Multiple trusted computing environments with verifiable environment identities
First Claim
1. A method for verifying integrity of a computing environment, comprising the steps of:
- identifying a computing environment which it is desired to verify;
obtaining an integrity metric associated with the identified computing environment;
signing the integrity metric with a signature key, to form a signed integrity metric, the signed integrity metric including information identifying a computing environment; and
transmitting the signed integrity metric to a challenger.
3 Assignments
0 Petitions
Accused Products
Abstract
A host computing platform 20 provides one or more computing environments 24 and includes a trusted device 213 arranged to form an integrity metric individual to each computing environment 24. The integrity metric is provided to a user 10 in response to an integrity challenge, signed for authentication using a signature key 213 held by the trusted device. In one embodiment the trusted device 213 selects a signature key unique to the computing environment 24, or in a second embodiment the trusted device forms the signed integrity metric including an identity label, in each case such that the user 10 can verify that the signed integrity metric corresponds to the expected computing environment 24.
-
Citations
55 Claims
-
1. A method for verifying integrity of a computing environment, comprising the steps of:
-
identifying a computing environment which it is desired to verify;
obtaining an integrity metric associated with the identified computing environment;
signing the integrity metric with a signature key, to form a signed integrity metric, the signed integrity metric including information identifying a computing environment; and
transmitting the signed integrity metric to a challenger. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 47, 48, 49, 50, 51, 52, 53)
-
-
46. A computing platform supporting at least one computing environment, the computing platform comprising:
a trusted device unit arranged to identify a computing environment which it is desired to verify, obtain an integrity metric associated with the identified computing environment, sign the integrity metric with a signature key to form a signed integrity metric, the signed integrity metric including information identifying a computing environment, and transmitting the signed integrity metric to a challenger.
-
54. A method for verifying a computing environment, substantially as hereinbefore described with reference to FIG. 7 of the accompanying drawings.
-
55. A computing platform substantially as hereinbefore described with reference to FIGS. 6 and 7 of the accompanying drawings.
Specification