公开(公告)号：US20170061131A1

公开(公告)日：2017-03-02

申请号：US14840419

申请日：2015-08-31

Applicant: Cisco Technology, Inc.

Inventor： Omar Santos ,  Christopher M. McCoy ,  Catherine M. Pearce ,  Carlos M. Pignataro ,  Jeff Apcar

IPC: G06F21/57

CPC classification number: G06F21/577 ,  G06F2221/034 ,  H04L63/123 ,  H04L63/18 ,  H04W4/70 ,  H04W12/10 ,  H04W12/1208

Abstract: Techniques are presented herein that validate integrity of a computing device. A command to a first processor of a security module of the computing device is received through an interface unit of the security module on a communication channel external to the computing device. A configuration of the security module cannot be changed by a second processor of the computing device which executes an operating system and at least one application on the computing device. In response to receiving the command, one or more memory devices of the computing device are directly accessed by the first processor independent from the second processor to validate integrity of the computing device.

Abstract translation: 本文给出了验证计算设备的完整性的技术。 通过安全模块的接口单元在计算设备外部的通信信道上接收对计算设备的安全模块的第一处理器的命令。 安全模块的配置不能由执行操作系统的计算设备的第二处理器和计算设备上的至少一个应用来改变。 响应于接收到命令，独立于第二处理器的第一处理器直接访问计算设备的一个或多个存储器件，以验证计算设备的完整性。