masterthesis/proposal/Ausarbeitung.tex

\documentclass[11pt]{article}

\usepackage[utf8]{inputenc}
\usepackage[english]{babel}
\usepackage[paper=a4paper, left=25mm, right=25mm, top=25mm, bottom=22mm]{geometry}
\usepackage[T1]{fontenc}
\usepackage{lmodern}
\usepackage{listings}
\usepackage{fancyhdr}
\usepackage{verbatim}
\usepackage{graphicx}
\usepackage{amsmath}
\usepackage{dsfont}
\usepackage{eurosym}

\DeclareUnicodeCharacter{20AC}{\euro}

\clubpenalty = 10000 
\widowpenalty = 10000 
\displaywidowpenalty = 10000

\pagestyle{fancy}
\setlength{\parskip}{1ex}
\fancyhf{}
\fancyfoot[L]{\scriptsize{Proposal Master Thesis, 
Michael Preisach BSc}}
\fancyfoot[R]{\scriptsize{Page \thepage}}
\renewcommand{\headrulewidth}{0pt}
\renewcommand{\footrulewidth}{0.5pt}
\setcounter{secnumdepth}{2}
\setcounter{section}{0}
\lstset{
	language=VHDL,
	columns=fixed,
	tabsize=7,
	basicstyle=\footnotesize \ttfamily,
	keywordstyle=\slshape \bfseries,
	showstringspaces=false,
}
\setlength{\parindent}{0cm}
\title{Digidow's Biometric Sensor\\\normalsize{Proposal for Master Thesis}}
\author{Michael Preisach BSc}
\date{December 2018}

\fancypagestyle{plain}
{
	\fancyfoot[L]{\scriptsize{Proposal Master Thesis, 
			Michael Preisach BSc}}
	\fancyfoot[R]{\scriptsize{Page \thepage}}
	\renewcommand{\headrulewidth}{0pt}
	\renewcommand{\footrulewidth}{0.5pt}
}
\begin{document}
\maketitle
\section{Motivation}
Digital Shadow (Digidow) is a research project of Prof. Mayrhofer, head of the Institute for Networks and Security (INS).
The project is aims to be a secure and privacy-friendly solution to identify or authenticate a person to a requester.
Figure \ref{fig:digidow} shows a graphical overview of the proposed identification process in this project.

\begin{figure}[h]
	\centering
	\includegraphics[width=\textwidth]{../resources/globalview}
	\caption{Overview of the Digidow Project}
	\label{fig:digidow}
\end{figure}

The illustrated distributed system works as follows:
In the first step, the service discovery (1), each devices need to find each other over a distributed network.
When a person requires to be verified by that system, he or she initially should provide a globally unique ID (2).
This could be Name, date and location of birth, address and so on.
Given this information, the \emph{Verifier} asks the \emph{Biometric Sensor} (BS) to gain biometric data of this person (3).
In fact, one can gain any form of data which uniquely identifies a single person.
Once, this data is retrieved, the BS has to find the user's \emph{Personal Agent} (PA), by using the provided unique ID.
Only the PA is able to identify the user, because it is the only instance holding personal and biometric data to identify the corresponding person.
The steps (4) and (6) are required to create trust between the PA and the BS.
Only in a trusted environment, the biometric data payload is submitted.
Since the PA holds all required data to identify its corresponding user, it is able to decide whether the claim is correct or not.
This result has to be signed by the PA and sent to the Verifier which itself proves whether this authentication message is valid (7).
Based on that decision and the content of the message, the Verifier can then trigger an adequate reaction(8).
This system is designed to implement the \emph{Need-To-Know} principle and thus privacy for the user.

\section{Scope of the Thesis}
This master thesis will cover a major part of Digidow's BS.
When a request of the \emph{Verifier} appears, the system captures data from the biometric interface, wraps and submits it to the \emph{personal agent}, where further processing is done.
Two essential questions arise while doing so.
First, the system has to identify the corresponding personal agent.
This thesis will assume, that a personal agent is available for the corresponding user.
Second and more important for this thesis is the question, how the BS and the PA trusts each other.
A \emph{Trusted Platform Module} (TPM) is able to address this problem by generating trust by cryptography.
Another question is how the system interacts with attached sensors that get the sensible data.

\subsection{Practical Part}
One goal of this thesis is to set up a system which is \emph{trustworthy}.
This means that the system's TPM can verify the whole software stack (firmware, boot loader, kernel, driver, executed software, firmware of attached devices, \ldots).

The next step is to find a way to trust the yet unknown PA instance.
Again the system's TPM may help with a function called \emph{Direct Anonymous Attestation} (DAA).
Both, BS and PA have to trust each other to submit the biometric data payload to the PA for further processing.
During this phase, privacy features should be implemented to prevent misuse with sensitive data from the user.

After having this system implemented, a demonstration platform should illustrate how this system works.
The not yet provided, but required interfaces will be simulated in a way that allow to demonstrate the function of the implemented part of this thesis.

\subsection{Discussion}
The implementation and demonstration allows a discussion about benefits and drawbacks of the implementation and a comparison to other possible implementations. 
This thesis should cover and discuss the following questions:
\begin{itemize}
	\item How can a BS find the corresponding PA?
	\item How is trust implemented in the BS?
	\item How is trust generated between PA and BS in both directions?
	\item What can be done to protect the sensible/biometric data within the system? Which risks are relevant for protection?
	\item What are the limitations by using a TPM?
	\item Which systems need a TPM?
\end{itemize}

\end{document}