Remote Attestation

From MgmtWiki
Jump to: navigation, search

Full Title or Meme

Remote Attestation is a Verification process run in one service to ascertain the state of another service or device.

Context

Remote attestation allows changes to the user's computer to be detected by authorized parties. For example, software companies can identify unauthorized changes to software, including users tampering with their software to circumvent technological protection measures. It works by having the hardware generate a certificate stating what software is currently running. The computer can then present this certificate to a remote party to show that unaltered software is currently executing. Numerous remote attestation schemes have been proposed for various computer architectures, including Intel, RISC-V and ARM.

Remote attestation is usually combined with public-key encryption so that the information sent can only be read by the programs that requested the attestation, and not by an eavesdropper.

Solutions

The common process in 2021 is for a remote device to implement a Trusted Platform Module (TPM) to be deployed in computing devices that need their integrity to be Attested.

References