Please use this identifier to cite or link to this item: https://hdl.handle.net/20.500.14279/13994
Title: Ensuring the authenticity and fidelity of captured photos using trusted execution and mobile application licensing capabilities
Authors: Papadamou, Kostantinos 
Samaras, Riginos 
Sirivianos, Michael 
metadata.dc.contributor.other: Παπαδάμου, Κωνσταντίνος
Σιριβιανός, Μιχάλης
Σαμαράς, Ρηγίνος
Major Field of Science: Engineering and Technology
Field Category: Electrical Engineering - Electronic Engineering - Information Engineering
Keywords: Sensors;Google;Humanoid robots;Androids;Cryptography;Licenses;Servers
Issue Date: 14-Dec-2016
Source: 2016 11th International Conference on Availability, Reliability and Security, (ARES), 31 Aug.-2 Sept. 2016
Project: From Real-world Identities to Privacy-preserving and Attribute-based CREDentials for Device-centric Access Control 
Conference: International Conference on Availability, Reliability and Security, ARES 
Abstract: Mobile devices, which users habitually carry along, have become the main data gateway for the majority of the online services. Any device is able to collect at any time various types of data through its sensors. At the same time, modern identification techniques ask users to send photos of their ID documentation in order to be verified by an online service. Those photos are captured by the device's camera and are considered extremely sensitive. They must be secured and establish that they will not be modified. This paper describes a security framework that preserves the authenticity of a captured photo and ensures that it remains intact while transferred to a remote server. The key insight is to use a background service that is tied to the photo-capturing application and uses secure key storing and cryptographic computation capabilities offered by the Trusted Execution Environment (TEE) of commodity Android devices. At the same time, we leverage Playstore's Licencing Verification Library (LVL) to remotely attest the authenticity of the photo-capturing application at registration time. We have implemented our framework as an Android application on a Nexus 5X, which is powered by a Qualcomm processor with ARM TrustZone Technology. The evaluation of our prototype implementation demonstrates the efficacy of the proposed framework in terms of performance overhead and usability.
URI: https://hdl.handle.net/20.500.14279/13994
ISSN: https://api.elsevier.com/content/abstract/scopus_id/85015334516
DOI: 10.1109/ARES.2016.83
Type: Conference Papers
Affiliation : Cyprus University of Technology 
Appears in Collections:Δημοσιεύσεις σε συνέδρια /Conference papers or poster or presentation

CORE Recommender
Show full item record

SCOPUSTM   
Citations 50

3
checked on Nov 6, 2023

Page view(s) 50

368
Last Week
0
Last month
11
checked on Dec 22, 2024

Google ScholarTM

Check

Altmetric


Items in KTISIS are protected by copyright, with all rights reserved, unless otherwise indicated.