Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New Architecture of Passport Mode. #306

Open
4 of 8 tasks
jialez0 opened this issue Jan 26, 2024 · 3 comments
Open
4 of 8 tasks

New Architecture of Passport Mode. #306

jialez0 opened this issue Jan 26, 2024 · 3 comments

Comments

@jialez0
Copy link
Member

jialez0 commented Jan 26, 2024
edited
Loading

Co-Author: @jialez0 @peterzcst @jiazhang0 @Xynnn007 @1570005763

Introduction

Currently, in the versions we have released, the use of "passport mode" still needs to be done through KBS. This is because we need to use KBS to provide a RESTful API interface for HTTPS and require the KBS protocol to pass public key and nonce. However, in recent renovations, our AS has gained the ability to independently provide RESTful APIs, and we have introduced the concept of runtime data to more flexibly pass public key and nonce. In addition, our CDH is gradually moving towards perfection.

Therefore, now our passport model can have a more elegant and flexible architecture, and this document comprehensively demonstrates how CDH, AA, AS, and KBS work together under the new architecture.

Architecture

image

What's new

  1. CDH becomes a confidential resource center in TEE. AA no longer undertakes the functions related to resources, but focuses on remote attestation.
  2. KBS and AS are separated in architecture, provide services independently, and have a clear division of labor.
  3. Highly modular, supports multi AS, and supports multi type resource servers (KBS, KMS...)

Implementation

We have completed some features and there are still some features under development.

AA

  • Support get_token API
  • Support get token from CoCo-AS

AS

  • Implement independent service programs and provide HTTPS based RESTful APIs
  • Support GetNonce API and support nonce management

KBS

  • /resource endpoint support verifying CoCo-AS token

CDH

  • Add plugin to support access KMS
  • Support get resource from KBS with CoCo-AS token
  • Support configure KBS root certificate to enable HTTPS when access KBS.

cc @fitzthum
@Xynnn007
Copy link
Member

also cc @mkulke @bpradipt

@mkulke
Copy link
Contributor

mkulke commented Jan 26, 2024

The proposed design looks like a good iteration on the current state of affairs (issuer KBS vs resource KBS). Would we still be able to build a consolidated KBS / AttestationService HTTP service (bg check)? This would be useful for simple CoCo deployments in tutorials and for development purposes.

@fitzthum
Copy link
Member

Ok, this work has ended up being a little more complicated than I first expected. See this thread. I wonder if we want to reconvene the high-level discussion of the design.

This protocol is a crucial part of the project and I think we need to be really careful when we make changes, especially as more people join the project. In particular I think we need to have a very clear story about the relationship between AS token and KBS token and about the protocols for authenticating with the KBS and the AS.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@mkulke @fitzthum @Xynnn007 @jialez0