Apparatus and method for creating a trusted environment
First Claim
1. A computer apparatus for creating a trusted environment comprising a trusted device arranged to acquire a first integrity metric to allow determination as to whether the computer apparatus is operating in a trusted manner;
- a processor arranged to allow execution of a first trust routine and associated first operating environment, and means for restricting access of the first operating environment to resources available to the trust routine, wherein the trust routine is arranged to acquire a second integrity metric to allow determination as to whether the first operating environment is operating in a trusted manner.
2 Assignments
0 Petitions
Accused Products
Abstract
A computer apparatus for creating a trusted environment comprising a trusted device arranged to acquire a first integrity metric to allow determination as to whether the computer apparatus is operating in a trusted manner; a processor arranged to allow execution of a first trust routine and associated first operating environment, and means for restricting the first operating environment access to resources available to the trust routine, wherein the trust routine being arranged to acquire the first integrity metric and a second integrity metric to allow determination as to whether the first operating environment is operating in a trusted manner.
-
Citations
18 Claims
-
1. A computer apparatus for creating a trusted environment comprising a trusted device arranged to acquire a first integrity metric to allow determination as to whether the computer apparatus is operating in a trusted manner;
- a processor arranged to allow execution of a first trust routine and associated first operating environment, and means for restricting access of the first operating environment to resources available to the trust routine, wherein the trust routine is arranged to acquire a second integrity metric to allow determination as to whether the first operating environment is operating in a trusted manner.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
11. A method for creating a trusted environment comprising acquiring a first integrity metric to allow determination as to whether a computer apparatus is operating in a trusted manner;
- executing a first trust routine and an associated first operating environment, restricting the first operating environment'"'"'s access to resources available to the trust routine, and arranging the trust routine to acquire a second integrity metric to allow determination as to whether the first operating environment is operating in a trusted manner.
- View Dependent Claims (12, 13, 14)
-
15. A data structure comprising an attestation identity certificate for a trusted device in computer apparatus, the attestation identity certificate comprising at least a public key, a label, and a description of the computer apparatus including its virtualization processes to enable the trusted device to provide credentials for trust routines, all being signed by a trusted party.
- 16. A data structure comprising an attestation identity certificate for a trust routine running on computer apparatus having a trusted device, the attestation identity certificate comprising at least a public key and a label, all being signed by a trusted party.
Specification