TRUSTED COMPUTING BASE EVIDENCE BINDING FOR A MIGRATABLE VIRTUAL MACHINE

TRUSTED COMPUTING BASE EVIDENCE BINDING FOR A MIGRATABLE VIRTUAL MACHINE

In an embodiment, at least one computer readable medium has instructions stored thereon for causing a system to cryptographically sign, at a secure platform services enclave (PSE) of a computing system and using a secure attestation key (SGX AK), a public portion of a trusted platform module attesta...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Dasari, Annapurna, Scott-Nash, Mark E, Wiseman, Willard M
Format: Patent
Sprache:eng ; fre ; ger
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:In an embodiment, at least one computer readable medium has instructions stored thereon for causing a system to cryptographically sign, at a secure platform services enclave (PSE) of a computing system and using a secure attestation key (SGX AK), a public portion of a trusted platform module attestation key (TPM AK) associated with a trusted computing base of a physical platform, to form a certified TPM AK public portion. Also included are instructions to store the certified TPM AK public portion in the PSE, and instructions to, responsive to an attestation request received from a requester at a virtual trusted platform module (vTPM) associated with a virtual machine (VM) that has migrated onto the physical platform, provide to the requester the certified TPM AK public portion stored in the PSE. Other embodiments are described and claimed.