2021 OCP Global Summit: DICE based NIC attestation

preview_player
Показать описание
The introduction of attestation-protocol requires secured-devices to be able to prove their identity and data-integrity in a secured non-cloneable way. ConnectX-7 devices embed HW RoT which, combined with production-time provisioning of device certificate, device-unique asymmetric key-pair and ROM code, allows to address secure-boot, secure FW update and DICE based attestation, while allowing full recoverability and upgradability for any deployed HW.

In this talk I will cover the attestation flow, which includes the reported attestation measurements, certificate-chain and the process of preventing device-cloning. The attestation flow uses SPDM protocol and addresses the TCG DICE specification.
  1. Open Compute Project
Рекомендации по теме
2021 OCP Global 0:07:47

2021 OCP Global Summit: DICE based NIC attestation

2021 OCP Global 0:07:33

2021 OCP Global Summit: Improvement of OAI System Management

USENIX Security '21 0:10:58

USENIX Security '21 - DICE*: A Formally Verified Implementation of DICE Measured Boot

TPM Transport Security: 0:35:24

TPM Transport Security: Defeating Active Interposers with DICE

OCP Attestation using 0:26:53

OCP Attestation using SPDM and DICE

OCP Impact Study 0:30:01

OCP Impact Study 2021 Open Computing and Data Center Sustainability

OCP Attestation in 0:27:48

OCP Attestation in NVIDIA Silicon

OCP Virtual Summit 0:29:00

OCP Virtual Summit 2020: Attestation

OCP Virtual Summit 0:18:11

OCP Virtual Summit 2020: Design Guidelines for OCP NIC 3.0 Secure Firmware

OCP 2020 Tech 0:12:55

OCP 2020 Tech Week: Security and Monitoring

Whats in the 0:52:56

Whats in the OCP 2021 security checklist and why?

IoT Security Tech 0:00:56

IoT Security Tech [1] - Device Unique ID (DICE)

1991 Composable 0:46:14

1991 Composable Security Architectures

OCP 2020 Tech 0:23:11

OCP 2020 Tech Week: A Device Hardware Implementer's View of Attestation

OCP Virtual Summit 0:22:42

OCP Virtual Summit 20202: DC SCM Overview and Benefits

Platform Integrity Attestation 0:26:40

Platform Integrity Attestation at Scale

Using DICE Attestation 0:21:46

Using DICE Attestation for SEV and SNP Hardware Rooted Attestation - Peter Gonda

OCP 2020 Tech 0:58:24

OCP 2020 Tech Week: Measurement & Attestation

Securing Private Keys 0:22:02

Securing Private Keys in Edge Datacenters

Using DevIDs and 0:13:58

Using DevIDs and TPMs for Node Attestation - Adriane Cardozo, Marcos Yedro

OCP Virtual Summit 0:12:38

OCP Virtual Summit 2020: Intel CycloneV Based RunBMC Solution with OpenBMC Firmware

Attestation to Seamless 0:24:18

Attestation to Seamless Firmware Update History Using Standard PKI

What is Device 0:02:01

What is Device Attestation? | Entity Attestation Tokens Explained | PSA Certified Security Goals

OCP 2020 Tech 0:38:26

OCP 2020 Tech Week: Platform Management Components Intercommunications (PMCI) Standards Overview

Комментарии
Автор

where is the private key associated with the certs stored?

pranavkirtani