preisacm
/
masterthesis
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

updated proposal for submission

master
Michael Preisach 7 years ago
parent
4d6c1f5acd
commit
b4353a95f8
2 changed files with 31 additions and 29 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. BIN
      proposal/Ausarbeitung.pdf
  2. 60
      proposal/Ausarbeitung.tex

BIN
proposal/Ausarbeitung.pdf
View File

Binary file not shown.

60
proposal/Ausarbeitung.tex
View File

@ -1,4 +1,4 @@
\documentclass[12pt]{article} \documentclass[11pt]{article}
\usepackage[utf8]{inputenc} \usepackage[utf8]{inputenc}
\usepackage[english]{babel} \usepackage[english]{babel}
@ -23,7 +23,7 @@
\setlength{\parskip}{1ex} \setlength{\parskip}{1ex}
\fancyhf{} \fancyhf{}
\fancyfoot[L]{\scriptsize{Proposal Master Thesis, \fancyfoot[L]{\scriptsize{Proposal Master Thesis,
Michael Preisach}} Michael Preisach BSc}}
\fancyfoot[R]{\scriptsize{Page \thepage}} \fancyfoot[R]{\scriptsize{Page \thepage}}
\renewcommand{\headrulewidth}{0pt} \renewcommand{\headrulewidth}{0pt}
\renewcommand{\footrulewidth}{0.5pt} \renewcommand{\footrulewidth}{0.5pt}
@ -39,13 +39,13 @@ Michael Preisach}}
} }
\setlength{\parindent}{0cm} \setlength{\parindent}{0cm}
\title{Digidow's Biometric Sensor\\\normalsize{Proposal for Master Thesis}} \title{Digidow's Biometric Sensor\\\normalsize{Proposal for Master Thesis}}
\author{Michael Preisach, BSc} \author{Michael Preisach BSc}
\date{December 2018} \date{December 2018}
\fancypagestyle{plain} \fancypagestyle{plain}
{ {
\fancyfoot[L]{\scriptsize{Proposal Master Thesis, \fancyfoot[L]{\scriptsize{Proposal Master Thesis,
Michael Preisach}} Michael Preisach BSc}}
\fancyfoot[R]{\scriptsize{Page \thepage}} \fancyfoot[R]{\scriptsize{Page \thepage}}
\renewcommand{\headrulewidth}{0pt} \renewcommand{\headrulewidth}{0pt}
\renewcommand{\footrulewidth}{0.5pt} \renewcommand{\footrulewidth}{0.5pt}
@ -53,9 +53,9 @@ Michael Preisach}}
\begin{document} \begin{document}
\maketitle \maketitle
\section{Motivation} \section{Motivation}
Digidow is a research project of Prof. Mayrhofer, head of the Institute for Networks and Security (INS). Digital Shadow (Digidow) is a research project of Prof. Mayrhofer, head of the Institute for Networks and Security (INS).
The project is aims to be a secure and privacy-friendly solution to identify or authenticate a person to a requester. The project is aims to be a secure and privacy-friendly solution to identify or authenticate a person to a requester.
Figure \ref{fig:digidow} shows a graphical overview of the planned identification process in this project. Figure \ref{fig:digidow} shows a graphical overview of the proposed identification process in this project.
\begin{figure}[h] \begin{figure}[h]
\centering \centering
@ -64,47 +64,49 @@ Figure \ref{fig:digidow} shows a graphical overview of the planned identificatio
\label{fig:digidow} \label{fig:digidow}
\end{figure} \end{figure}
After service discovery (1) over a distributed network, a user should be able to be identified by that system. The illustrated distributed system works as follows:
When a person intends to get access by this system, she initially should provide a unique ID (2). In the first step, the service discovery (1), each devices need to find each other over a distributed network.
Given this information, the \emph{Verifier} asks the \emph{Biometric Sensor} to gain biometric data of this person(3). When a person requires to be verified by that system, he or she initially should provide a globally unique ID (2).
In fact, one can use any form of data which uniquely identifies a single person. This could be Name, date and location of birth, address and so on.
Once, this data is retrieved, the Biometric Sensor finds the user's \emph{Personal Agent}, builds trust (4, 6) in between and submits the data subsequently(5). Given this information, the \emph{Verifier} asks the \emph{Biometric Sensor} (BS) to gain biometric data of this person (3).
Since the Personal Agent holds all required data to identify its corresponding user, it is able to decide whether the claim is correct or not (7). In fact, one can gain any form of data which uniquely identifies a single person.
Once, this data is retrieved, the BS has to find the user's \emph{Personal Agent} (PA), by using the provided unique ID.
The steps (4) and (6) are required to create trust between the PA and the BS.
Only in a trusted environment, the biometric data payload is submitted.
Since the PA holds all required data to identify its corresponding user, it is able to decide whether the claim is correct or not (7).
Based on that decision, the Verifier can then trigger an adequate reaction(8). Based on that decision, the Verifier can then trigger an adequate reaction(8).
This system is designed to implement the \emph{Need-To-Know} principle and thus privacy for the user. This system is designed to implement the \emph{Need-To-Know} principle and thus privacy for the user.
\section{Scope of the Thesis} \section{Scope of the Thesis}
This master thesis will cover a major part of the \emph{Biometric Sensor}. This master thesis will cover a major part of Digidow's BS.
When a request of the \emph{verifier} appears, the system captures data from the biometric interface, wraps and submits it to the \emph{personal agent}, where further processing is done. When a request of the \emph{Verifier} appears, the system captures data from the biometric interface, wraps and submits it to the \emph{personal agent}, where further processing is done.
Two essential questions arise while doing so. Two essential questions arise while doing so.
First, the system has to identify the corresponding personal agent. First, the system has to identify the corresponding personal agent.
This problem should be solved with the service discovery part. This thesis will assume, that a personal agent is available for the corresponding user.
Second and more important for this thesis is the question, how the sensor system and the personal agent trusts each other. Second and more important for this thesis is the question, how the BS and the PA trusts each other.
Therefore one is able to generate trust via a \emph{Trusted Platform Module} (TPM). A \emph{Trusted Platform Module} (TPM) is able to address this problem by generating trust by cryptography.
Another question is how the system interacts with attached sensors that get the sensible data. Another question is how the system interacts with attached sensors that get the sensible data.
\subsection{Practical Part} \subsection{Practical Part}
One goal of this thesis is to set up a system which is \emph{trustworthy}. One goal of this thesis is to set up a system which is \emph{trustworthy}.
This means that the system's TPM can verify every major part of the executed software (firmware, boot loader, kernel, driver, executed software, firmware of attached devices, \ldots). This means that the system's TPM can verify the whole software stack (firmware, boot loader, kernel, driver, executed software, firmware of attached devices, \ldots).
Furthermore a program should read data from attached sensors. The next step is to find a way to trust the yet unknown PA instance.
This data should then be sent to the personal agent for further processing. Again the system's TPM may help with a function called \emph{Direct Anonymous Attestation} (DAA).
Before this can be done, both, Personal Agent and the Biometric Sensor have to trust each other. Both, BS and PA have to trust each other to submit the biometric data payload to the PA for further processing.
The TPM provides a function called \emph{Direct Anonymous Attestation} to tackle this problem. During this phase, privacy features should be implemented to prevent misuse with sensitive data from the user.
Since the TPM is a passive part in the system, these features have to be accessed with a custom program.
After having this system implemented, a demonstration platform should illustrate how this system works. After having this system implemented, a demonstration platform should illustrate how this system works.
The not yet provided, but required interfaces will be simulated in a way that allow to demonstrate the function of the implemented part of this thesis. The not yet provided, but required interfaces will be simulated in a way that allow to demonstrate the function of the implemented part of this thesis.
\section{Discussion} \subsection{Discussion}
The implementation and demonstration allows then a discussion about benefits and drawbacks of the implementation and a comparison to other possible implementations. The implementation and demonstration allows a discussion about benefits and drawbacks of the implementation and a comparison to other possible implementations.
This thesis should cover and discuss the following questions: This thesis should cover and discuss the following questions:
\begin{itemize} \begin{itemize}
\item What is trust? \item How is trust implemented in the Biometric Sensor?
\item How does the TPM benefit to the system's trust? \item How is trust generated between Personal Agent and BS?
\item What can be done to protect the sensible within the system?
\item What are the limitations by using a TPM? \item What are the limitations by using a TPM?
\item What is necessary to trust a system with a TPM?
\item How can trust be generated between Personal Agent and Biometric Sensor?
\end{itemize} \end{itemize}
\end{document} \end{document}
Write Preview
Loading…
Cancel
Save