Azure Attestation

Jan 1, 0001

Definition

Azure Attestation is a cloud-based service that provides unified attestation for Azure and non-Azure environments. It allows you to verify the trustworthiness of a platform or application by validating the integrity of the software and hardware components. This service supports attestation of Trusted Platform Module (TPM) and Intel Software Guard Extensions (SGX) enclaves, ensuring that only trusted code is executed.

Secure Settings Example

{
  "attestationPolicy": {
    "version": "1.0",
    "rules": [
      {
        "type": "SGX",
        "sgxEnclave": {
          "mrenclave": "expected_mrenclave_value",
          "mrsigner": "expected_mrsigner_value",
          "isvprodid": 0,
          "isvsvn": 0
        }
      }
    ]
  }
}

Insecure Settings Example

{
  "attestationPolicy": {
    "version": "1.0",
    "rules": [
      {
        "type": "SGX",
        "sgxEnclave": {
          "mrenclave": "*",
          "mrsigner": "*",
          "isvprodid": 0,
          "isvsvn": 0
        }
      }
    ]
  }
}

Azure Attestation

Definition

Secure Settings Example

Insecure Settings Example

Ask AppSec: free security newsletter

Ask AppSec: free security newsletter