858 research outputs found
CALIPER: Continuous Authentication Layered with Integrated PKI Encoding Recognition
Architectures relying on continuous authentication require a secure way to
challenge the user's identity without trusting that the Continuous
Authentication Subsystem (CAS) has not been compromised, i.e., that the
response to the layer which manages service/application access is not fake. In
this paper, we introduce the CALIPER protocol, in which a separate Continuous
Access Verification Entity (CAVE) directly challenges the user's identity in a
continuous authentication regime. Instead of simply returning authentication
probabilities or confidence scores, CALIPER's CAS uses live hard and soft
biometric samples from the user to extract a cryptographic private key embedded
in a challenge posed by the CAVE. The CAS then uses this key to sign a response
to the CAVE. CALIPER supports multiple modalities, key lengths, and security
levels and can be applied in two scenarios: One where the CAS must authenticate
its user to a CAVE running on a remote server (device-server) for access to
remote application data, and another where the CAS must authenticate its user
to a locally running trusted computing module (TCM) for access to local
application data (device-TCM). We further demonstrate that CALIPER can leverage
device hardware resources to enable privacy and security even when the device's
kernel is compromised, and we show how this authentication protocol can even be
expanded to obfuscate direct kernel object manipulation (DKOM) malwares.Comment: Accepted to CVPR 2016 Biometrics Worksho
State of the Art in Biometric Key Binding and Key Generation Schemes
Direct storage of biometric templates in databases exposes the authentication system and legitimate users to numerous security and privacy challenges. Biometric cryptosystems or template protection schemes are used to overcome the security and privacy challenges associated with the use of biometrics as a means of authentication. This paper presents a review of previous works in biometric key binding and key generation schemes. The review focuses on key binding techniques such as biometric encryption, fuzzy commitment scheme, fuzzy vault and shielding function. Two categories of key generation schemes considered are private template and quantization schemes. The paper also discusses the modes of operations, strengths and weaknesses of various kinds of key-based template protection schemes. The goal is to provide the reader with a clear understanding of the current and emerging trends in key-based biometric cryptosystems
Multimodal decision-level fusion for person authentication
In this paper, the use of clustering algorithms for decision-level data fusion is proposed. Person authentication results coming from several modalities (e.g., still image, speech), are combined by using fuzzy k-means (FKM), fuzzy vector quantization (FVQ) algorithms, and median radial basis function (MRBF) network. The quality measure of the modalities data is used for fuzzification. Two modifications of the FKM and FVQ algorithms, based on a novel fuzzy vector distance definition, are proposed to handle the fuzzy data and utilize the quality measure. Simulations show that fuzzy clustering algorithms have better performance compared to the classical clustering algorithms and other known fusion algorithms. MRBF has better performance especially when two modalities are combined. Moreover, the use of the quality via the proposed modified algorithms increases the performance of the fusion system
Multimodal Behavioral Biometric Authentication in Smartphones for Covid-19 Pandemic
The usage of mobile phones has increased multi-fold in recent decades, mostly because of their utility in most aspects of daily life, such as communications, entertainment, and financial transactions. In use cases where usersâ information is at risk from imposter attacks, biometrics-based authentication systems such as fingerprint or facial recognition are considered the most trustworthy in comparison to PIN, password, or pattern-based authentication systems in smartphones. Biometrics need to be presented at the time of power-on, they cannot be guessed or attacked through brute force and eliminate the possibility of shoulder surfing. However, fingerprints or facial recognition-based systems in smartphones may not be applicable in a pandemic situation like Covid-19, where hand gloves or face masks are mandatory to protect against unwanted exposure of the body parts. This paper investigates the situations in which fingerprints cannot be utilized due to hand gloves and hence presents an alternative biometric system using the multimodal Touchscreen swipe and Keystroke dynamics pattern. We propose a HandGlove mode of authentication where the system will automatically be triggered to authenticate a user based on Touchscreen swipe and Keystroke dynamics patterns. Our experimental results suggest that the proposed multimodal biometric system can operate with high accuracy. We experiment with different classifiers like Isolation Forest Classifier, SVM, k-NN Classifier, and fuzzy logic classifier with SVM to obtain the best authentication accuracy of 99.55% with 197 users on the Samsung Galaxy S20. We further study the problem of untrained external factors which can impact the user experience of authentication system and propose a model based on fuzzy logic to extend the functionality of the system to improve under novel external effects. In this experiment, we considered the untrained external factor of âsanitized handsâ with which the user tries to authenticate and achieved 93.5% accuracy in this scenario. The proposed multimodal system could be one of the most sought approaches for biometrics-based authentication in smartphones in a COVID-19 pandemic situation
- âŠ