公开(公告)号：US20090049305A1

公开(公告)日：2009-02-19

申请号：US12258332

申请日：2008-10-24

申请人： Steven A. Bade ,  Ryan Charles Catherman ,  James Patrick Hoff ,  William Lee Terrel

发明人： Steven A. Bade ,  Ryan Charles Catherman ,  James Patrick Hoff ,  William Lee Terrel

IPC分类号： H04L9/00 ,  G06F15/177

CPC分类号： G06F21/57

摘要： An architecture for a distributed data processing system comprises a system-level service processor along with one or more node-level service processors; each are uniquely associated with a node, and each is extended to comprise any components that are necessary for operating the nodes as trusted platforms, such as a TPM and a CRTM in accordance with the security model of the Trusted Computing Group. These node-level service processors then inter-operate with the system-level service processor, which also contains any components that are necessary for operating the system as a whole as a trusted platform. A TPM within the system-level service processor aggregates integrity metrics that are gathered by the node-level service processors, thereafter reporting integrity metrics as requested, e.g., to a hypervisor, thereby allowing a large distributed data processing system to be validated as a trusted computing environment while allowing its highly parallelized initialization process to proceed.

摘要翻译： 用于分布式数据处理系统的架构包括系统级服务处理器以及一个或多个节点级服务处理器; 每个都与节点唯一相关联，并且每个都被扩展以包括根据可信计算组的安全模型将节点操作为可信平台（例如TPM和CRTM）所需的任何组件。 然后，这些节点级服务处理器与系统级服务处理器互操作，系统级服务处理器还包含将系统作为整体操作为可信平台所必需的任何组件。 系统级服务处理器内的TPM聚合由节点级服务处理器收集的完整性度量，此后根据请求报告完整性度量，例如向管理程序报告，从而允许将大型分布式数据处理系统验证为可信任的 同时允许其高度并行化的初始化过程进行。