You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
63 lines
2.5 KiB
63 lines
2.5 KiB
\chapter{Concept}
|
|
The theoretical tool that should be formed to one whole system implementation in this thesis.
|
|
\section{Definition of the Biometric Sensor}
|
|
What part fulfills the BS and what needs to be done.
|
|
Record Sensor data, Network Discovery, send sensor data via trusted channel to PIA
|
|
\subsection{Definitions}
|
|
\begin{itemize}
|
|
\item Sensitive Data
|
|
\item Privacy
|
|
\item Metadata
|
|
\item Attribute
|
|
\end{itemize}
|
|
|
|
\subsection{What has the BS to do?}
|
|
\begin{enumerate}
|
|
\item Listen for a Trigger to start the Authentication Process
|
|
\item Collect Sensor Data (Picture, Fingerprint) and calculate a biometric representation
|
|
\item Start Network Discovery and find the PIA of this person
|
|
\item Create a trusted and secure channel and transmit the attributes for verification
|
|
\item Restore the state of the system as it was before this transaction
|
|
\end{enumerate}
|
|
|
|
\section{Attack Vectors and Threat Model}
|
|
\subsection{The Threat Model}
|
|
\begin{itemize}
|
|
\item Definition of sensitive data / privacy / metadata
|
|
\item This version of BS is not owned by the user, there is no personal data in the System
|
|
\item Rogue Personal Identity Agent (PIA)
|
|
\item Metadata Extraction
|
|
\item Attribute extraction
|
|
\item Sensor Data Modification/manipulation
|
|
\item Wiretap between Sensor and System (USB or network)
|
|
\item Physical Manipulation of the BS-System
|
|
\item Network - Retransmission of sensor data of a rogue BS
|
|
\item Network - Blocking Data transmission of a rogue BS
|
|
\item Rogue BS Sensor Data aggregation
|
|
\item Rogue BS Sensor data modifiacation before transmission
|
|
\end{itemize}
|
|
\section{Trust and Security}
|
|
Differentiation between trust and security --- and the problem that not everyone is using that right.
|
|
\section{Systems of Trust}
|
|
All trust systems are built on the standards of Trusted Computing Group.
|
|
\subsection{Secure Boot, TXT, \ldots}
|
|
Trusted Boot is not the same as Secure Boot. Explain the difference
|
|
\subsection{TPM1.2}
|
|
Initial Version of the Cryptocoprocessor, successfully spread into many systems, but hardly any integration in Trust/security Software
|
|
|
|
\subsection{TPM2.0}
|
|
Current Version (published 2014) with some improvements.
|
|
\begin{itemize}
|
|
\item Hierarchies
|
|
\item Endorsement Key
|
|
\item Attestation Identity Key
|
|
\item Key management
|
|
\end{itemize}
|
|
|
|
\section{Integrity Measurements}
|
|
Extend the Chain of Trust beyond the boot process.
|
|
The Kernel can measure many different types of Resources.
|
|
What is a useful set of measurements
|
|
|
|
\section{Verify Trust (DA and DAA)}
|
|
Use the TPM to proof trustwothiness to other instances like the PIA
|