preisacm
/
masterthesis
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

checked install description up to the facerecognition prototype

master
Michael Preisach 4 years ago
parent
b40cfab8be
commit
438d95e913
3 changed files with 49 additions and 19 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 58
      thesis/04_implementation.tex
  2. 10
      thesis/05_outlook.tex
  3. BIN
      thesis/MAIN.pdf

58
thesis/04_implementation.tex
View File

@ -256,7 +256,7 @@ By changing the parameter \texttt{ima\_appraise=enforce} in
The new parameters are activated by using the workflow for updating the kernel described in \autoref{ssec:install-and-use-trusted-boot}.
The result is a system which allows only resources with correct hash attribute to be read or executed.
An adversary may still create the file hash itself and overwrite the file with the hash.
However, an adversary may still create the file hash itself and overwrite the file with the hash.
Hence these hash values must be verified in some way before they can be trusted.
Two options are therefore available:
\begin{itemize}
@ -266,8 +266,8 @@ Two options are therefore available:
The host can directly check whether the file was tamepered with and act accordingly.
Linux kernels support this feature with the \emph{extended verification module} (EVM).
\end{itemize}
We implemented an attestation variant where the IMA log is part of the message.
Details about the message design will be discussed in \autoref{ssec:daa-network-protocol}
We use with DAA an attestation variant where the IMA log is part of the message.
Details about the message design will be discussed in \autoref{ssec:daa-network-protocol}.
\section{Dynamic System Analysis}
IMA is a comprehensive tool for checking the integrity of a file or executable or library before it gets executed.
@ -374,21 +374,20 @@ Any party interacting with the sensor is then able to check trustworthiness via
We describe in the following which programs need to be installed and what configuration is required to demonstrate a working implementation of DAA.
\subsection{Provision Hosts of Test Setup}
The demonstration setup, shown in \autoref{fig:prototype} consists of three independent hosts which are connected together via TCP/IP.
The demonstration setup, shown in \autoref{fig:prototype}, consists of three independent hosts which are connected together via TCP/IP.
Every host represent one party in the DAA scheme, each requiring additional software to support the DAA protocol.
Xaptums ECDAA library need to be installed on all three hosts.
However, the hosts representing issuer and verifier do not require TPM support.
Xaptums ECDAA library need to be installed on all three hosts but only the sensor requires TPM support.
Similar to that, the ECDAA network wrapper is required to support the network communication part.
The member needs, besides DAA protocol support, software to capture and process the image of the USB webcam.
The member needs, besides DAA protocol support, software to capture and process an image of the USB webcam.
We developed a small Rust program called \texttt{sensor-capture} for capturing a face image from a webcam.
For biometric processing, we transform the image into an embedding with the face recognition prototype of Digidow\footnote{\url{https://git.ins.jku.at/proj/digidow/prototype-facerecognition}}.
\subsection{Installing Xaptum ECDAA Library}
Xaptum's ECDAA Library provide the cryptographic functions and the protocol primitives for DAA.
A file based demonstration of the protocol is provided within the project.
We build the ECDAA library from source since the provided packages do not support Ubuntu 20.04.
Therefore we need the C build environment and some documentation extensions:
We have to build the ECDAA library from source since the provided deb packages do not support Ubuntu 20.04.
Therefore we need the C build environment as follows:
\begin{lstlisting}[numbers=none]
root@amd1:~# apt install gcc cmake build-essential doxygen doxygen-latex parallel
\end{lstlisting}
@ -422,7 +421,7 @@ Now, all prerequisities are installed to build and install the ECDAA network wra
\subsection{Installing ECDAA network wrapper}
Copy the folder \texttt{ecdaa-network-wrapper} to the build directory and change to this directory:
\begin{lstlisting}[numbers=none]
root@amd1:~# cp -r <source-dir>/ecdaa-network-wrapper .
root@amd1:~# git clone https://git.ins.jku.at/proj/digidow/ecdaa-network-wrapper.git
root@amd1:~# cd ecdaa-network-wrapper
\end{lstlisting}
@ -436,8 +435,8 @@ For example, to build the member with TPM support, use:
\begin{lstlisting}[numbers=none]
root@amd1:~/ecdaa-network-wrapper# cmake --build . --target ecdaa_member_tpm -- -j 2
\end{lstlisting}
[t]
The following targets are available:[t][t]
The following targets are available:
\begin{itemize}
\item \texttt{ecdaa\_issuer}: Creates the binary for the issuer.
\item \texttt{ecdaa\_member}: Builds the member executable without TPM support.
@ -447,11 +446,38 @@ The following targets are available:[t][t]
\item \texttt{ecdaa\_all}: Builds every binary listed above at once.
\end{itemize}
When all above steps are finished successfully, the demonstration setup is finished.
When all above steps are finished successfully, the host is capable of taking its role in the DAA protocol.
\section{DAA Demo Application}
For demonstration purposes, we use an USB webcam to take a photo of the person being in front of the sensor.
This photo is then processed to generate a face embedding, which is small enough to be sent with the DAA attestation message.
The first part is done with a small Rust program called \texttt{bs-capture}.
It uses the libraries from the video4linux project to capture a still image and saving it to disk.
Ubuntu 20.04 requires the following packages to be installed:
\begin{lstlisting}[numbers=none]
root@amd1:~# apt install rustc cargo libv4l-0 libv4l-dev v4l-utils
\end{lstlisting}
Then the program can be downloaded and executed:
\begin{lstlisting}
root@amd1:~# git clone https://git.ins.jku.at/preisach/bs-capture.git
root@amd1:~# cd bs-capture/
root@amd1:~/bs-capture# cargo run
\end{lstlisting}
The program assumes that a webcam is available at \texttt{/dev/video0}.
It takes a still image which is saved as \texttt{frame.jpg} in the working directory, which is in this example \texttt{~/bs-capture}.
This image needs then to be processed to generate the face embedding data.
Therefore we use the project \emph{Prototype Facerecognition} which uses a trained tensorflow network to generate embeddings.
The Git repository contains an install script which cares about installing all dependencies for setup:
\begin{lstlisting}
root@amd1:~# git clone https://git.ins.jku.at/proj/digidow/prototype-facerecognition.git
root@amd1:~# cd prototype-facerecognition/
root@amd1:~/prototype-facerecognition# ./install.sh
\end{lstlisting}
\begin{itemize}
\item picture taking program
\end{itemize}
\subsection{DAA Network Protocol}
\label{ssec:daa-network-protocol}
The network protocol provided by \texttt{ecdaa-network-wrapper} adds to the cryptographic implementation of Xaptum's ecdaa project a network communication layer.

10
thesis/05_outlook.tex
View File

@ -1,7 +1,13 @@
\chapter{Conclusion and Outlook}
\label{cha:conclusion}
\section{Testing}
These are the test results
\begin{itemize}
\item Trusted boot works perfectly fine---any update needs an additional reboot to generate PCR vales
\item When IMA is active (appraise or enforce), the boot procedure takes significantly more time, but the OS itself does not seem to be slower.
\item IMA in enforce mode breaks the package manager apt. It downloads the deb packages from the repository but cannot open it since the files do not get the \texttt{security.ima} attribute.
\item When IMA in enforce mode, any access to a filesystem not supporting extended file attributes will be blocked. This includes the EFI boot partition and the boot partition for GRUB which is usually \texttt{ext2}.
System upgrade is not possible with the policies in use---customized policies are necessary to exclude \texttt{/boot} and to handle \texttt{/var/cache/apt} properly.
\end{itemize}
\section{Limitations}
\begin{itemize}
@ -18,8 +24,6 @@ These are the test results
This might be useful in the future, maybe with a custom implementation of a recent DAA version.
\end{itemize}
\section{Future Work}
\begin{itemize}
\item Remove building tools on target device - just deliver binaries

BIN
thesis/MAIN.pdf
View File

Binary file not shown.
Write Preview
Loading…
Cancel
Save