当前位置:首页 > 报告详情

设备到云供应链溯源.pdf

上传人: 明**** 编号:1011982 2025-12-21 15页 1.13MB

1、Raising the Supply Chain Security BarDevice to Cloud Supply Chain ProvenanceDarpana Munjal Loodu,MicrosoftAlex Tzonkov,AMDPrabhu Jayanna,AMDDevice to Cloud Supply Chain ProvenanceSECURITYHow are we doing with Firmware Supply Chain Security?Firmware Supply Chain ProvenanceSFRs,RIMs,SBOMsMeasurementRe

2、portsApproved 3P Auditors AuditRIMs,SBOMsVerifierStandardize Root of Trust CapabilitiesStructure and expand device attestation claimsCompare device claims,to auditor endorsed trustworthy conformance reportsManufacturerSecurity Appraisal Framework and EnablementOrchestration MechanismWhats Missing?Su

3、pply Chain Integrity,Transparency and Trust(SCITT)Trusted SigningServiceSDKIdentity RoadmapDistributed ID Transparency Service Auditing Tools SCITT Frontend SCITT Storage SCITT QueryArtifact RegistryLedgerTrusted SignerIdentity ServiceWHAT:Generic,interoperable,and scalable architecture for enhancin

4、g transparency and trustGOALS:Enhance TransparencyEnsure IntegrityFacilitate AccountabilitySupport InteroperabilityPromote ScalabilityDEFINES:Transparency ServiceSigned StatementsReceiptsRegistration PoliciesAuditability and Accountability:Software/Firmware Provenance with SCITTIdentity certificate

5、harvested at manufacturingAudit reports recorded on immutable ledgerSigned certificate sealed to chip at board assemblySBOMMetadata verified and certificate signed by SCITT signing&transparency servicesIntegratorChip ManufacturerOnline DatabaseChip ManufacturerData CenterSigning ServiceCSRSigned Cer

6、tAttestationServiceBindingFinal SBOMBoard ManufacturerTransparencyServiceAttests hardware,verifies identity,verifies receipts.SBOMs produced by component/platform vendorsWhat about Hardware Supply Chain Security?Wait there is More!Hardware Supply Chain ProvenanceHardware ThreatsD

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
明日何其多
明**...

该用户很懒,什么也没介绍

客服
商务合作
小程序
服务号
折叠