Biometrics for internet‐of‐things security: A review

The large number of Internet‐of‐Things (IoT) devices that need interaction between smart devices and consumers makes security critical to an IoT environment. Biometrics offers an interesting window of opportunity to improve the usability and security of IoT and can play a significant role in securing a wide range of emerging IoT devices to address security challenges. The purpose of this review is to provide a comprehensive survey on the current biometrics research in IoT security, especially focusing on two important aspects, authentication and encryption. Regarding authentication, contemporary biometric‐based authentication systems for IoT are discussed and classified based on different biometric traits and the number of biometric traits employed in the system. As for encryption, biometric‐cryptographic systems, which integrate biometrics with cryptography and take advantage of both to provide enhanced security for IoT, are thoroughly reviewed and discussed. Moreover, challenges arising from applying biometrics to IoT and potential solutions are identified and analyzed. With an insight into the state‐of‐the‐art research in biometrics for IoT security, this review paper helps advance the study in the field and assists researchers in gaining a good understanding of forward‐looking issues and future research directions

Biometrics-as-a-Service: A Framework to Promote Innovative Biometric Recognition in the Cloud

Biometric recognition, or simply biometrics, is the use of biological attributes such as face, fingerprints or iris in order to recognize an individual in an automated manner. A key application of biometrics is authentication; i.e., using said biological attributes to provide access by verifying the claimed identity of an individual. This paper presents a framework for Biometrics-as-a-Service (BaaS) that performs biometric matching operations in the cloud, while relying on simple and ubiquitous consumer devices such as smartphones. Further, the framework promotes innovation by providing interfaces for a plurality of software developers to upload their matching algorithms to the cloud. When a biometric authentication request is submitted, the system uses a criteria to automatically select an appropriate matching algorithm. Every time a particular algorithm is selected, the corresponding developer is rendered a micropayment. This creates an innovative and competitive ecosystem that benefits both software developers and the consumers. As a case study, we have implemented the following: (a) an ocular recognition system using a mobile web interface providing user access to a biometric authentication service, and (b) a Linux-based virtual machine environment used by software developers for algorithm development and submission

The Impact Of The Development Of ICT In Several Hungarian Economic Sectors

As the author could not find a reassuring mathematical and statistical method in the literature for studying the effect of information communication technology on enterprises, the author suggested a new research and analysis method that he also used to study the Hungarian economic sectors. The question of what factors have an effect on their net income is vital for enterprises. At first, the author studied some potential indicators related to economic sectors, then those indicators were compared to the net income of the surveyed enterprises. The resulting data showed that the growing penetration of electronic marketplaces contributed to the change of the net income of enterprises to the greatest extent. Furthermore, among all the potential indicators, it was the only indicator directly influencing the net income of enterprises. With the help of the compound indicator and the financial data of the studied economic sectors, the author made an attempt to find a connection between the development level of ICT and profitability. Profitability and productivity are influenced by a lot of other factors as well. As the effect of the other factors could not be measured, the results – shown in a coordinate system - are not full but informative. The highest increment of specific Gross Value Added was produced by the fields of ‘Manufacturing’, ‘Electricity, gas and water supply’, ‘Transport, storage and communication’ and ‘Financial intermediation’. With the exception of ‘Electricity, gas and water supply’, the other economic sectors belong to the group of underdeveloped branches (below 50 percent). On the other hand, ‘Construction’, ‘Health and social work’ and ‘Hotels and restaurants’ can be seen as laggards, so they got into the lower left part of the coordinate system. ‘Agriculture, hunting and forestry’ can also be classified as a laggard economic sector, but as the effect of the compound indicator on the increment of Gross Value Added was less significant, it can be found in the upper left part of the coordinate system. Drawing a trend line on the points, it can be made clear that it shows a positive gradient, that is, the higher the usage of ICT devices, the higher improvement can be detected in the specific Gross Value Added

Secure Pick Up: Implicit Authentication When You Start Using the Smartphone

We propose Secure Pick Up (SPU), a convenient, lightweight, in-device, non-intrusive and automatic-learning system for smartphone user authentication. Operating in the background, our system implicitly observes users' phone pick-up movements, the way they bend their arms when they pick up a smartphone to interact with the device, to authenticate the users. Our SPU outperforms the state-of-the-art implicit authentication mechanisms in three main aspects: 1) SPU automatically learns the user's behavioral pattern without requiring a large amount of training data (especially those of other users) as previous methods did, making it more deployable. Towards this end, we propose a weighted multi-dimensional Dynamic Time Warping (DTW) algorithm to effectively quantify similarities between users' pick-up movements; 2) SPU does not rely on a remote server for providing further computational power, making SPU efficient and usable even without network access; and 3) our system can adaptively update a user's authentication model to accommodate user's behavioral drift over time with negligible overhead. Through extensive experiments on real world datasets, we demonstrate that SPU can achieve authentication accuracy up to 96.3% with a very low latency of 2.4 milliseconds. It reduces the number of times a user has to do explicit authentication by 32.9%, while effectively defending against various attacks.Comment: Published on ACM Symposium on Access Control Models and Technologies (SACMAT) 201

Edge-centric multimodal authentication system using encrypted biometric templates

Data security, complete system control, and missed storage and computing opportunities in personal portable devices are some of the major limitations of the centralized cloud environment. Among these limitations, security is a prime concern due to potential unauthorized access to private data. Biometrics, in particular, is considered sensitive data, and its usage is subject to the privacy protection law. To address this issue, a multimodal authentication system using encrypted biometrics for the edge-centric cloud environment is proposed in this study. Personal portable devices are utilized for encrypting biometrics in the proposed system, which optimizes the use of resources and tackles another limitation of the cloud environment. Biometrics is encrypted using a new method. In the proposed system, the edges transmit the encrypted speech and face for processing in the cloud. The cloud then decrypts the biometrics and performs authentication to confirm the identity of an individual. The model for speech authentication is based on two types of features, namely, Mel-frequency cepstral coefficients and perceptual linear prediction coefficients. The model for face authentication is implemented by determining the eigenfaces. The final decision about the identity of a user is based on majority voting. Experimental results show that the new encryption method can reliably hide the identity of an individual and accurately decrypt the biometrics, which is vital for errorless authentication

A Survey Study of the Current Challenges and Opportunities of Deploying the ECG Biometric Authentication Method in IoT and 5G Environments

The environment prototype of the Internet of Things (IoT) has opened the horizon for researchers to utilize such environments in deploying useful new techniques and methods in different fields and areas. The deployment process takes place when numerous IoT devices are utilized in the implementation phase for new techniques and methods. With the wide use of IoT devices in our daily lives in many fields, personal identification is becoming increasingly important for our society. This survey aims to demonstrate various aspects related to the implementation of biometric authentication in healthcare monitoring systems based on acquiring vital ECG signals via designated wearable devices that are compatible with 5G technology. The nature of ECG signals and current ongoing research related to ECG authentication are investigated in this survey along with the factors that may affect the signal acquisition process. In addition, the survey addresses the psycho-physiological factors that pose a challenge to the usage of ECG signals as a biometric trait in biometric authentication systems along with other challenges that must be addressed and resolved in any future related research.

FINGERPRINT BASED STUDENT ATTENDANCE MANAGEMENT SYSTEM WITH AUTOMATIC EXCEL COMPUTATION

Fingerprint is considered to be the best and most widely used biometrics recognition and verification pattern due its uniqueness for every individual. This study focused on the development of a fingerprint students’ attendance system carried out to curb the problems associated with manual methods of taking students attendance in institutions. The design was carried out using appropriate mathematical model, formulae and block diagram representation while Proteus software simulator was used to simulate functionality of the designed circuit. An attendance algorithm was developed and implemented using coolTerm software and Excel spreadsheet. The system was tested using 15 students’ fingerprints which involves enrollment, authentication and report generation processes. Each student was enrolled with a unique identification. During verification and attendance capture at different times, the system exhibits extremely low (0%) False Acceptance Rate (FAR), extremely high (100%) True Accept Rate (TAR) and extremely low (0%) False Reject Rate (FRR). This study has established the effectiveness of students attendance capture using fingerprint as a more secure, credible and error free to impersonation and buddy punching as associated with the existing manual-paper based system

Security challenges and solutions for e-business

The advantages of economic growth and increasing ease of operation afforded by e-business and e-commerce developments are unfortunately matched by growth in cyber attacks. This paper outlines the common attacks faced by e-business and describes the defenses that can be used against them. It also reviews the development of newer security defense methods. These are: (1) biometrics for authentication; parallel processing to increase power and speed of defenses; (2) data mining and machine learning to identify attacks; (3) peer-to-peer security using blockchains; 4) enterprise security modelling and security as a service; and (5) user education and engagement. The review finds overall that one of the most prevalent dangers is social engineering in the form of phishing attacks. Recommended counteractions include education and training, and the development of new machine learning and data sharing approaches so that attacks can be quickly discovered and mitigated

Who's Behind ICE: The Tech and Data Companies Fueling Deportations

Tech is transforming immigration enforcement. As advocates have known for some time, the immigration and criminal justice systems have powerful allies in Silicon Valley and Congress, with technology companies playing an increasingly central role in facilitating the expansion and acceleration of arrests, detentions, and deportations. What is less known outside of Silicon Valley is the long history of the technology industry's "revolving door" relationship with federal agencies, how the technology industry and its products and services are now actually circumventing city- and state-level protections for vulnerable communities, and what we can do to expose and hold these actors accountable.Mijente, the National Immigration Project, and the Immigrant Defense Project — immigration and Latinx-focused organizations working at the intersection of new technology, policing, and immigration — commissioned Empower LLC to undertake critical research about the multi-layered technology infrastructure behind the accelerated and expansive immigration enforcement we're seeing today, and the companies that are behind it. The report opens a window into the Department of Homeland Security's (DHS) plans for immigration policing through a scheme of tech and database policing, the mass scale and scope of the tech-based systems, the contracts that support it, and the connections between Washington, D.C., and Silicon Valley. It surveys and investigates the key contracts that technology companies have with DHS, particularly within Immigration and Customs Enforcement (ICE), and their success in signing new contracts through intensive and expensive lobbying

Management of an Automatic System to Generate Reports on the Attendance Control of Teachers in a Educational Center

Many countries were affected by the appearance of SARS-COV-2 that was spreading rapidly, causing damage to humanity and causing a global crisis, this generated a generalized quarantine to avoid the physical approaches recommended by the health system, affecting all students in the world, since it was wanted to avoid forming foci of contagion in educational centers,  for this reason, some automated systems that are marketed in the markets were applied to combat the pandemic in educational centers, but they are inefficient when registering the work attendance of teachers, causing loss of time in the registration process and causing an agglomeration of people due to the failure in the registration process,  in addition to not allowing to manage the reports of the teacher's work attendance. In view of this problem, in this article the management of an automatic system was carried out to generate reports on the attendance control of the teaching staff in the educational center and control the working hours of each teacher to be visualized through a user interface, being able to control the labor discipline of each teacher since all the records will be stored in a database. Through the development of the system, it was observed that the system works effectively since an efficiency of 98.87% was obtained in its operation to control the time of entry and exit of each teacher, being an accepted value since the process is conducted safely