You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
126 lines
6.4 KiB
126 lines
6.4 KiB
\documentclass[11pt]{article}
|
|
|
|
\usepackage[utf8]{inputenc}
|
|
\usepackage[english]{babel}
|
|
\usepackage[paper=a4paper, left=25mm, right=25mm, top=25mm, bottom=22mm]{geometry}
|
|
\usepackage[T1]{fontenc}
|
|
\usepackage{lmodern}
|
|
\usepackage{listings}
|
|
\usepackage{fancyhdr}
|
|
\usepackage{verbatim}
|
|
\usepackage{graphicx}
|
|
\usepackage{amsmath}
|
|
\usepackage{dsfont}
|
|
\usepackage{eurosym}
|
|
|
|
\DeclareUnicodeCharacter{20AC}{\euro}
|
|
|
|
\clubpenalty = 10000
|
|
\widowpenalty = 10000
|
|
\displaywidowpenalty = 10000
|
|
|
|
\pagestyle{fancy}
|
|
\setlength{\parskip}{1ex}
|
|
\fancyhf{}
|
|
\fancyfoot[L]{\scriptsize{Proposal Master Thesis,
|
|
Michael Preisach BSc}}
|
|
\fancyfoot[R]{\scriptsize{Page \thepage}}
|
|
\renewcommand{\headrulewidth}{0pt}
|
|
\renewcommand{\footrulewidth}{0.5pt}
|
|
\setcounter{secnumdepth}{2}
|
|
\setcounter{section}{0}
|
|
\lstset{
|
|
language=VHDL,
|
|
columns=fixed,
|
|
tabsize=7,
|
|
basicstyle=\footnotesize \ttfamily,
|
|
keywordstyle=\slshape \bfseries,
|
|
showstringspaces=false,
|
|
}
|
|
\setlength{\parindent}{0cm}
|
|
\title{Digidow's Biometric Sensor\\\normalsize{Proposal for Master Thesis}}
|
|
\author{Michael Preisach BSc}
|
|
\date{December 2018}
|
|
|
|
\fancypagestyle{plain}
|
|
{
|
|
\fancyfoot[L]{\scriptsize{Proposal Master Thesis,
|
|
Michael Preisach BSc}}
|
|
\fancyfoot[R]{\scriptsize{Page \thepage}}
|
|
\renewcommand{\headrulewidth}{0pt}
|
|
\renewcommand{\footrulewidth}{0.5pt}
|
|
}
|
|
\begin{document}
|
|
\maketitle
|
|
\section{Motivation}
|
|
Digital Shadow (Digidow) is a research project of Prof. Mayrhofer, head of the Institute for Networks and Security (INS).
|
|
The project is aims to be a secure and privacy-friendly solution to identify or authenticate a person to a requester.
|
|
Figure \ref{fig:digidow} shows a graphical overview of the proposed identification process in this project.
|
|
|
|
\begin{figure}[h]
|
|
\centering
|
|
\includegraphics[width=0.9\textwidth]{../resources/globalview}
|
|
\caption{Overview of the Digidow Project}
|
|
\label{fig:digidow}
|
|
\end{figure}
|
|
|
|
The illustrated distributed system works as follows:
|
|
In the first step, the service discovery (1), each devices need to find each other over a distributed network.
|
|
When a person requires to be verified by that system, he or she initially should provide a globally \emph{Unique Identifier} (UID) (2).
|
|
This could be Name, date and location of birth, address and so on.
|
|
Given this information, the \emph{Verifier} asks the \emph{Biometric Sensor} (BS) to gain biometric data of this person (3).
|
|
In fact, one can gain any form of data which uniquely identifies a single person.
|
|
Once, this data is retrieved, the BS has to find the user's \emph{Personal Agent} (PA), by using the provided unique ID.
|
|
Only the PA is able to identify the user, because it is the only instance holding personal and biometric data of the corresponding person.
|
|
The steps (4) and (6) are required to create trust between the PA and the BS.
|
|
Only in a trusted environment, the biometric data payload is submitted.
|
|
With this data the PA is able to decide whether the claim is correct or not.
|
|
This result has to be signed by the PA and sent to the Verifier which itself proves whether this authentication message is valid (7).
|
|
Based on that decision and the content of the message, the Verifier can then trigger an adequate reaction (8).
|
|
This system is designed to implement the \emph{Need-To-Know} principle and thus privacy for the user.
|
|
|
|
\section{Scope of the Thesis}
|
|
\begin{figure}[h]
|
|
\centering
|
|
\includegraphics[width=0.9\textwidth]{../resources/networkview}
|
|
\caption{Physical view of the three instances}
|
|
\label{fig:physview}
|
|
\end{figure}
|
|
This master thesis will cover a major part of Digidow's BS.
|
|
Figure \ref{fig:physview} shows an example scenario where three physical devices are involved to explain the tasks of the BS.
|
|
|
|
The Verifier sends a request to the BS containing an UID of the user to be verified, signed with the organization's private key.
|
|
The BS then gains the needed biometric data and finds the corresponding PA with the provided UID.
|
|
Although Verifier and BS are usually reachable within the local network, the PA is available only via a worldwide network which implements privacy-features.
|
|
After establishing a connection, both BS and PA require a \emph{Trusted Platform Module} (TPM) to create a trusted environment on the own system.
|
|
The TPM ensures that the system is in a provable, well defined state that can be shown to external readers.
|
|
\emph{Direct Anonymous Attestation} (DAA) allows then to proof the validity of another device anonymously.
|
|
Thus, BS and PA use DAA to verify the other instance and to generate trust between both devices.
|
|
When having a trusted environment over the network, the gained biometric data as well as the public key information of the Verifier can be submitted to the PA.
|
|
|
|
|
|
\subsection{Practical Part}
|
|
This thesis aims to implement the features defined in the previous subsection.
|
|
Therefore it is assumed that the network discovery delivers a function where the BS gets the corresponding PA using the provided UID.
|
|
|
|
The \emph{Trusted Environment} for the BS as shown in Figure \ref{fig:physview} describes the process that verifies the whole software stack (firmware, boot loader, kernel, driver, executed software, firmware of attached devices, \ldots) by the TPM.
|
|
Furthermore it should be possible to verify the attached biometric sensors.
|
|
This depends however on whether the firmware and driver software could be extracted verified and installed on the device.
|
|
|
|
After having this system implemented, a demonstration platform should illustrate how this system works.
|
|
The not yet provided, but required interfaces will be simulated in a way that allow to demonstrate the function of the implemented part of this thesis.
|
|
|
|
\subsection{Discussion}
|
|
The implementation and demonstration allows a discussion about benefits and drawbacks of the implementation and a comparison to other possible implementations.
|
|
This thesis should cover and discuss the following questions:
|
|
\begin{itemize}
|
|
% \item How can a BS find the corresponding PA?
|
|
\item How is trust implemented in the BS?
|
|
\item How is trust generated between PA and BS in both directions?
|
|
\item What can be done to protect the sensible/biometric data within the system? Which risks are relevant for protection?
|
|
\item What is necessary to protect sensible data for submission over the network.
|
|
\item What are the limitations by using a TPM?
|
|
\item Which systems need a TPM and why?
|
|
\end{itemize}
|
|
|
|
\end{document}
|