1. Technical Field
The present disclosure relates generally to information processing systems and, more specifically, to trusted computing for blade devices.
2. Background Art
In computing environments, security has become an issue of increasing concern. Computing devices execute firmware and/or software code to perform various operations. The code may be in the form of user applications, BIOS (basic input/output system) routines, operating system routines, etc. The code is often vulnerable to corruption by viruses and other detrimental interference by unauthorized parties. Such corruption, which is typically deliberate, may simply interfere with the normal operation of the system, may destroy files and other important data, and may even be used to surreptitiously gain access to classified information. Various security measures have been developed to protect computer systems from such corruption.
One approach to making computing systems more secure is the implementation of a trusted computing environment. In some such trusted computing environments, integrity metrics are collected and reported in order to determine the state of the hardware and software environment.
Implementing a trusted computing environment for blade devices poses interesting issues. A blade device is a component (typically a hot-swappable device) in a multi-component system that is designed to accept some number of components (blade devices). Blade devices may include, for example, individual servers that plug into a multiprocessing system. Blade devices may also include, for example, individual port cards that add connectivity to a switch.
A blade server is a modular electronic circuit board containing one or more microprocessors and a memory. Typically, a blade server is intended for a single, dedicated application such as serving and caching World Wide Web pages, file sharing, or streaming audio and/or video content. A typical blade server can be easily inserted into a space-saving rack with many similar servers.
A typical blade server system includes two or more blade server units in a chassis (often referred to as a “rack”) along with a single chassis management module (“CMM”) for the chassis. This disclosure addresses problems related to managing, with a single management module, trust functions such as authentication and capability registration for a plurality of blade devices.