Attestation is a critical element of establishing trustworthiness of a computing device prior to using it for processing sensitive data. The attestation process is used by a device to provide evidence of the state of a device. The verification (or authentication) process is done by verifier to evaluate the attested evidence against references provided by the manufacturer. Reference Integrity Manifest (RIM) is the standard that defines how “references provided by the manufacturer” need to be collected, signed, and made available to verifiers. Device manufacturers are responsible for generating RIMs for their products. A RIM contains information such as device reference values, measurements for installable software / firmware, embedded firmware, and digital certificates.
One of the RIM standards DCP LLC’s., Platform Security Service (PSS) currently supports Trusted Computing Group (TCG) Concise Reference Integrity Manifests (CoRIM). CoRIM’s are the standardized RIM specification and the foremost mechanism for encoding reference data as described here. The RIM Management Service will provide users the facilities to manage, update, generate, and distribute reference integrity measurements via the issuance of CoRIMs.
A high-level description of the RIM Management Service is described in the diagram below:
RMS is a fully automated system which will provide customers with the APIs necessary to efficiently manage its database of product reference measurements, as well as manage versioning of those measurements. The RMS provides the mechanism for collecting, storing, and using reference measurements. In addition, with its integration to the DCP Signing Service (DSS), the RMS will be able to construct and digitally sign CoRIMs with Certificate Authorities operated by the DSS. Customers may configure their own Certificate Authorities for issuing CoRIMs.
If you would like to learn more about DSS Service, please contact us using this page .