Ensuring the integrity of nodes under the context of container live migration in a secure network
Azhar, Moneeb (2019-12-17)
Ensuring the integrity of nodes under the context of container live migration in a secure network
(17.12.2019)
Julkaisu on tekijänoikeussäännösten alainen. Teosta voi lukea ja tulostaa henkilökohtaista käyttöä varten. Käyttö kaupallisiin tarkoituksiin on kielletty.
suljettu
Julkaisun pysyvä osoite on:
https://urn.fi/URN:NBN:fi-fe2019122049247
https://urn.fi/URN:NBN:fi-fe2019122049247
Tiivistelmä
The amount of data generated in our hyper-connected networks is rising exponentially. More and more consumer electronic devices rely on the internet to provide users with seamless access to services. Cloud computing has been widely leveraged to make this possible by offering on-demand and scalable storage, along with processing services. However, the delays associated with furnishing these services from the cloud can be of concern for latency-sensitive applications such as health-monitoring, emergency response and self-driving vehicles. It is estimated that IoT applications in the healthcare industry on average generate data flows in excess of 25000 tuples per second. Fog computing is a distributed paradigm that is aimed at catering to this situation. In essence, it deals with utilizing resources as close to the end-user as possible for carrying out a large part of storage and processing. Such a network would optimally be capable of using containers as methods of encapsulation and resource management. An overloaded node could offload work to an idle node by carrying out live container migration.
Securing such a network would be of utmost importance. Rogue nodes could compromise the entire network or potentially steal confidential information and carry out denial of service attacks on mission-critical systems. There should be a means of each node to assess the integrity of its software components (firmware, bootloader, operating system) and prove this to a remote attestor. The remote attestor can then evaluate the degree of trust it is willing to place on this node. For instance, if the attestor trusts the BIOS but not the bootloader, then it might opt to reject the provision of certain services and not others.
Trusted Platform Modules (TPM) are widely present in computer systems today. They can be used to measure the integrity of a system during boot up or runtime and provide remote attestors with a means of ascertaining what degree of trust they can place over the system’s behavior. In this thesis we set out to study how the TPM can be used in general-purpose applications in order to establish integrity of different parts of a system before adding them to a network capable of performing live container migration. We present an implementation of a remote attestation system (LegosTPM) in this regard. We performed tests by attempting to perform attestation of a client with the server using a normal BIOS, modified or infected BIOS and an infected BIOS with stale integrity measurements. The server was correctly able to ascertain that only the first case can be trusted, and the other instances were deemed untrustworthy.
Securing such a network would be of utmost importance. Rogue nodes could compromise the entire network or potentially steal confidential information and carry out denial of service attacks on mission-critical systems. There should be a means of each node to assess the integrity of its software components (firmware, bootloader, operating system) and prove this to a remote attestor. The remote attestor can then evaluate the degree of trust it is willing to place on this node. For instance, if the attestor trusts the BIOS but not the bootloader, then it might opt to reject the provision of certain services and not others.
Trusted Platform Modules (TPM) are widely present in computer systems today. They can be used to measure the integrity of a system during boot up or runtime and provide remote attestors with a means of ascertaining what degree of trust they can place over the system’s behavior. In this thesis we set out to study how the TPM can be used in general-purpose applications in order to establish integrity of different parts of a system before adding them to a network capable of performing live container migration. We present an implementation of a remote attestation system (LegosTPM) in this regard. We performed tests by attempting to perform attestation of a client with the server using a normal BIOS, modified or infected BIOS and an infected BIOS with stale integrity measurements. The server was correctly able to ascertain that only the first case can be trusted, and the other instances were deemed untrustworthy.