-
公开(公告)号:US20120131334A1
公开(公告)日:2012-05-24
申请号:US13289044
申请日:2011-11-04
IPC分类号: H04L29/06
CPC分类号: G06F21/57 , G06F9/4401 , G06F2009/45587 , G06F2221/034
摘要: A technique for attesting a plurality of data processing systems. The method includes: configuring a chain of data processing systems wherein a first data processing system is responsible for retrieving attestation data associated with a second data processing system; sending a request for attestation of the first data processing system; in response to receiving the request, retrieving a list of associated one or more children, wherein the one or more children comprise the second data processing system; retrieving and storing attestation data associated with each child; retrieving and storing attestation data associated with the first data processing system; and sending to the requester a concatenated response containing the attestation data associated with the first and second data processing systems, such that the attestation data associated with the first and second data processing systems can be used to attest the first and second data processing systems, respectively.
摘要翻译: 一种证明多个数据处理系统的技术。 该方法包括:配置数据处理系统链,其中第一数据处理系统负责检索与第二数据处理系统相关联的认证数据; 发送第一数据处理系统的认证请求; 响应于接收到所述请求,检索相关联的一个或多个子项的列表,其中所述一个或多个子组成所述第二数据处理系统; 检索和存储与每个孩子相关联的证明数据; 检索和存储与第一数据处理系统相关联的证明数据; 以及向所述请求者发送包含与所述第一和第二数据处理系统相关联的认证数据的级联响应,使得与所述第一和第二数据处理系统相关联的证明数据可以分别用于证明所述第一和第二数据处理系统 。
-
公开(公告)号:US20120084549A1
公开(公告)日:2012-04-05
申请号:US13241835
申请日:2011-09-23
IPC分类号: G06F9/00
CPC分类号: G06F21/575 , G06F21/31 , G06F2221/2141
摘要: A method, apparatus and program product for attesting a component of a system during a boot process. The method comprises the steps of: verifying that the system is in a trusted state; in response to verifying that the system is in a trusted state, requesting an enrollment of the system wherein the requesting step further comprises the step of: retrieving enrollment data associated with the system; retrieving current input data associated with the component of the system; comparing the current input data against the enrollment data in order to determine whether the system can retain its trusted state; wherein in response to the comparing step, if the current input data matches the enrollment data, the system retains its trusted state; and accepting the trusted state until receipt of a notification, from the system having a retained trusted state, of an update to the system.
摘要翻译: 一种用于在引导过程期间证明系统的组件的方法,装置和程序产品。 该方法包括以下步骤:验证系统处于可信状态; 响应于验证系统处于可信状态,请求系统的注册,其中所述请求步骤还包括以下步骤:检索与所述系统相关联的注册数据; 检索与系统的组件相关联的当前输入数据; 将当前输入数据与登记数据进行比较,以确定系统是否可以保留其可信状态; 其中响应于所述比较步骤,如果所述当前输入数据与所述注册数据匹配,则所述系统保持其可信状态; 以及接受所述受信任状态,直到从具有保留的可信状态的系统接收到到所述系统的更新的通知。
-
公开(公告)号:US20130080756A1
公开(公告)日:2013-03-28
申请号:US13459164
申请日:2012-04-28
IPC分类号: G06F9/00
CPC分类号: G06F21/575 , G06F21/31 , G06F2221/2141
摘要: A method for attesting a component of a system during a boot process. The method comprises the steps of: verifying that the system is in a trusted state; in response to verifying that the system is in a trusted state, requesting an enrollment of the system wherein the requesting step further comprises the step of: retrieving enrollment data associated with the system; retrieving current input data associated with the component of the system; comparing the current input data against the enrollment data in order to determine whether the system can retain its trusted state; wherein in response to the comparing step, if the current input data matches the enrollment data, the system retains its trusted state; and accepting the trusted state until receipt of a notification, from the system having a retained trusted state, of an update to the system.
-
公开(公告)号:US20120216255A1
公开(公告)日:2012-08-23
申请号:US13460080
申请日:2012-04-30
IPC分类号: G06F21/00
CPC分类号: G06F21/57 , G06F9/4401 , G06F2009/45587 , G06F2221/034
摘要: A technique for attesting a plurality of data processing systems. The method includes: configuring a chain of data processing systems wherein a first data processing system is responsible for retrieving attestation data associated with a second data processing system; sending a request for attestation of the first data processing system; in response to receiving the request, retrieving a list of associated one or more children, wherein the one or more children comprise the second data processing system; retrieving and storing attestation data associated with each child; retrieving and storing attestation data associated with the first data processing system; and sending to the requester a concatenated response containing the attestation data associated with the first and second data processing systems, such that the attestation data associated with the first and second data processing systems can be used to attest the first and second data processing systems, respectively.
摘要翻译: 一种证明多个数据处理系统的技术。 该方法包括:配置数据处理系统链,其中第一数据处理系统负责检索与第二数据处理系统相关联的认证数据; 发送第一数据处理系统的认证请求; 响应于接收到所述请求,检索相关联的一个或多个子项的列表,其中所述一个或多个子组成所述第二数据处理系统; 检索和存储与每个孩子相关联的证明数据; 检索和存储与第一数据处理系统相关联的证明数据; 以及向所述请求者发送包含与所述第一和第二数据处理系统相关联的认证数据的级联响应,使得与所述第一和第二数据处理系统相关联的证明数据可以分别用于证明所述第一和第二数据处理系统 。
-
-
-
搜索结果
4 条记录 (耗时 0.009 秒)
