# Remote attestation

Remote attestation is the security process that allows the attester (or the "prover"), such as a VM or container to prove to another party (or the "verifier") it is running trusted software in a secure enclaved environment.  This process is crucial in cloud, edge and AI confidential computing scenarios, where workloads need to prove their integrity and identity before being granted access to sensitive resources or secrets. 

<table data-card-size="large" data-view="cards" data-full-width="true"><thead><tr><th></th><th data-hidden data-card-target data-type="content-ref"></th><th data-hidden data-card-cover data-type="files"></th></tr></thead><tbody><tr><td><strong>Step 1</strong>: Setup</td><td><a href="remote-attestation/setup">setup</a></td><td><a href="https://3910105610-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FB6wCdvkxdUdtHHcfqQVl%2Fuploads%2FOxHmydESoBYQ0yuTTbWr%2Fgreen_settings_icon_16x9.png?alt=media&#x26;token=cec3a415-9d90-40c3-93ff-19e312d4826c">green_settings_icon_16x9.png</a></td></tr><tr><td><strong>Step 2</strong>: Generate a Nonce</td><td><a href="remote-attestation/generate-a-nonce">generate-a-nonce</a></td><td><a href="https://3910105610-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FB6wCdvkxdUdtHHcfqQVl%2Fuploads%2F9ygEMLKhWmbWPWy8YLic%2Fgreen_nonce_icon_16x9.png?alt=media&#x26;token=d5a530c3-5746-4d2d-9d4f-d4360b0827d9">green_nonce_icon_16x9.png</a></td></tr><tr><td><strong>Step 3</strong>: Generate a Report</td><td><a href="remote-attestation/generate-a-report">generate-a-report</a></td><td><a href="https://3910105610-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FB6wCdvkxdUdtHHcfqQVl%2Fuploads%2FQx3uAhzIIiI1VG1tS1Bt%2Fgreen_attestation_icon_16x9.png?alt=media&#x26;token=25da79db-c3b2-477b-8453-ac43441e62a9">green_attestation_icon_16x9.png</a></td></tr><tr><td><strong>Step 4</strong>: Verify the Report</td><td><a href="remote-attestation/verify-the-report">verify-the-report</a></td><td><a href="https://3910105610-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FB6wCdvkxdUdtHHcfqQVl%2Fuploads%2Fu6sdCRF1vnFbott8l4oA%2Fgreen_verify_icon_16x9.png?alt=media&#x26;token=2d207221-2918-4d0c-a07b-d046246bc10b">green_verify_icon_16x9.png</a></td></tr></tbody></table>

Remote attestation typically involves four steps:

* The verifier creates a policy defining when an attestation report is valid.
* The verifier issues a [challenge](https://docs.enclaive.cloud/nitride/documentation/getting-started/remote-attestation/generate-a-nonce), often a nonce to the attester.
* The attester generates a cryptographically signed [report](https://docs.enclaive.cloud/nitride/documentation/getting-started/remote-attestation/generate-a-report), including the nonce and measurements of its environment.
* Implementing the security policy, the verifier [validates](https://docs.enclaive.cloud/nitride/documentation/getting-started/remote-attestation/verify-the-report) the report to ensure the attester is genuine and uncompromised.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.enclaive.cloud/nitride/documentation/getting-started/remote-attestation.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.