Claims:WE CLAIM
1. A method of protecting a computing device from a malware, the method comprising:
determining a digital trust certificate of a set of computing instructions to be executed by the computing device, wherein the set of computing instructions forms a part of a boot process of the computing device, and wherein the set of computing instructions forms a firmware and at least one of a boot loader, a kernel, a system driver, a start-up file, or an antimalware;
establishing a chain of trust by validating the digital trust certificate with the computing device, wherein the digital trust certificate is pre-registered with a local database accessible by the computing device, and wherein the pre-registration is performed by a centralized certificate authority and policy server in a past instance of a successful boot; and
upon a positive establishment of the chain of trust, allowing an execution of the set of computing instructions by the computing device.

2. The method of claim 1, further comprising, upon a negative establishment of the chain of trust, effecting a remedial action by isolating the set of computing instructions and by allowing an execution of a previous set of computing instructions by the computing device.

3. The method of claim 1, wherein validating the digital trust certificate comprises validating a trust key of the set of computing instructions with a platform key of the computing device, and wherein the trust key is pre-registered with the local database.

4. The method of claim 3, wherein the trust key of the set of computing instructions is validated with the platform key of the computing device using a hash of at least one of a public half or a private half of the digitally signed key.

5. The method of claim 1, wherein the local database is accessible by the computing device during the boot process and prior to a successful boot.

6. The method of claim 1, wherein validating the digital trust certificate comprises validating the digital trust certificate by a boot guard, a BIOS guard, and an operating system (OS) guard.

7. The method of claim 1, wherein the malware comprises at least one of a rootkit infection, a bootkit infection, a virus, a worm, a Trojan horse, a ransomware, a remote access Trojan, a spyware, or an adware.

8. The method of claim 1, wherein the chain of trust comprises an end-to-end chain of trust comprising a hardware based root of trust, and wherein establishing the chain of trust comprises validating the hardware based root of trust by a boot guard, a BIOS guard, and an operating system (OS) guard.

9. The method of claim 8, wherein validating the hardware based root of trust comprises validating the platform key (PK) that’s implemented into a firmware or a hardware by a manufacturer.

10. A system, comprising:
a computing device comprising at least one processor and a computer-readable medium storing instructions that, when executed by the at least one processor, cause the at least one processor to perform operations for protecting the computing device from a malware, the operations comprising:
determining a digital trust certificate of a set of computing instructions to be executed by the computing device, wherein the set of computing instructions forms a part of a boot process of the computing device, and wherein the set of computing instructions forms a firmware and at least one of a boot loader, a kernel, a system driver, a start-up file, or an antimalware;
establishing a chain of trust by validating the digital trust certificate with the computing device, wherein the digital trust certificate is pre-registered with a local database accessible by the computing device, and wherein the pre-registration is performed by a centralized certificate authority and policy server in a past instance of a successful boot; and
upon a positive establishment of the chain of trust, allowing an execution of the set of computing instructions by the computing device.

11. The system of claim 10, wherein, upon a negative establishment of the chain of trust, the operations further comprise effecting a remedial action by isolating the set of computing instructions and by allowing an execution of a previous set of computing instructions by the computing device.

12. The system of claim 10, wherein validating the digital trust certificate comprises validating a trust key of the set of computing instructions with a platform key of the computing device, and wherein the trust key is pre-registered with the local database.

13. The system of claim 12, wherein the trust key of the set of computing instructions is validated with the platform key of the computing device using a hash of at least one of a public half or a private half of the digitally signed key.

14. The system of claim 10, wherein the local database is accessible by the computing device during the boot process and prior to a successful boot.

15. The system of claim 10, wherein validating the digital trust certificate comprises validating the digital trust certificate by a boot guard, a BIOS guard, and an operating system (OS) guard.

16. The system of claim 10, wherein the chain of trust comprises an end-to-end chain of trust comprising a hardware based root of trust, and wherein establishing the chain of trust comprises validating the hardware based root of trust by a boot guard, a BIOS guard, and an operating system (OS) guard.

17. The system of claim 16, wherein validating the hardware based root of trust comprises validating the platform key (PK) that’s implemented into a firmware or a hardware by a manufacturer.

Dated this 23rd day of May, 2018

Swetha SN
Of K&S Partners
Agent for the Applicant
IN/PA-2123
, Description:TECHNICAL FIELD
This disclosure relates generally to computer security, and more particularly to method and system for protecting a computing device from a malware.