Empirical Evaluation of Integrity Attestation Procedures in Public Cloud Environment

The security of remote attestation frameworks is critical for establishing trust in distributed computing environments, particularly in cloud and edge deployments. This thesis investigates the resilience of the Keylime framework against network-level and database-level adversarial interference. Specifically, the research focuses on verifier database poisoning and man-in-the-middle (MITM) redirection attacks to evaluate whether Keylime can be deceived into establishing trust with malicious intermediaries.

A controlled experimental environment was implemented using containerised Keylime components, including the verifier, registrar, agent, and a MITM proxy. Automated scripts were developed to simulate attack scenarios, modify internal databases, and capture telemetry and network-level data through logs and packet inspection. The results demonstrate that while Keylime's cryptographic attestation mechanisms successfully prevent unauthorised trust establishment, its reliance on static local state in the registrar and verifier databases allows communication redirection, highlighting a potential weakness in operational integrity.

This study provides a systematic methodology for evaluating the security of attestation frameworks under controlled adversarial conditions. The findings contribute to understanding both the strengths and limitations of Keylime's trust model, and suggest that enhancements in internal data validation and state management could further improve resilience against database-level and network-level attacks.