A system and a method for integrity verification in a cloud through an attestation service is disclosed. The system includes an application (app) or platform including an integrity attestation service in the cloud connected to data centers and servers of the service provider. The method includes collecting integrity measurements for an app or platform during run time by combining multiple integrity statements to derive a final attestation verdict about the overall trust level and attest an app or platform to be in the well-known security state. Another attestation service may be used to verify the attestation claim and decide a cloud policy suitable for their operation. The attestation service extends the basic attestation and sealing infrastructure per a single node to support system-level attestation and sealing on the cloud scale. This is accomplished without revealing the specifics of software stack and hardware configurations of the nodes in the data center.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Cohen, Cfir and Porter, Nelly, "Integrity Attestation For Cloud", Technical Disclosure Commons, (May 23, 2017)