The present invention relates to computer systems, and to securing the integrity of computer systems.
The Trusted Computing Group has developed guidelines for remote application attestation to confirm that an application is to be trusted. This involves the use of a trust module (termed a trusted platform module) that holds trust data including private keys to the system and measurements of the software applications to confirm their validity. Included in this trust data is also platform data relating to a software stack and a core root of trust measurement relating to firmware that initiates the computer system hardware and possible other layers of firmware prior to loading of the operating system. This data is platform specific. The trust data is secured in the trust module using a manufacturer's key.
Conventional trust modules have a relatively low performance as they tend to be designed for client computer systems and the like. Accordingly, they are not considered suitable for high performance systems, such a computer server systems with high levels of transactional operations that require trust processing.