| 申请公布号 |
US2016381007(A1) |
申请公布日期 |
2016.12.29 |
| 申请号 |
US201615261059 |
申请日期 |
2016.09.09 |
| 申请人 |
International Business Machines Corporation |
发明人 |
Berger Stefan;Goldman Kenneth;Jaeger Trent R.;Perez Ronald;Sailer Reiner;Valdez Enriquillo |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method of a remote system establishing a secure connection to a local system comprising:
receiving a list of names of measured items specific to the local system, values of the measured items, and signed states of current Platform Configuration Register (PCR) values on the remote system from the local system; requesting a secure connection to the local system and receiving an authentication credential of the local system; verifying that the authentication credential is contained in the received list; and determining whether to continue establishing the secure connection based on the verifying. |
| 地址 |
Armonk NY US |
