Member-only story
OpenSSL: Attestation and Forming Trusted Cluster With Certificates
1 of Us? 1 of Ours?
6 min readOct 13, 2020
After credentials and keys generation, we can form trusted group and conduct attestation and authentication among entities.
Note: Entities are subjects of a ecosystem. They can be people, devices, software modules or agents, or hardware components or parts, and even an activity / incident session or event. Every entity is uniquely identified by identity profiles.Profile subsumes Assurance in terms of attributes, parameters and well-formed logical premises / statements of
1. Authentication,
2. Attestation,
3. Authorization,
4. Access and
5. Audit*
*Data audit are subjected to Assertions that require classification depending on the operational access. The assertions are to be ruled under rigor protocol verifier with defensive state machines for decision resolution.All the assurance mechanisms can be multilayered, multi-faceted and involved multi-parties.Example(s)
1. Authentication : Mutual authentication using challenge-response protocol. Once authenticated, other actions and operations can be activated. authentication
2. Attestation : Checking on physical machines, such as PUF (Provably Unclonable Functions), or code-signed
3. Authorization : Concess and consign access.
4. Access : Checking on rights to control (write, emend / amend (e.g. delete), execute) and/or observe (e.g. conditional read)(controllability and/or observability)
5. Audit* : Secure…