Auditability & Explainability of OBLV Deployments


AWS KMS (Key Management Service)A service provided by AWS that allows users to create and manage cryptographic keys and control their use across AWS services and in applications.
AWS Nitro CardHardware component used in AWS Nitro Enclaves for enhanced security. It contributes to the attestation and integrity verification processes.
AWS Nitro EnclavesAn AWS feature that allows customers to create isolated compute environments to process highly confidential data.
AWS Root Certificate Authority (CA)The root certificate authority of AWS’s certificate chain, used for establishing trust in AWS services.
AttestationThe process of verifying the integrity and authenticity of a system or component, typically by comparing its current state with a known, trusted baseline.
CLI (Command Line Interface)A text-based interface used to interact with software and operating systems by typing commands into a console or terminal.
ContainerA lightweight, standalone, executable package of software that includes everything needed to run an application: code, runtime, system tools, system libraries, and settings.
EnclaveIn the context of secure computing, an enclave refers to an isolated and secure environment within a hardware system where sensitive data can be processed.
Image DigestA cryptographic hash value that uniquely represents a container image, used to verify its integrity.
JSONJavaScript Object Notation, a widely used format for configuration and data files.
ManifestA file containing metadata about other files, packages, or container images, typically used in software deployments to define what should be included.
PCR (Platform Configuration Register)A secure storage area in a computing system that stores measurements (hashes) that reflect the system's state, used for attestation purposes.
PodThe smallest deployable unit in Kubernetes, representing a single instance of a running process in a cluster.
Reproducible BuildsA software development process that ensures that a given source code will consistently generate an identical binary in successive build processes.
SDK (Software Development Kit)A collection of software tools and libraries that developers use to create applications for specific platforms.
Secondary ManifestA specific document used in OBLV to uniquely specify an enclave’s configuration. Its digest is used as a custom PCR within the attestation document for enhanced security verification.
TLS (Transport Layer Security)A protocol that ensures privacy and data integrity between two communicating applications.

2024 Oblivious Software Ltd. All rights reserved.