Indicating whether a system has booted up from an untrusted image

摘要

Systems, methods, and machine-readable media for indicating that a system has booted an untrusted image are provided. The system may be configured to receive instructions to boot up an image and determine whether the image to be booted up is untrusted. If the image is untrusted, the system may set an indicator to indicate that the system has booted from an untrusted image and booting the image.

主权项

1. A computer-implemented method for indicating that a computing device has booted an untrusted image, the method comprising:
receiving, via a network, an image from a source external to the computing device; receiving instructions, to boot up the image; determining whether the source external to the computing device is a trusted source, wherein determining comprises the steps of:
retrieving a digital signature appended to the image,decrypting the digital signature using a cryptographic key, andcomparing the decrypted digital signature with a message digest computed based on the image; permanently setting, if the image is not from a trusted source, an indicator to indicate that the computing device has booted from an untrusted image, the indicator implemented as a trusted platform module (TPM) chip configured to be permanently written to once, such that the indicator cannot be rewritten; booting the image; sending a request for accessing at least one resource; receiving, from an entity controlling access to the at least one resource, a request for an indicator status; and providing the entity with the indicator status, wherein the entity is configured to restrict access to the at least one resource if the indicator status indicates that an untrusted image has been booted by the computing device.