You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/confidential-ledger/faq.yml
+4-4Lines changed: 4 additions & 4 deletions
Original file line number
Diff line number
Diff line change
@@ -20,12 +20,12 @@ sections:
20
20
- question: |
21
21
How can I tell if the Azure confidential ledger service would be useful to my organization?
22
22
answer: |
23
-
Azure confidential ledger is ideal for organizations with records valuable enough for a motivated attacker to try to compromise the underlying logging/storage system, including "insider" scenarios where a rogue employee might attempt to forge, modify, or remove previous records.
23
+
Azure confidential ledger is ideal for organizations with records valuable enough for a motivated attacker to try to compromise the underlying logging or storage system, including "insider" scenarios where a rogue employee might attempt to forge, modify, or remove previous records.
24
24
25
25
- question: |
26
26
What makes Azure confidential ledger much more secure?
27
27
answer: |
28
-
As its name suggests, the ledger utilizes [Azure Confidential Computing platform](../confidential-computing/index.yml) and the [Confidential Consortium Framework](https://www.microsoft.com/research/project/confidential-consortium-framework) to provide a high integrity solution that is tamperprotected and evident. One ledger spans across three or more identical instances, each of which run in a dedicated, fully attested hardware-backed enclave. The ledger's integrity is maintained through a consensus-based blockchain.
28
+
As its name suggests, the ledger utilizes the [Azure Confidential Computing platform](../confidential-computing/index.yml) and the [Confidential Consortium Framework](https://www.microsoft.com/research/project/confidential-consortium-framework) to provide a high integrity solution that is tamper-protected and evident. One ledger spans across three or more identical instances, each of which run in a dedicated, fully attested hardware-backed enclave. The ledger's integrity is maintained through a consensus-based blockchain.
29
29
30
30
- question: |
31
31
When writing to the Azure confidential ledger, do I need to store write receipts?
@@ -45,10 +45,10 @@ sections:
45
45
- question: |
46
46
Does ACL offers querying on attributes other than the receipt/transaction ID?
47
47
answer: |
48
-
Besides querying with the receipt/transaction id, ACL offers historical querying capability to read the data from Genesis(or within a range) for a specific key using the collection id (also called the sub ledger id) parameter. We would be interested to know what other attributes would be useful for querying, as this is an area we are gathering input on for our product roadmap.
48
+
Besides querying with the receipt/transaction ID, ACL offers historical querying capability to read the data from Genesis(or within a range) for a specific key using the collection ID (also called the sub ledger ID) parameter. We would be interested to know what other attributes would be useful for querying, as we are gathering input on for our product roadmap.
49
49
50
50
- question: |
51
-
What about the data on disk. Is that encrypted separately? Where are the keys stored for that??
51
+
Is the data on diskencrypted separately? If so, where are the keys stored?
52
52
answer: |
53
53
When storing data on the ledger, you can choose the public or private option. The public option is not encrypted; plain-text and a good fit for certain use cases which require tamper-evident and auditable ledger use. The private option, however, is encrypted. The data is encrypted using three levels of encryption (i.e. Ledger Secrets, Ledger Secret Wrapping Key, and Recovery key Shares), which is explained in detail [here](https://microsoft.github.io/CCF/main/architecture/cryptography.html).
0 commit comments