enclaivelet

Attestation protocols undergo an standardization attempt by the confidential computing consortium. Until a standard is published, all CPU vendors and cloud service provider implement their own attestation protocol. Variants include internal, external, raw, vTPM-based or confidential boot enabled attestation, to name a few.

To handle present and future variances, the enclaivelet implements an attestation shim to request a workload certificate irrespectively of the underlying hardware and cloud service provider nuances. That is, irrespectively of the underlying platform and attestation technology the enclaivelet implements the protocol variants and issues a certificate is in JSON format. See attestation examples.

Architecture

enclaivelet has been designed with the premise of modularity. At the core is the concept of attestation and service providers enabling to customize the enclaivelet functionality.

The enclaivlet comprises three core layers:

• platform libs: they implement the API to communicate with the platform's security processor

• attestation providers: as mentioned above, each data center/CSP implements its own version of attestation. This means different formats, protocols and technologies. The enclaivelet addresses the inhomogeneity with attestation providers. They implement the specifics of the compute provider's attestation method.

• service providers: they implement the "secret provisioning" methods and source the services to be provided with vault secrets.