Politecnico di Torino (logo)

Secure Boot and Monitoring for Embedded System

Damiano Zappulla

Secure Boot and Monitoring for Embedded System.

Rel. Antonio Lioy. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering), 2022

PDF (Tesi_di_laurea) - Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives.

Download (2MB) | Preview

Remote attestation is the activity of making a claim about properties of a target by supplying evidence to an appraiser over a network. Thanks to Linux Integrity Measurement Architecture (IMA) it is possible to maintain the chain of trust measurement up to the application layer. The goals of the kernel integrity subsystem are to detect if files have been accidentally or maliciously altered, both remotely and locally, appraise a file's measurement against a "good" value stored as an extended attribute, and enforce local file integrity. This thesis firstly describes history, architecture, version and capabilities of Trusted Platform Module (TPM), crucial component to perform remote attestation and, inside the second part, Keylime, an open-source tool for bootstrapping and maintaining trust in the cloud, is presented and evaluated. The practical part of this paper covers the installation, configuration and evaluation of TPM tools and Keylime, the activation and testing of Linux IMA with Keylime itself.

Relators: Antonio Lioy
Academic year: 2022/23
Publication type: Electronic
Number of Pages: 54
Corso di laurea: Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering)
Classe di laurea: New organization > Master science > LM-32 - COMPUTER SYSTEMS ENGINEERING
Aziende collaboratrici: Politecnico di Torino
URI: http://webthesis.biblio.polito.it/id/eprint/24509
Modify record (reserved for operators) Modify record (reserved for operators)