I want to implement in my project the Intel SGX remote attestation mecanisme. this mecanisme requires the Service Provider and a IAS server. My problem is: what is exactly a Service Provider, is it an ordinary server in which we install an API or something else. How to configure this SP in order to implement remote attestation mecanisme. Thank you.
Asked
Active
Viewed 172 times
1 Answers
1
You probably have in mind Intel's RA example:
(source: intel.com)
There are three different actors involved:
- Client Application, who is a host to the enclave
- Service Provider, who performs remote attestation on Client's behalf
- Attestation Service (IAS, Intel Attestation Service), who is a trusted third party tasked with verifying the enclave
This example implements remote attestation in a client-server architecture where the Client Application acts as a client and the Service Provider acts as a server. So yes, the Service Provider could be an ordinary server that provides Client Application with some API.
This is a useful pattern if you intend to perform RA across many applications - but it's not required. You can implement RA algorithm in Client Application instead and talk to the Attestation Service directly.
Glorfindel
- 21,988
- 13
- 81
- 109
proslaniec
- 398
- 1
- 2
- 13