Verification of Software Integrity in Distributed Systems

The last few years have seen a growth in popularity of Cloud Computing, a computational paradigm to deploy IT services, through which cloud providers make computing resources available at the request of users, ensuring greater flexibility, availability and cost reduction, without the need for the user to purchase and manage them. Cloud Computing achieves these benefits taking advantage of virtualization technologies, which can host services in a full virtualization environments, such as the Xen hypervisor or Kernel-based Virtual Machine, or in a lightweight virtualization environment, such as Docker. Nowadays the trend is towards the use of lightweight virtual machines, also named containers, considered by companies more advantageous for their flexibility, simplified deployment, compatibility with various operative systems, rapid availability, fine-grained subdivision of computational resources in micro-services. The Cloud Computing paradigm, however, while providing great benefits to users, introduced an entire whole world of security threats, such as isolation failure, economic denial of service, malicious insider, which expose companies and users to great security and privacy risks. Being able to verify the integrity and correct configuration of the software running on the cloud nodes is crucial to early detection of any type of tampering and breach, in order to react promptly to attacks. Remote Attestation is the process by which an external entity can assess the level of trustworthiness of a computational node; it works well for physical nodes, but it is not yet a well established process for virtual nodes, as traditional and lightweight virtual machines. Proposals have been published in the scientific literature but none of them completely satisfies the desirable requirements of scalability, low latency and availability in any deployment scenario. This thesis proposes a new solution to carry out periodic remote attestation of light virtual machines deployed in a container runtime engine among those most used in current cloud platforms, such as Docker and containerd. The solution complies with Trusted Computing Group’s specifications, relying on Trusted Platform Module 2.0, “Integrity Measurement Architecture” Linux’s security module and Keylime as remote attestation framework. As proved by performance tests performed in laboratory, the proposed solution is highly scalable, adapts to different containerization technologies and guarantees low attestation latency as the number of containers, deployed on the cloud node, increases.