Apparatus and method for performing trusted computing integrity measurement notifications

摘要

An apparatus and methods that use trusted platform modules (TPM) to perform integrity measurements of multiple subsystems are disclosed. The state of platform configuration registers (PCRs) after boot up are stored as the base state of the system. In another embodiment, and application that is to be verified requests that its state be extended from the base state of the system. When such a request is received, the state of the system is extended directly from the base state PCR contents and not from the system state. In another embodiment, a virtual PCR is used, where such a virtual PCR uses a larger memory space than a conventional TPM provides for a physical PCR, by use of encrypted storage on external, protected memory.