> For the complete documentation index, see [llms.txt](https://docs.enclaive.cloud/confidential-cloud/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.enclaive.cloud/confidential-cloud/confidential-computing/how-confidential-computing-works/workload-attestation.md).

# Workload Attestation

Workload attestation is a vital component of confidential computing that verifies the integrity and authenticity of workloads running within a trusted execution environment (TEE) or secure enclave. It enables external entities to establish trust in the execution environment and ensure the workload has not been tampered with or compromised.

Here's an overview of how workload attestation works in confidential computing:

<details>

<summary><strong>Enclave Measurement</strong></summary>

At the start of the execution, the secure enclave measures its code and data, generating a unique cryptographic hash that serves as a measurement or attestation identity.

</details>

<details>

<summary><strong>Attestation Report</strong></summary>

The enclave generates an attestation report containing the measurement and other relevant information about the enclave's state. This report may include details such as the enclave's identity, cryptographic measurements, and security properties.

</details>

<details>

<summary><strong>Attestation Service</strong></summary>

The attestation report is securely communicated to an attestation service, which acts as a trusted third-party verifier. The service evaluates the report, validates the measurements, and assesses the integrity and authenticity of the enclave.

</details>

<details>

<summary><strong>Remote Attestation</strong></summary>

The attestation service provides an attestation certificate or evidence of the enclave's integrity to the external entities requesting attestation. This evidence can be used by remote parties to establish trust and verify the integrity of the enclave.

</details>

<details>

<summary><strong>Policy Verification</strong></summary>

The remote entities can apply policy-based verification to the attestation evidence, ensuring that the enclave meets their specific security requirements. Policies can define conditions such as specific measurements, software versions, or compliance with certain security standards.

</details>

<details>

<summary><strong>Secure Communication</strong></summary>

During the attestation process, the communication between the enclave, the attestation service, and the external entities must be secured to protect the confidentiality and integrity of the attestation information. Techniques like encryption and secure channels are used to establish secure communication channels.

</details>

Workload attestation provides a means to establish trust in the execution environment, enabling secure collaborations and interactions between enclaves and external systems. It allows external entities to verify the integrity of the enclave, ensuring that the workload running within it has not been compromised, tampered with, or replaced by malicious software. Workload attestation is crucial for maintaining the confidentiality, integrity, and trustworthiness of the computations performed within secure enclaves in confidential computing environments.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.enclaive.cloud/confidential-cloud/confidential-computing/how-confidential-computing-works/workload-attestation.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.