Attestation Verifier

Confidential Computing aims to provide users with an additional layer of protection by raising the standards above our traditional platforms. It will accomplish this by utilizing a combination of novel hardware and software features. Within the Arm architecture, this is the Arm Confidential Compute Architecture (CCA).

Making use of the hardware and write the software for it are challenges in itself. However, there is more to it. To be able to use this there is a need for an ecosystem around it as well.. Imagine that a Cloud Service Provider (CSP) have invested in CCA capable hardware and tell their partners and customers that they can start using this. At that point the partners and customers will obviously ask

• How can we know for sure that you have hardware that is capable of this?
• How can we know for sure that no-one have tampered the hardware?
• How can we know for sure that the claims you give is in for of evidence are trustworthy?
• How are we actually going to use this?
  • Are there services ready that we can use?
  • Interoperability: Is this working with other CC solutions from other architecture vendors?
• ...  and so on.

The takeaway is that to be able to fully leverage CCA enabled devices, we will need an ecosystem around it! Working on that as soon as possible would probably make sense so that we have something ready to go whenever CCA enabled devices become widely available.

The purpose of today's meeting: Better understand what needs to be done and when, when it comes to leveraging the Arm Confidential Compute Architecture (CCA) in an Attestation Verifier architecture.

If you're interested in this, please get an invitation to the call by signing up below. For more details, please see the collaborate page for this.