1. Field of the Invention
The present invention relates to the field of trusted computing and more particularly to the rendezvous process of a trusted platform module (TPM).
2. Description of the Related Art
Trusted computing refers to the arrangement of hardware, firmware and software components in a computing system in order to prevent information leakage in the computing system. Initially applied to the problem of digital rights management (DRM) in sound recordings and audiovisual works, trusted computing has been broadly envisioned to provide next generation DRM for a more diverse selection of works of authorship—particular documents and electronic communications. Through trusted computing initiatives, presently advanced by the not-for-profit organization, the Trusted Computing Group of Portland, Oreg., trusted computing intends to provide a more secure and trusted computing platform.
The principal portion of a trusted computing environment includes a trusted platform. The trusted platform generally includes a tamper resistant processor able to accept a number of kernel calls for random number generation, key creation, key management, secret management and encryption. The kernel of the trusted platform includes a configuration for measuring the state of the trusted platform including a hosted operating system, and can support the expression of attestations about the state of the operating system hosted in the trusted platform. In as much as the trusted platform itself is secure, these attestations can be taken as truth and hence are “trustworthy”.
The Trusted Computing Group defines a trusted platform to have a single trusted platform module (TPM). The TPM can be thought of as a specialized peripheral device into which system measurements can be recorded in a reliable and trusted manner. The recorded measurements taken by the TPM generally when viewed as a whole describe the system configuration and the sequence of events that led to the current configuration. As such, it is recommended that the TPM maintain a log of events wherein each entry in the log corresponds to each recorded measurement in the TPM in the recorded order.
By convention, the log of events is not often referenced directly, but rather only inferentially when extending the platform configuration register (PCR) as a corresponding log entry is written during the PCR extension operation. In any event, in order to maintain the integrity of the log and a high degree of trust in the trusted platform, measurements are recorded by the TPM consistently from one boot cycle to the next for the trusted platform. Moreover, only a single TPM is permitted for use by any one trusted platform.
Presently, merged computing configurations have been deployed in a computing architecture where each system in the configuration boots as a group of distinct systems. These systems eventually are joined in a rendezvous process that unifies the distinct systems into a single system or partition. To that end, the unified system can contain multiple TPMs—one for each physical chassis with unique contents. Without unifying the data from the multiple TPMs under a single TPM for the system, however, the predicate of trusted computing will have been violated. While some have proposed rudimentary unification solutions such as system re-measurement during rendezvous, and higher level measurement at boot time for the unified system, both lose the granularity required to maintain trust for the platform.