What is OpenAttestation
OpenAttestation SDK is a set software components with the combined goal of adding cloud providers capable of establishing hosts/clients integrity by remotely retrieving integrity reports saved in Hosts/Clients TPM. The SDK is expected to be security enhanced, integrated with ISV’s cloud management software, and distributed/supported by ISV to cloud providers. The integrated ISV software will be hosted and operated by cloud providers.
What OpenAttestation is not
SDK does not add security enhancement to existing database or network infrastructure, rather it uses underlying infrastructure supported by ISVs and operated by cloud providers.
OpenAttestation SDK, by itself, is not a secured software or commercial ready product. It is expected that ISVs must enhance and integrate the SDK with their software stacks for security evaluation/validation cycles before production/distribution.
Attestation service is hosted by cloud providers. The privacy of Hosts/Clients is the responsiblity of cloud providers or ISVs. ISVs must follow industry security standards and recommendations to integrate OpenAttestation SDK with their software stack. Cloud providers should follow industry security standards and recommendations to operate and maintain secured infrastructure.
Aquino, Zahedi <firstname.lastname@example.org>
Vega Aguayo, Adolfo<email@example.com>