Skip to content

CoRIM‐based Evidence Appraisal (take 2)

Thomas Fossati edited this page Oct 2, 2023 · 11 revisions

CoRIM-based Evidence Appraisal (take 2)

Usual RATS arch pic, with an explicit distinction between trust anchors and endorsed values added.

The reason for separating the concepts is that they play fundamentally different roles in the appraisal process.

flowchart TD
    R((reference</br>values))
    Ev((endorsed</br>values))
    Ei((trust</br>anchors))
    P((appraisal policy</br>for evidence))
    VO([verifier</br>owner])
    RFP([reference</br>value</br>provider])
    E([endorser])
    RP([relying</br>party])
    A([attester])
    e((Evidence))
    a((Attestation</br>Result))
    V([verifier])

    subgraph " "
    Ev
    Ei
    end

    subgraph " "
    R
    end
    
    subgraph " "
    P
    end

    VO --> P
    RFP --> R
    E --> Ev
    E --> Ei
    P --> V
    R --> V
    RP --> e
    A --> e
    Ev --> V
    Ei --> V
    V --> a
    e --> V
    A -.-> RP

Loading

A Closer Look to the Appraisal Process

The picture below provides a closer look in to the appraisal process, describing what the CoRIM-based verification flow looks like. The flow is broken down into four separate stages:

Notes:

  • The appraisal policy is an input to all the processing stages
  • All non-final processing stages can output a "failure" signal that short circuits the appraisal
flowchart TD
    v1[crypto</br>verification]
    v2[refval</br>match]
    v3[endorsed values</br>decoration]
    v4[AR assembly</br>and signing]
    Ei((trust</br>anchors))
    e((Evidence))
    P((appraisal policy</br>for evidence))
    skV>verifier signing key]
    a((Attestation</br>Result))
    R((reference</br>values))
    Ev((endorsed</br>values))

    subgraph " "
    Ev
    Ei
    end

    subgraph " "
    R
    end
    
    subgraph " "
    P
    end

    subgraph stages[" "]
    v1
    v2
    v3
    v4
    end

    subgraph " "
    skV
    end

    e --> v1
    Ei --> v1
    v1 -- evidence claims-set</br>accepted claims-set={} --> v2
    P --> stages
    v2 -- evidence claims-set</br>accepted claims-set={evidence claims-set} --> v3
    v3 -- accepted claims-set={evidence claims-set, endorsed claims-set} --> v4
    skV --> v4
    v4 --> a
    R --> v2
    Ev --> v3
    v1 -- failure -->v4
    v2 -- failure -->v4
Loading

Crypto Verification

Input:

  • Evidence to be verified
  • Trust anchors
  1. Look up the matching trust anchor (e.g., a raw public key, a TA store, etc.)
  2. Use the key material to verify the Evidence's cryptographic envelope

Output:

  • the (cryptographically verified) Evidence's claims-set
flowchart TD
    v1[crypto</br>verification]
    Ei((trust</br>anchors))
    e((Evidence))
    P((appraisal policy</br>for evidence))
    Ecs((evidence</br>claims-set))
    FAIL((("failure")))

    v1 --> FAIL
    Ei --> v1
    e --> v1
    v1 --> Ecs
    P --> v1
Loading

Reference Values match

Input:

  • Evidence claims-set
  • Reference values
  1. Look up any applicable reference values
  2. Match reference values against the claims-set

Output:

  • (validated) Evidence claims-set
flowchart TD
    v2[refval</br>match]
    P((appraisal policy</br>for evidence))
    R((reference</br>values))
    Ecs1((evidence</br>claims-set))
    Ecs2((evidence</br>claims-set))
    FAIL((("failure")))

    v2 --> FAIL
    v2 --> Ecs2
    R --> v2
    Ecs1 --> v2
    P --> v2
Loading

Endorsed Values Decoration

Input:

  • The Evidence claims-set
  • Endorsed values
  1. Look up applicable endorsed values
  2. decide (based on policy) which endorsed values can be added to the claims-set

Output:

  • Evidence claims-set
  • Derived claims-set
flowchart TD
    v3[endorsed values</br>decoration]
    P((appraisal policy</br>for evidence))
    Ev((endorsed</br>values))
    Ecs1((evidence</br>claims-set))
    Ecs2((evidence</br>claims-set))
    Dcs((derived</br>claims-set))
    FAIL((("failure")))

    Ev --> v3
    Ecs1 --> v3
    v3 --> FAIL
    v3 --> Dcs
    v3 --> Ecs2
    P --> v3
Loading

Attestation Result assembly and signing

Input:

  • Evidence and Derived claims-set, or a failure signal
  • the Verifier private key that signs the attestation result
  1. Determine the attestation result claims-set based on the input claims-set and policy
  2. Sign the final attestation result statement

Output:

  • Signed attestation results
flowchart TD
    v4[AR assembly</br>and signing]
    P((appraisal policy</br>for evidence))
    skV>verifier signing key]
    a((Attestation</br>Result))
    Ecs((evidence</br>claims-set))
    Dcs((derived</br>claims-set))
    FAIL((("failure")))

    FAIL --> v4
    Ecs --> v4
    Dcs --> v4
    P --> v4
    skV --> v4
    v4 --> a
Loading