OpenAttestation
OpenAttestation Project
OpenAttestation(OAT) project is a Intel initiated open source project providing a SDK for managing host integrity verification using TCG-defined remote attestation protocol, targeting to be integrated into cloud and enterprise management tools
OAT is required to support Nova Blueprint: https://blueprints.launchpad.net/nova/+spec/trusted-computing-pools, which was mostly implemented for Nova Folsom release.
Code repository: https://github.com/OpenAttestation/OpenAttestation.git
Key features:
- Supports major Linux host OS’s
- PCR-based report schema and policy rules
- RESTful based Query API
- Reference web portal/GUI implementation
- Historical PCRs data tracking/comparison
- Whitelist management
- Flexible access control to attestation server
- Supports Tomcat 2-way SSL/TLS for Query APIs
- Hook for ISVs to implement custom access control