Microsoft Azure AttestationMicrosoft
A unified solution for remotely verifying the trustworthiness of a platform and integrity of the binaries running inside it.
Vendor
Microsoft
Company Website
Product details
Store and process confidential data with confidence
Verify the identity and security posture of a platform before you interact with it. Azure Attestation receives evidence from the platform, validates it with security standards, evaluates it against configurable policies, and produces an attestation token for claims-based applications. The service supports attestation of trusted platform modules (TPMs) and trusted execution environments (TEEs) like Intel® Software Guard Extensions (SGX) and virtualization-based security (VBS) enclaves.
- Demonstrates that software binaries were instantiated on a trusted platform
- Supports attestation of multiple platforms like TEEs and TPMs
- Custom attestation providers can be configured for fine-grained control and enforce user-defined policies
- Default attestation providers simplify attestation without the need for additional configuration
Features
- **Verify the trustworthiness of multiple platforms: **Tap into disruptive business models that require highly scalable compute resources and uncompromising trust with the remote attestation capability. Azure Attestation provides comprehensive attestation services for multiple environments and distinctive use cases such as enclave validation, secure key sharing, and confidential multiparty computation.
- **Simplify attestation with a default provider: **Easily access a default provider in your Azure region for attestation services without the need for configuration. Default providers are available for all Azure Active Directory (Azure AD) users.
- **Enforce customized attestation policies: **Create your own attestation provider and configure custom policies to restrict attestation token generation. Azure Attestation evaluates the platform evidence against your policies to ensure that the binaries running inside the platform haven’t been tampered with by external entities. If your attestation provider allows signed policies, Azure Attestation will use your signer certificates to validate the signed policies and authenticate the users.