| US 7,484,091 B2 | ||
| Method and system for providing a trusted platform module in a hypervisor environment | ||
| Steven A. Bade, Georgetown, Tex. (US); Ryan Charles Catherman, Raleigh, N.C. (US); James Patrick Hoff, Raleigh, N.C. (US); Nia Letise Kelley, Austin, Tex. (US); and Emily Jane Ratliff, Austin, Tex. (US) | ||
| Assigned to International Business Machines Corporation, Armonk, N.Y. (US) | ||
| Filed on Apr. 29, 2004, as Appl. No. 10/835,350. | ||
| Prior Publication US 2005/0246521 A1, Nov. 03, 2005 | ||
| Int. Cl. G06F 21/00 (2006.01) | ||
| U.S. Cl. 713—164 [726/26] | 3 Claims |
| 1. A method for implementing a trusted computing environment within a data processing system, the method comprising:
initializing a hypervisor within the data processing system, wherein the hypervisor supervises a plurality of logical, partitionable,
runtime environments within the data processing system;
reserving a logical partition for a hypervisor-based trusted platform module (TPM) which provides integrity measurements for
a software state of the data processing system;
presenting the hypervisor-based trusted platform module to logical partitions as a virtual device via a device interface;
creating by the hypervisor multiple logical partitions within the data processing system;
instantiating multiple logical TPM's within the reserved partition, wherein the logical TPM's are anchored to the hypervisor-based
TPM; and
managing the multiple logical TPM's within the reserved partition such that each logical TPM is uniquely associated with a
logical partition.
|