Appendix B. Sample Ownership Matrix#
The key-release authority administers reference values, attestation policy, and model-key release policy. The role is held by the model provider, enterprise security team, platform operator, or managed CoCo provider and is named in the ownership matrix for the deployment.
Table 10: Sample Ownership Matrix
Activity |
Accountable |
Responsible |
Consulted |
|---|---|---|---|
Validated configuration profile |
OEM or integrator |
Platform operator |
Model provider, enterprise data owner, CC software provider, NVIDIA |
Hardware, firmware, and GPU CC enablement |
OEM or integrator |
Platform operator |
NVIDIA, CC software provider |
Kubernetes cluster, node pools, and RuntimeClass |
Platform operator |
Platform operator |
CC software provider, NVIDIA, security team |
Confidential runtime, guest image/initrd, and key-release integration |
CC software provider |
CC software provider and platform operator |
Model provider, NVIDIA, key-release authority |
Workload image, model artifact encryption, and measurements |
Model provider |
Model provider or ISV |
Platform operator, CC software provider, key-release authority |
Key-release policy and reference values |
Model provider or named key-release authority |
Key-release authority |
Enterprise data owner, platform operator, CC software provider |
Inference gateway, auth, and logging/monitoring controls |
Enterprise data owner |
ISV or platform operator |
Model provider, security team |
Failure-mode runbook and support escalation |
Platform operator |
OEM or integrator |
Model provider, CC software provider, NVIDIA, key-release authority |
Firmware, driver, runtime, guest, workload-image, and policy lifecycle |
Platform operator |
Platform operator or OEM/integrator |
Model provider, CC software provider, NVIDIA, key-release authority |