发明名称 |
Attesting a component of a system during a boot process |
摘要 |
A method, apparatus and program product for attesting a component of a system during a boot process. The method comprises the steps of: verifying that the system is in a trusted state; in response to verifying that the system is in a trusted state, requesting an enrollment of the system wherein the requesting step further comprises the step of: retrieving enrollment data associated with the system; retrieving current input data associated with the component of the system; comparing the current input data against the enrollment data in order to determine whether the system can retain its trusted state; wherein in response to the comparing step, if the current input data matches the enrollment data, the system retains its trusted state; and accepting the trusted state until receipt of a notification, from the system having a retained trusted state, of an update to the system. |
申请公布号 |
US8869264(B2) |
申请公布日期 |
2014.10.21 |
申请号 |
US201113241835 |
申请日期 |
2011.09.23 |
申请人 |
International Business Machines Corporation |
发明人 |
Mackintosh David N.;Perez Jose J. P.;Walker James W. |
分类号 |
G06F21/00;G06F21/31;G06F21/57 |
主分类号 |
G06F21/00 |
代理机构 |
Yee & Associates, P.C. |
代理人 |
Yee & Associates, P.C. ;LaBaw Jeffrey S. |
主权项 |
1. An apparatus for attesting a component of a system during a boot process, comprising a processor coupled to a memory that contains instructions that are executable by the processor to perform steps of:
verifying that the system is in a trusted state; in response to verifying that the system is in a trusted state, requesting an enrollment of the system, wherein the requesting step further comprises retrieving enrollment data associated with the system; retrieving current input data associated with the component of the system; comparing the current input data against the enrollment data in order to determine whether the system can retain its trusted state; if the current input data matches the enrollment data in response to the comparing step, the system retains its trusted state; and accepting the trusted state until receipt of a notification, from the system having a retained trusted state, of an update to the system. |
地址 |
Armonk NY US |