peterzcst
commented
1 year ago https://github.com/confidential-containers/kbs/pull/77 is for this issue
Closed peterzcst closed 1 year ago
peterzcst
commented
1 year ago https://github.com/confidential-containers/kbs/pull/77 is for this issue
tnakaike
commented
1 year ago @peterzcst Hello, this is an interesting proposal.
I have one question. What type of evidence is covered by Amber attestation service? Do you suppose to use tdx or sgx evidence implemented here?
sameo
commented
1 year ago @tnakaike fwiw there's a pending PR for Amber integration with KBS at https://github.com/confidential-containers/kbs/pull/77
Project Amber is the code name for Intel’s groundbreaking service/SaaS-based implementation of an independent trust authority that provides attestation of workloads in a public/private multi-cloud environment.
Designed to remotely verify and assert trustworthiness of compute assets such as Trusted Execution Environments (TEEs), devices, Roots of Trust, and more, the service is operationally independent from the Cloud/Edge infrastructure provider hosting the confidential computing workloads.
We would like add support of Project Amber as a production ready 3rd party Remote attestation service in CoCo. It's win-win for both CoCo and project Amber to bring more potential end users and customer to both sides.
The architecture is as below :
This is fully compatible with current CoCo design.