Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal...
-
Upload
marshall-townsend -
Category
Documents
-
view
215 -
download
0
Transcript of Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal...
![Page 1: Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire.](https://reader030.fdocument.pub/reader030/viewer/2022032612/56649eb05503460f94bb6170/html5/thumbnails/1.jpg)
research at MSEC
Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire
![Page 2: Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire.](https://reader030.fdocument.pub/reader030/viewer/2022032612/56649eb05503460f94bb6170/html5/thumbnails/2.jpg)
![Page 3: Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire.](https://reader030.fdocument.pub/reader030/viewer/2022032612/56649eb05503460f94bb6170/html5/thumbnails/3.jpg)
![Page 4: Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire.](https://reader030.fdocument.pub/reader030/viewer/2022032612/56649eb05503460f94bb6170/html5/thumbnails/4.jpg)
Overview
• Research scope MSEC
• RL 1: Identity Management on Mobile platforms
• RL 2: Formal Security and Privacy Analysis
• Applied research projects
![Page 5: Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire.](https://reader030.fdocument.pub/reader030/viewer/2022032612/56649eb05503460f94bb6170/html5/thumbnails/5.jpg)
Security research at KU Leuven
![Page 6: Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire.](https://reader030.fdocument.pub/reader030/viewer/2022032612/56649eb05503460f94bb6170/html5/thumbnails/6.jpg)
Research scope MSECo RL 1: Identity management using mobile platforms
• Jorn Lapon – Anonymous Credential Systems: From Theory Towards Practice• Jan Vossaert – Privacy friendly identity management• Faysal Boukayoua – Improving security and privacy on mobile devices
o RL 2: Formal security and privacy analysis• Koen Decroix – A Formal Approach for Inspecting Privacy and Trust in e-Services• Laurens Lemaire – Analysis and management of security in industrial control systems
![Page 7: Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire.](https://reader030.fdocument.pub/reader030/viewer/2022032612/56649eb05503460f94bb6170/html5/thumbnails/7.jpg)
Identity management on mobile platforms
• Extending the scope of Belgian eID technology (J. Lapon)
Proxycertificates
SecureStorage
1. Identification2. Authentication3. Digital signature
![Page 8: Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire.](https://reader030.fdocument.pub/reader030/viewer/2022032612/56649eb05503460f94bb6170/html5/thumbnails/8.jpg)
Identity management on mobile platforms
• Revocation strategies using anonymous credentials (J. Lapon)
• Strong authentication• Selective disclosure• Unlinkable transactions
• Complex revocation strategy as no serials numbers are exposed
![Page 9: Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire.](https://reader030.fdocument.pub/reader030/viewer/2022032612/56649eb05503460f94bb6170/html5/thumbnails/9.jpg)
Identity management on mobile platforms
• Privacy preserving smartcard authentication (J. Vossaert)
• Weak security• No personalisation
• No user control• Single point of attack
• Static set of attributes• Limited user control
1. Increased flexibility 2. User control3. Online/offline services
![Page 10: Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire.](https://reader030.fdocument.pub/reader030/viewer/2022032612/56649eb05503460f94bb6170/html5/thumbnails/10.jpg)
Identity management on mobile platforms
• Privacy preserving smartcard authentication (J. Vossaert)
SPi
IDX
IDY
IDZ
(personalized)policies
Cachedattributes
lastValTime
(1) mutual auth.
(2)attribute_queryCert_SP
(4)Attr query
(5) PIN
(7)release_attr’s
Service requestHandler
Service requestHandler
(6)collectattributes
(3)verifypolicy
![Page 11: Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire.](https://reader030.fdocument.pub/reader030/viewer/2022032612/56649eb05503460f94bb6170/html5/thumbnails/11.jpg)
Identity management on mobile platforms
• Client-Side Biometric Verification based on Trusted Computing (J. Vossaert)
[1]
[2]
[3]
[4]
• Secure authentication• Biometric attestation• Selective disclosure
1. Fingerprint templates are not exposed2. Solution based on trusted computing technology
![Page 12: Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire.](https://reader030.fdocument.pub/reader030/viewer/2022032612/56649eb05503460f94bb6170/html5/thumbnails/12.jpg)
Identity management on mobile platforms
• Improving secure data storage in Android (F. Boukayoua)
• KDF slows down brute force attacks• Secure element online attacks
• Closed system
• Open system
• Security based on passcode• Offline attacks
![Page 13: Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire.](https://reader030.fdocument.pub/reader030/viewer/2022032612/56649eb05503460f94bb6170/html5/thumbnails/13.jpg)
Identity management on mobile platforms
• Improving secure data storage in Android (F. Boukayoua)
[1]
[2]
• No denial-of-service attacks• Prevention of key stealing
• No dictionary attacks• Decryption keys are protected
Context aware security decisions to constraindata and credential availability
![Page 14: Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire.](https://reader030.fdocument.pub/reader030/viewer/2022032612/56649eb05503460f94bb6170/html5/thumbnails/14.jpg)
Formal Security and Privacy Analysis
• Inspecting Privacy and Trust in e-Services (K. Decroix)
• Modeling complex interations in advanced electronic services• Reasing about profiles compiled by service providers• Evaluating the impact of authentication technologies on privacy• Studying impact on trust on user selection
![Page 15: Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire.](https://reader030.fdocument.pub/reader030/viewer/2022032612/56649eb05503460f94bb6170/html5/thumbnails/15.jpg)
Formal Security and Privacy Analysis
• Inspecting Privacy and Trust in e-Services (K. Decroix)
IDP: a knowledge base system providing multiple forms of inference and a declarative programming environment for an extension of first order logic.
![Page 16: Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire.](https://reader030.fdocument.pub/reader030/viewer/2022032612/56649eb05503460f94bb6170/html5/thumbnails/16.jpg)
Formal Security and Privacy Analysis
• Analysing security in industrial control systems (L. Lemaire)
• Input1. Modeling ICS and SCADA systems2. Modeling advanced attacks
• Output/feedback1. Analysing the impact of security vulnerabilities2. Evaluating accountabilities3. Proposing countermeasures
![Page 17: Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire.](https://reader030.fdocument.pub/reader030/viewer/2022032612/56649eb05503460f94bb6170/html5/thumbnails/17.jpg)
Applied research projects
• Agency for Innovation by Science and Technologyo Strategic Basic Research
• DiCoMas – Distributed Collaboration using MAS architectures• MobCom – A Mobile Companion
• Middle/long term valorisation; user group: R&D departments
o Technology Transfer Projects• eIDea – Developing advanced applications for the Belgian eID• Wiscy – Developing secure wireless environments• SecureApps – Developing secure Mobile applications
• Short/middle term valorisation; user group: SMEs
![Page 18: Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire.](https://reader030.fdocument.pub/reader030/viewer/2022032612/56649eb05503460f94bb6170/html5/thumbnails/18.jpg)
Applied research projects
![Page 19: Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire.](https://reader030.fdocument.pub/reader030/viewer/2022032612/56649eb05503460f94bb6170/html5/thumbnails/19.jpg)
Applied research projects
• AXSMate – A platform for distributing digital keys
Simplifying key managementSupporting accountability
Manageable revocation
![Page 20: Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire.](https://reader030.fdocument.pub/reader030/viewer/2022032612/56649eb05503460f94bb6170/html5/thumbnails/20.jpg)
Applied research projects
• Torekes – An alternative currency systemo Increase social interaction in poor districts
o Attract students by alternative payment method