first concept of master thesis

presentation/200421_secondlong/header.tex

@@ -0,0 +1,88 @@
+\usepackage[naustrian]{babel}
+\usepackage[utf8]{inputenc}
+\usepackage[T1]{fontenc}
+
+%Designvorlage
+\usetheme{Boadilla}
+
+%Font Typeface
+\usepackage{paratype}
+
+\usepackage{graphicx}
+\usepackage{url}
+\usepackage{pgfpages}
+\usepackage{lmodern}
+
+\usepackage{listings}
+
+\usepackage{marvosym}
+\usepackage{textcomp}
+
+\usepackage{tikz}
+\usepackage{geometry}
+\usepackage{layout}
+\usepackage{amsmath}
+\usepackage{amssymb}
+\usepackage{textcomp}
+\usepackage{xcolor}
+\usepackage{colortbl}
+
+\usepackage[default]{cantarell}
+%\usepackage{libertine}
+%\usepackage{libertinus}
+
+\usepackage{sourcecodepro}
+%\renewcommand*\familydefault{\ttdefault} %% Only if the base font of the document is to be typewriter style
+%properties for listings:
+\lstset{
+	language=[LaTeX]TeX,				%language
+	basicstyle=\footnotesize\ttfamily,	%common font style
+	xleftmargin=10pt,
+	numbers=left,						%line numbers
+	numberstyle=\tiny,
+	numberfirstline=true,
+	stepnumber=1,
+	numbersep=5pt,
+	tabsize=2,							%size of tabulator
+	columns=flexible,
+	upquote=true,
+	%breaklines=true,					%automatischer Zeilenumbruch
+	literate=							%Umlauts in source files
+	{Ö}{{\"O}}1
+	{Ä}{{\"A}}1
+	{Ü}{{\"U}}1
+	{ß}{{\ss}}2
+	{ü}{{\"u}}1
+	{ä}{{\"a}}1
+	{ö}{{\"o}}1
+}
+
+%Beamer preferences
+
+%\usecolortheme{structure}
+\renewcommand{\arraystretch}{1.2}
+
+\setbeamertemplate{navigation symbols}{}
+\setbeamertemplate{enumerate items}[square]
+\setbeamertemplate{itemize items}[square]
+\setbeamertemplate{section in toc}[circle]
+\setbeamertemplate{subsection in
+toc}{\leavevmode\leftskip=1.5em{\color{fg!30!blue}$\bullet$}\hskip0.5em\inserttocsubsection\par}
+\AtBeginSection[]
+{
+	\begin{frame}
+	\frametitle{Inhalt}
+	\tableofcontents[
+	currentsection,
+	sectionstyle=show/shaded,
+	hideothersubsections]
+\end{frame}
+}
+
+%Titelinformationen
+\title[Wissenschaftliches Schreiben mit \LaTeX~1]
+{Wissenschaftliches Schreiben und Layouten anhand von \LaTeX{} 1}
+
+\author[Michael Preisach]{Michael Preisach, BSc. \\\url{michael.preisach@oeh.jku.at}}
+\date{Sommersemester 2020}
+\institute[TNF]{Technisch-Naturwissenschaftliche Fakultät}

presentation/200421_secondlong/secondlong.tex

@@ -0,0 +1,164 @@
+\documentclass[naustrian,notes,aspectratio=169]{beamer}
+
+\input{header}
+%Titelinformationen
+\title[Digidow Biometric Sensor]{Digital Shadow: Biometric Sensor}
+\subtitle{Master's Thesis Seminar}
+\author[Michael Preisach]{Michael Preisach}
+\date{April 21, 2020}
+\institute[INS]{\includegraphics[width=0.1\textwidth]{../../resources/ins}}
+
+\begin{document}
+\begin{frame}
+	\titlepage
+\end{frame}
+	
+\begin{frame}
+	\frametitle{Biometric Sensor as Part of Digidow}
+	\begin{figure}
+		\centering
+		\includegraphics[width=0.7\textwidth]{../../resources/globalview}
+	\end{figure}
+\end{frame}
+
+\begin{frame}
+	\frametitle{Threat Model}
+	\begin{itemize}
+		\item Biometric Sensor (BS) point of view
+		\begin{itemize}
+			\item Rogue Personal Identity Agent (PIA)
+			\item Metadata/Attribute Extraction on Network
+			\item Defects on Network - Discovery not working 
+			\item Sensor data modification at sensor hardware (e.\,g. camera)
+			\item Physical manipulation of hardware
+		\end{itemize}
+		\item Network/PIA point of view
+		\begin{itemize}
+			\item Retransmission of sensor data
+			\item Blocking data transmission
+			\item Sensor data aggregation
+			\item Sensor data modification before transmission
+		\end{itemize}
+	\end{itemize}
+\end{frame}
+
+\begin{frame}
+	\frametitle{Trusted Platform Module (TPM)}
+	\begin{columns}
+		\begin{column}{0.55\textwidth}
+			\begin{itemize}
+				\item Dedicated Cryptocoprocessor in the PC
+				\item Toolset available for measurement, attestation, key management, \ldots
+				\item Available Hierarchies: Storage, Endorsement, Platform, Null
+				\item Platform Configuration Registers (PCR) for the state of the system\footnotemark
+			\end{itemize}
+		\end{column}
+		\begin{column}{0.45\textwidth}  %%<--- here
+			\begin{footnotesize}
+				\begin{tabular}{c|l}
+					PCR &Usage\\\hline
+					0	&UEFI boot and runtime services			\\
+					1	&SMBIOS, ACPI, \ldots	\\
+					4	&UEFI OS Loader			\\
+					5	&ESP, GPT		\\
+					7	&Unified Kernel\\
+					10	&Integrity Measurements (by Kernel)\\
+				\end{tabular}   
+			\end{footnotesize}
+		\end{column}
+	\end{columns}
+	\footnotetext{\url{https://www.trustedcomputinggroup.org/wp-content/uploads/PC-ClientSpecific_Platform_Profile_for_TPM_2p0_Systems_v21.pdf}}
+\end{frame}
+
+\begin{frame}
+	\frametitle{Integrity Measurement Architecture\footnote{\url{https://wiki.gentoo.org/wiki/Integrity_Measurement_Architecture}}}
+	\begin{itemize}
+		\item Compile options within the Linux Kernel
+		\item When the Kernel starts, a large set of resources can be measured
+		\begin{itemize}
+			\item files accessed by root
+			\item all executables run
+			\item shared libs and all other files held in memory
+			\item \ldots
+		\end{itemize}
+		\item Based on policies, cooperates with selinux
+		\item Creates Hash chain in PCR 10 (default)
+		\begin{itemize}
+			\item new\_hash = hash(old\_hash | resource)
+		\end{itemize}
+		\item integrity log lists measured resources, different file formats possible
+		\item Attestation
+		\begin{enumerate}
+			\item Create Attestation Identity Key (AIK) from the Endorsement Key
+			\item Sign the current PCR value and the log with the AIK
+		\end{enumerate}
+	\end{itemize}
+\end{frame}
+
+\begin{frame}
+	\frametitle{TPM environment for DAA}
+	\begin{figure}
+		\centering
+		\includegraphics[width=0.8\textwidth]{../../resources/tpmkeys}
+	\end{figure}
+	
+	\begin{itemize}
+		\item TPM can sign messages with the AIK
+		\item The signature is proofable with the Issuer Public Key (zero knowledge proof)
+	\end{itemize}
+\end{frame}
+
+\begin{frame}
+	\frametitle{DAA Verification}
+	\begin{columns}
+	\begin{column}{0.55\textwidth}
+		\begin{figure}
+			\centering
+			\includegraphics[width=\textwidth]{../../resources/tpmattest}
+		\end{figure}
+	\end{column}
+	\begin{column}{0.45\textwidth}  %%<--- here
+		\begin{itemize}
+			\item Issuer Public Key is assumed known to any PIA
+			\item Verifier (PIA) can only check validity of BS
+			\item Only communication between PIA and BS
+			\item Revocation lists manage termination of subscription
+		\end{itemize}
+	\end{column}
+\end{columns}
+\end{frame}
+
+\begin{frame}
+	\frametitle{Mitigated Threats}
+	\begin{itemize}
+		\item Biometric Sensor point of view
+		\begin{itemize}
+			\item Rogue PIA \textcolor{orange}{Two way DAA? TBD}
+			\item Metadata/Attribute Extraction on Network \textcolor{orange}{Cert based channel encryption? TBD}
+			\item Defects on Network - Discovery not working \textcolor{red}{Denial of Service}
+			\item Sensor data modification at sensor hardware \textcolor{green}{Firmware/Driver trust/attestation}
+			\item Physical manipulation of hardware \textcolor{orange}{Trusted Bootchain}
+		\end{itemize}
+		\item Network/PIA point of view
+		\begin{itemize}
+			\item Retransmission of sensor data \textcolor{green}{Integrity Measurement/Trusted Software}
+			\item Blocking data transmission \textcolor{green}{Integrity Measurement/Trusted Software}
+			\item Sensor data aggregation \textcolor{green}{Integrity Measurement/Trusted Software}
+			\item Sensor data modification before transmission \textcolor{green}{Integrity Measurement/Trusted Software}
+		\end{itemize}
+	\end{itemize}
+\end{frame}
+
+\begin{frame}
+	\frametitle{State of the project}
+	\begin{itemize}
+		\item Trusted Boot: ready, different flavors tested
+		\item DAA: Basically working, Attestation Key not yet in TPM
+		\item Integrity Measurement: ongoing, not running, policy design necessary
+		\item Put above parts together
+		\item Thesis: Theoretical concepts need to be written down
+		\item Future work: minimize system, hardening on OS level
+	\end{itemize}
+\end{frame}
+
+\end{document}

resources/tpmattest.fig

@@ -0,0 +1,126 @@
+#FIG 3.2  Produced by xfig version 3.2.7
+Landscape
+Center
+Inches
+Letter
+100.00
+Single
+-2
+1200 2
+6 6000 6150 7500 6900
+2 4 0 1 0 7 50 -1 -1 0.000 0 0 7 0 0 5
+	 7500 6900 7500 6150 6000 6150 6000 6900 7500 6900
+4 1 0 50 -1 4 14 0.0000 0 180 1455 6750 6450 Endorsement\001
+4 1 0 50 -1 4 14 0.0000 0 225 420 6750 6750 Key\001
+-6
+6 9750 7425 11250 8175
+2 4 0 1 0 7 50 -1 -1 0.000 0 0 7 0 0 5
+	 11250 8175 11250 7425 9750 7425 9750 8175 11250 8175
+4 1 0 50 -1 4 14 0.0000 0 180 510 10500 7725 DAA\001
+4 1 0 50 -1 4 14 0.0000 0 180 645 10500 8025 Issuer\001
+-6
+6 4125 6975 5400 8325
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 4125 7425 5400 7425
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 4125 7575 5400 7575
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 4125 7725 5400 7725
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 4125 7875 5400 7875
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 4125 8025 5400 8025
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 4125 8175 5400 8175
+2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
+	 4125 7275 5400 7275 5400 8325 4125 8325 4125 7275
+4 0 0 50 -1 4 12 0.0000 0 165 540 4125 7200 PCRs\001
+-6
+6 3900 9750 5175 11100
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 3900 10200 5175 10200
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 3900 10350 5175 10350
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 3900 10500 5175 10500
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 3900 10650 5175 10650
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 3900 10800 5175 10800
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 3900 10950 5175 10950
+2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
+	 3900 10050 5175 10050 5175 11100 3900 11100 3900 10050
+4 0 0 50 -1 4 12 0.0000 0 165 540 3900 9975 PCRs\001
+-6
+6 6600 10275 7200 11100
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 6
+	 7200 10275 7200 11100 6600 11100 6600 10425 6750 10275 7200 10275
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 3
+	 6600 10425 6750 10425 6750 10275
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 6750 10725 7050 10725
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 6750 10800 7050 10800
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 6750 10875 7050 10875
+4 1 0 50 -1 4 10 0.0000 0 120 330 6900 10575 LOG\001
+-6
+6 10050 8775 10500 9225
+1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 10275 9000 168 168 10275 9000 10425 9075
+4 1 0 50 -1 4 14 0.0000 0 180 135 10275 9075 1\001
+-6
+1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 8400 10725 168 168 8400 10725 8550 10800
+1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 8700 9600 168 168 8700 9600 8850 9675
+1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 6525 8550 168 168 6525 8550 6675 8625
+1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 10500 10950 168 168 10500 10950 10650 11025
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2
+	2 0 1.00 120.00 180.00
+	 5400 6525 6000 6525
+2 2 1 1 0 7 50 -1 -1 4.000 0 0 -1 0 0 5
+	 4200 6375 5400 6375 5400 6675 4200 6675 4200 6375
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2
+	2 0 1.00 120.00 180.00
+	 6750 6900 6750 7425
+2 4 0 1 0 7 50 -1 -1 0.000 0 0 7 0 0 5
+	 7500 8175 7500 7425 6000 7425 6000 8175 7500 8175
+2 4 0 1 0 7 50 -1 -1 0.000 0 0 7 0 0 5
+	 11250 10650 11250 9900 9750 9900 9750 10650 11250 10650
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2
+	2 0 1.00 120.00 180.00
+	 7500 10500 9750 10500
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2
+	2 0 1.00 120.00 180.00
+	 6750 8175 6750 9675
+2 2 1 1 0 7 50 -1 -1 4.000 0 0 -1 0 0 5
+	 3750 9675 7500 9675 7500 11700 3750 11700 3750 9675
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2
+	2 0 1.00 120.00 180.00
+	 10500 8175 10500 9900
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2
+	2 0 1.00 120.00 180.00
+	 9825 9900 7875 8925
+2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
+	 3900 6000 7650 6000 7650 8850 3900 8850 3900 6000
+2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
+	 3450 5775 7875 5775 7875 9300 3450 9300 3450 5775
+4 1 0 50 -1 4 14 0.0000 0 225 975 4800 6600 key seed\001
+4 1 0 50 -1 4 10 0.0000 0 120 315 5700 6375 KDF\001
+4 1 0 50 -1 4 14 0.0000 0 180 1170 6750 7725 Attestation\001
+4 1 0 50 -1 4 14 0.0000 0 225 1275 6750 8025 Identity Key\001
+4 0 0 50 -1 4 14 0.0000 0 180 510 3975 8775 TPM\001
+4 1 0 50 -1 4 14 0.0000 0 180 390 10500 10200 PIA\001
+4 1 0 50 -1 4 14 0.0000 0 240 1515 10500 10500 (DAA Verifier)\001
+4 0 0 50 -1 4 14 0.0000 0 240 2220 3825 11625 Attestation Message\001
+4 1 0 50 -1 4 14 0.0000 0 135 1110 5850 10575 + nonce +\001
+4 1 0 50 -1 4 10 0.0000 0 150 900 6900 10125 Integrity Log\001
+4 0 0 50 -1 4 12 0.0000 0 210 1260 10575 9075 get Issuer PK\001
+4 0 0 50 -1 4 14 0.0000 0 180 1845 3525 9225 Biometric Sensor\001
+4 1 0 50 -1 4 14 0.0000 0 180 135 8700 9675 2\001
+4 1 0 50 -1 4 14 0.0000 0 180 135 6525 8625 3\001
+4 1 0 50 -1 4 14 0.0000 0 180 135 8400 10800 4\001
+4 0 0 50 -1 4 12 0.0000 0 210 1260 8625 9225 attest(nonce)\001
+4 0 0 50 -1 4 12 0.0000 0 210 390 6825 8625 sign\001
+4 0 0 50 -1 4 12 0.0000 0 210 465 8175 10350 reply\001
+4 1 0 50 -1 4 14 0.0000 0 180 135 10500 11025 5\001
+4 0 0 50 -1 4 12 0.0000 0 210 510 10725 11025 verify\001

resources/tpmkeys.fig

@@ -0,0 +1,107 @@
+#FIG 3.2  Produced by xfig version 3.2.7
+Landscape
+Center
+Inches
+Letter
+100.00
+Single
+-2
+1200 2
+6 6000 6150 7500 6900
+2 4 0 1 0 7 50 -1 -1 0.000 0 0 7 0 0 5
+	 7500 6900 7500 6150 6000 6150 6000 6900 7500 6900
+4 1 0 50 -1 4 14 0.0000 0 180 1455 6750 6450 Endorsement\001
+4 1 0 50 -1 4 14 0.0000 0 225 420 6750 6750 Key\001
+-6
+6 450 6150 1950 6900
+6 450 6225 1950 6750
+4 1 0 50 -1 4 14 0.0000 0 180 1425 1200 6450 Manufacturer\001
+4 1 0 50 -1 4 14 0.0000 0 180 345 1200 6750 CA\001
+-6
+2 4 0 1 0 7 50 -1 -1 0.000 0 0 7 0 0 5
+	 1950 6900 1950 6150 450 6150 450 6900 1950 6900
+-6
+6 2625 6075 3225 6900
+1 4 0 1 0 7 50 -1 -1 0.000 1 0.0000 3075 6225 106 106 3150 6150 3000 6300
+1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 3075 6225 75 75 3075 6225 3075 6150
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 6
+	 3225 6075 3225 6900 2625 6900 2625 6225 2775 6075 3225 6075
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 3
+	 2625 6225 2775 6225 2775 6075
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
+	 3150 6300 3150 6450 3075 6375 3000 6450 3000 6300
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 2775 6525 3075 6525
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 2775 6600 3075 6600
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 2775 6675 3075 6675
+-6
+6 9750 7425 11250 8175
+2 4 0 1 0 7 50 -1 -1 0.000 0 0 7 0 0 5
+	 11250 8175 11250 7425 9750 7425 9750 8175 11250 8175
+4 1 0 50 -1 4 14 0.0000 0 180 510 10500 7725 DAA\001
+4 1 0 50 -1 4 14 0.0000 0 180 645 10500 8025 Issuer\001
+-6
+6 8475 7350 9075 8175
+1 4 0 1 0 7 50 -1 -1 0.000 1 0.0000 8925 7500 106 106 9000 7425 8850 7575
+1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 8925 7500 75 75 8925 7500 8925 7425
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 6
+	 9075 7350 9075 8175 8475 8175 8475 7500 8625 7350 9075 7350
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 3
+	 8475 7500 8625 7500 8625 7350
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
+	 9000 7575 9000 7725 8925 7650 8850 7725 8850 7575
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 8625 7800 8925 7800
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 8625 7875 8925 7875
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 8625 7950 8925 7950
+-6
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2
+	2 0 1.00 120.00 180.00
+	 3225 6525 4200 6525
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2
+	2 0 1.00 120.00 180.00
+	 5400 6525 6000 6525
+2 2 1 1 0 7 50 -1 -1 4.000 0 0 -1 0 0 5
+	 4200 6375 5400 6375 5400 6675 4200 6675 4200 6375
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2
+	2 0 1.00 120.00 180.00
+	 6750 6900 6750 7425
+2 4 0 1 0 7 50 -1 -1 0.000 0 0 7 0 0 5
+	 7500 8175 7500 7425 6000 7425 6000 8175 7500 8175
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2
+	2 0 1.00 120.00 180.00
+	 8475 7800 7500 7800
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2
+	2 0 1.00 120.00 180.00
+	 1950 6525 2625 6525
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2
+	2 0 1.00 120.00 180.00
+	 9750 7800 9075 7800
+2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
+	 3900 6000 7800 6000 7800 8850 3900 8850 3900 6000
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 4125 7425 5400 7425
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 4125 7575 5400 7575
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 4125 7725 5400 7725
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 4125 7875 5400 7875
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 4125 8025 5400 8025
+2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
+	 4125 8175 5400 8175
+2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
+	 4125 7275 5400 7275 5400 8325 4125 8325 4125 7275
+4 1 0 50 -1 4 14 0.0000 0 225 975 4800 6600 key seed\001
+4 1 0 50 -1 4 10 0.0000 0 120 315 5700 6375 KDF\001
+4 1 0 50 -1 4 14 0.0000 0 180 1170 6750 7725 Attestation\001
+4 1 0 50 -1 4 14 0.0000 0 225 1275 6750 8025 Identity Key\001
+4 1 0 50 -1 4 10 0.0000 0 120 690 8775 8400 DAA Cert\001
+4 1 0 50 -1 4 10 0.0000 0 120 1275 2925 7125 Manufacturer Cert\001
+4 0 0 50 -1 4 14 0.0000 0 180 510 3975 8775 TPM\001
+4 0 0 50 -1 4 12 0.0000 0 165 540 4125 7200 PCRs\001

thesis/01_introduction.tex

@@ -0,0 +1,94 @@
+\chapter{Introduction}
+We all live in a world full of digital systems.
+They appear as PCs, notebooks, cellular phones or embedded devices.
+Especially the footprint of embedded computers became so small that they can be used in almost all elctrical devices.
+This product category form the so called \emph{smart} devices.
+
+With all these new devices a lot of societal problems could be solved in the past few decades.
+Many of them automate services to the public like managing the bank account, public transportation or health services.
+There is an endless list of services that can be done by a computer.
+
+The downside of all these digital services is that using these services generate a lot of data.
+Besides of the intended exchange of information, many of the services try to extract metadata as well.
+Which IP is connected? 
+What kind of device is that? 
+Is the software up to date? 
+Was this device here in the past?
+Which other sites did the user browse?
+This is an endless list of questions which can be answered with a set of metadata.
+And all this data is collected when users browse the Internet.
+At the end the user may not be charged financially but one pay with this metadata.
+The customer becomes the product.
+
+However when a project is financed by the public, it should be possible to show users that there is a difference in the usage.
+It should be possible to prove that an application or a computer system is honest to the user.
+People should be convinced of this honesty and build trust in using this kind of software.
+
+%TODO find the bridge to DigiDow
+
+
+\section{introduction in project digidow}
+The Project \emph{Digital Shadow} is under ongoing developüment at the Institute of Networks and Security and creates a scalable system for authentication.
+Key feature is privacy by design and a provable system to create trust to the end user.
+
+At this early stage the interfaces and interaction points are not fully defined.
+
+This is a brief description of the process of authentication:
+%TODO paste image here and describe it
+
+\section{Biometric Sensor use case in DigiDow}
+derive the use case of the Biometric sensor out of the above model.
+%TODO description of BS in DigiDow
+
+\section{Definitions and Requirements}
+\begin{itemize}
+	\item privacy
+	\item integrity
+	\item trust
+	\item security
+	\item Usage Model of Biometric Sensor
+\end{itemize}
+
+This thesis will describe a system, which is part of the Digital Shadow network.
+Therefore it has to meet the common principles in information security, namely:
+\begin{itemize}
+	\item \emph{Availability}: 
+	\item \emph{Integrity}: ISO 27000 (Data Integrity)
+	\item \emph{Confidentiality}: ISO 27000
+\end{itemize}
+
+Upon AIC it should be possible for users to prove honesty of the system.
+This is what \emph{trust} defines in information security
+
+\subsection{Requirements}
+\begin{itemize}
+	\item given a set of software, this system should provide information that exaclty this version of software is running on the system. (Integrity)
+	\item The system must furthermore show that it is a member of valid biometric sensors (Attestation)
+	\item All the given information should be anonymized. It should not be possible to gain any other information about the system (Anonymity)
+	\item It should be ensured that no sensitive data is stored at the biometric sensor
+\end{itemize}
+Scope of this thesis is on implementing the system from from hardware to application layer.
+Is is not supposed to think about the network communication.
+
+\section{Description of structure}
+\begin{enumerate}
+	\item What exists out there?
+	\item What is the theoretical solution
+	\item What about the implementations used - what is the limitation of the used tools?
+	\item How far are we? what has to be considered next?
+\end{enumerate}
+
+\chapter{Related Work}
+\begin{itemize}
+	\item What exists in the field?
+	\item Keylime
+	\item Xaptum ECDAA
+	\item FIDO 2 ECDAA
+	\item Strongswan Attestation
+	\item Linux IMA
+	\item Secure Boot
+	\item Intel TXT
+	\item Trusted Execution Environment (TEE)
+	\item nanovm (\url{nanovms.com})
+	
+\end{itemize}

thesis/02_concept.tex

@@ -0,0 +1,63 @@
+\chapter{Concept}
+The theoretical tool that should be formed to one whole system implementation in this thesis.
+\section{Definition of the Biometric Sensor}
+What part fulfills the BS and what needs to be done.
+Record Sensor data, Network Discovery, send sensor data via trusted channel to PIA
+\subsection{Definitions}
+\begin{itemize}
+	\item Sensitive Data
+	\item Privacy
+	\item Metadata
+	\item Attribute
+\end{itemize}
+
+\subsection{What has the BS to do?}
+\begin{enumerate}
+	\item Listen for a Trigger to start the Authentication Process
+	\item Collect Sensor Data (Picture, Fingerprint) and calculate a biometric representation
+	\item Start Network Discovery and find the PIA of this person
+	\item Create a trusted and secure channel and transmit the attributes for verification
+	\item Restore the state of the system as it was before this transaction
+\end{enumerate}
+
+\section{Attack Vectors and Threat Model}
+\subsection{The Threat Model}
+\begin{itemize}
+	\item Definition of sensitive data / privacy / metadata
+	\item This version of BS is not owned by the user, there is no personal data in the System
+	\item Rogue Personal Identity Agent (PIA)
+	\item Metadata Extraction
+	\item Attribute extraction
+	\item Sensor Data Modification/manipulation
+	\item Wiretap between Sensor and System (USB or network)
+	\item Physical Manipulation of the BS-System
+	\item Network - Retransmission of sensor data of a rogue BS
+	\item Network - Blocking Data transmission of a rogue BS
+	\item Rogue BS Sensor Data aggregation
+	\item Rogue BS Sensor data modifiacation before transmission
+\end{itemize}
+\section{Trust and Security}
+Differentiation between trust and security --- and the problem that not everyone is using that right.
+\section{Systems of Trust}
+All trust systems are built on the standards of Trusted Computing Group.
+\subsection{Secure Boot, TXT, \ldots}
+Trusted Boot is not the same as Secure Boot. Explain the difference
+\subsection{TPM1.2}
+Initial Version of the Cryptocoprocessor, successfully spread into many systems, but hardly any integration in Trust/security Software
+
+\subsection{TPM2.0}
+Current Version (published 2014) with some improvements.
+\begin{itemize}
+	\item Hierarchies
+	\item Endorsement Key
+	\item Attestation Identity Key
+	\item Key management
+\end{itemize}
+
+\section{Integrity Measurements}
+Extend the Chain of Trust beyond the boot process.
+The Kernel can measure many different types of Resources.
+What is a useful set of measurements
+
+\section{Verify Trust (DA and DAA)}
+Use the TPM to proof trustwothiness to other instances like the PIA

thesis/03_implementation.tex

@@ -0,0 +1,26 @@
+\chapter{Implementation}
+\section{Trusted Boot}
+\begin{itemize}
+	\item Trusted Boot with GRUB 2.04: TPM support available; PCR mapping
+	\item Secure Boot with Unified Kernel; another PCR mapping
+	\item Benefits and Drawbacks of both variants
+\end{itemize}
+
+Limitations due to bad implementation on BIOS-Level, no Certificate Verification Infrastructure available for TPMs? Needs to be proven for correctness.
+
+\section{Integrity Measurement Architecture}
+Available on Ubuntu, RedHat and optionally Gentoo.
+The Kernel has the correct compile options set.
+
+\subsection{Handling external hardware}
+How can camera and fingerprint sensor be trusted?
+What is the limitation of this solution?
+
+\section{Interaction with TPM2}
+tpm2-tools 4.x are usable to interact with the TPM from the command line. 
+Available on all major releases after summer 2019.
+Fallback is using the TPM2 ESAPI or SAPI, which is available on almost all Linux distributions.
+
+\section{Direct Anonymous Attestation}
+DAA Project from Xaptum: Working DAA handshakt and possible TPM integration.
+Requires an Attestation Key which is secured with a password policy.

thesis/04_outlook.tex

@@ -0,0 +1,32 @@
+\chapter{Conclusion and Outlook}
+\section{Testing}
+These are the test results
+
+\section{Limitations}
+Still hard to set up a system like that.
+Documentation is available, but hardly any implementations for DAA and IMA.
+
+\section{Outlook}
+Hardening of the system beyond IMA useful.
+Minimization also useful, because the logging gets shorter.
+
+
+\autoref{tab:example} is an example of a table, in which the numbers are aligned at the comma, every second line is colored and the commands \texttt{\textbackslash toprule},  \texttt{\textbackslash midrule} and \texttt{\textbackslash bottomrule} are used \cite{arthur15}.
+
+	\begin{table}[ht]
+	\centering
+	\caption{Example} \label{tab:example}
+	\rowcolors{2}{lightgray}{white}
+	\begin{tabular}{SSS}
+	\toprule
+\multicolumn{1}{c}{Länge $l$ in m} & \multicolumn{1}{c}{Breite $b$ in m} & \multicolumn{1}{c}{Höhe $h$ in m} \\
+	\midrule
+12.454 & 1.24   & 335.3 \\
+543.22 & 32.123 & 33.21 \\
+353.0  & 33.0   & 33.0  \\
+23.3   & 333.2  & 32.4  \\
+	\bottomrule
+	\end{tabular}
+	\end{table}
+
+

thesis/05_appendix.tex

@@ -0,0 +1,31 @@
+\chapter{Installation instructions}
+\section{Installing IMA on Arch}
+\url{https://wiki.archlinux.org/index.php/Kernel/Arch_Build_System} in combination with \url{https://wiki.gentoo.org/wiki/Integrity_Measurement_Architecture}:
+
+\begin{lstlisting}
+	sudo pacman -S asp base-devel
+	cd ~
+	mkdir build && cd build
+	asp update linux
+	asp export linux	#Linux repo exported to this directory
+\end{lstlisting}
+Change \emph{pkgbase} in \texttt{linux/PKGBUILD} to custom name, e.g. linux-ima.
+Check \texttt{linux/config} for the following settings:
+\begin{lstlisting}
+	CONFIG_INTEGRITY=y
+	CONFIG_IMA=y
+	CONFIG_IMA_MEASURE_PCR_IDX=10
+	CONFIG_IMA_LSM_RULES=y
+	CONFIG_INTEGRITY_SIGNATURE=y
+	CONFIG_IMA_APPRAISE=y
+	IMA_APPRAISE_BOOTPARAM=y
+\end{lstlisting}
+For optimizing file access, add to every fstab-entry \emph{iversion}.
+It prevents creating a hash of the file at every access.
+Instead the hash will only be created when writing the file.
+
+\texttt{updpkgsums} generates new checksums for the modified files.
+
+\texttt{makepkg -s} then makes the new kernel
+
+S\texttt{S}l\texttt{l}M\texttt{M}x\texttt{x}i\texttt{i} \textsf{Hallowelt}

thesis/MAIN.tex

@@ -91,7 +91,7 @@
 	%own packages
 	\usepackage{libertine}
 	\usepackage{libertinust1math}
-	\usepackage{sourcecodepro}
+	\usepackage[scale=0.9]{sourcecodepro}
 	\usepackage{microtype}
 	
 	\usepackage{listings}
@@ -114,6 +114,30 @@
 	\newcommand{\zB}{z.\,B.}
 	\newcommand{\ToDo}{\normalfont \normalsize \textcolor{red}{\textbf{ToDo!}}}	
 	
+	\urlstyle{sf}
+	
+	\lstset{
+		language=[LaTeX]TeX,				%language
+		basicstyle=\ttfamily,	%common font style
+		xleftmargin=10pt,
+		numbers=left,						%line numbers
+		numberstyle=\scriptsize,
+		numberfirstline=true,
+		stepnumber=1,
+		numbersep=5pt,
+		tabsize=2,							%size of tabulator
+		columns=flexible,
+		upquote=true,
+		%breaklines=true,					%automatischer Zeilenumbruch
+		literate=							%Umlauts in source files
+		{Ö}{{\"O}}1
+		{Ä}{{\"A}}1
+		{Ü}{{\"U}}1
+		{ß}{{\ss}}2
+		{ü}{{\"u}}1
+		{ä}{{\"a}}1
+		{ö}{{\"o}}1
+	}
 %
 %%
 %%%%
@@ -127,6 +151,7 @@
 \end{titlepage}
 
 
+
 %%%%%%%%%%%%
 \frontmatter
 
@@ -140,7 +165,10 @@
 %%%%%%%%%%%	
 \mainmatter
 
-\input{mainmatter}
+\input{01_introduction}
+\input{02_concept}
+\input{03_implementation}
+\input{04_outlook}
 
 
 %%%%%%%%%%%
@@ -154,33 +182,6 @@
 \printbibliography
 
 \appendix
+\input{05_appendix}
 
-\section{Installing IMA on Arch}
-\url{https://wiki.archlinux.org/index.php/Kernel/Arch_Build_System} in combination with \url{https://wiki.gentoo.org/wiki/Integrity_Measurement_Architecture}:
-
-\begin{lstlisting}
-	sudo pacman -S asp base-devel
-	cd ~
-	mkdir build && cd build
-	asp update linux
-	asp export linux	#Linux repo exported to this directory
-\end{lstlisting}
-Change \emph{pkgbase} in \texttt{linux/PKGBUILD} to custom name, e.g. linux-ima.
-Check \texttt{linux/config} for the following settings:
-\begin{lstlisting}
-	CONFIG_INTEGRITY=y
-	CONFIG_IMA=y
-	CONFIG_IMA_MEASURE_PCR_IDX=10
-	CONFIG_IMA_LSM_RULES=y
-	CONFIG_INTEGRITY_SIGNATURE=y
-	CONFIG_IMA_APPRAISE=y
-	IMA_APPRAISE_BOOTPARAM=y
-\end{lstlisting}
-For optimizing file access, add to every fstab-entry \emph{iversion}.
-It prevents creating a hash of the file at every access.
-Instead the hash will only be created when writing the file.
-
-\texttt{updpkgsums} generates new checksums for the modified files.
-
-\texttt{makepkg -s} then makes the new kernel
 \end{document}

thesis/config.tex

@@ -36,13 +36,13 @@
 	
 \newif\ifthesis
 %% Ab hier müssen nur Änderungen vorgenommen werden, falls es sich um eine Bachelor- oder Masterarbeit oder eine Dissertation handelt. Wenn es sich darum handelt, die Auskommentierung der folgenden Zeile aufheben:
-	%\thesistrue
+	\thesistrue
 
 %% Hier den Typ der Arbeit eingeben (0: Bachelorarbeit, 1: Masterarbeit, 2: Dissertation, 3: Diplomarbeit):
 	\def\type{1}
 
 %% Hier den angestrebten akademischen Grad eingeben:
-	\def\degree{Master of Science}
+	\def\scdegree{Master of Science}
 
 %% Hier die Studienrichtung eingeben:
 	\def\study{Computer Science}

thesis/cover/coversheet.tex

@@ -83,17 +83,18 @@
 %	
  \put(0,-15.2){\includegraphics[width=4.4cm]{cover/arr}}
 %	
- \put(0,-16.3){\begin{minipage}[t]{12cm}
+ \put(0,-16.3){
+ 	\begin{minipage}[t]{12cm}
 		  \ifthesis \Large
 		   \ifeng
 		    \ifcase\type Bachelor \or Master \or Doctoral \or Diploma \fi Thesis \vskip1mm
 		    {\normalsize to obtain the academic degree of} \vskip2mm
-    \degree \vskip1mm
+		    \scdegree \vskip1mm
 		    {\normalsize in the \ifcase\type Bachelor's \or Master's \or  Doctoral \or Diploma \fi Program} \vskip2mm
 		   \else
 		    \ifcase\type Bachelorarbeit \or Masterarbeit \or Dissertation \or Diplomarbeit \fi \vskip1mm
 		    {\normalsize zur Erlangung des akademischen Grades} \vskip2mm
-    \degree \vskip1mm
+		    \scdegree \vskip1mm
 		    {\normalsize im \ifcase\type Bachelorstudium \or Masterstudium \or  Doktoratsstudium \or Diplomstudium \fi} \vskip2mm
 		   \fi
 		    \study
@@ -102,6 +103,7 @@
 		   \vskip2mm
 		   {\Large\bfseries\subtitle} 
 		  \fi
- \end{minipage}}
+	\end{minipage}
+}
 \end{picture}
 }

thesis/frontmatter.tex

@@ -3,6 +3,7 @@
 	\fi
 		
 % Hier Abstact in der Sprache eingeben, in der die Arbeit geschrieben wurde.
+What is it all about? Why is that interesting? What is new in this thesis? Where is the solution directing to?
 
 	{\let\clearpage\relax
 	\ifeng	\selectlanguage{ngerman} \chapter*{Zusammenfassung}
@@ -10,7 +11,12 @@
 	\fi
 		
 % Hier Abstact in der jeweils anderen Sprache eingeben.
-
+Das am Institut für Netzwerke und Sicherheit entwickelte Projekt \textit{Digital Shadow} benötigt in vielen Bereichen ein prüfbares Vertrauen um eine Erkennung von Nutzern anhand ihrer biometrischen Daten zu erkennen und Berechtigungen zuzuteilen.
+Das Vertrauen soll dem Nutzer die Möglichkeit geben, die Korrektheit des Systems schnell und einfach zu prüfen, bevor er/sie disesm System biometrische Daten zur Verfügung stellt
+Diese Masterarbeit beschäftigt sich nun mit den existierenden Werkzeugen, die ein solches Vertrauen schaffen können.
+Das implementierte System kombiniert diese Werkzeuge, um damit sensible Daten von Nutzern aufzunehmen und im Netzwerk von Digital Shadow zu identifizieren.
+Es soll dabei sicher gestellt sein, dass eine fälschliche Verwendung der sensiblen Nutzerdaten ausgeschlossen wird.
+Anhand dieses Systems werden die Eigenschaften einer vertrauenswürdigen Umgebung für Software diskutiert und notwendige Rahmenbedingungen erläutert.
 	\ifeng	\selectlanguage{english}
 	\else 	\selectlanguage{ngerman}
 	\fi}

thesis/mainmatter.tex

@@ -1,46 +1,4 @@
-\chapter{Introduction}
-All about motivation of doing this masterthesis
-\begin{itemize}
-	\item introduction in project digidow
-	\item privacy
-	\item integrity
-\end{itemize}
-\chapter{Concept}
-The theoretical tool that should be formed to one whole system implementation in this thesis
-\section{Attack Vectors and Threat Model}
-\section{Trust and Security}
-\section{Systems of Trust}
-\subsection{Secure Boot, TXT, \ldots}
-\subsection{TPM1.2}
-\subsection{TPM2.0}
-\section{Verify Trust (DA and DAA)}
-\chapter{Handling Biometric Data}
-\section{Extend the Trust to External Hardware}
-\section{Mitigation of Attack Vectors}
-\chapter{Implemtentation and Limitations}
-\section{Trusted Boot}
-\section{Linux Kernel Integrity Tools}
 
-\chapter{Conclusion and Outlook}
-It is yet very hard to implement a system of this kind.
-The tools are available, but the documentation is not.
-I did at least figure out what a prototype can look like.
-\autoref{tab:example} is an example of a table, in which the numbers are aligned at the comma, every second line is colored and the commands \texttt{\textbackslash toprule},  \texttt{\textbackslash midrule} and \texttt{\textbackslash bottomrule} are used \cite{arthur15}.
 
-	\begin{table}[ht]
-	\centering
-	\caption{Example} \label{tab:example}
-	\rowcolors{2}{lightgray}{white}
-	\begin{tabular}{SSS}
-	\toprule
-\multicolumn{1}{c}{Länge $l$ in m} & \multicolumn{1}{c}{Breite $b$ in m} & \multicolumn{1}{c}{Höhe $h$ in m} \\
-	\midrule
-12.454 & 1.24   & 335.3 \\
-543.22 & 32.123 & 33.21 \\
-353.0  & 33.0   & 33.0  \\
-23.3   & 333.2  & 32.4  \\
-	\bottomrule
-	\end{tabular}
-	\end{table}