Demonstrating integrity of a compartment of a compartmented operating system
First Claim
1. A method for demonstrating integrity of an operating system compartment in a computing platform having a trusted device, comprising the steps of:
- (a) providing a host operating system;
(b) confirming a status of the host operating system using the trusted device;
(c) providing a compartment of the host operating system; and
(d) confirming a status of the compartment.
2 Assignments
0 Petitions
Accused Products
Abstract
A computing platform 20 runs a compartmented operating system 22 and includes a trusted device 23 for forming an integrity metric which a user can interrogate to confirm integrity of the operating system. Also, the integrity of an individual compartment 24 is verified by examining status information for that compartment including, for example, the identity of any open network connections, the identity of any running processes, and the status of a section of file space allocated to that compartment 24. Hence, the integrity of an individual compartment 24 of the compartmented operating system 22 can be demonstrated.
-
Citations
21 Claims
-
1. A method for demonstrating integrity of an operating system compartment in a computing platform having a trusted device, comprising the steps of:
-
(a) providing a host operating system;
(b) confirming a status of the host operating system using the trusted device;
(c) providing a compartment of the host operating system; and
(d) confirming a status of the compartment. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for use in a computing platform having a trusted device, the method comprising the steps of:
-
(a) providing a host operating system;
(b) verifying a status of the host operating system by comparing an integrity metric formed by the trusted device against an integrity metric in a previously formed certificate;
(c) providing a compartment of the host operating system; and
(d) verifying a status of the compartment by comparing a status metric formed by the trusted device against a status metric in a previously formed certificate. - View Dependent Claims (9)
-
-
10. A computing platform, comprising:
-
a host operating system;
at least one compartment provided by the host operating system;
a trusted device arranged to confirm a status of the host operating system; and
a status unit arranged to confirm a status of the compartment. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 19)
-
-
18. A computing platform, comprising:
-
a host operating system;
a compartment provided by the host operating system; and
a trusted device arranged to obtain an integrity metric of the host operating system for comparison against an integrity metric in a previously formed certificate, and arranged to obtain a status metric of the compartment for comparison against a status metric in a previously formed certificate.
-
-
20. A trusted device for use in a computing platform providing a host operating system having at least one compartment, the trusted device comprising:
-
means arranged in use to obtain an integrity metric of the host operating system for comparison against an integrity metric in a previously formed certificate; and
means arranged in use to obtain a status metric of the compartment for comparison against a status metric in a previously formed certificate. - View Dependent Claims (21)
-
Specification