Duo on ChromeOS Verified Access API

Duo Collaborates With Google to Provide Verified Access for Chrome OS

Ensuring Trusted Access with Google’s Verified Access API
For the past few months, we’ve worked with Google on testing early versions of the Chrome OS Verified Access API, which is now publicly available and configurable in the Google Apps Admin Panel. Verified Access is a new API that allows Chromebooks to cryptographically attest to the state of certain security properties of the device to a third party – in our case, that third party is actually Duo’s service – for the purposes of making decisions around activities like access control. We use this to reliably assess the security posture of Chromebooks at Duo before they are allowed to access particularly sensitive resources. What does the attestation protocol actually tell us? According to the source code:[…]


Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s