1.3 Overview

The Host Guardian Service Attestation protocol uses REST-based transport protocol.

The Host Guardian Service provides secure services such as the Attestation Service and the Key Protection Service.

For TPM-based attestation:

  • A client initiates TPM-based attestation by providing its Remote TPM public endorsement key ("EKPub") to the Host Guardian Service.

  • The Host Guardian Service uses the EKPub to initiate an underlying Remote TPM ("RTPM") protocol to the client to read TPM measurements from the client. The reply includes the current RTPM protocol context.

  • The client reads the context provided by the service and continues the RTPM protocol by sending another request containing a new RTPM protocol context to the server.

  • When the service has completed the TPM read, it compares the measurements therein with the configured TPM-based attestation policy. If policy evaluation succeeds, it returns a valid attestation health certificate to the client.

For Active Directory(AD)-based attestation:

  • The server checks that the client credentials are a member of a registered authorized host group.

  • A client initiates AD-based attestation by initiating an AD-based attestation request to the Host Guardian Service.

  • The service uses the Kerberos protocol to authenticate the client request. If the credentials belong to a configured, authorized Active Directory host group, the service returns a valid attestation health certificate to the client.

For Host Key-based attestation:

  • A client initiates Host Key attestation by providing the following to the Host Guardian Service:

    • The public portion of a key pair owned by the client, defined as the “Host Key”.

    • The public portion of a key pair owned by the client for which the client wishes to receive a health certificate signed by the Host Guardian Service.

    • A signature over the above two artifacts using private portion of the “Host Key”.

  • The service ensures that the Host Key is recognized, uses the Host Key to validate the provided signature, and issues an attestation health certificate to the client.

The client can choose TPM, AD, or Host Key-based attestation depending upon the server configuration.