Method, system, and program product for remotely attesting to a state of a computer system

Abstract

A method, system, and program product for remotely attesting to a state of computing system is provided. Specifically, the present invention allows a remote system to establish trust in the properties of the computer system. The properties to be trusted are expanded from the usual system software layers and related configuration files to novel types of data such as static data specific to the computer system, dynamic data determined at system startup, or dynamic data created as the computer system runs applications.

Description

BACKGROUND OF THE INVENTION[0001]1. Field of the Invention[0002]This invention relates to remotely establishing the specific or dynamic properties of a computer system. More specifically, it relates to remotely establishing trust in properties of a computer system.[0003]2. Related Art[0004]Current Trusted Computing Group (TCG) use cases provide the means for remote parties to attest to the software state of a computer system / platform. The software state includes measurements of the software chain, and might include configuration files used to initialize or customize a software module. The attestation method, as described in TCG documents, begins with a Core Root of Trust for Measurement (CRTM) that measures the software and possibly configuration files of the next layer of software to run. Each layer in turn measures the next layer before calling it. Digests of these measurements are extended through a one-way hash function into Platform Configuration Registers (PCRs) contained in a...

AI Technical Summary

Benefits of technology

[0010]The present invention expands the current use of PCRs to include not only common, static data measurements, but also computer system-specific, static data measurements and dynamic data. Adding static but system specific measurements allows a remote system to attest to and therefore attach those measurements to measurements of common data such as the software running on the system. Such static data would typically be present at system startup. An example of system specific static data is a network communications channel public key or certificate. Adding these measurements to PCRs allows a remote system to attest to the system properties at the end points of a secure communication channel by anchoring public keys and relevant attributes associated with establishing a secure channel to the system's integrity measurements.

Problems solved by technology

While this attestation is valuable for trusted computing, it does not address establishing trust in data that may be specific to a system or even data that may be generated or changed as the system runs.

Unfortunately, these two separate mechanisms do not ensure that the system for which properties are established during remote attestation is the same system at which the protected tunnel ends.

Drawbacks of known solutions include (among others): (1) third parties are difficult to establish; (2) third parties are currently unable to solve key revocation in a scalable and cost-efficient way; and (3) it is extremely difficult to find commonly trusted parties in heterogeneous distributed environments.

Images