Various mechanisms exist for checking platform status. In some existing systems, the Trusted Platform Module (TPM) and the techniques promulgated by the Trusted Computing Group entail the use of the TPM as a Root-of-Trust for Storage (RTS) and Reporting (RTR) via the Platform Configuration Registers (PCR's) and Storage Root Key (SRK), respectively. More information can be found on the public Internet at URL www*trustedcomputinggroup*org, where periods in the URLs are replaced with asterisks to avoid inadvertent hyperlinks.
The TPM is a passive piece of hardware. The platform firmware (or microcode) is the Root of Trust for Measurement (RTM). The unified extensible firmware interface (UEFI) Secure Boot adds a Root of Trust for Enforcement of Validation (RTE/RTV), which enables the “Secure Boot.” However, the TPM merely records the status, and on its own does not provide a method for ensuring boot integrity.
Currently, there is only standardization of measured boot, e.g., record but run the image regardless of the status. This scheme is akin to auditing from a security perspective, rather than protection. From a product perspective, it may be acceptable, because a challenger can assess the security posture. However, from a malware perspective, this scheme is unacceptable since the malware was “measured and run.” Once the malware runs, even if it is later detectable, the damage has been done. Thus, there is a need to proactively prohibit the execution of unauthorized code.