Difference between revisions of "Attestation"
From MgmtWiki
(→References) |
(→Solutions) |
||
| Line 9: | Line 9: | ||
==Solutions== | ==Solutions== | ||
| − | * [https://developer.android.com/training/articles/security-key-attestation Verifying hardware-backed key pairs with Key Attestation] in Android for [[Smartphone]]s. | + | * [https://developer.android.com/training/articles/security-key-attestation Verifying hardware-backed key pairs with Key Attestation] in Android for [[Smartphone]]s.<blockquote>Key Attestation gives you more confidence that the keys you use in your app are stored in a device's hardware-backed keystore. The following sections describe how to verify the properties of hardware-backed keys and how to interpret the schema of the attestation certificate's extension data. </blockquote> |
[[Category: Attestation]] | [[Category: Attestation]] | ||
[[Category: Assurance]] | [[Category: Assurance]] | ||
Revision as of 11:03, 30 August 2022
Full Title or Meme
Attestation in computing devices typically means a statement from a Trust Authority about the security of statements made by some other computing device.
Context
A Remote Attestation Service was proposed as a service that would accept statements from a TPM to verify that the code running on the computer was that approved by the manufacturer.
References
- Also see wiki page Attested for details of an Attestation.
Solutions
- Verifying hardware-backed key pairs with Key Attestation in Android for Smartphones.
Key Attestation gives you more confidence that the keys you use in your app are stored in a device's hardware-backed keystore. The following sections describe how to verify the properties of hardware-backed keys and how to interpret the schema of the attestation certificate's extension data.
