Upload File

futuretpm · activity tracking: to increase the trust of users of cloud-based activity tracking...

  • Home
  • Documents
  • FutureTPM · Activity Tracking: to increase the trust of users of cloud-based activity tracking services. Device Management: to protect keys on routers, mobile devices, and IoT. Standardisation
1
FutureTPM Future Proofing the Connected World: A Quantum-Resistant Trusted Platform Module FutureTPM will design an innovative portfolio of high security QR algorithms for security primitives, such as: Key Agreement Encryption Signature Cryptographic Hashing Message Authentication Code Direct Anonymous Attestation Mission The FutureTPM project is aimed at designing and developing a Quantum-Resistant (QR) Trusted Platform Module (TPM). Contact Information Web: https ://futuretpm.eu/ Email: coordination@futuretpm .eu Project Coordinator: Technikon Scientific Lead: University of Surrey & Technical University of Denmark Use Cases Online Banking: to isolate the e-payment process in a more protected context to provide enhanced security Main Goals Secure QR Cryptographic Algorithms for the TPM Activity Tracking: to increase the trust of users of cloud-based activity tracking services Device Management: to protect keys on routers, mobile devices, and IoT Standardisation Planned outcomes include the development of standardisation proposals to push the state of the art in cryptography and the TPM. Approach This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 779391. This will enable FutureTPM systems to generate a secure root of trust for a wide range of ICT services. They will involve the technical committees of relevant standards bodies: ISO, IEC, ETSI and the TCG. This will allow long-term security, privacy and operational assurance for future ICT systems and services. Implementation of Hardware, Software, and Virtual TPM Run-Time Risk Assessment and Vulnerability Analysis Design Validation using Formal Security Analysis Network Device Management – Use Case Overview Problem: Network device management solutions face trust-related issues: Weak device identification Device integrity not considered for management Long lifetimes (10y+) make devices vulnerable to quantum computer attacks Solution: Enhance device management with Trusted Computing: Strong device identification (based on the QR TPM) Frequent but lightweight remote attestation (trusted channels) Network-wide routing policies based on trust state Benefit: Increase the security of network infrastructure: Only legitimate devices can access the network Reduces the risk of leaks or tampering of user data Shorter time to detect attacks acts as deterrent 3: routing policy = f(statistics, trust) Router Router NMS Router Router 1: <- query status 2: -> statistics 4: <- modify routing table 1: <- query status 2: -> statistics 1: <- query status 2: -> statistics 1: <- query status 2: -> statistics 4: <- modify routing table Trusted control channels Fallback data path Preferred data path attacker Network Manager systemd mutable file mutable file mutable file malware attacker detection/ protection barrier Trusted Computing Base (TCB) sshd Telecom operator network 1. Build and sign software 2. Generate TPM key 3. Request cert 4. Retrieve image signature Infrastructure management zone Device zone 7. Establish trusted TLS channel Certificate Authority NMS Device (e.g. router) 6. Send certificate 5. Verify & sign cert Vendor premises Comprehensive Integrity Verification (CIV) Relies on Trusted Computing and Integrity Measurement Architecture (IMA) to monitor device integrity Trusted channels with implicit remote attestation based on key usage Covers risks coming from dynamic data and process interactions Aims at simple integration into products through TLS-based trusted channels Current Progress Technical and Security Requirements and the Reference Architecture – complete Design and development of set of QR cryptographic primitives to be implemented in the various TPM environments – early release TPM Security modeling, Risk assessment, Vulnerability analysis - early release 1 st FutureTPM Workshop on Quantum-Resistant Crypto Algorithms, Oct 2018 1 st Workshop on Cyber-Security Arms Race (CYSARM) - cysarm.org , Nov 2019 Current deliverables and publications can be found on futuretpm.eu CIV partial release available on github.com/euleros Dissemination of Results

Upload: others

Post on 10-Jul-2020

5 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: FutureTPM · Activity Tracking: to increase the trust of users of cloud-based activity tracking services. Device Management: to protect keys on routers, mobile devices, and IoT. Standardisation

FutureTPMFuture Proofing the Connected World:

A Quantum-Resistant Trusted Platform Module

FutureTPM will design an innovativeportfolio of high security QRalgorithms for security primitives,such as:

• Key Agreement• Encryption• Signature• Cryptographic Hashing• Message Authentication Code• Direct Anonymous Attestation

Mission

The FutureTPM project is aimed atdesigning and developing aQuantum-Resistant (QR) TrustedPlatform Module (TPM).

Contact Information

Web: https://futuretpm.eu/Email: [email protected] Coordinator: TechnikonScientific Lead: University of Surrey& Technical University of Denmark

Use Cases

Online Banking: to isolatethe e-payment process in amore protected context toprovide enhanced security

Main Goals

Secure QR CryptographicAlgorithms for the TPM

Activity Tracking: toincrease the trust of users ofcloud-based activity trackingservices

Device Management: toprotect keys on routers,mobile devices, and IoT

Standardisation

Planned outcomes include thedevelopment of standardisationproposals to push the state of theart in cryptography and the TPM.

Approach

This project has received funding from the EuropeanUnion’s Horizon 2020 research and innovationprogramme under grant agreement No 779391.

This will enable FutureTPM systemsto generate a secure root of trustfor a wide range of ICT services.

They will involve the technicalcommittees of relevant standardsbodies: ISO, IEC, ETSI and the TCG.

This will allow long-term security,privacy and operational assurancefor future ICT systems and services.

Implementation of Hardware,Software, and Virtual TPM

Run-Time Risk Assessmentand Vulnerability Analysis

Design Validation usingFormal Security Analysis

Network Device Management – Use Case Overview

Problem: Network device management solutions face trust-related issues:• Weak device identification• Device integrity not considered for management• Long lifetimes (10y+) make devices vulnerable to quantum computer attacks

Solution: Enhance device management with Trusted Computing:• Strong device identification (based on the QR TPM)• Frequent but lightweight remote attestation (trusted channels)• Network-wide routing policies based on trust state

Benefit: Increase the security of network infrastructure:• Only legitimate devices can access the network• Reduces the risk of leaks or tampering of user data• Shorter time to detect attacks acts as deterrent

3: routing policy =f(statistics, trust)

Router

Router

NMS

Router

Router

1: <- query status2: -> statistics4: <- modify routing table

1: <- query status2: -> statistics

1: <- query status2: -> statistics

1: <- query status2: -> statistics4: <- modify routing table

Trusted control channels

Fallback data path

Preferred data path

attacker

NetworkManager

systemd

mutable file

mutable filemutable file

malware

attacker

detection/protectionbarrier

Trusted Computing Base (TCB)

sshd

Telecom operatornetwork

1. Build and sign software

2. GenerateTPM key3. Request cert4. Retrieve image signature

Infrastructure management zone Device zone

7. Establish trusted TLS channel

Certificate Authority

NMS

Device (e.g. router)

6. Send certificate5. Verify &sign cert

Vendor premises

Comprehensive Integrity Verification (CIV)

• Relies on Trusted Computing and Integrity Measurement Architecture (IMA) to monitor device integrity

• Trusted channels with implicit remote attestation based on key usage• Covers risks coming from dynamic data and process interactions

• Aims at simple integration into products through TLS-based trusted channels

Current Progress

• Technical and Security Requirements and the Reference Architecture – complete• Design and development of set of QR cryptographic primitives to be

implemented in the various TPM environments – early release• TPM Security modeling, Risk assessment, Vulnerability analysis - early release

• 1st FutureTPM Workshop on Quantum-Resistant Crypto Algorithms, Oct 2018• 1st Workshop on Cyber-Security Arms Race (CYSARM) - cysarm.org, Nov 2019• Current deliverables and publications can be found on futuretpm.eu• CIV partial release available on github.com/euleros

Dissemination of Results

https://futuretpm.eu/
mailto:[email protected]
https://cysarm.org/
https://futuretpm.eu/
https://github.com/euleros

Human Activity Tracking using Star Skeleton and Activity Recognition using HMM’s and Neural Network

Strength Companion activity tracking solution for strength training

Real Estate Farming and Market Activity Tracking

Tracking Animal Location and Activity with an Automated Radio

Adaptive Sports & Activity Tracking for Individuals … · Adaptive Sports & Activity Tracking for Individuals with Cerebral Palsy (CP) ... famine, and disease. It's just a different

Location and Activity Tracking with the Cloud

Brain Activity Tracking Using Smart Eyewear - hcilab.org · Brain Activity Tracking Using Smart Eyewear ... electrode placing is suitable for Electrooculography ... age for psychophysiological

Outside Activity Tracking System - UC OATS

Sensing Human Activity: GPS Tracking

Wearable Activity tracking in car manufacturinghanne/Pervasive/ACM-ACS... · 2017-10-25 · Wearable Activity tracking in car manufacturing ... Our industrial partners’ workplace

HUMAN ACTIVITY TRACKING AND RECOGNITION

Multi-Pose Multi-Target Tracking for Activity Understandingizadinia/files/PID2616061.pdf · Multi-Pose Multi-Target Tracking for Activity Understanding Hamid Izadinia University of

Tool: Activity Tracking - Center for Integrated ...cias.wisc.edu/.../monthly-activity-reports-user-guide.pdf · Tool: Activity Tracking ... In Column A, report the month/date In Column

GTRAS: Graphical Tracking Activity System for Problem

The relationship between personality, activity tracking

Tool: Activity Tracking - Center for Integrated Agricultural Systems · 2014-06-06 · Tool: Activity Tracking This interactive spreadsheet permits your school to articulately describe

Tool: Activity Tracking

1 Compliance Tracking Tool Activity Entry and Progress Monitoring

Capacity Building Activity Tracking Form Tutorial

Chef Actions: Delightful near real-time activity tracking!

CONSUMER PERSPECTIVES ON ONLINE ACTIVITY TRACKING

Stardust: Tracking Activity in a Distributed Storage Systemjclopez/ref/stardust-sigmetrics06.pdf · Stardust: Tracking Activity in a Distributed Storage System Eno Thereska, Brandon

Threat Modelling & Risk Assessment Methodology › downloads › FutureTPM-D4.1... · D4.1 – Threat Modelling & Risk Assessment Methodology FutureTPM D4.1 Public Page 1 of 58 Chapter

GraphTour - Workday: Tracking activity with Neo4j (French version)

WATCH-YOUR-ARM: tracking your daily arm activity through

The Activity tracking paradigm in discrete-event modeling

GraphTour - Workday: Tracking activity with Neo4j (English Version)

Lifespace Tracking and Activity Monitoring on Mobile Phonesiandewancker.com/FILES/thesis_prez.pdf · Lifespace Tracking and Activity Monitoring on Mobile Phones Ian Dewancker [email protected]

Stardust: Tracking Activity in a Distributed Storage Systemeno/research/thereska_sigmetrics06.pdf · Stardust: Tracking Activity in a Distributed Storage System Eno Thereska, Brandon

Unsupervised Group Activity Detection by Hierarchical ...UGAHDP.pdf · Objects Detection & Tracking Groups Detection & Tracking Fig.1. Proposed framework for automatic group activity

Abnormal Activity Detection and Tracking

Tracking Hurricane Katrina - Laboratory Activity Namejustonly.com/physci/ps111/students/labs/tracking_hurricane_katrina.pdf · Tracking Hurricane Katrina - Laboratory Activity Name_____

Effort Tracking (Faculty & Professional and Non-Academic Activity Report) Effort Tracking (Faculty & Professional and Non-Academic Activity Report) Presented

The FutureTPM project has received funding research and

2010 U.S. PRODUCTS - ApnaGP · PDF fileSY04704 Process Server Service Master SY_Process_Server_Service_MSTR SY05000 Activity Tracking SY_Security_Log Activity Tracking SY05300 Language