Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

First draft of adding Interaction Model examples #46

Merged
merged 8 commits into from
Jan 26, 2022
Merged

First draft of adding Interaction Model examples #46

Changes from 3 commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
1882627
First draft of adding Interaction Model examples
yogeshbdeshpande Jan 25, 2022
c6ab50b
Minor tidy up for further alignment
yogeshbdeshpande Jan 25, 2022
d56dbd1
Fix some indentation
yogeshbdeshpande Jan 25, 2022
37e5a3d
Incorporating review comments
yogeshbdeshpande Jan 25, 2022
cb76f64
Incorporating review comments
yogeshbdeshpande Jan 25, 2022
e918295
Fixing minor typo
yogeshbdeshpande Jan 25, 2022
8e2b32c
Fix typos
yogeshbdeshpande Jan 26, 2022
23bc4c5
Fix typo
yogeshbdeshpande Jan 26, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
69 changes: 69 additions & 0 deletions draft-ietf-rats-reference-interaction-models.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -326,6 +326,75 @@ As soon as the Verifier receives the Evidence and the Event Logs, it appraises t
Appraisal procedures are application-specific and can be conducted via comparison of the Claims with corresponding Reference Values, such as Reference Integrity Measurements.
The final output of the Verifier are Attestation Results. Attestation Results constitute new Claim Sets about the properties and characteristics of an Attester, which enables Relying Parties, for example, to assess an Attester's trustworthiness.

### Models and example sequences of Challenge/Response Remote Attestation
According to RATS Architecture Document, two reference models for Challenge/Response Attestation has been proposed. This sections highlights the information flow bewteen the Attestor, Verifier and Relying Party undergoing Remote Attestation Procedure, using these models.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
According to RATS Architecture Document, two reference models for Challenge/Response Attestation has been proposed. This sections highlights the information flow bewteen the Attestor, Verifier and Relying Party undergoing Remote Attestation Procedure, using these models.
According to the RATS Architecture , two reference models for Challenge/Response Attestation have been proposed. This sections highlights the information flows between the Attester, Verifier and Relying Party undergoing Remote Attestation Procedure, using these models.


1. Passport Model

The passport modle is so named because of its resemblance to how nations issue passports to their citizens. In this Model, the attestation sequence is a
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
The passport modle is so named because of its resemblance to how nations issue passports to their citizens. In this Model, the attestation sequence is a
The passport model is so named because of its resemblance to how nations issue passports to their citizens. In this Model, the attestation sequence is a

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
The passport modle is so named because of its resemblance to how nations issue passports to their citizens. In this Model, the attestation sequence is a
The passport model is so named because of its resemblance to how nations issue passports to their citizens. In this model, the attestation sequence is a

two step procedure. In the first step, an Attester conveys Evidence to a Verifier which compares the Evidence against its appraisal policy. The Verifier
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
two step procedure. In the first step, an Attester conveys Evidence to a Verifier which compares the Evidence against its appraisal policy. The Verifier
two-step procedure. In the first step, an Attester conveys Evidence to a Verifier, which compares the Evidence against its appraisal policy. The Verifier

then gives back an Attestation Result to the Attester, which simply caches it. In the second step, the Attester presents the Attestation Result (and possibly additional Claims/evidence) to a Relying Party, which then compares this information against its own appraisal policy to establish the trustworthiness of the attestor.
Copy link
Contributor

@William-PanWei William-PanWei Jan 26, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
then gives back an Attestation Result to the Attester, which simply caches it. In the second step, the Attester presents the Attestation Result (and possibly additional Claims/evidence) to a Relying Party, which then compares this information against its own appraisal policy to establish the trustworthiness of the attestor.
then gives back an Attestation Result to the Attester, which simply caches it. In the second step, the Attester presents the Attestation Result (and possibly additional Claims/evidence) to a Relying Party, which then compares this information against its own appraisal policy to establish the trustworthiness of the Attester.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
then gives back an Attestation Result to the Attester, which simply caches it. In the second step, the Attester presents the Attestation Result (and possibly additional Claims/evidence) to a Relying Party, which then compares this information against its own appraisal policy to establish the trustworthiness of the attestor.
then gives back an Attestation Result to the Attester, which simply caches it. In the second step, the Attester presents the Attestation Result (and possibly additional Claims/evidence) to a Relying Party, which then compares this information against its own appraisal policy to establish the trustworthiness of the attester.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will correct this in next revision!


~~~~
.----------. .----------. .----------.
| Attester | | Verifier | | R. P. |
'----------' '----------' '----------'
Comment on lines +339 to +341
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The width of this diagram exceeds the width limitation of the I-D.

| | |
generateClaims(attestingEnvironment) | |
| => claims, eventLogs | |
| | |
| <-- requestAttestation(handle, authSecIDs, claimSelection) | |
| | |
collectClaims(claims, claimSelection) | |
| => collectedClaims | |
| | |
generateEvidence(handle, authSecIDs, collectedClaims) | |
| => evidence | |
| | |
| evidence, eventLogs -------------------------------------> | |
| | |
| appraiseEvidence(evidence, eventLogs, refValues) |
| | |
| attestationResults <----------------------------------- | |
| | |
| attestationResults(evidence, results) ----------------------------------------------------------> | | | |
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

there seems to be a problem with NL here

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure thanks Thomas, will look into this later today!

| | | | | | appraiseResults()
| | |
~~~~

2. BackGround Check Model

The background-check model is so named because of the resemblance of how employers and volunteer organizations perform background checks. In this model, the attestation sequence is initiated by a Relying Party. The Attestor conveys Evidence to the Relying Party. Upon receiving evidence the Relying Party initiates a session with the Verifier. Once session is established, it forwards the received Evidence to the Verfier. The Verifier, compares the received Evidence to its appraisal policy for evidence and returns an Attestation Result to the Relying Party. The Relying Party then compares the
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
The background-check model is so named because of the resemblance of how employers and volunteer organizations perform background checks. In this model, the attestation sequence is initiated by a Relying Party. The Attestor conveys Evidence to the Relying Party. Upon receiving evidence the Relying Party initiates a session with the Verifier. Once session is established, it forwards the received Evidence to the Verfier. The Verifier, compares the received Evidence to its appraisal policy for evidence and returns an Attestation Result to the Relying Party. The Relying Party then compares the
The background-check model is so named because of the resemblance of how employers and volunteer organizations perform background checks. In this model, the attestation sequence is initiated by a Relying Party. The Attester conveys Evidence to the Relying Party, which does not process its payload, but relays the message and optionally checks it's signature against a policed trust anchor store. Upon receiving the evidence the Relying Party initiates a with the Verifier. Once session is established, it forwards the received Evidence to the Verfier. The Verifier appraises the received Evidence according to its Appraisal Policy for Evidence and returns a corresponding Attestation Result to the Relying Party. The Relying Party then checks the

Attestation Result against its own appraisal policy.

~~~~
.----------. .----------. .----------.
| Attester | | R. P. | | Verifier |
'----------' '----------' '----------'
| | |
generateClaims(attestingEnvironment) | |
| => claims, eventLogs | |
| | |
| <-- requestAttestation(handle, authSecIDs, claimSelection) | |
| | |
collectClaims(claims, claimSelection) | |
| => collectedClaims | |
| | |
generateEvidence(handle, authSecIDs, collectedClaims) | |
| => evidence | |
| | |
| evidence, eventLogs -------------------------------------> | |
| | |
| | handle, evidence, eventLogs -------> |
| | |appraiseEvidence()
| | |
| | attestationResults <--------------- |
| | (evidence, results) |
| | |
| appraiseResults(evidence, results) | |
| | |
~~~~

## Uni-Directional Remote Attestation

~~~~
Expand Down