公开(公告)号：US20250039142A1

公开(公告)日：2025-01-30

申请号：US18359057

申请日：2023-07-26

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Isaac J. Matthews ,  Nigel J. Edwards ,  Geoffrey Ndu

IPC: H04L9/40

Abstract: A technique includes registering, with a core of an operating system kernel, a hook that corresponds to a file event and associates the file event with an event-driven module of the operating system kernel. The core is associated with an integrity measurement architecture policy. The technique includes, responsive to an occurrence of the file event, triggering execution of the event-driven module to extend a scope of the integrity measurement architecture policy. Executing the module includes the operating system kernel determining a property of a file that is associated with the file event; and filtering a set of rules of an extended integrity measurement policy based on the property. The filtering includes identifying a given rule of the set of rules having a condition that is contingent on the file event being associated with the property. Executing the module includes the operating system kernel identifying an integrity measurement-affiliated action of the given rule and performing the integrity measurement-affiliated action on the file.