Attestation of distributed applications

Thumbnail Image

Files

master_Shenavar_Ghazal_2025.pdf (1 MB)
master_Shenavar_Ghazal_2025_errata.pdf (76.85 KB)

URL

Journal Title

Journal ISSN

Volume Title

School of Science | Master's thesis
Unless otherwise stated, all rights belong to the author. You may download, display and print this publication for Your own personal use. Commercial use is prohibited.

Authors

Date

2025-07-31

Department

Major/Subject

Computer Science

Mcode

Degree programme

Master's Programme in Computer, Communication and Information Sciences

Language

en

Pages

55

Series

Abstract

This thesis addresses the problem of securing distributed applications composed of multiple components. Each component operates with access to infrastructure that enables remote attestation of its integrity. However, verifying individual components in isolation is insufficient to ensure the trustworthiness of the overall application, especially in dynamic and potentially adversarial environments. To this end, we propose a workflow for application-wide attestation, where a client, or any component acting as a challenger, can verify the collective integrity and configuration of the entire application. We present a protocol that collects, merges, and verifies attestation quotes from all participating components in a distributed system. This enables the detection of misconfigurations (e.g., inconsistent data replicas) and the identification of compromised or unauthorized components. Our solution binds each application instance to a specific set of attested components, ensuring system-wide integrity before sensitive operations are performed. Furthermore, we focus on designing the protocol with minimal overhead, making it suitable for real-world deployments where scalability and performance are essential.

Description

Supervisor

Gunn, Lachlan

Thesis advisor

Ngo, Huy

Keywords

application-wide attestation, attestation manifest, confidential computing, distributed applications, iIntel SGX, intel TDX, remote attestation

Other note

Citation

Permanent link to this item

https://urn.fi/URN:NBN:fi:aalto-202508196389

Collections

[dipl] Perustieteiden korkeakoulu / SCI