\chapter{Introduction}
We all live in a world full of digital systems.
They appear as PCs, notebooks, cellular phones or embedded devices.
Especially the footprint of embedded computers became so small that they can be used in almost all elctrical devices.
This product category form the so called \emph{smart} devices.

With all these new devices a lot of societal problems could be solved in the past few decades.
Many of them automate services to the public like managing the bank account, public transportation or health services.
There is an endless list of services that can be done by a computer.

The downside of all these digital services is that using these services generate a lot of data.
Besides of the intended exchange of information, many of the services try to extract metadata as well.
Which IP is connected? 
What kind of device is that? 
Is the software up to date? 
Was this device here in the past?
Which other sites did the user browse?
This is an endless list of questions which can be answered with a set of metadata.
And all this data is collected when users browse the Internet.
At the end the user may not be charged financially but one pay with this metadata.
The customer becomes the product.

However when a project is financed by the public, it should be possible to show users that there is a difference in the usage.
It should be possible to prove that an application or a computer system is honest to the user.
People should be convinced of this honesty and build trust in using this kind of software.

%TODO find the bridge to DigiDow


\section{introduction in project digidow}
The Project \emph{Digital Shadow} is under ongoing developüment at the Institute of Networks and Security and creates a scalable system for authentication.
Key feature is privacy by design and a provable system to create trust to the end user.

At this early stage the interfaces and interaction points are not fully defined.

This is a brief description of the process of authentication:
%TODO paste image here and describe it

\section{Biometric Sensor use case in DigiDow}
derive the use case of the Biometric sensor out of the above model.
%TODO description of BS in DigiDow

\section{Goals and Definitions}
You should be able to attach a variety of sensors to the system. 
The system should then fulfill the followin requirements
\begin{itemize}
	\item \emph{Sensor Monitoring.} The System should be able to monitor the sensor itself.
	\item \emph{System Monitoring.} It should be possible to track the state of the system. Especially every modification of the system should be detected.
	\item \emph{Freshness of Sensor Data.} To prevent replay attacks, the system should proof that the provided biometrc data is captured live.
	\item \emph{Integrity of Sensor Data.} As it is possible for an attacker to modify the provided data during the capturing process, integrity should guarantee that the data comes from the sensor in an unmodified manner.
	\item \emph{Confidentiality of Sensor Data.} It should not be possible to eavesdrop any sensitive data out of the system. 
	Furthermore almost all kinds of metadata (e.\,g. information about the system or network information) should not be published
	\item Usage Model of Biometric Sensor
\end{itemize}

This thesis will describe a system, which is part of the Digital Shadow network.
Therefore it has to meet the common principles in information security, namely:
\begin{itemize}
	\item \emph{Availability}: 
	\item \emph{Integrity}: ISO 27000 (Data Integrity)
	\item \emph{Confidentiality}: ISO 27000
\end{itemize}

Upon AIC it should be possible for users to prove honesty of the system.
This is what \emph{trust} defines in information security

\subsection{Requirements}
\begin{itemize}
	\item given a set of software, this system should provide information that exaclty this version of software is running on the system. (Integrity)
	\item The system must furthermore show that it is a member of valid biometric sensors (Attestation)
	\item All the given information should be anonymized. It should not be possible to gain any other information about the system (Anonymity)
	\item It should be ensured that no sensitive data is stored at the biometric sensor
\end{itemize}
Scope of this thesis is on implementing the system from from hardware to application layer.
Is is not supposed to think about the network communication.

\section{Description of structure}
\begin{enumerate}
	\item What exists out there?
	\item What is the theoretical solution
	\item What about the implementations used - what is the limitation of the used tools?
	\item How far are we? what has to be considered next?
\end{enumerate}

\chapter{Related Work}
\begin{itemize}
	\item What exists in the field?
	\item Keylime
	\item Xaptum ECDAA
	\item FIDO 2 ECDAA
	\item Strongswan Attestation
	\item Linux IMA
	\item Secure Boot
	\item Intel TXT
	\item Trusted Execution Environment (TEE)
	\item nanovm (\url{nanovms.com})
	
\end{itemize}