From: Wei, Gang <gang.wei@in...> - 2012-04-09 22:02:51
We are very happy to inform you the open source, OpenAttestation, project has been launched at https://github.com/OpenAttestation/OpenAttestation.git
OpenAttestation project is to provide SDK, a Software Development Kit, to add cloud management tools with capability of establishing hosts integrity information by remotely retrieving and verifying Hosts' integrity with TPM quotes.
Possible usage model - Integrated with Intel TXT, OpenAttestation can build Trusted Computing Pools usage for Cloud by verifying target hosts' integrity before dispatching VM applications onto the target hosts. Or, remotely verify an embedded appliance's integrity before providing service(s) to the device.
Key features in this open source are
* Attesting hosts/clients supports major Linux OS's
* PCR-based Attestation with TCG defined Integrity report schema for TPM_Quote
* Restful based Query APIs enables 3rd party management tools for easy integration to retrieve Hosts' integrity reports
* Reference web Portal/GUI implementation - Historical PCRs data tracking/comparison, and query as well as whitelist portal
* 2-layered access control to attestation server - Tomcat 2-way SSL/TLS enables admin to control systems which can get access to Query APIs, and hook for ISVs to implement their own specific access control verification process
* Hosts/Clients initiated attestation - Hosts periodically request attestation server for tasks, such as should I send integrity report?
In progress efforts -
* Measurement list based attestation
* Server initiated attestation control
Get latest updates about Open Source Projects, Conferences and News.