TeSSA [suomeksi] | Internal | Publications | Links | Contact | Jory  

TeSSA3 subprojects

Personal mobility
Ad hoc management
Group awareness
Privacy
Consumer need for privacy
Identities in ad hoc societes
Cultural effects
TeSSA architecture
Management of digital information
Certificate revocation
EDSA on Java Card
The overview of TeSSA architecture

Personal mobility

Ad hoc management

In the ad hoc management trail, the goal is to study how TeSSA certificate technologies may be used to express and manage trust relationships in ad hoc networks. Essential problems in this trail include the control of cross-device resource access, device initialisation and re-initialisation, and management of local names and temporary relationships. The result of this trail is a concept solution, reported in the form of scientific paper(s).

Group awareness

Sun's Jini networking technology, based on the Java programming language, looks like a promising technology for service discovery and communication in mobile ad-hoc networks. This subproject investigates the issue of trust in ad-hoc Jini networks, and the issues of authentication and authorization through partially-trusted proxies. The subproject is based on the work done in the SIESTA project of Software project course in term 1999-2000.

Privacy

Consumer need for privacy

If you enter any web store today you are soon asked to reveal some information about yourself. The merchant wants to know your name, address, monthly income etc. However, when the stores examine the gathered information they very often discover that a notable part of it is false, containing e.g. non-existent email addresses and funny street names. Many customers also quit the store for not to be forced the reveal any piece of their personal information.

Why is it so? What makes some pieces of information private and others not?

The main objective of this trail is to study the role and importance of different factors affecting the subjective privacy of information. Especially we are concentrating to the relationship between the communicating parties and the quality of the information asked.

Identities in ad hoc societes

The identity trail researches into the question of identities in the online community. Since strong identification is a road to an Orwellian society, we want to create an infrastructure that provides users with pseudonyms that can be recognized by old acquaintances, but not identified. By adding (more or less) trusted third parties, we can provide certification for these identities and when necessary, a way to trace them in cases of criminal activity. Anyone can become such a third party, thus providing openness to competition and allowing for PGP-like networks. We also have plans for a simple prototype in a chat environment that allows for at least age and gender certification.

Cultural effects on trust

The issue of trust is coming up frequently when investigating into the current situation on the Web. Trust is needed for all transactions online, be they of money or of private information. To promote consumer trust is essential for the success of e-commerce.

However, trusting someone or something is a complicated matter, including factors such as personal, social, and legal matters - just to name a few. This trait is continuing on previous work on trust by introducing the study of the effects cultural background has on the feeling of trust in electronic environments.

The outcome will be a set of design tools for a Web environment that will appear trustworthy for a global audience, with easy-to-use and understandable security features from the user-point-of-view - in short, more usable security.

TeSSA architecture

Management of Digital Information

This thread explores the technologies which can be used for digital content protection to guarantee the rights of the holders of copyrights and other intellectual property rights. Recent development has show that the need for such systems is growing as more and more content can be easily distributed through the net.

Protecting any content in digital format is a challenging and mostly open problem. It has been studied long in context of protecting computer software from unauthorized copying, but the development in network capacity as well as in multimedia compression are making it more and more prevalent in the distribution of passive content. The issue in the field of music and movie industry is urgent as the already significant financial impact of copying shows signs of expansion.

Newest techniques in the field include multimedia and code watermarking as well as combinations of tamper resistant software and hardware. Results of the thread are scientific papers and a feasibility study, which explores the required technologies for protecting electronically distributed content in an open network environment. Different requirements in active and passive content protection are emphasized.

Certificate revocation

The certificate revocation trail complements our TeSSA architecture, which uses authorisation certificates, by developing the revocation and online validation technologies. These technologies are used to conrol, limit, and revoke the rights granted by the certificates. Relevant questions include the management of online validation servers and the management of risk related to the usage of certificates and revocation. The result will be scientific papers and a prototype implementation.

As part of the prototype, we are improving our SPKIServices software. The purpose of SPKIServices is to provide a simple interface for utilizing SPKI based authorization. SPKIServices will include certificate chaining and support for all the online tests.

In TeSSA 2, we made a proposal for an online test protocol which will now be implemented. We plan to compare our protocol and other online test techniques, e.g. ones based on LDAP. Finally, we shall continue the work on our local repository, which provides secure storage for keys, certificates and their associated attributes.

EDSA on Java Card

ECDSA on Java Card trail finishes the ECDSA implementation on a Java Card started in TeSSA-2.The results include a prototype implementation and a master's thesis.

The overview of TeSSA architecture

In the overview of TeSSA architecture trail the different parts of TeSSA architecture are combined into one compact presentation. The aim is to provide a comprehensive overview of the architecture. The result is a licentiate's thesis

-TML contact- -TML homepage- -Search-
This page is maintained by Laura Lehtola, Email: llehtola@tml.hut.fi(16.6.2000).
URL: http://www.tml.hut.fi/Tutkimus/TeSSA/subprojects.html