Glossary

Key Management Service (KMS)	is a centralized secrets storage enforcing access policies and data-at-rest encryption
Virtual Machine (VM)	is a virtualized machine through software and hardware. It has dedicated resources and allows a singly system to run multiple virtualized systems.
Attestation Verification Service (AVS)	is a service hosted on another cloud provider, which is able to verify remote attestation reports
Trusted Execution Environment (TEE)	are used to isolate applications from an untrusted software stack. Isolation is usually enforced by hardware
Hardware Security Module (HSM)	are hardware device's especially designed to secure and manage secrets and perform cryptographic operations. Especially, it has protection against many side-channel attacks.
Message Authentication Code (MAC)	are tags that can be used to check the integrity of a message. In addition, it also entices authentication.
Certificate Authority (CA)	is a trusted entity issuing certificates. For organizations to be able to have a recognized CA, they have to go through a rigorous examination process.
Certificate Signing Request (CSR)	is a standard request format for requesting certificates from a CA and contains identifying information and the public key that later is signed in the certificate.
Trusted Computing Base (TCB)	is hardware, software and firmware that is trusted to enforce security
Denial of Service (DoS)	is an attack against the availablity of a system or network. It makes the component inaccessible.
System-on-chip (SoC)	stores multiple computer architectural components on a single chip