Invention Grant
- Patent Title: Notarizing packet traces
- Patent Title (中): 公证包痕迹
-
Application No.: US11550462Application Date: 2006-10-18
-
Publication No.: US08799447B2Publication Date: 2014-08-05
- Inventor: Daniel Horacio Jones , Thomas Girard Lendacky , Emily Jane Ratliff
- Applicant: Daniel Horacio Jones , Thomas Girard Lendacky , Emily Jane Ratliff
- Applicant Address: US NY Armonk
- Assignee: International Business Machines Corporation
- Current Assignee: International Business Machines Corporation
- Current Assignee Address: US NY Armonk
- Agency: Yee & Associates, P.C.
- Agent Parashos Kalaitzis
- Main IPC: G06F15/173
- IPC: G06F15/173
Abstract:
A system and method for capturing non-forgeable packet traces. Upon start-up of a sniffer, a first quote of Platform Configuration Register (PCR) values in a Trusted Platform Module (TPM) utilized by the sniffer is obtained, wherein the first quote comprises a list of starting values in the PCRs and is signed by the TPM and stored in a packet log. When a packet of interest is intercepted by the sniffer, the sniffer obtains a hash of the packet and instructs the TPM to extend a PCR with the hash value. The packet of interest is then stored in the packet log. When the sniffer is shutdown, a second quote of values in the PCRs is obtained, wherein the second quote comprises a list of current values in the PCRs, and wherein the second quote is signed by the TPM and stored in the packet log.
Public/Granted literature
- US20080098107A1 METHOD FOR NOTARIZING PACKET TRACES Public/Granted day:2008-04-24
Information query
