Microsoft Corporation
Ex post facto platform configuration attestation

Abstract:

Implementations described herein disclose a platform configuration register (PCR) attestation system using a trusted platform module (TPM) of a device. The PCR attestation system provides one or more computer executable instructions to create a non-volatile (NV) index in a TPM of the computing device, with a PCR policy specifying that the values of PCRs on the TPM are equal to predetermined set of values, and if the PCR policy is satisfied, setting a value of an NVWritten attribute to specify that the PCR policy was satisfied since the last time the device booted.