Distributed computing and storage systems and services, such as those provided by computing resource service providers (e.g., over the Internet), are increasingly utilized by enterprises and individual users to augment, and in some cases, replace on-premise computing resources, as well as to track assets, such as devices. However, as such distributed systems and services are not necessarily under complete control of the implementing user or enterprise, the integrity of transactions made therewith can be difficult to ascertain (from the perspective of the user), and difficult for which to provide assurances (from the perspective of the service provider).
For example, an entity may wish to control device and/or user access to a network, as well as a user's access to the specific devices. In such scenarios, a cryptographically backed chain of custody or other cryptographic method for ascertaining the identity of the connecting users and/or devices may be implemented. However, it can be difficult to detect attackers in a diffuse environment where a given, legitimate user may use one of many devices to connect to the network, and similarly, where any given legitimate device may be authorized to authenticate many different users.