| CPC G06F 21/51 (2013.01) [G06F 2221/033 (2013.01)] | 20 Claims |
|
1. A method for managing operation of an endpoint device, the method comprising:
during a startup of the endpoint device:
identifying a software image for execution during the startup;
identifying that the software image is trustworthy for execution at least during the startup using:
an attested image entry of a trust database, and
another entry of the trust database, the other entry comprising a key usable to verify the attested image entry;
establishing a security status of the endpoint device using a set of rules that:
require establishing trustworthiness of a first portion of the trust database, and
do not require establishing trustworthiness of a second portion of the trust database;
obtaining use of a secret managed by a security processor using the security status; and
performing an operation to contribute towards completion of the startup through the use of the secret.
|