remote attestation
also: attestation, TPM attestation, platform attestation
Remote attestation is a security mechanism that allows a system to prove to a remote verifier that its hardware and software components are in a trusted, unmodified state.
Remote attestation enables a computing device (like a server or embedded system) to provide cryptographic evidence to a distant party that it hasn't been compromised or tampered with. The attesting system uses secure hardware capabilities—typically a Trusted Platform Module (TPM) or similar—to generate digitally signed measurements of its firmware, bootloader, kernel, and other critical components.
A remote verifier can then check these signed measurements against known good values to confirm the system's integrity. For example, a cloud provider might use remote attestation to prove to customers that their virtual machines are running on uncompromised physical hardware and haven't been altered by malicious actors.
This is commonly used in confidential computing environments, supply chain security, and defense applications where trust in the computing platform itself is critical.