Sorry, you need to enable JavaScript to visit this website.


Your feedback is important to keep improving our website and offer you a more reliable experience.


The OpenAttestation (OAT) project was created to provide a software development kit (SDK) for the development of cloud management tools. These tools are capable of establishing hosts' integrity information by remotely retrieving and verifying the hosts' integrity with Trusted Platform Module (TPM) quotes.

What is OpenAttestation

OpenAttestation SDK is a set software components with the combined goal of adding cloud providers capable of establishing hosts/clients integrity by remotely retrieving integrity reports saved in Hosts/Clients TPM. The SDK is expected to be security enhanced, integrated with ISV’s cloud management software, and distributed/supported by ISV to cloud providers. The integrated ISV software will be hosted and operated by cloud providers.

What OpenAttestation is not

SDK does not add security enhancement to existing database or network infrastructure, rather it uses underlying infrastructure supported by ISVs and operated by cloud providers.

Security Requirements

OpenAttestation SDK, by itself, is not a secured software or commercial ready product. It is expected that ISVs must enhance and integrate the SDK with their software stacks for security evaluation/validation cycles before production/distribution.

Attestation service is hosted by cloud providers. The privacy of Hosts/Clients is the responsiblity of cloud providers or ISVs. ISVs must follow industry security standards and recommendations to integrate OpenAttestation SDK with their software stack. Cloud providers should follow industry security standards and recommendations to operate and maintain secured infrastructure.


Aquino, Zahedi <>

Vega Aguayo, Adolfo<>

Mailing Lists: