US 12,476,870 B2
Data collection method and device
Liang Xia, Shenzhen (CN); Zitao Wang, Nanjing (CN); and Yulin Shi, Nanjing (CN)
Assigned to HUAWEI TECHNOLOGIES CO., LTD., Shenzhen (CN)
Filed by HUAWEI TECHNOLOGIES CO.,LTD., Guangdong (CN)
Filed on Oct. 28, 2021, as Appl. No. 17/513,841.
Application 17/513,841 is a continuation of application No. PCT/CN2020/083396, filed on Apr. 5, 2020.
Claims priority of application No. 201910357610.X (CN), filed on Apr. 29, 2019.
Prior Publication US 2022/0052919 A1, Feb. 17, 2022
Int. Cl. H04L 41/08 (2022.01); H04L 9/32 (2006.01); H04L 41/0816 (2022.01); H04L 41/084 (2022.01); H04L 41/0866 (2022.01)
CPC H04L 41/0886 (2013.01) [H04L 9/3263 (2013.01); H04L 41/0816 (2013.01); H04L 41/0843 (2013.01); H04L 41/0866 (2013.01)] 17 Claims
OG exemplary drawing
 
1. A data collection method for a remote attestation process, comprising:
delivering without using a polling challenge-response mechanism, by a remote attestation (RA) server in a trusted computing system, a subscription configuration to a device acting as an RA client in the trusted computing system, wherein the subscription configuration is for subscribing to information related to remote attestation to be performed by the RA server to prove whether the device is trusted,
wherein the subscription configuration comprises a data stream subscription configuration specifying multiple types of subscribed information to be sent from the device, the multiple types of subscribed information comprising at least two of:
integrity information of software at each layer of a trust chain, wherein the integrity information of software at each layer of the trust chain is recorded when the device is booted up;
dynamic integrity information of an operating system that is recorded when the device runs;
dynamic integrity information of software that is recorded when the device runs;
an identity certificate related to the device; or
a remote attestation certificate related to the device,
wherein the subscription configuration further comprises a subscription mode configuration that specifies, for each of the multiple types of subscribed information to be sent from the device, a corresponding subscription mode selected from:
a periodic feedback based subscription mode, in which subscribed information is pushed to a subscriber after a specified time period expires; and
an event-triggered feedback based subscription mode, in which subscribed information is pushed to the subscriber when the subscribed information changes; and
receiving, by the remote attestation server, each of the multiple types subscribed information sent by the device in the corresponding subscription mode determined by the device based on the data stream subscription configuration and the subscription mode configuration included in the subscription configuration,
wherein the subscription mode configuration specifies that at least a first type of the multiple types of subscribed information is to be sent in the periodic feedback-based subscription mode, and that at least a different second type of the multiple types of subscribed information is to be sent in the event-triggered feedback-based subscription mode.