| 发明名称 | Host recovery using a secure store | ||
| 摘要 | Approaches are described for enabling a host computing device to store credentials and other security information useful for recovering the state of the host computing device in a secure store, such as a trusted platform module (TPM) on the host computing device. When recovering the host computing device in the event of a failure (e.g., power outage, network failure, etc.), the host computing device can obtain the necessary credentials from the secure store and use those credentials to boot various services, restore the state of the host and perform various other functions. In addition, the secure store (e.g., TPM) may provide boot firmware measurement and remote attestation of the host computing devices to other devices on a network, such as when the recovering host needs to communicate with the other devices on the network. | ||
| 申请公布号 | US9594638(B2) | 申请公布日期 | 2017.03.14 |
| 申请号 | US201313862923 | 申请日期 | 2013.04.15 |
| 申请人 | Amazon Technologies, Inc. | 发明人 | Potlapally Nachiketh Rao;Chawla Rachit;Volkman Jeremy Ryan;Marr Michael David |
| 分类号 | G06F11/00;G06F11/14;G06F21/57 | 主分类号 | G06F11/00 |
| 代理机构 | Hogan Levells US LLP | 代理人 | Hogan Levells US LLP |
| 主权项 | 1. A computer implemented method for performing host recovery using information stored in a secure store, the method comprising: provisioning a trusted platform module (TPM) on a host computing device of a multi-tenant computing environment to store one or more credentials including a cryptographic key, the host computing device including a recovery image that is encrypted, wherein the recovery image is capable of being decrypted using the cryptographic key, the multi-tenant computing environment including a plurality of remote computing devices for use in performing a task in the multi-tenant computing environment; rebooting the host computing device; determining a set of conditions relating to a prior shutdown of the host computing device during the rebooting; contacting the plurality of remote computing devices to determine a status of each of the plurality of remote computing devices, the status indicating that an abnormal shutdown occurred on each of the plurality of remote computing devices; determining, based at least in part on the status and the set of conditions, that an unexpected failure resulting in abnormal shutdown likely occurred on the host computing device prior to rebooting the host computing device; decrypting the recovery image on the host computing device by using the cryptographic key; loading the recovery image onto the host computing device; and providing the recovery image running on the host computing device with access to the one or more credentials stored in the TPM, wherein the one or more credentials are used to initiate one or more services on the host computing device. | ||
| 地址 | Reno NV US | ||