发明名称 |
ATTESTATION OF COMPUTING PLATFORMS |
摘要 |
A method and apparatus for attesting the configuration of a computing platform to a verifier. A signature key (SK) is bound to the platform and bound to a defined configuration of the platform. A credential (C(SK), CDAA(SK)) for the signature key (SK) is obtained from an evaluator. This credential (C(SK), CDAA(SK)) certifies that the signature key (SK) is bound to an unspecified trusted platform configuration. The platform can then demonstrate to the verifier the ability to sign a challenge from the verifier using the signature key (SK), and demonstrate possession of the credential (C(SK), CDAA(SK)) to the verifier, thereby attesting that the platform has a trusted configuration without disclosing the platform configuration to the verifier. |
申请公布号 |
EP2080142(A2) |
申请公布日期 |
2009.07.22 |
申请号 |
EP20070789866 |
申请日期 |
2007.07.03 |
申请人 |
INTERNATIONAL BUSINESS MACHINES CORPORATION |
发明人 |
CAMENISCH, JAN;PORITZ, JONATHAN;ZIMMERMANN, ROGER |
分类号 |
G06F21/44;G06F21/57;G06F21/64 |
主分类号 |
G06F21/44 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|