Trustworthy Data Provenance for Enclaves in Heterogeneous Distributed Systems
| dc.contributor | Aalto-yliopisto | fi |
| dc.contributor | Aalto University | en |
| dc.contributor.advisor | Dushku, Edlira | |
| dc.contributor.author | Chouak, Ayoub | |
| dc.contributor.school | Perustieteiden korkeakoulu | fi |
| dc.contributor.supervisor | Gunn, Lachlan | |
| dc.date.accessioned | 2022-08-28T17:05:38Z | |
| dc.date.available | 2022-08-28T17:05:38Z | |
| dc.date.issued | 2022-08-22 | |
| dc.description.abstract | Trusted execution environments (TEEs) have gained significant traction over the last few years. They allow mutually distrusting systems to entrust each other with data and computation by running applications in strongly isolated containers called enclaves. Different TEEs can run different versions of an enclave platform and their realization depends on the underlying hardware. As enclaves migrate across many different TEEs, their integrity can be compromised. By tracking the provenance of enclaves, TEEs can assess their trustworthiness based on their migration history. However, this requires that the provenance data itself also be trustworthy. In this work, we leverage the strong isolation guarantees and attestation capability of TEEs to build QuickProv, a framework for fast, trustworthy data provenance for enclaves in heterogeneous distributed systems. We first show how we achieve trustworthy data provenance without using blockchains and consensus algorithms, and by using TEE capabilities. We then build a TrustZone-assisted enclave platform to support our provenance framework. Finally, we develop a proof-of-concept (PoC) implementation for QuickProv that is minimally intrusive and is tamper-resistant even in the presence of some compromised TEEs. | en |
| dc.format.extent | 72 | |
| dc.format.mimetype | application/pdf | en |
| dc.identifier.uri | https://aaltodoc.aalto.fi/handle/123456789/116269 | |
| dc.identifier.urn | URN:NBN:fi:aalto-202208285083 | |
| dc.language.iso | en | en |
| dc.programme | Master’s Programme in Security and Cloud Computing (SECCLO) | fi |
| dc.programme.major | Security and Cloud Computing | fi |
| dc.programme.mcode | SCI3113 | fi |
| dc.subject.keyword | remote attestation | en |
| dc.subject.keyword | provenance | en |
| dc.subject.keyword | trusted execution environment | en |
| dc.subject.keyword | migration | en |
| dc.subject.keyword | enclave | en |
| dc.title | Trustworthy Data Provenance for Enclaves in Heterogeneous Distributed Systems | en |
| dc.type | G2 Pro gradu, diplomityö | fi |
| dc.type.ontasot | Master's thesis | en |
| dc.type.ontasot | Diplomityö | fi |
| local.aalto.electroniconly | yes | |
| local.aalto.openaccess | yes |
Files
Original bundle
1 - 1 of 1
No Thumbnail Available
- Name:
- master_Chouak_Ayoub_2022.pdf
- Size:
- 1.9 MB
- Format:
- Adobe Portable Document Format