| CPC G06F 21/64 (2013.01) [G06F 9/45545 (2013.01); G06F 9/45558 (2013.01); G06F 21/44 (2013.01); G06F 21/53 (2013.01); G06F 21/602 (2013.01); G06F 21/71 (2013.01); G06F 2009/45587 (2013.01)] | 25 Claims |
|
1. A computer program product for facilitating processing within a computing environment, the computer program product comprising:
one or more computer readable storage media and program instructions collectively stored on the one or more computer readable storage media to perform a method comprising:
obtaining, by a trusted execution environment, a secure guest image and metadata to be used to start a secure guest, the metadata including multiple parts and a plurality of integrity measures, wherein a first part of the metadata includes particular information and one or more integrity measures of the plurality of integrity measures, and a second part of the metadata includes customized confidential data of the secure guest and one or more other integrity measures of the plurality of integrity measures, the particular information being different from the customized confident data of the secure guest;
verifying, using the trusted execution environment, at least one select part of the metadata using at least one integrity measure of the plurality of integrity measures of the metadata; and
starting, by the trusted execution environment, the secure guest using the secure guest image and at least a portion of the metadata, based on successful verification of the at least one select part of the metadata.
|