| 摘要 |
An external personal computer or other computing device is employed as an external security-state monitor to monitor the security state of one or more computer systems. The security-state monitor creates pairs of write-once CDs containing an identical sequence of encryption keys. One CD of a pair remains with the security-state monitor, and the other CD of the pair is provided to the system administrator of a computer system. Keys are employed by the security-state monitor and computer system one time only, and the current key employed can be specified by an index into the sequence of keys stored on the duplicate CDs. When the computer system carries out an initial boot into a secure state, the computer system informs the security-state monitor using the current key from the computer system's CD. The security-state monitor accordingly determines that the computer system is currently secure. Prior to loading the executing the first untrusted software, the secure software executing on the computer system sends a message to the security-state monitor indicating that the computer system is transitioning to an insecure state.
|
