Citizen Electronic Identities using TPM 2.0

Electronic Identification (eID) is becoming commonplace in several European countries. eID is typically used to authenticate to government e-services, but is also used for other services, such as public transit, e-banking, and physical security access control. Typical eID tokens take the form of physical smart cards, but successes in merging eID into phone operator SIM cards show that eID tokens integrated into a personal device can offer better usability compared to standalone tokens. At the same time, trusted hardware that enables secure storage and isolated processing of sensitive data have become commonplace both on PC platforms as well as mobile devices. Some time ago, the Trusted Computing Group (TCG) released the version 2.0 of the Trusted Platform Module (TPM) specification. We propose an eID architecture based on the new, rich authorization model introduced in the TCGs TPM 2.0. The goal of the design is to improve the overall security and usability compared to traditional smart card-based solutions. We also provide, to the best our knowledge, the first accessible description of the TPM 2.0 authorization model.Comment: This work is based on an earlier work: Citizen Electronic Identities using TPM 2.0, to appear in the Proceedings of the 4th international workshop on Trustworthy embedded devices, TrustED'14, November 3, 2014, Scottsdale, Arizona, USA, http://dx.doi.org/10.1145/2666141.266614

C-FLAT: Control-FLow ATtestation for Embedded Systems Software

Remote attestation is a crucial security service particularly relevant to increasingly popular IoT (and other embedded) devices. It allows a trusted party (verifier) to learn the state of a remote, and potentially malware-infected, device (prover). Most existing approaches are static in nature and only check whether benign software is initially loaded on the prover. However, they are vulnerable to run-time attacks that hijack the application's control or data flow, e.g., via return-oriented programming or data-oriented exploits. As a concrete step towards more comprehensive run-time remote attestation, we present the design and implementation of Control- FLow ATtestation (C-FLAT) that enables remote attestation of an application's control-flow path, without requiring the source code. We describe a full prototype implementation of C-FLAT on Raspberry Pi using its ARM TrustZone hardware security extensions. We evaluate C-FLAT's performance using a real-world embedded (cyber-physical) application, and demonstrate its efficacy against control-flow hijacking attacks.Comment: Extended version of article to appear in CCS '16 Proceedings of the 23rd ACM Conference on Computer and Communications Securit

Exploring the Environmental Benefits of In-Process Isolation for Software Resilience

Memory-related errors remain an important cause of software vulnerabilities. While mitigation techniques such as using memory-safe languages are promising solutions, these do not address software resilience and availability. In this paper, we propose a solution to build resilience against memory attacks into software, which contributes to environmental sustainability and security

How old was she? The accuracy of assessing the age of adolescents' based on photos

Information on the degree to which individuals can make accurate estimations of someone's age can be of importance in different legal contexts, such as for example child sexual abuse cases in which the victim is an adolescent and asylum procedures. There is, however, a scarcity of studies concerning age estimations conducted with young target persons. Using facial photos of target persons aged 12-18 years, we investigated the effects of gender, age, and ethnicity of both targets (n = 240) and observers (n = 869) on the accuracy of age estimation. We also investigated the effects of targets' facial expressions (neutral or smiling), use of makeup, and photo quality. Participants overestimated the age of the adolescents by, on average, 3.51 years. Participants overestimated the age of young adolescent girls to a greater extent than that of younger boys. Men made larger overestimations than women. Participants also estimated smiling targets as being older than targets with neutral facial expression, and the age of girls with makeup to be older than girls without makeup. Because there was considerable variation in the accuracy of estimations, and overestimates were common, we conclude that the ability of individuals to estimate the age of adolescents is generally low. This might have important legal implications.Peer reviewe

Persistent collateral perfusion of abdominal aortic aneurysm after endovascular repair does not lead to progressive change in aneurysm diameter

AbstractPurpose: To differentiate between the phenomenon of collateral perfusion from a side branch versus graft-related endoleaks after endovascular repair of abdominal aortic aneurysms (AAA), with respect to aneurysm size and prognosis. Methods: We successfully treated 64 AAA patients with endovascular grafting. We followed all the patients postoperatively with spiral computed tomography at one, three, six and 12 months, and biannually thereafter. We measured aneurysm diameters preoperatively and postoperatively. We calculated preoperatively the relation of maximum aortic diameter (D) to the thrombus-free lumen diameter (L) expressed as an L/D ratio. Median follow-up was 15 months. Results: Sixteen patients had collateral perfusion during follow-up. We successfully treated two patients with embolization. One patient showed resolution of collateral perfusion after we stopped warfarin treatment. Two patients died of unrelated causes during follow-up. One patient was converted to surgical treatment, and two patients showed spontaneous resolution of their collateral perfusion. The group of patients with perfusion showed no statistically significant change of their aortic diameter on follow-up. The group of patients without perfusion showed a median decrease in aortic diameter of 8mm (p < 0.0001) at 18 months postoperatively. The group of patients with perfusion had significantly less thrombus in their aneurysm sac preoperatively than the group without perfusion, as expressed by the L/D ratio (mean L/D 0,61 versus 0,78, respectively; p = 0.0021.) Conclusion: There was no significant increase in aortic diameter on an average 18 months postoperatively despite persistent collateral perfusion. This may indicate a halted disease progression in the short term. Embolization of collateral vessels is associated with risk of paraplegia. We recommend a conservative approach with close observation if aneurysm diameter is stable. (J Vasc Surg 1998;28:242-9.

ENTRY-LEVEL SOLUTIONS FOR SMALL AND MEDIUM-SIZE ENTERPRISES IN SUPPLY CHAINS

The increasing need for customization, more efficient quality feedback, better supply chain coordination, etc. are all factors which demand for implementation of item-level tracking and tracing services across company borders. A platform enabling such operations has been developed under the acronym of TraSe

Inbreeding and pedigree analysis of the European red dairy cattle

Background Red dairy cattle breeds have an important role in the European dairy sector because of their functional characteristics and good health. Extensive pedigree information is available for these breeds and provides a unique opportunity to examine their population structure, such as effective population size, depth of the pedigree, and effective number of founders and ancestors, and inbreeding levels. Animals with the highest genetic contributions were identified. Pedigree data included 9,073,403 animals that were born between 1900 and 2019 from Denmark, Finland, Germany, Latvia, Lithuania, the Netherlands, Norway, Poland, and Sweden, and covered 32 breeds. The numerically largest breeds were Red Dairy Cattle and Meuse-Rhine-Yssel. Results The deepest average complete generation equivalent (9.39) was found for Red Dairy Cattle in 2017. Mean pedigree completeness ranged from 0.6 for Finncattle to 7.51 for Red Dairy Cattle. An effective population size of 166 animals was estimated for the total pedigree and ranged from 35 (Rotes Hohenvieh) to 226 (Red Dairy Cattle). Average generation intervals were between 5 and 7 years. The mean inbreeding coefficient for animals born between 1960 and 2018 was 1.5%, with the highest inbreeding coefficients observed for Traditional Angler (4.2%) and Rotes Hohenvieh (4.1%). The most influential animal was a Dutch Meuse-Rhine-Yssel bull born in 1960. The mean inbreeding level for animals born between 2016 and 2018 was 2% and highest for the Meuse-Rhine-Yssel (4.64%) and Rotes Hohenvieh breeds (3.80%). Conclusions We provide the first detailed analysis of the genetic diversity and inbreeding levels of the European red dairy cattle breeds. Rotes Hohenvieh and Traditional Angler have high inbreeding levels and are either close to or below the minimal recommended effective population size, thus it is necessary to implement tools to monitor the selection process in order to control inbreeding in these breeds. Red Dairy Cattle, Vorderwalder, Swedish Polled and Hinterwalder hold more genetic diversity. Regarding the Meuse-Rhine-Yssel breed, given its decreased population size, increased inbreeding and low effective population size, we recommend implementation of a breeding program to prevent further loss in its genetic diversity