Linux 2.6.30 includes the Integrity Measurement Architecture (IMA) system, which measures (hashes) files before they are accessed, and which can use a TPM for hardware signed attestation for centralized management of client integrity.

This talk will cover configuration and use of 2.6.30’s new Integrity Measurement Architecture (IMA). It will discuss IMA measurement policies, use and configuration of a hardware TPM for report signature and validation, and how to generate and use Trusted Computing Group standard formats and protocols for network admission and health-check. The talk will include demonstration of open source applications and libraries for these capabilities.