4Crypt – Trustworthy Video Documentation with Multiple Eyes Principle

Short description of the project

4Crypt is a flexible encryption module that can be used to restrict access to sensitive data according to a multiple-eyes principle. Originally designed as an extension for video-based assembly assistance systems, 4Crypt encrypts automatically generated assembly process logs and videos of critical work steps using multi-party encryption. This allows the sensor technology of such systems to be fully utilized for documentation purposes without violating the privacy of the people working there. Thanks to the modular structure of 4Crypt, the concept can also be transferred to other application scenarios.

4Crypt in Assembly Assistance Systems

Modern assembly assistance systems have a large number of sensors, such as cameras, which record and support employees during complicated work steps. The data generated can be automatically stored as work step documentation and used for quality assurance. However, such data is at least personally identifiable and its processing carries the risk of secret monitoring of employees by the employer. 4Crypt offers an integral building block for a technical solution to this problem.

For example, if the assembly assistance system records the execution of a safety-critical bolting operation, 4Crypt immediately and automatically encrypts the resulting documentation data with a secret key. The key is generated anew for each process and distributed among several trusted parties, such as the works council or the data protection officer. The stored documentation data is then only accessible if all parties agree by revealing their respective partial keys. This only happens in case a legitimate interest in the recorded data is established, for example through a customer complaint. In this way, 4Crypt protects the privacy of employees while at the same time allowing the collection of extensive work step documentation for quality assurance purposes.

Challenge: Trustworthy Operation of Assistance Systems

The fundamental aim of 4Crypt is to prevent employers from monitoring employees without cause. However, as the assembly assistance systems are operated by the employer itself, it is possible for the employer to manipulate or switch off the 4Crypt components installed there. Further technical measures are therefore necessary to ensure the trustworthiness of the assistance systems and to protect them from undetected manipulation. The 4Crypt framework also offers a fully integrated solution for this based on Trusted Platform Modules (TPMs). TPMs are special hardware components integrated into the platform that provide cryptographic functions and enable the generation of unique fingerprints of a system. These fingerprints can then be used to prove that a specific, trustworthy software configuration is running on the system (attestation).

Project results

4Crypt offers mechanisms for carrying out attestations based on a platform TPM integrated in the assistance system. Attestation prevents the security and encryption mechanisms established with 4Crypt from being removed or weakened. Attestation can be carried out by the employees themselves or by trusted representatives, such as members of the works council. The 4Crypt framework also includes an Android application for attestation, which makes it possible to personally and directly verify the trustworthiness of a particular assistance system using NFC. Alternatively, regular attestation of all assistance systems is also possible via a trustworthy online service.