Standard-Based Remote Attestation

In recent years, the rapid proliferation of Internet of Things (IoT) devices and the expansion of cloud computing have brought significant advantages and innovation across various industries. However, this growth raised serious concerns about security and trust. Devices and services, often operating in untrusted environments, are vulnerable to malicious attacks that can compromise sensitive data and disrupt operations. Remote attestation plays a crucial role in ensuring the security of such environments. This is a process that allows one system to verify the integrity and trustworthiness of another remote system. Central to achieving secure environments is the concept of Trusted Computing, which is based on standards developed by the Trusted Computing Group (TCG). Trusted Computing technologies provide the foundation for securing cloud computing and virtualized systems. A key technology within trusted computing is the Trusted Platform Module (TPM), a dedicated hardware component developed by TCG to enhance device security through secure storage and cryptographic operations. TPMs are fundamental in the remote attestation process, as they allow devices to generate cryptographic evidence of their integrity in a tamper-resistant manner. Recent advances in remote attestation protocols, such as the Veraison Project, made strides toward standardizing and improving the process. However, a gap still exists in fully adhering to the latest protocols. This thesis proposes a novel implementation of the remote attestation procedure in compliance with the RFC-9334 standard, addressing the critical need for secure, scalable, and modular solutions in the field of IoT and cloud computing. This proposal introduces a flexible architecture that can be easily adapted to various use cases while ensuring compliance with up-to-date standards. By filling this gap, the solution presented in this thesis contributes to advancing secure remote attestation, helping to safeguard the growing number of interconnected devices and services in today's digital landscape.