Invention Grant
- Patent Title: Methods and systems to measure a hypervisor after the hypervisor has already been measured and booted
-
Application No.: US15059485Application Date: 2016-03-03
-
Publication No.: US10152600B2Publication Date: 2018-12-11
- Inventor: Carlos V. Rozas , Vincent R. Scarlata
- Applicant: Intel Corporation
- Applicant Address: US CA Santa Clara
- Assignee: Intel Corporation
- Current Assignee: Intel Corporation
- Current Assignee Address: US CA Santa Clara
- Agency: Trop, Pruner & Hu, P.C.
- Main IPC: G06F21/57
- IPC: G06F21/57 ; G06F9/455 ; G06F21/53
Abstract:
An embodiment: (a) receives a request for a measurement of a hypervisor from at least one computing node that is external to the at least one machine; (b) executes a previously measured measuring agent to measure the hypervisor, after the hypervisor is measured and booted, to generate a measurement while: (b)(i) the at least one machine is in virtual machine extension (VMX) root operation, and (b)(ii) the measuring agent is in a protected mode; (c) attest to the measurement, based on at least one encryption credential, to generate an attested measurement output; and (d) communicate the attested measurement output to the at least one computing node. The hypervisor does not include the at least one encryption credential while the measuring agent is measuring the booted hypervisor. Other embodiments are described herein.
Public/Granted literature
- US20170024563A1 Methods and Apparatus for Remeasuring A Virtual Machine Monitor Public/Granted day:2017-01-26
Information query
