Keylime

Overview:

Keylime is an open-source trust system that leverages TPM (Trusted Platform Module) Technology to establish hardware-rooted cryptographic trust for remote machines. It offers solutions for bootstrapping, provisioning encrypted payloads, and monitoring system integrity in real-time. Keylime aims to simplify TPM Technology accessibility for developers and users without requiring an in-depth understanding of TPM operations. It is particularly useful for scenarios like remote attestation in hybrid cloud environments or securing Edge/IoT devices in vulnerable locations.

Features:

• Scalable Trust System: Utilizes TPM Technology for establishing trust in remote machines.
• End-to-End Solution: Provides solutions for bootstrapping, encryption provisioning, and real-time integrity monitoring.
• Customized Actions: Users can define actions triggered when a machine fails its attested measurements.
• Flexible Remote Attestation: Offers a flexible framework for remote attestation of Platform Configuration Registers (PCRs).
• CLI Application and RESTful APIs: Allows interaction with Keylime through a CLI application and RESTful APIs.
• Components: Consists of three main components - Verifier, Registrar, and Agent.