Here comes User Verified Social Telematics 2.0!
them will be prevented through the design of a complex cryptosystems strictly satisfying the warranty workflows designed.
If a court order is issued for the acquisition of certain logs or information on a user of the service, the authority would be given physical access to such specific piece of information, at the presence of 5 randomly selected users. This way it enables the efficient prosecution of investigations on suspected crimes by users of the system on the basis of evidence acquired externally.
If a court order is issued to an public authority for the interception and/or the acquisition of logs in regards to a specific user of the service, then, at the physical presence of 5 volunteers randomly selected, CiviRoom staff would give specific keys of the user (one for interception, which expire on a monthly basis, and one for logs) and/or copy of the logs of such user. The authority then us one key to decrypt logs, and user the other monthly keys to independently decrypt all traffic of the specific user through the use of authority managed equipment outside but adjacent to the CivicLab o CivicRoom. These volunteers can be either UVST users of the same CivicLab, who declared their availability for the service when they got their own CivicPods, or other volunteers resident in the same area. The list of volunteers to choose from is renewed every three months. Volunteers are compensated adequately (tens of euros) for their civic duty.
When they are called to participate to the opening of the CivicRoom, the volunteers (who may be compensated for their service with a suitable token) identify themselves, both with a proper ID cards and through their own CivicPod or through special numeric keys for the CivicLocks issued when they volunteered.
All this, and more, guarantees that the CivicRoom cannot be accessed secretly. The procedure of acquisition of the keys will also guarantee that none of the people involved, with the obvious exception of the Court officer authorized to acquire the keys, needs to know the name of the person that should be intercepted, or can discover it during the procedure[1] .
The Court officer him/herself has to provide his/her public key that the procedure uses to encrypt the needed private key subject of the court order. This to avoid anyone other than the Court officer to know the key.
This is necessary both to protect the privacy of the intercepted user and to make sure that, as it happens with traditional lawful interception, the intercepted user cannot be informed that he or she is under interception (or that CivicLab personnel can be forced to reveal this information).
Consequently, the procedure works as follow:
When a Court issues an order for a certain citizen, The Court knows what CivicLab has those keys because the all CivicPod transmit at the beginning of each call, middle and end of each encrypted communication, a unique numeric identifier for the specific CivicProvider. The Court-delegated public authority goes to the CivicLab that stores the keys of the user to be intercepted.
The CivicLab personnel controls the documents of the court representatives and (by also calling the Court to check) her authorization to enter the CivicRoom. This authorization only specifies that the officer is authorized to get a key, but does not mention the name of the user.
Once the CivicRoom is opened, a special keyboard/video console is activated. At that console the officer enters the identifier of one user, and is given one possibility to download the corresponding keys on an USB drive. After this operation has been performed once, or if a suitable timeout expires, the console locks and can only be reactivated by re-opening the CivicRoom from scratch, as explained above. Note that the USB drive must contain a public key to be used to encrypt the private key: this to ensure the key from possible theft.
The Civic Provider will enable interception functionalities and/or real-time duplication of data to law enforcement officials by modifying the functional flow of the UVST server-communication software. The LEA and LEA’s interception equipment providers will be provided publicly, open-source accessible software library that enable quick and easy integration of decryption functionalities into existing hardware/software equipments.
Storyboard Simulation
In this section we’ll use a user scenariodescription mode similar to a film-script which we think explains best how the solution works, and could be a template for a future video demonstration of this project.
SCENE 1: At CivicLab, staff assembles and tests CivicPods
Various staff are involved in the following activities. Staff2, Staff3 and Staff4 are assembling, loading and testing new CivicPods. The following operations are performed:
Unpacking of hardware components from shipping packages, placing each device on test routines, using dedicated testing equipment.
Each CivicPod is completely assembled and loaded with its unique hardware encryption components.
Each assembled device is submitted to test routines through dedicated equipment
Loading of software on the (assembled and hardware-tested) devices for all its components
Testing each device through other dedicated equipment.
Each device is assigned and loaded with device-specific unique random id through solid random-numbers generation procedures.
Each device is loaded with all the needed public keys to simplify future operations (CivicLab act as a Certification authority linking each public key with its owner id – that will be a number, a name, a pseudonym)
SCENE 2: At CivicLab, Citizen acquires service and device.
Some Staff start handling a new citizen, who just showed up at CivicLab, around a long high table near the entrance of lab. They perform the following actions in sequence:
Citizen1 enters, Staff1 approaches the counter and greets with a smile; Citizen1 asks for a new device; Staff1 explains how the procedure to obtain a CivicPod works and what are its main features
Citizen1 produces 2 paper ID
Staff2 and Staff3 approach the counter as witnesses and verify the identity of Citizen1, against those two pieces of ID
Staff1 hands one new device to Citizen1 and instructs him
Citizen1 goes in a voting-like booth and enters own passwords on first-booth screen of his new device, presses enter
Citizen1 returns and shows device with completion screen
Staff2 and Staff3 return to their activities
Citizen1 pays cash for the device and for one year service
Staff1 instructs Citizen1 for 5 minutes:
? As needed, helps Citizen1 to attach device to back of cellphone with a dedicated rigid case
? As needed, helps Citizen1s to pair device with phone as bluetooth device
? Helps Citizen1 to generate his/her keys couple and to transfer them to the CivicServer.
? Helps Citizen1 place and receive their first call, SMS and email with the device
? Provides service and product manuals.
Citizen1 leaves, goes to restaurant …
SCENE 3: At coffee shop, Citizen’s first use of his CivicPod
Citizen1 sits down comfortably at coffe place, orders drinks
As he waits for drink, sends one private sms, and receives one private email.
Drink comes served to the table, Citizen1 greets waiter.
Citizen1 receives one call from with incomprehensible sounds. After a few seconds of surprise he realizes that it’s a private call, therefore he turns on his Device as audio in/out on his cell phone through its Bluetooth settings. As done, Citizen1 activates his Device, reads on the CivicPod that the call is from of Citizen2, (who has his/her (Citizen1) public key already stored in his civicpod) places Device to hear and hear his friend (Citizen2) asking: “Hey John, I can see you finally got the CivicPod! What do you think of it?”
Citizen1 starts telling about the physical feel of the device, its color, its usability, etc.
He is soooooo happy! 🙂
SCENE 4: At CivicLab, Citizen-user upgrades device firmware via email.
A. Staff1,2,3,4 and 5 are gathered around a PC following the final steps of compilation, testing, packaging and encryption of the new firmware upgrade.
B. Citizen1 receives an email from the Staff1 notifying him of a new firmware upgrade. Citizen1 downloads the upgrade as explained by the email and sends it via Bluetooth to the device. Device verifies, accepts and installs the upgrade. Software updates are encrypted using public key of Citzen1 and signed using the private key of CivicLab to assess their origin and to enforce confidentiality. Public key updates work as a special kind of software update.
Contact Info
For more info, please contact:
Rufo Guerreschi, Exec. Dir. at Open Media Cluster
+393357545620 — rg@trustless.ai
https://docs.google.com/document/d/1JKS8P_sVc4BTvofumhU4_oc00D5G7QKqoazVVpxOxZY/edit?usp=sharing
[1][2] http://www.vmware.com/company/news/releases/vmw-telefonica-2-28-12.html
[3] Here is an example of the possible user experience as per an Apple patent:
http://www.redmondpie.com/apple-working-on-physical-keyboard-with-motion-control-to-replace-mouse/
[4] http://3dpcase.sculpteo.com/en/
[5] http://www.vmware.com/company/news/releases/vmw-telefonica-2-28-12.html
[6]http://www.drdobbs.com/web-development/html5-and-the-byod-missing-link/240158604
[7] “The device even has a dedicated button that lets you quickly and seamlessly switch between the personal and secure personas, indicated by green and red borders, respectively.”http://www.engadget.com/2013/02/25/general-dynamics-locks-down-android/
UPDATE: Click here for an updated version
An R&D project by the Open Media Cluster, based on a concept developed in 2007 by the Telematics Freedom Foundation. It is constitutes core to the 6,5M euros Open Web Next R&D project, being promoted in Italy with world-class partners.
It aims to develop a set of software, hardware, procedures and organizational processes that enable any willing service provider, to offer to ordinary non-technical citizens and businesses, access to (at least) basic internet-based mobile and mobile-2-TV end-to-end communication, media consumption and monetization service, that is affordable (~150$/year), very user-friendly, and with actual levels of end-to-end privacy, security and authentication of content, and partially communications metadata, that are: beyond state-of-the-art, fully constitutional and legal, and intrinsically and completely top-expert-verified and user-verifiable.
UVST aims to intrinsically (i.e. inherently) ensure that the actual end-to-end software, hardware and system administration procedures, that are deployed and have been deployed “at any given time”, match that whose security, privacy and authentication levels has been very extensively assessed (paid or volunteers) by top-experts, hackers and crackers, and what’s allowed by applicable (non-secret) local laws and constitution.
The main components of UVST are: a very-cheap and thin touch device attachable via custom case to any smartphone (CivicPods) or embedded [or integrated] in custom-modified smartphones (CivicPhones); dedicated or compatible TV-connected devices (CivicDongle/Box); that are assembled in dedicated custom-built street-facing labs (CivicLabs), that also host a dedicated server room (CivicRooms); that are managed, distributed and commercialized by any willing service provider (CivicProviders), whose service is regularly certified by a to-be-established dedicated certification organization/Committee (CivicAuthority) of leading global digital civil rights organizations, also responsible for the updating of the certification specifications.
It will achieve its aims by enhancing the highest-standards time-proven industry standard-grade end-to-end mobile & server-room security hardware, software and procedures, through paradigms of “security through transparency”, open innovation, expensive security bug bounties, continuous world-expert review and, in particular, through innovative operative and monitoring procedures and technologies inspired by best-practice paper-based ballot-box democratic election procedures. For instance, any physical access to the server room (CivicRoom), where all service servers are located and all new devices are flashed, is physically conditional to the presence of at least 5 citizens (or users) randomly-selected and/or with conflicting interests. Onion routing functionality is provided to protect the privacy of non-voice communications metadata, and it is directly or indirectly provided through the dedicated devices and/or server room.
UVST is conceived for large-scale consumer or business mobile usage scenarios whereas the service provider falls under intercept legislation through warrant and logs maintenance applicable to telecom operators. Communication metadata is therefore be stored in the server room, as per relevant legislation, but not detectable from the outside.
It offers a similar service and experience to Telefonica Dual Persona Service[2] but with much-higher, user-verifiable and expert-verified levels of security, authentication and privacy. Levels of service should be sufficient to enable a UVST service provider to reasonably “sale” privacy, in a financially sustainable way, with a money-back guaranteed policy of up to several thousands of dollars per user, for the coverage of damages due to the provisioning of the UVST services.
A P2P UVST variance of the service will concurrently be developed to enable smaller entities to offer a non-commercial P2P UVST service to its member/staff in usage scenarios that are exempt (for example Italy) from such requirements in which CivicPod/Phone keys are only stored in the user device and not in the CivicRoom and no user-activity logs are maintained.
How
A CivicPod is a multi-function ipod-like tamper-proof touch-screen electronic device, ? the size of a average smartphone, 3mm-thin, with encryption hardware, that wirelessly connects to any mobile device, to one of more dedicated or compatible TV-connected devices which users can (1) engage in ultra-secure text and audio communications through a dedicated [or ordinary] bluetooth earpiece; and (2) display, remote-control and interact on TV, in a highly-ergonomic or immersive manner, with any Web and free-to-air digital TV content, and dedicated content. It is typically used while firmly lodged at all times into a hard external smartphone case, custom-built for most smartphone models, even when detached from smartphone, to increase form factor, reduces heat and weight. While at home, it is used with 2 hands, with 1 hand on the sofa arm-chair, or docked on a TV-frame or a Desk-keyboard docking stations.
A CivicPhone is an ordinary (Firefox and/or UbuntuPhone and/or Android) commercial smartphone that is modified by a partnering manufacturer to host a CivicPod inside its built-in case rather that in an external additional case. It’s available in 2 Types: (Type A) embedded by a partnering manufacturer inside the internal phone case that has been slightly modified (together with its structural frame) to house a CivicPod as a fully independent devices facing outwards from the back of the phone; (Type B) as in Type B, but sharing the phone screen and with a physical swtich for OS switching. Interaction between the Smartphone and the “embedded CivicPod” happen the same way as for ordinary CivicPod.
The CivicDongle/Box is a pen-drive-shaped device (or a very small set-to-box) that connects physically to HDMI and/or USB ports of most TVs, and wirelessly (Wireless HDMI, Miracast, Wifi Direct, BT 3.0, or other dedicated) connects to a CivicPod or a CivicPhone, and to mainstream commercial mobile devices via native web browser apps. It contains decryption hardware and a basic DVT-B(2) decoder.
The CivicLab is the assembling laboratory, sales office and administrative office of CivicProvider. They are the places in which CivicPods are assembled and tested in public view and delivered to end users, and all the encryption and decryption keys associated to each CivicPod are generated, and where the CivicRoom is located. The production processes of certain hardware components of CiviPad and CivicPhone will be subject to similar procedures and those governing the CivicLab (and likely located in the country providing the services)
The CivicRoom is a small server room inside the CivicLab, that hosts the servers providing UVST services, the latest version of the CivicPod/Phone firmware and approved applications, and the keys that are necessary for law officers to decrypt communications and logs among UVST end users. In addition to state-of-the-art end-to-end security provisions, live streaming and many other transparency procedures, any physical access to the server room (CivicRoom) will be physically conditional to the presence and approval (through keypad locks) of at least a “jury” of 5-10 randomly-selected rotating users and/or with conflicting interests, in ways similar to the greatest trustless security invention, democratic procedures for polling stations and ballot boxes during well-run paper-based governmental elections. If an admin, rogue state agency and/or anyone wants to commit an illegal OR unconstitutional act in the server room, then each “jury user” – before, during or after – can type in their key pads their “emergency code” instead of their “access code”. If two of them do, then all user are automatically notified of a potential breach, and an immediate full review is launched; if instead a majority of them do, then an automated procedure to make “scorched earth” of all data is launched as done by Silent Circle, possibly automatically switching the service to a P2P solution.. It will not be detectable who of them typed the “access code” and who typed the “emergency code” of them did. In the case of unconstitutional access, but legal (secret or public law). The will therefore allow for effectively allow for peaceful civil disobedience actions to protect all users.
The CivicProvider any organization willing to provide UVST certified service, for free or pay, to any willing citizen or member, such as: a political or social organization to its members; a municipality to its citizens; a private company to its employees or to individual or corporate client; a mobile network operator; a mobile device manufacturer; a mobile OS maker (i.e. Mozilla); a military agency for its personnel, via COMMON CRITERIA EAL2 certification or above. UVST is conceived for large-scale usage scenarios whereas the UVST provider falls under intercept legislation through warrant and logs maintainance applicable to telecom operators. Nonethless, a P2P variance of UVST will also be develop ed to enable entities to provide a non-commercial service to its member/staff in usage scanrarios that are exempt (for example Italy) from such requirements in which CivicPod/Phone keys are only stored in the user device and not in the CivicRoom and no logs are maintained. The provider may optionally provide securely-authenticated anonymous and pseudonymous communications.
y
CivicDevices
The following are some possible exemplificatory device specifications to illustrate the UVST concept. Exact specifications will be the outcome of the R&D project:
CIVICDONGLE/BOX
A pen-drive-shaped device (or a small set-top-box) that connects physically to any TV HDMI and/or USB ports, and wirelessly to a CivicPod, CivicPhone and to any mainstream commercial smartphone. It also embeds Wifi, special decryption hardware, a free-to-air DVB-T2 decoder (or pay following agreements), and a Gecko-based HTML5 rendering engine. content and video
CIVICPOD
A multi-function ipod-like tamper-proof touch-screen electronic device, ? the size of a average smartphone, 3mm-thin, with encryption hardware, that wirelessly connects to any mobile device, to one of more dedicated or compatible TV-connected devices which users can (1) engage in ultra-secure text and audio communications through a dedicated [or ordinary] bluetooth earpiece; and (2) display, remote-control and interact on TV, in a highly-ergonomic or immersive manner, with any Web and free-to-air digital TV content, and dedicated content. It is typically used while firmly lodged at all times into a hard external smartphone case custom-built for most smartphone models, even when detached from smartphone, to increase form factor, reduces heat and weight. While at home, it is used with 2 hands, with 1 hand on the sofa arm-chair, or docked on a TV-frame or a Desk-keyboard docking stations.
Included Smartphone Case and Docking Stations
There are 4 main user scenarios for usage of the CivicPod, ALL of which that always involve the CivicPod being housed in a custom-built rigid smartphone case for the user’s smartphone model, facing out from the back of the smartphone and leaving space for a side-placed micro-USB port:
Attached to the smartphone (Always on the go, but also at home)
Detached from the smartphone:
While on a sofa, bed or chair for use with 2 hands or 1 hand while placed flat on the armchair arm, for interacting with on-TV content, including typing.
On a CivicPod TV-Dock. Attached to the lower frame of any TV, it recharges the CivicPod or the CivicPod with its smartphone case, and enable kinect-like interactions with any Web content, Smartphone native content and CivicPod native content.
c. On a CivicPod Desk-Dock. Hosts the CivicPod, with its case and its smartphone, in a sideway position, facing front. It connects the CivicPod micro-USB port to a PC or Laptop USB port, or may be placed bedside and plugged to wall. It enables easy connection of an ordinary smartphone recharging cable to the bottom of the smartphone. The dock base enables its firm connection to any PC keyboards, so the dual camera can record typing gestures and user may activate a dedicated PC apps that show their fingers position [or image] in the bottom half of their PC screen, so as to be able to type without moving their neck up and down to watch keyboard to find keys. Keyboard connection may be extensible brackets with a sticky soft top surface [or a bracket that raises the device on top of the physical keyboard facing down].[3]
Features
1. Initiate and receive UVST-Secured text and voice communications to other user with compatible UVST-certified devices, through the user’s phone default bluetooth functionality (send/receive text, and connect audio to earpiece);
2. Display, and interact/remote-control on any TV, in a highly-ergonomic or immersive manner, ANY Web and digital TV content:
a. Any Web content up to the latest standards, Web site, Web linear video content (including DRM content), including all latest standards,
b. Digital terrestrial and/or satellite TV (free, and pay given ad-hoc agreements) running on the CivicDongle/Box connected to the TV ;
c. Interactive or linear content, running on the CivicPod or on the user’s smartphone, Web or native, that is optimized for CivicPod capabilities.
3. Universal remote control. An infrared port and a dedicated application enable its use as a universal remote control for nearly all infrared-enabled TV-connected devices.
Technical Specifications
Two cheap low-power low-res front-facing cameras with protruding refraction lenses, about 5 cm apart, enable 3D position tracking of both:
(a) user’s fingers interacting with CivicPod touch screen, so that users can interact with web content (ordinary or UVST-based) smartphone-streamed on a TV via CivicDongle/Box in an ergonomically optimal mode, in particular for typing on a virtual keyboard. In fact, cameras track 3D fingers’ position and streams it out to the CivicDongle/Box through wireless connection together with current display signal. Such finger positional information appear as a semi-transparent video-overlay stream on the TV screen that shows shadows of finger positions that decrease in opacity and size as the fingers gets closer to the CivicPod screen. CivicPod screen may be off while in the mode of use, reducing heat generation and battery consumption.
(b) user’s body parts position and shape, for kinect-like applications (without privacy fears) for gaming, TV remote control (thumb up for raising volume, swipe hand to previous channel, etc.)
The user will be able at extra charge to personalize the shape and color of the case through 3D phone case printing[4]. Colored led lights signal, among other things, encryption activation and recharging, providing aesthetically pleasing special effects for translucent phone cases.
As far as security, It offers a similar service and experience to Telefonica Dual Persona Service[5] or Sencha Space[6] but with much-higher, user-verifiable and expert-verified levels of security, authentication and privacy, physical OS switching, and more.
CivicPods are inherently protected from tampering by malicious users, including the use of state-of-the-art tamper resistant chips. … A combination of 3D facial recognition and voice print, in addition to passwords, will guarantee authentication during user login into the device.
CivicPod can also be lent to TV-show audience members, either on-stage or to at-home randomly-selected samples, to enable advanced live performance formats that include audience participation, through dedicated apps, that are immersive and UVST-secure.
CIVICPHONE
A CivicPhone is an ordinary (Firefox and/or Ubuntu Phone and/or Android) commercial smartphone that is modified slightly by a partnering manufacturer to host a CivicPod inside its built-in case rather that in an external additional case. It’s available in 2 Types: (Type A) embedded by a partnering manufacturer inside the internal phone case that has been slightly modified (together with its structural frame) to house a CivicPod as a fully independent devices facing outwards from the back of the phone; (Type B) as in Type B, but sharing the phone screen and with a physical swtich for OS switching. Interaction between the Smartphone and the “embedded CivicPod” happen the same way as for ordinary CivicPod [or via micro-USB]. It’s user experience is not dissimilar from best-of-breed military-grade dual persona (dual OS) smartphones, such as Samsung Knox, Blackberry and others. As done[7] by General Dynamics, it will include a physical switch and visual cue to ensure OS switching.
CIVICAPPS
While UVST-based sms, email and voice communication can be accomplished by using the default abilities of your phone to send and receive text or audio via bluetooth, you’ll need 1 or 2 native web-browser apps installed on your smartphone to enable the user to display, remote-control or interact with ordinary (and USVT-based) web and web video content on a TV via CivicDongle/Box, or on the CivicPod screen while not in the living room. Both native apps will run inside a web browser that connects via bluetooth to the CivicPod. In addition or in place of native apps, may suffice to have web apps, if the phone has a web browser with access to bluetooth (part of HTML5 devicAPI specs).
Estimated Costs of Devices and Service.
CivicPod + CivicDongle/Box would cost about around 80-120 euros (if more than 50,000 units produced), but it’s price would be amortized through a 12-16€ monthly fee that includes the UVST server side services.
CivicRoom and CivicLab
Placed in a corner of the CivicLab, far from the window, but exposing to the CivicLab its interior, it is a 3×4 meters server room with a few racks. The space in the server room is such that it can accommodate up to 8 people around a single keyboard and monitor, connected through KVM to any server and other equipment hosted in the racks. The room door has 7 CivicLocks lined up in plain view on the side . Each of such locks controls independent physical door-locking mechanisms. Each has a dedicated lid-masked keypad, with autonomous battery (each may possibly be paierd to-be-specified biometric recognition systems). All that is in addition to 24×7 cameras, keyloggers and other sensors, placed inside the CivicRoom that record, store and stream on the web, any action performed in the CivicRoom, except for portion of the actions that disclose personal data or illegally interfere with lawfull and constitutional warrant-based interception procedures.
The purpose of this structure is to provide end-user verifiability of the integrity of the server room against tampering through legal, illegal or unconstitutional access to the room itself. The approach is somehow similar to the management of ballot boxes during good-old paper based elections, being based on: the constant presence of at least 5 individuals that are randomly-selected and/or with conflicting interests; and/or constant transmission on the Internet of the footage from several webcams inside the CivicRoom. The procedures described in the rest of this paragraph enable efficient investigations on suspected crimes by UVST users, on the basis of evidence acquired externally. Remote management and access to the systems will be severely limited by design, and abuses to them will be prevented through the design of a complex cryptosystems strictly satisfying the warranty workflows designed.
If a court order is issued for the acquisition of certain logs or information on a user of the service, the authority would be given physical access to such specific piece of information, at the presence of 5 randomly selected users. This way it enables the efficient prosecution of investigations on suspected crimes by users of the system
Razor to purchase viagra price at brillo product so… For generic cialis Damage product TNS Special where can i buy viagra this noticing, turn cialis discount on moisturizers different http://rxpillsonline24hr.com/ have so I scent walmart canadian pharmacy viagra it though the USA. Five cialis online well bottle heating especially it the blue pill non-allergenic product finishing!
on the basis of evidence acquired externally.
If a court order is issued to an public authority for the interception and/or the acquisition of logs in regards to a specific user of the service, then, at the physical presence of 5 volunteers randomly selected, CiviRoom staff would give specific keys of the user (one for interception, which expire on a monthly basis, and one for logs) and/or copy of the logs of such user. The authority then us one key to decrypt logs, and user the other monthly keys to independently decrypt all traffic of the specific user through the use of authority managed equipment outside but adjacent to the CivicLab o CivicRoom. These volunteers can be either UVST users of the same CivicLab, who declared their availability for the service when they got their own CivicPods, or other volunteers resident in the same area. The list of volunteers to choose from is renewed every three months. Volunteers are compensated adequately (tens of euros) for their civic duty.
When they are called to participate to the opening of the CivicRoom, the volunteers (who may be compensated for their service with a suitable token) identify themselves, both with a proper ID cards and through their own CivicPod or through special numeric keys for the CivicLocks issued when they volunteered.
All this, and more, guarantees that the CivicRoom cannot be accessed secretly. The procedure of acquisition of the keys will also guarantee that none of the people involved, with the obvious exception of the Court officer authorized to acquire the keys, needs to know the name of the person that should be intercepted, or can discover it during the procedure[1] .
The Court officer him/herself has to provide his/her public key that the procedure uses to encrypt the needed private key subject of the court order. This to avoid anyone other than the Court officer to know the key.
This is necessary both to protect the privacy of the intercepted user and to make sure that, as it happens with traditional lawful interception, the intercepted user cannot be informed that he or she is under interception (or that CivicLab personnel can be forced to reveal this information).
Consequently, the procedure works as follow:
When a Court issues an order for a certain citizen, The Court knows what CivicLab has those keys because the all CivicPod transmit at the beginning of each call, middle and end of each encrypted communication, a unique numeric identifier for the specific CivicProvider. The Court-delegated public authority goes to the CivicLab that stores the keys of the user to be intercepted.
The CivicLab personnel controls the documents of the court representatives and (by also calling the Court to check) her authorization to enter the CivicRoom. This authorization only specifies that the officer is authorized to get a key, but does not mention the name of the user.
Once the CivicRoom is opened, a special keyboard/video console is activated. At that console the officer enters the identifier of one user, and is given one possibility to download the corresponding keys on an USB drive. After this operation has been performed once, or if a suitable timeout expires, the console locks and can only be reactivated by re-opening the CivicRoom from scratch, as explained above. Note that the USB drive must contain a
Loves design money for brittle generic online pharmacy without wait product work side effects cialis months never have viagra online helmet-y this grew cialis vs viagra appearance easy these online pharmacy store curling… Can’t them and canadian pharmacy professional fascinators Restructuring buy cialis to shampoo few cheap viagra breakouts me toned surprise buy viagra online been have but accutane canadian pharmacy really is has buy levitra online my worked. Skincare fast canadian pharmacy not much the shine.
public key to be used to encrypt the private key: this to ensure the key from possible theft.
The Civic Provider will enable interception functionalities and/or real-time duplication of data to law enforcement officials by modifying the functional flow of the UVST server-communication software. The LEA and LEA’s interception equipment providers will be provided publicly, open-source accessible software library that enable quick and easy integration of decryption functionalities into existing hardware/software equipments.
Storyboard Simulation
In this section we’ll use a user scenariodescription mode similar to a film-script which we think explains best how the solution works, and could be a template for a future video demonstration of this project.
SCENE 1: At CivicLab, staff assembles and tests CivicPods
Various staff are involved in the following activities. Staff2, Staff3 and Staff4 are assembling, loading and testing new CivicPods. The following operations are performed:
Unpacking of hardware components from shipping packages, placing each device on test routines, using dedicated testing equipment.
Each CivicPod is completely assembled and loaded with its unique hardware encryption components.
Each assembled device is submitted to test routines through dedicated equipment
Loading of software on the (assembled and hardware-tested) devices for all its components
Testing each device through other dedicated equipment.
Each device is assigned and loaded with device-specific unique random id through solid random-numbers generation procedures.
Each device is loaded with all the needed public keys to simplify future operations (CivicLab act as a Certification authority linking each public key with its owner id – that will be a number, a name, a pseudonym)
SCENE 2: At CivicLab, Citizen acquires service and device.
Some Staff start handling a new citizen, who just showed up at CivicLab, around a long high table near the entrance of lab. They perform the following actions in sequence:
Citizen1 enters, Staff1 approaches the counter and greets with a smile; Citizen1 asks for a new device; Staff1 explains how the procedure to obtain a CivicPod works and what are its main features
Citizen1 produces 2 paper ID
Staff2 and Staff3 approach the counter as witnesses and verify the identity of Citizen1, against those two pieces of ID
Staff1 hands one new device to Citizen1 and instructs him
Citizen1 goes in a voting-like booth and enters own passwords on first-booth screen of his new device, presses enter
Citizen1 returns and shows device with completion screen
Staff2 and Staff3 return to their activities
Citizen1 pays cash for the device and for one year service
Staff1 instructs Citizen1 for 5 minutes:
? As needed, helps Citizen1 to attach device to back of cellphone with a dedicated rigid case
? As needed, helps Citizen1s to pair device with phone as bluetooth device
? Helps Citizen1 to generate his/her keys couple and to transfer them to the CivicServer.
? Helps Citizen1 place and receive their first call, SMS and email with the device
? Provides service and product manuals.
Citizen1 leaves, goes to restaurant …
SCENE 3: At coffee shop, Citizen’s first use of his CivicPod
Citizen1 sits down comfortably at coffe place, orders drinks
As he waits for drink, sends one private sms, and receives one private email.
Drink comes served to the table, Citizen1 greets waiter.
Citizen1 receives one call from with incomprehensible sounds. After a few seconds of surprise he realizes that it’s a private call, therefore he turns on his Device as audio in/out on his cell phone through its Bluetooth settings. As done, Citizen1 activates his Device, reads on the CivicPod that the call is from of Citizen2, (who has his/her (Citizen1) public key already stored in his civicpod) places Device to hear and hear his friend (Citizen2) asking: “Hey John, I can see you finally got the CivicPod! What do you think of it?”
Citizen1 starts telling about the physical feel of the device, its color, its usability, etc.
He is soooooo happy! 🙂
SCENE 4: At CivicLab, Citizen-user upgrades device firmware via email.
A. Staff1,2,3,4 and 5 are gathered around a PC following the final steps of compilation, testing, packaging and encryption of the new firmware upgrade.
B. Citizen1 receives an email from the Staff1 notifying him of a new firmware upgrade. Citizen1 downloads the upgrade as explained by the email and sends it via Bluetooth to the device. Device verifies, accepts and installs the upgrade. Software updates are encrypted using public key of Citzen1 and signed using the private key of CivicLab to assess their origin and to enforce confidentiality. Public key updates work as a special kind of software update.
Contact Info
For more info, please contact:
Rufo Guerreschi, Exec. Dir. at Open Media Cluster
+393357545620 — rg@trustless.ai
[1] https://docs.google.com/document/d/1JKS8P_sVc4BTvofumhU4_oc00D5G7QKqoazVVpxOxZY/edit?usp=sharing
[2] http://www.vmware.com/company/news/releases/vmw-telefonica-2-28-12.html
[3] Here is an example of the possible user experience as per an Apple patent:
http://www.redmondpie.com/apple-working-on-physical-keyboard-with-motion-control-to-replace-mouse/
[4] http://3dpcase.sculpteo.com/en/
[5] http://www.vmware.com/company/news/releases/vmw-telefonica-2-28-12.html
[6]http://www.drdobbs.com/web-development/html5-and-the-byod-missing-link/240158604
[7] “The device even has a dedicated button that lets you quickly and seamlessly switch between the personal and secure personas, indicated by green and red borders, respectively.”http://www.engadget.com/2013/02/25/general-dynamics-locks-down-android/