Unlock instant, AI-driven research and patent intelligence for your innovation.

System and method for trusted platform attestation

A trusted, operating system technology, applied in the field of information system security, which can solve problems such as system failure and information leakage, system instability, computing platform confidentiality, integrity and availability loss

Active Publication Date: 2013-10-23
CISCO TECH INC
View PDF3 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

If the BIOS code or configuration is changed maliciously or accidentally from the desired state, the computing platform may suffer the loss of confidentiality, integrity and availability, including system instability, system failure and information leakage

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System and method for trusted platform attestation
  • System and method for trusted platform attestation
  • System and method for trusted platform attestation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0014] overview

[0015] In one example embodiment there is provided a method comprising storing a reference measure of an object in trusted storage and retrieving the reference measure from the trusted storage before an operating system is loaded. In a pre-operating system environment, reference metrics can be compared (e.g., evaluated, analyzed, matched, etc.) Apply policy actions. Any suitable policy action may be implemented in this context. In a more specific embodiment, the reference metric is a metric of firmware, such as a BIOS, and more specifically, the metric may be a hash of the firmware. Alternatively, such metrics may be any other suitable object, electronic component, or result associated with some processing of a microcontroller.

[0016] In some example embodiments, the gold metric is stored locally so that it is accessible without a network connection. In an alternative embodiment, the gold metric may be stored in a system manager that is only accessible ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A method is provided in one example embodiment that includes storing a reference measurement of an object in a trusted storage and retrieving the reference measurement from the trusted storage before an operating system is loaded. In a pre-operating system environment, the reference measurement can be compared with a golden measurement and a policy action can be applied if a variance is detected between the reference measurement and the golden measurement. In more particular embodiments, the reference measurement is a measurement of firmware, and yet more particularly, the measurement is a hash of the firmware.

Description

technical field [0001] The present disclosure relates generally to information system security, and more particularly to systems and methods for trusted platform attestation. Background technique [0002] Computing platforms typically rely on a basic input / output system (BIOS) to initialize hardware during startup. The BIOS is generally configurable firmware, and due to its unique and privileged position in the architecture, the BIOS is a critical security component in computing platforms. If the BIOS code or configuration is maliciously or accidentally changed from a desired state, the computing platform may suffer from loss of confidentiality, integrity and availability, including system instability, system failure and information leakage. Platforms can also be vulnerable to more carefully planned attacks such as covert surveillance, in which case the platform can be used as a stepping stone for attacking other systems. Therefore, establishing a secure BIOS integrity mea...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/51G06F21/57
CPCG06F21/57G06F9/30101H04L9/0877
Inventor 威廉·E·雅各布斯
Owner CISCO TECH INC