In personal computers and many similar computing devices, today's operating systems may be considered “open” in that administrators are able to change and/or patch the operating system code, install devices drivers, services, update components and so forth. As a result, code within the operating system itself is not a good mechanism for attesting that a specific binary module or set of modules is properly executing (sometimes referred to as “healthy”), and, for example, has not been intentionally or inadvertently tampered with (sometimes referred to as “unhealthy”). Although there are a number of reasons for such a deficiency in verification, as long as the administrator or programs running on the administrator's behalf may change the operating system, in general the operating system is inapt to determine the integrity and/or authenticity of components.
Trust platforms and the like (e.g., a Trusted Platform Module model) are aimed at verifying the integrity of the boot sequence, but have no role afterwards. Due to the complexity of contemporary operating systems, it is also uncertain as to whether a trusted platform model can credibly attest about the operating system's integrity after boot (or even during boot). For example, following boot, a piece of code in the operating system can be modified such that it does not verify a particular binary, or verifies that the binary is healthy even when it is not, and/or simply does not do anything upon detection of an unhealthy module.
Various business models and applications are likely to benefit from a system that can reliably measure and attest the integrity and authenticity of binary modules. For example, software that computes a compensation charge based on how often it runs needs to ensure that the code does not get hacked in a manner that would result in an incorrect amount due, or in no payment ever being due.