Remote Attestation for Constrained Relying Parties

dc.contributorAalto-yliopistofi
dc.contributorAalto Universityen
dc.contributor.advisorNiemi, Arto
dc.contributor.authorMoustafa, Mariam
dc.contributor.schoolPerustieteiden korkeakoulufi
dc.contributor.supervisorDragoni, Nicola
dc.date.accessioned2023-08-27T17:15:58Z
dc.date.available2023-08-27T17:15:58Z
dc.date.issued2023-08-21
dc.description.abstractIn today's interconnected world, which contains a massive and rapidly growing number of devices, it is important to have security measures that detect unexpected or unwanted behavior of those devices. Remote attestation -- a procedure for evaluating the software and hardware properties of a remote entity -- is one of those measures. Remote attestation has been used for a long time in Mobile Device Management solutions to assess the security of computers and smartphones. The rise of the Internet of Things (IoT) introduced a new research direction for attestation, which involves IoT devices. The current trend in the academic research of attestation involves a powerful entity, called "verifier", attesting and appraising a less powerful entity, called "attester". However, academic works have not considered the opposite scenario, where a resource constrained device needs to evaluate the security of more powerful devices. In addition, these works do not have the notion of a "relying party" -- the entity that receives the attestation results computed by the verifier to determine the trustworthiness of the attester. There are many scenarios where a resource constrained device might want to evaluate the trustworthiness of a more powerful device. For example, a sensor or wearable may need to assess the state of a smartphone before sending data to it, or a network router may allow only trusted devices to connect to the network. The aim of this thesis is to design an attestation procedure suitable for constrained relying parties. Developing the attestation procedure is done through analyzing possible attestation result formats found in the industry, benchmarking the suitable formats, proposing and formally analyzing an attestation protocol for constrained relying parties, and implementing a prototype of a constrained relying party.en
dc.format.extent106 + 14
dc.format.mimetypeapplication/pdfen
dc.identifier.urihttps://aaltodoc.aalto.fi/handle/123456789/122869
dc.identifier.urnURN:NBN:fi:aalto-202308275210
dc.language.isoenen
dc.programmeMaster’s Programme in Security and Cloud Computing (SECCLO)fi
dc.programme.majorSecurity and Cloud Computingfi
dc.programme.mcodeSCI3113fi
dc.subject.keywordremote attestationen
dc.subject.keywordrelying partyen
dc.subject.keywordformal verificationen
dc.subject.keywordattestation resultsen
dc.subject.keywordconstrained devicesen
dc.titleRemote Attestation for Constrained Relying Partiesen
dc.typeG2 Pro gradu, diplomityöfi
dc.type.ontasotMaster's thesisen
dc.type.ontasotDiplomityöfi
local.aalto.electroniconlyyes
local.aalto.openaccessyes
Files
Original bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
master_Moustafa_Mariam_2023.pdf
Size:
997.25 KB
Format:
Adobe Portable Document Format