This is an automated email from the ASF dual-hosted git repository.
mssun pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-teaclave.git
The following commit(s) were added to refs/heads/master by this push:
new cae39f8 [docs] Add doc for attestation (#322)
cae39f8 is described below
commit cae39f8f781aac073ec30e90bc81c26ab1451c2a
Author: Qinkun Bao <[email protected]>
AuthorDate: Fri May 29 17:11:07 2020 -0400
[docs] Add doc for attestation (#322)
---
README.md | 1 +
attestation/README.md | 62 +++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 63 insertions(+)
diff --git a/README.md b/README.md
index 51ba875..60b6e3a 100644
--- a/README.md
+++ b/README.md
@@ -45,6 +45,7 @@ platform, making computation on privacy-sensitive data safe
and simple.
### Codebase
+- [Attestation](attestation)
- [Teaclave Services](services)
- [Teaclave Worker](worker)
- [Function Executors](executor)
diff --git a/attestation/README.md b/attestation/README.md
new file mode 100644
index 0000000..4ca57e4
--- /dev/null
+++ b/attestation/README.md
@@ -0,0 +1,62 @@
+---
+permalink: /attestation
+---
+
+This directory contains the implementation of the attestation in Apache
+Teaclave.
+
+# Attestation in Teaclave
+
+Attestation is the process of demonstrating that a software component is
running
+properly on a Trusted Execution Environment (e.g., Intel SGX).
+
+Teaclave combines the remote attestation with a TLS connection to improve the
+trustworthiness of two endpoints. Once established, it has attested that the
+running parties are inside trusted enclaves and provided trusted channels with
+end-to-end encryption, the enclave code's identity, and other information.
+
+The platform includes several services, and each service is running inside an
+enclave. Those services communicate with mutual-attested TLS channels.
+
+## How it Works
+
+We integrate the attestation process in the TLS handshake. The attested-TLS
+handshake is similar to a normal TLS handshake, except the extension of the
+certificate includes an SGX attestation report. We make the certificate
+cryptographically bound to a specific enclave instance by adding the public key
+of the certificate in the attestation report.
+
+During the build time, the public keys of the auditor enclaves are hard-coded
in
+Teaclave services enclave, and enclave measurements and signatures are loaded
+from outside during the runtime. Auditor enclaves verify and sign the identity
+of each service enclave. After each service receives the attestation report, it
+will verify whether the `MR_SIGNER` and `MR_ENCLAVE` from the attestation
report
+match the identity information signed by auditor enclaves. After that, it will
+verify the TLS certificate. If all the verifications pass, a secure attested
+channel is established between two enclaves.
+
+Please note the trusted channel can also have one-way (client -> server)
+attestation. Under the circumstances, only the server needs to run inside TEEs.
+
+## Attestation Report
+
+After one party obtains an attestation report from the received certificate.
+Teaclave first verifies the attestation report with the `report_ca_cert` from
the
+attestation service provider (e.g., IAS report root CA certificate for EPID,
+or DCAP attestation server end-entity certificate for DCAP).
+
+### Verification
+
+There is much information included in an attestation report such as CPU
+version, ISV version, product ID, etc. By default, Teaclave will check
+`MR_ENCLAVE` and `MR_SIGNER`. Users can also define a customized
+verification function to check more information in attestation reports by
+implementing the `AttestationReportVerificationFn` function.
+
+### Freshness
+
+To make sure the platform is always up-to-date and trusted, Teaclave will
update
+attestation report periodically. By default, the validity time of an
attestation
+report is 3600 seconds. It can be changed in the
+[`build.config.toml`](https://github.com/apache/incubator-teaclave/blob/master/config/build.config.toml)
+file.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
