| CPC H04L 9/3234 (2013.01) | 25 Claims |
|
1. A computer program product for facilitating processing within a computing environment, the computer program product comprising:
one or more computer readable storage media and program instructions collectively stored on the one or more computer readable storage media to perform a method comprising:
obtaining, by a trusted execution environment, an attestation request to be used to verify that a secure guest that is running is a particular secure guest, the attestation request including select local data specific to the secure guest and an attestation request structure including one or more entries, wherein an entry of the one or more entries includes an attestation key, and wherein the select local data specific to the secure guest includes session information of a session to be used to connect to the secure guest to submit to the secure guest the attestation request structure to be used in the attestation request;
computing, based on obtaining the attestation request, one or more integrity measurements, the computing using at least the attestation key to compute the one or more integrity measurements representing, at least, the select local data specific to the secure guest; and
providing the one or more integrity measurements to an entity, the one or more integrity measurements to be used to verify that the secure guest is a correct secure guest that has been started using a particular secure guest image and selected secure guest metadata particular to the secure guest.
|