Jump to: navigation, search

OpenAttestation

OpenAttestation Project

OpenAttestation(OAT) project is a Intel initiated open source project providing a SDK for managing host integrity verification using TCG-defined remote attestation protocol, targeting to be integrated into cloud and enterprise management tools

OAT is required to support Nova Blueprint: https://blueprints.launchpad.net/nova/+spec/trusted-computing-pools, which was mostly implemented for Nova Folsom release.

Code repository: https://github.com/OpenAttestation/OpenAttestation.git

Key features:

  • Supports major Linux host OS’s
  • PCR-based report schema and policy rules
  • RESTful based Query API
  • Reference web portal/GUI implementation
    • Historical PCRs data tracking/comparison
    • Whitelist management
  • Flexible access control to attestation server
    • Supports Tomcat 2-way SSL/TLS for Query APIs
    • Hook for ISVs to implement custom access control