Using Trusted Platform Module (TPM)/Virtualization-Based Security (VBS) attestation

Attestation can be integrated into various applications and services, catering to different use cases. Azure Attestation service, which acts the remote attestation service can be used for desired purposes by updating the attestation policy. The policy engine works as processor, which takes the incoming payload as evidence and performs the validations as authored in the policy. This architecture simplifies the workflow and enables the service owner to purpose build solutions for the varied platforms and use cases.The workflow remains the same as described in Azure attestation workflow. The attestation policy needs to be crafted as per the validations required.

Attesting a platform has its own challenges. With the varied components of boot and setup, you must rely on a hardware root-of-trust anchor that can be used to verify the first steps of the boot and extend that trust upwards into every layer on your system. A hardware TPM provides such an anchor for a remote attestation solution. Azure Attestation provides a highly scalable measured boot and runtime integrity measurement attestation solution with a revocation framework to give you full control over platform attestation.

Attestation steps

Attestation Setup has two setups. One pertaining to the service setup and one pertaining to the client setup.

A diagram that shows the different interactions for attestation.

For more information, see Azure attestation workflow.

Service endpoint setup

Service endpoint setup is the first step for any attestation to be performed. Setting up an endpoint can be performed either via code or using the Azure portal.

Here's how you can set up an attestation endpoint using Portal

  1. Prerequisite: Access to the Microsoft Entra tenant and subscription under which you want to create the attestation endpoint. For more information, see Microsoft Entra tenant.

  2. Create an endpoint under the desired resource group, with the desired name.

  3. Add Attestation Contributor Role to the Identity who will be responsible to update the attestation policy.

  4. Configure the endpoint with the required policy.

Sample policies can be found in the policy section.

Note

TPM endpoints are designed to be provisioned without a default attestation policy.

Client setup

A client to communicate with the attestation service endpoint needs to ensure it's following the protocol as described in the protocol documentation. Use the Attestation Client NuGet to ease the integration.

  1. Prerequisite: a Microsoft Entra identity is needed to access the TPM endpoint. For more information, see Microsoft Entra identity tokens.
  2. Add Attestation Reader Role to the identity that will be need for authentication against the endpoint.

Execute the attestation workflow

Using the Client to trigger an attestation flow. A successful attestation will result in an attestation report (encoded JWT token). Parsing the JWT token, the contents of the report can be easily validated against expected outcome.

Here's a sample of the contents of the attestation report. Sample snapshot of a decoded token for tpm attestation.

Using the Open ID metadata endpoint contains properties, which describe the attestation service.The signing keys describe the keys, which will be used to sign tokens generated by the attestation service. All tokens emitted by the attestation service will be signed by one of the certificates listed in the attestation signing keys.

Next steps