| CPC G06F 21/44 (2013.01) | 18 Claims |
|
1. A method, comprising:
receiving, at a secondary verifier operating in a verifiable system, a request from a relying party to perform a verification process with respect to attestation evidence of a device in communication with the relying party, wherein the secondary verifier is one of multiple secondary verifiers;
communicating self-attestation evidence, by the secondary verifier, to a trusted verifier operating in a secure computing system environment to generate an attestation report of the verifiable system;
communicating an indicator of trustworthiness to the relying party of the secondary verifier to indicate trustworthiness of the secondary verifier with respect to performing the verification process;
performing, by the secondary verifier, the verification process on the attestation evidence of the device in communication with the relying party;
performing, by the secondary verifier with a further secondary verifier of the multiple secondary verifiers, a mutual attestation to form a trusted network of secondary verifiers, wherein verification data used in the verification process is obtained from the further secondary verifier; and
communicating, by the secondary verifier, an attestation report of the device to the relying party.
|