| CPC G06F 21/64 (2013.01) [G06F 8/63 (2013.01); G06F 21/577 (2013.01); G06F 2221/033 (2013.01)] | 20 Claims |
|
19. A system for protecting the installation of a software image, the system comprising:
computing hardware of at least one processor and a memory operably coupled to the at least one processor; and
instructions that, when executing on the computing hardware, cause the computing hardware to implement:
a security monitor engine configured to:
set a verifier integrity level for a verifier engine higher than a software image integrity level for the software image, and an installer integrity level for an installer engine higher than the software image integrity level for the software image, wherein the verifier engine is configured to verify the integrity of the software image, and the installer engine is configured to install software contained in the software image,
set a verifier access level for the verifier engine equal to the software image integrity level,
set an installer engine access level equal to the installer integrity level, and
set at least one security policy to allow components of the verifier engine or the installer engine access to another component when the respective access level of a first component does not exceed the respective integrity level of a second component,
wherein when the verifier engine successfully verifies the integrity of the software image, the security monitor engine is further configured to change the software image integrity level to be equal to the installer engine access level.
|