US 12,423,413 B2
Program file measurements for context-specific validation
Joao Claudio Ambrosi, Rio Grande do Sul (BR); Joaquim Gomes Da Costa Eulalio De Souza, Rio Grande do Sul (BR); Reinaldo Cézar De Morais Gomes, Paraíba (BR); Marcela Galdino, Paraiba (BR); and Ramon Sousa Sarmento, Paraiba (BR)
Assigned to Hewlett Packard Enterprise Development LP, Spring, TX (US)
Filed by HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP, Spring, TX (US)
Filed on Dec. 19, 2022, as Appl. No. 18/067,945.
Prior Publication US 2024/0202318 A1, Jun. 20, 2024
Int. Cl. G06F 21/54 (2013.01); G06F 21/64 (2013.01)
CPC G06F 21/54 (2013.01) [G06F 21/64 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A non-transitory machine-readable storage medium comprising instructions that upon execution cause a system to:
during runtime of a virtual computing environment:
intercept a call for an invocation of a program file that relates to a program execution in the virtual computing environment;
compute a checksum based on the program file;
obtain, for the program file prior to the invocation of the program file in response to the call, context information of the virtual computing environment, the context information comprising an identifier of a program code image for the virtual computing environment, a log containing a command that invoked the program file and the checksum computed based on the program file, and a further checksum based on the log that contains the command and the checksum;
send, from the system to an integrity checker as part of an attestation to perform a context-specific validation of the invocation of the program file, the context information comprising the identifier of the program code image, the log, and the further checksum based on the log; and
receive, at the system from the integrity checker, a response containing a result of the attestation that uses the log and the further checksum based on the log.