[taler-anastasis] branch master updated: first draft

[gnunet]

This is an automated email from the git hooks/post-receive script.

ds-meister pushed a commit to branch master
in repository anastasis.

The following commit(s) were added to refs/heads/master by this push:
     new b267b76  first draft
b267b76 is described below

commit b267b767f3967aadf66491ac355e56dcad062c82
Author: Dominik Meister <dominik.meister@hotmail.ch>
AuthorDate: Thu Oct 1 17:04:26 2020 +0200

    first draft
---
 doc/ypsomed/ypsomed.tex | 44 ++++++++++++++++++++++----------------------
 1 file changed, 22 insertions(+), 22 deletions(-)

diff --git a/doc/ypsomed/ypsomed.tex b/doc/ypsomed/ypsomed.tex
index c07d1ff..d041643 100644
--- a/doc/ypsomed/ypsomed.tex
+++ b/doc/ypsomed/ypsomed.tex
@@ -55,17 +55,15 @@ knowledge- the service providers learn nothing from the 
protocol except the mini
 authenticate the user. Even that information is only disclosed at the time of 
authentication.
 
 \subsection{Approach}
-???????????????????????????
-
-\subsubsection{Secret sharing and recovery}
 Our approach to solve the problem of key recovery is to let the user
-split their core secret across multiple escrow providers (see
-Figure~\ref{fig:system_arch2}). To recover their core secret, the user has to
-authorize key the recovery, usually by passing an authentication check
+split their core secret across multiple escrow providers. 
+To recover their core secret, the user has to authorize the
+key recovery, usually by passing an authentication check
 which they configured for the respective provider.
 
 After successful authentication the user receives the secret shares
 and is able to reassemble their core secret locally on their computer.
+The following graphic gives an overview of the Anastasis architecture.
 \begin{center}
 \includegraphics[scale=0.33]{system-architecture_2.png}
 \end{center}
@@ -73,12 +71,13 @@ and is able to reassemble their core secret locally on 
their computer.
 \subsubsection{Derive user identifier}
 Every person has some hard to guess, semi-private and unforgettable
 inherent attributes such as name and passport number, social security
-number or AHV~\cite{jerome2015} number (in Switzerland).  We use those 
attributes to
+number or AHV number (in Switzerland).  We use those attributes to
 improve the security and privacy provided by Anastasis.  Basically,
 these attributes serve as weak key material, raising the bar for
 attackers without the availability disadvantages of passphrases ---
 which users may forget.  Anastasis derives a ``user identifier'' from
-such a set of unforgettable attributes (see Figure~\ref{fig:user_id}).
+such a set of unforgettable attributes. This user identifier is used
+for the up- and download procedure.
 
 \begin{center}
 \includegraphics[scale=0.3]{user_id.png}
@@ -96,8 +95,7 @@ distribute trust and to minimize or delay information 
disclosure.
 
 \subsection{System architecture}
 This graphic shows the basic architecture of the Anastasis
-application. It shows a simplified flow of the application. The
-details of each component are explained later.
+application.
 
 \begin{center}
 \includegraphics[scale=0.5]{system_design.png}
@@ -162,18 +160,26 @@ If the user has authenticated himself correctly, he will 
receive the encrypted p
   \includegraphics[scale=0.3]{step3_recovery.png}
  \end{center}
 In the last step the user reassembles the decrypted parts of the core secret.\\
+
+\subsection{Current status} 
+We created a working prototype of the application during our Bachelor thesis. 
+We developed a working backend and a command line program as client. 
+As a payment system we have already integrated GNU Taler.
+At the moment we only developed the authentication with the secure question. 
+We are currently implementing the other authentication methods (email, SMS, 
post, video).
+Besides that we are currently developing a client with a graphical user 
interface. 
+Another open point is the integration of the software into other applications 
(Taler, PEP).
+For a more detailed overview of the open work see the project plan below.
    
 \section{Team}
 My name is Dominik Meister and I recently completed my Bachelor's degree in IT 
Security.\\
-The design and implementation of Anastasis was the topic of my bachelor thesis.
-During the thesis I could successfully develop a proof of concept of the 
software.
+The design and implementation of Anastasis was the topic of my bachelor thesis.
+During the thesis I could successfully develop a proof of concept of the 
software.
 I am responsible for the development of the backend and the deployment of the 
software.\\
 
-Dennis Neufeld was my partner during the bachelor thesis. He also recently 
completed his bachelor's degree in IT security.
+Dennis Neufeld was my partner during the bachelor thesis. He also recently 
completed his bachelor's degree in IT security.
 He is also a developer and is responsible for the integration of Anastasis 
into other products.\\
 
-
-
 \section{Project plan}
 A key challenge for Anastasis is that we need to offer a diverse set of 
authentication methods, as required from
 our business customers. To fully offer these in-house would substantially 
increase the complexity of our business.
@@ -185,11 +191,7 @@ A second challenge is to acquire new customers. Our main 
distribution channel ar
 enhancing solutions to consumers. We will work with these companies to 
integrate Anastasis with their products,
 and to enter into business agreements to ensure that we are the default 
provider in the software delivered to the
 customer.
-If we receive the BRIDGE funding, we will definitely found a GmbH to operate 
the service. We already have
-recruited some members for the advisory board, including two professors from 
the BFH and two representatives
-of cooperate customers.
-
-Our objective for the first year is for Anastasis to implement several 
authentication services, have a working cloud
+Our objective for the first year is to implement several authentication 
services, have a working cloud
 deployment with monitoring, and to be integrated with various cryptographic 
consumer products.
 Key milestones are the various integrations of the different authentication 
methods, the integration of
 cryptographic consumer products, and the deployment of our application.
@@ -201,7 +203,6 @@ Additionally, we would always look out for new customers 
and clients who could b
 
 
 \section{Business model}
-%FIXME CITES !!
 We are currently in the process of building a start-up for the
 Anastasis application. This business model shows an overview how we
 want to build our start-up and how we want to continue our work on the
@@ -356,7 +357,6 @@ subscription and 0.01 CHF for each encrypted truth
 upload. Additionally, the user would have to pay for expensive
 authentication methods like video identification.
 
-%% Print the bibibliography and add the section to th table of content
 \newpage
 
 \printbibliography[heading=bibintoc]

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.