One approach for ensuring that a computing platform is trustworthy is to establish existence of a root of trust. A root of trust refers to an environment where code may be executed without fear of compromise. A simple example of a root of trust is firmware on read only memory (ROM). ROM firmware is capable of being a root of trust because it, by its very nature, is read-only and therefore cannot be modified, for instance by a malicious attacker. A dynamic root of trust measurement (DRTM) is used to dynamically, that is, at any point during a computer system's lifecycle, establish a root of trust. A DRTM can also be used to reestablish trust of a computer system subsequent to a security compromise caused by malware on the system.
While an evaluation of trust can be useful for establishing trustworthiness of a computing platform, there are drawbacks to current implementations of a DRTM, and in particular when extended to establishing trustworthiness across and among a network of computing platforms. What is needed is an effective and convenient means for establishing end-to-end trust of multiple computing platforms of a network, wherein each computing platform on the network is to be individually evaluated and attested as to its trustworthiness, and wherein each computing platform communicates its trust measurements to other computing platforms, evaluates trust measurements of other computing platforms, and enables/disables services to other computing platforms based on their trustworthiness.