This study investigates the viability of revising The Update Framework (TUF) to be implemented on a distributed ledger called IOTA. TUF is a framework that is becoming the de facto standard for securing update systems. The design for the revised Update Framework, called TUFT, is thoroughly explained and examined. A security analysis as well as a performance analysis are made for the proposed design and prototype respectivly. Security-wise, TUFT is determined to be more secure than the original framework. On the other hand, TUFT is shown to be slower than the original TUF, with some scalability issues due to the requirement to fetch the whole update history for a repository. To accompany a wider range of software we also introduce new features in TUFT that provide versioning and mapping. The work done shows that a distributed ledger can improve a system like TUF in regards to security, auditability, and immutability. In summary, the proposed TUFT design is promising with its new features although it is limited performance-wise in some regards. With the updates being done to the IOTA ledger, a system like TUFT could be further improved upon to reduce the performance impact.
| Identifer | oai:union.ndltd.org:UPSALLA1/oai:DiVA.org:liu-177912 |
| Date | January 2021 |
| Creators | Johns, Oliver, Andell, Anton |
| Publisher | Linköpings universitet, Institutionen för datavetenskap |
| Source Sets | DiVA Archive at Upsalla University |
| Language | English |
| Detected Language | English |
| Type | Student thesis, info:eu-repo/semantics/bachelorThesis, text |
| Format | application/pdf |
| Rights | info:eu-repo/semantics/openAccess |
Page generated in 0.0026 seconds