| Carl Friedrich Gauß Faculty | Department of Computer Science

Remote Attestation in a multi-tenant and TrustZone-protected cloud

Student(anonymous, Login required)
SupervisorDr. Stefan Brenner
ProfessorProf. Dr. Rüdiger Kapitza
IBR GroupDS (Prof. Kapitza)
TypeMaster Thesis


Despite many benefits of cloud environments, like cost-efficiency, and efficiency in general, but also flexibility and scalability, its adoption is still limited by trust problems. This is why the application of hardware security technology like ARM TrustZone and Intel SGX currently is an interesting research topic. Especially for cloud scenarios, remote attestation and verification is an important building block in providing a trustworthy execution platform in an untrusted cloud.

Task Description

This thesis should build upon an existing trusted execution framework called TrApps[1] which is based on ARM TrustZone and has been implemented as a prototype in an earlier master's thesis. As an extension to TrApps, the student should implement a new component that allows the remote attestation of secure applications, called SecAs. This component will be part of TrApps and subject of hardware-based remote attestation of the secure software stack comprising a secure operating system and the secure components of TrApps. Hardware-based remote attestation is not supposed to be implemented in this thesis. However, the student should provide an overview of existing techniques and a comparison in terms of suitability for applying it in TrApps in his thesis. The student should provide the design of the remote attestation component for SecAs in his thesis, as well as a proof-of-concept (PoC) implementation of it integrated in the TrApps prototype. Special focus of this PoC implementation should be put on multi-tenant nature of clouds.

last changed 2016-07-25, 14:02 by Dr. Stefan Brenner