Remote attestation of host devices

摘要

Approaches are described for enabling a host computing device to store credentials and other security information useful for recovering the state of the host computing device in a secure store, such as a trusted platform module (TPM) on the host computing device. When recovering the host computing device in the event of a failure (e.g., power outage, network failure, etc.), the host computing device can obtain the necessary credentials from the secure store and use those credentials to boot various services, restore the state of the host and perform various other functions. In addition, the secure store (e.g., TPM) may provide boot firmware measurement and remote attestation of the host computing devices to other devices on a network, such as when the recovering host needs to communicate with the other devices on the network.

主权项

1. A computer implemented method for verifying a host computing device, the method comprising: analyzing one or more conditions during boot time of a host computing device; detect, based at least in part on the one or more conditions, that a failure on the host computing device, prior to boot time, caused the host computing device to terminate operation; loading a recovery image onto the host computing device, the recovery image configured to restore at least a portion of state on the host computing device; obtaining a boot firmware measurement of the loaded recovery image by a trusted platform module (TPM) on the host computing device; recording the boot firmware measurement in the TPM on the host computing device; receiving, from a remote computing device to the TPM, a request to perform attestation of the recovery image loaded onto the host computing device; and attesting the recovery image to the remote computing device based at least in part on the boot firmware measurement recorded on the TPM.