A Trusted Computing Base (TCB) is typically defined as the portion of a system that is relied on to enforce the security policy of a computing platform. Over time, modern TCBs have become complex, thus making it increasingly difficult to prove or otherwise verify that a TCB is properly and securely established for a particular computing platform. Evaluation of the security and integrity of the platform state is also difficult when the trustworthiness of platform firmware or BIOS cannot be established.
Existing techniques for addressing TCB verification issues generally rely on static measurement of binaries and system configuration elements. Unfortunately, such solutions tend to be brittle, meaning that any change to the system state (no matter the significance) requires re-evaluation and measurement. Existing techniques are also limited to platform startup and to software components in the boot path.
As is well known to those skilled in the art, the term “measurement” when used with respect to trusted computing refers to evaluating or measuring software binaries or other code such that the measurement result is both unique and indicates changes in the executable. One common method for performing software measurement is to apply a cryptographic hash algorithm to the software. Such algorithms will produce different results where even one-bit changes to the measured software have occurred. Cryptographic hash algorithms also typically produce outputs that are sufficiently large that the potential for collisions (where two hash values are the same) is extremely small. Thus, comparing a known hash value to the hash value of measured software can be used to determine whether that software has changed from a known or expected state. As a result, these types of measurements are very useful for many TCB scenarios.