gnunet-svn
[Top][All Lists]

## [taler-anastasis] branch master updated: first draft

 From: gnunet Subject: [taler-anastasis] branch master updated: first draft Date: Thu, 01 Oct 2020 17:04:35 +0200

This is an automated email from the git hooks/post-receive script.

ds-meister pushed a commit to branch master
in repository anastasis.

new b267b76  first draft
b267b76 is described below

Author: Dominik Meister <dominik.meister@hotmail.ch>
AuthorDate: Thu Oct 1 17:04:26 2020 +0200

first draft
---
doc/ypsomed/ypsomed.tex | 44 ++++++++++++++++++++++----------------------
1 file changed, 22 insertions(+), 22 deletions(-)

diff --git a/doc/ypsomed/ypsomed.tex b/doc/ypsomed/ypsomed.tex
index c07d1ff..d041643 100644
--- a/doc/ypsomed/ypsomed.tex
+++ b/doc/ypsomed/ypsomed.tex
@@ -55,17 +55,15 @@ knowledge- the service providers learn nothing from the
protocol except the mini
authenticate the user. Even that information is only disclosed at the time of
authentication.

\subsection{Approach}
-???????????????????????????
-
-\subsubsection{Secret sharing and recovery}
Our approach to solve the problem of key recovery is to let the user
-split their core secret across multiple escrow providers (see
-Figure~\ref{fig:system_arch2}). To recover their core secret, the user has to
-authorize key the recovery, usually by passing an authentication check
+split their core secret across multiple escrow providers.
+To recover their core secret, the user has to authorize the
+key recovery, usually by passing an authentication check
which they configured for the respective provider.

After successful authentication the user receives the secret shares
and is able to reassemble their core secret locally on their computer.
+The following graphic gives an overview of the Anastasis architecture.
\begin{center}
\includegraphics[scale=0.33]{system-architecture_2.png}
\end{center}
@@ -73,12 +71,13 @@ and is able to reassemble their core secret locally on
their computer.
\subsubsection{Derive user identifier}
Every person has some hard to guess, semi-private and unforgettable
inherent attributes such as name and passport number, social security
-number or AHV~\cite{jerome2015} number (in Switzerland).  We use those
attributes to
+number or AHV number (in Switzerland).  We use those attributes to
improve the security and privacy provided by Anastasis.  Basically,
these attributes serve as weak key material, raising the bar for
attackers without the availability disadvantages of passphrases ---
which users may forget.  Anastasis derives a user identifier'' from
-such a set of unforgettable attributes (see Figure~\ref{fig:user_id}).
+such a set of unforgettable attributes. This user identifier is used

\begin{center}
\includegraphics[scale=0.3]{user_id.png}
@@ -96,8 +95,7 @@ distribute trust and to minimize or delay information
disclosure.

\subsection{System architecture}
This graphic shows the basic architecture of the Anastasis
-application. It shows a simplified flow of the application. The
-details of each component are explained later.
+application.

\begin{center}
\includegraphics[scale=0.5]{system_design.png}
@@ -162,18 +160,26 @@ If the user has authenticated himself correctly, he will
\includegraphics[scale=0.3]{step3_recovery.png}
\end{center}
In the last step the user reassembles the decrypted parts of the core secret.\\
+
+\subsection{Current status}
+We created a working prototype of the application during our Bachelor thesis.
+We developed a working backend and a command line program as client.
+As a payment system we have already integrated GNU Taler.
+At the moment we only developed the authentication with the secure question.
+We are currently implementing the other authentication methods (email, SMS,
post, video).
+Besides that we are currently developing a client with a graphical user
interface.
+Another open point is the integration of the software into other applications
(Taler, PEP).
+For a more detailed overview of the open work see the project plan below.

\section{Team}
My name is Dominik Meister and I recently completed my Bachelor's degree in IT
Security.\\
-The design and implementation of Anastasis was the topic of my bachelor thesis.
-During the thesis I could successfully develop a proof of concept of the
software.
+The design and implementation of Anastasis was the topic of my bachelor thesis.
+During the thesis I could successfully develop a proof of concept of the
software.
I am responsible for the development of the backend and the deployment of the
software.\\

-Dennis Neufeld was my partner during the bachelor thesis. He also recently
completed his bachelor's degree in IT security.
+Dennis Neufeld was my partner during the bachelor thesis. He also recently
completed his bachelor's degree in IT security.
He is also a developer and is responsible for the integration of Anastasis
into other products.\\

-
-
\section{Project plan}
A key challenge for Anastasis is that we need to offer a diverse set of
authentication methods, as required from
our business customers. To fully offer these in-house would substantially
increase the complexity of our business.
@@ -185,11 +191,7 @@ A second challenge is to acquire new customers. Our main
distribution channel ar
enhancing solutions to consumers. We will work with these companies to
integrate Anastasis with their products,
and to enter into business agreements to ensure that we are the default
provider in the software delivered to the
customer.
-If we receive the BRIDGE funding, we will definitely found a GmbH to operate
-recruited some members for the advisory board, including two professors from
the BFH and two representatives
-of cooperate customers.
-
-Our objective for the first year is for Anastasis to implement several
authentication services, have a working cloud
+Our objective for the first year is to implement several authentication
services, have a working cloud
deployment with monitoring, and to be integrated with various cryptographic
consumer products.
Key milestones are the various integrations of the different authentication
methods, the integration of
cryptographic consumer products, and the deployment of our application.
@@ -201,7 +203,6 @@ Additionally, we would always look out for new customers
and clients who could b

-%FIXME CITES !!
We are currently in the process of building a start-up for the
Anastasis application. This business model shows an overview how we
want to build our start-up and how we want to continue our work on the
@@ -356,7 +357,6 @@ subscription and 0.01 CHF for each encrypted truth
authentication methods like video identification.

-%% Print the bibibliography and add the section to th table of content
\newpage