Signed Manifest for Run-Time Verification of Software Program Identity and Integrity
1 Assignment
0 Petitions
Accused Products
Abstract
A measurement engine performs active platform observation. A program includes an integrity manifest to indicate an integrity check value for a section of the program'"'"'s source code. The measurement engine computes a comparison value on the program'"'"'s image in memory and determines if the comparison value matches the expected integrity check value. If the values do not match, the program'"'"'s image is determined to be modified, and appropriate remedial action can be triggered. The integrity manifest can include a secure signature to verify the validity of the integrity manifest.
-
Citations
28 Claims
-
1-13. -13. (canceled)
-
14. An article of manufacture comprising a machine accessible medium having content to provide instructions which, when executed, result in the performance of operations including:
-
loading a known good integrity check value into a memory local to a measurement engine; computing an algorithm on a portion of an agent in a system memory to generate an integrity check value for the agent in system memory; comparing the generated integrity check value with the known good integrity check value to determine if the integrity check values match; and reporting an error condition if the integrity check values do not match. - View Dependent Claims (15, 16, 17)
-
-
18. An apparatus comprising:
-
a memory with an image of a software agent having an integrity manifest, the integrity manifest including a relocation fix-up to indicate an offset value to redirect an operation within the software agent to a particular physical memory location, and an identity test value derived from the source code of the software agent; a processor coupled to the memory to execute the software agent; and an active management module coupled to the memory to derive an additional identity test value from the image of the software agent in memory, compare the identity test value derived from the image in memory to the identity test value derived from the source code, and indicate an agent identification failure if the identity test values do not match. - View Dependent Claims (19, 20, 21, 22)
-
-
23. A system comprising:
-
a memory having instructions thereon to implement a software program, the software program having an integrity manifest with a relocation fix-up including a physical memory offset value, and an integrity check value representing the result of a cryptographic hash of a section of the software program source code from which the instructions come; a service processor coupled to the memory to compare a cryptographic hash of a section of the instructions corresponding to the section of the software program source code to the integrity check value to determine if the instructions in the memory are altered from the source code, and indicate if the instructions in the memory are altered; a network interface coupled to the service processor having an out-of-band communication channel between the service processor and a remote administrator; and a twisted pair communication line coupled to the network interface to transmit the indication of whether the instructions in the memory are altered. - View Dependent Claims (24, 25)
-
-
26. A method comprising:
-
generating an integrity cheek value on a section of a software program; and storing the generated integrity check value with the software program to be used as an expected value to verify an image of the software program as loaded into a system memory. - View Dependent Claims (27, 28)
-
Specification