Methods and Apparatuses for User-verifiable Trusted Path in the Presence of Malware

An apparatus and method for establishing a trusted path (152) between a user interface (150) and a trusted executable (312), wherein the trusted path (152) includes a hypervisor (316) and a driver shim (314). The method includes measuring (710) an identity of the hypervisor; comparing (712) the measurement of the identity of the hypervisor with a policy for the hypervisor; measuring (714) an identity of the driver shim; comparing (716) the measurement of the identity of the driver shim with a policy for the driver shim; measuring (718) an identity of the user interface; comparing (720) the measurement of the identity of the user interface with a policy for the user interface; ; and providing (722) a human-perceptible indication of whether the identity of the hypervisor, the identity of the driver shim, and the identity of the user interface correspond with the policy for the hypervisor, the policy for the driver shim, and the policy for the user interface, respectively.

Attached files:


Patents:
WO 2,011,037,665

Inventor(s): MCCUNE JONATHAN M [US]; PERRIG ADRIAN M [US]; DATTA ANUPAM [US]; GILGOR VIRGIL DORIN [US]; QU NING [US]

Type of Offer: Licensing



« More Computer Science Patents

---