本文介绍了平台信任策略的概念,它是一种安全保证策略,确保只有符合特定信任级别要求的应用才能在平台上运行。文章通过示例展示了如何根据平台的安全保证级别来选择可信的工作负载执行环境,并解释了如何监控和确认计算平台的安全级别。
Platform Trust Policy
A platform trust policy is a security assurance policy for a platform, such as its secure launch control policy, restricting applications to only execute on platforms that meet a specified trust assurance level. Compliance and auditing mechanisms must demonstrate that critical, personal, or sensitive data has only been processed on platforms that meet trust requirements.
Figure 1 - An example of how the platform trust policy relates to workload placement.
In Figure 1, the security assurance levels of compute resources are defined by the platform trust policy. The cloud compute platform’s security must meet trust policy criteria, and it is logged in the attestation service upon secure boot. The consumer, referencing the platform trust policy, selects the security level required for a trusted workload execution. The cloud platform monitor ensures that the compute platform security level is maintained and the compliance confirms that workloads have been securely processed.
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
