Trusted compute pools enable administrators to designate a group of compute hosts as trusted. These hosts use hardware-based security features, such as the Intel Trusted Execution Technology (TXT), to provide an additional level of security. Combined with an external stand-alone, web-based remote attestation server, cloud providers can ensure that the compute node runs only software with verified measurements and can ensure a secure cloud stack.
Using the trusted compute pools, cloud subscribers can request services to run on verified compute nodes.
The remote attestation server performs node verification as follows:
Compute nodes boot with Intel TXT technology enabled.
The compute node BIOS, hypervisor, and OS are measured.
Measured data is sent to the attestation server when challenged by the attestation server.
The attestation server verifies those measurements against a good and known database to determine node trustworthiness.
A description of how to set up an attestation service is beyond the scope of this document. For an open source project that you can use to implement an attestation service, see the Open Attestation project.
