HOST RECOVERY USING A SECURE STORE

摘要

Approaches are described for enabling a host computing device to store credentials and other security information useful for recovering the state of the host computing device in a secure store, such as a trusted platform module (TPM) on the host computing device. When recovering the host computing device in the event of a failure (e.g., power outage, network failure, etc.), the host computing device can obtain the necessary credentials from the secure store and use those credentials to boot various services, restore the state of the host and perform various other functions. In addition, the secure store (e.g., TPM) may provide boot firmware measurement and remote attestation of the host computing devices to other devices on a network, such as when the recovering host needs to communicate with the other devices on the network.

主权项

1. A computer implemented method for performing host recovery using information stored in a secure store, the method comprising:
under the control of one or more computer systems configured with executable instructions,
provisioning a trusted platform module (TPM) on a host computing device to store one or more credentials including a cryptographic key, the host computing device including a recovery image that is encrypted, wherein the recovery image is capable of being decrypted using the cryptographic key;rebooting the host computing device;determining, based on a set of conditions during the rebooting, that a failure likely occurred on the host computing device prior to rebooting the host computing device;decrypting the recovery image on the host computing device by using the cryptographic key;loading the recovery image onto the host computing device; andproviding the recovery image running on the host computing device with access to the one or more credentials stored in the TPM, wherein the one or more credentials are used to initiate one or more services on the host computing device.