|
|
|
|
|
|
by e12e
3288 days ago
|
|
|
How is trust anchored? There's tpm and secure boot - does the (presumably signed, in the trusted boot->os->user binary/service-path) agent access signing services from tpm - backed by a key in tpm, and use that to identify itself as an authentic agent? Otherwise I can't see how an (admin) user couldn't extract the key from ram and run the os and agent in a vm? |
|
|