In this paper we present a system for enterprise rights management (ERM) for remote maintenance facilities. The Data provider inizializes a mobile device (terminal) by preloading a set of documents, the associated metadata along with the access policy. The envisioned scenario does not allow any further communication, so that documentation confidentiality is achieved by means of a biometric key-binding scheme featuring face recognition. We show that our scheme improves the privacy of operators’ biometric templates and the overall system usability. Moreover, we show experimentally that face biometry offers a sufficient level of stability for the purpose of the key recovery. Non-interactive security functionalities and access control enforcement leverage terminals featuring cryptographic hardware. To this end we present an operator device prototype implementation based on Trusted Execution Environments (TEE).

Off-line enterprise rights management leveraging biometric key binding and secure hardware

Catuogno, Luigi;Galdi, Clemente;
2019-01-01

Abstract

In this paper we present a system for enterprise rights management (ERM) for remote maintenance facilities. The Data provider inizializes a mobile device (terminal) by preloading a set of documents, the associated metadata along with the access policy. The envisioned scenario does not allow any further communication, so that documentation confidentiality is achieved by means of a biometric key-binding scheme featuring face recognition. We show that our scheme improves the privacy of operators’ biometric templates and the overall system usability. Moreover, we show experimentally that face biometry offers a sufficient level of stability for the purpose of the key recovery. Non-interactive security functionalities and access control enforcement leverage terminals featuring cryptographic hardware. To this end we present an operator device prototype implementation based on Trusted Execution Environments (TEE).
File in questo prodotto:
File Dimensione Formato  
Off-line.pdf

accesso aperto

Tipologia: Documento in Pre-print (manoscritto inviato all'editore, precedente alla peer review)
Licenza: DRM non definito
Dimensione 492.18 kB
Formato Adobe PDF
492.18 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11386/4721072
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 9
  • ???jsp.display-item.citation.isi??? 6
social impact