With the increasing reliance on electronic, web, or software agent based transactions, reliably determining identity of a computer acting on behalf of a particular computer user is becoming increasingly important. Many standards have been developed to allow authentication between various parts of a transactional chain that can extend from a user operating a personal computer, to a local network server, to gateway servers to Wide Area Networks or the internet, and eventually to a target computer. To be a “trusted platform” in a network, a computer must be trusted not to be subverted by preboot software programs that can alter transmitted hardware or software based identification or otherwise permit spoofing of other computer systems. The basis for this trust is a declaration by a known authority that the computer platform can be trusted for an intended purpose.
The Trusted Computing Platform Alliance (TCPA) offers one possible standard for identifying a user and a computer as trustworthy. In typical power-on operation in compliance with the standard, a separate hardware module (using cryptographic hashing techniques) queries the BIOS to determine if it can be trusted, and the BIOS queries the user to ensure that user is authorized to use the platform. The BIOS then interacts with the operating system (OS) loader and the hardware module to determine if the OS loader can be trusted. The OS loader transmits information to the OS kernel so that when the OS kernel loads it knows what software has had access to the system ahead of it. In effect this establishes that the computer system from that point forward is completely controlled by the OS kernel. If proper network authentication techniques are used, both the user and third parties can be confident that the computer is “trustworthy”. Unfortunately, the additional cost of the separate hardware module and implementation concerns have limited widespread use of this or similar systems.