Invention Grant
- Patent Title: Attestation-based scheme for validating peering setups for critical infrastructure protocols
-
Application No.: US17857729Application Date: 2022-07-05
-
Publication No.: US11652874B2Publication Date: 2023-05-16
- Inventor: Sujal Sheth , Shwetha Subray Bhandari , Eric Voit , William F. Sulzen , Frank Brockners
- Applicant: Cisco Technology, Inc.
- Applicant Address: US CA San Jose
- Assignee: Cisco Technology, Inc.
- Current Assignee: Cisco Technology, Inc.
- Current Assignee Address: US CA San Jose
- Agency: Polsinelli
- Main IPC: G06F15/173
- IPC: G06F15/173 ; H04L67/104 ; H04L9/40 ; H04W24/10 ; H04L9/32 ; H04L61/4511 ; H04L67/1001
Abstract:
A verifier peer system transmits a request to an application of another peer system to obtain integrity data of the application. In response to the request, the verifier peer system obtains a response that includes kernel secure boot metrics of the other peer system and integrity data of the application and of any application dependencies. If the verifier peer system determines that the response is valid, the verifier peer system evaluates the integrity data and the kernel secure boot metrics against a set of Known Good Values to determine whether the integrity data and the kernel secure boot metrics are valid. If the integrity data and the kernel secure boot metrics are valid, the verifier peer system determines that the other peer system is trustworthy.
Public/Granted literature
- US20220353322A1 ATTESTATION-BASED SCHEME FOR VALIDATING PEERING SETUPS FOR CRITICAL INFRASTRUCTURE PROTOCOLS Public/Granted day:2022-11-03
Information query
