[Linux-ima-user] Fwd: Installing IMA!

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi again List!

I am working on a project which requires measuring the integrity of OS. One
option is IMA but I am not sure if fits in the scenario below.

The a part of the scenario of the project is some what like this:

The systems boots up and measurement is done using trusted-grub. So the PCR
0-7 are filled up. Then the OS is loaded (linux). Then I have a software
named "Checker". The purpose of this software is to check if something is
modified in the system or not. What I am thinking is that I will store the
PCRs values for the "checker". Once the system is restarted and new values
are extended into the PCRS, the existing (stored) PCRs values are then
compared to the new PCRs values.

One thing I did is, I used a check-file feature in trusted-grub to ensure
the integrity of my "checker" software as it will be only one executable
file.

The problem is that now I want to measure the OS (preferably Linux) and
extend the measurement into a PCR. But I am not getting any clue how to do
that. I would be great if I can get any comment on how to solve this
problem.

Thanks for your help!