Multi-Factor Authentication: A Survey

Today, digitalization decisively penetrates all the sides of the modern society. One of the key enablers to maintain this process secure is authentication. It covers many different areas of a hyper-connected world, including online payments, communications, access right management, etc. This work sheds light on the evolution of authentication systems towards Multi-Factor Authentication (MFA) starting from Single-Factor Authentication (SFA) and through Two-Factor Authentication (2FA). Particularly, MFA is expected to be utilized for human-to-everything interactions by enabling fast, user-friendly, and reliable authentication when accessing a service. This paper surveys the already available and emerging sensors (factor providers) that allow for authenticating a user with the system directly or by involving the cloud. The corresponding challenges from the user as well as the service provider perspective are also reviewed. The MFA system based on reversed Lagrange polynomial within Shamir’s Secret Sharing (SSS) scheme is further proposed to enable more flexible authentication. This solution covers the cases of authenticating the user even if some of the factors are mismatched or absent. Our framework allows for qualifying the missing factors by authenticating the user without disclosing sensitive biometric data to the verification entity. Finally, a vision of the future trends in MFA is discussed.Peer reviewe

EEG-based biometrics: Effects of template ageing

This chapter discusses the effects of template ageing in EEG-based biometrics. The chapter also serves as an introduction to general biometrics and its main tasks: Identification and verification. To do so, we investigate different characterisations of EEG signals and examine the difference of performance in subject identification between single session and cross-session identification experiments. In order to do this, EEG signals are characterised with common state-of-the-art features, i.e. Mel Frequency Cepstral Coefficients (MFCC), Autoregression Coefficients, and Power Spectral Density-derived features. The samples were later classified using various classifiers, including Support Vector Machines and k-Nearest Neighbours with different parametrisations. Results show that performance tends to be worse for crosssession identification compared to single session identification. This finding suggests that temporal permanence of EEG signals is limited and thus more sophisticated methods are needed in order to characterise EEG signals for the task of subject identificatio

A Framework for Preserving Privacy and Cybersecurity in Brain-Computer Interfacing Applications

Brain-Computer Interfaces (BCIs) comprise a rapidly evolving field of technology with the potential of far-reaching impact in domains ranging from medical over industrial to artistic, gaming, and military. Today, these emerging BCI applications are typically still at early technology readiness levels, but because BCIs create novel, technical communication channels for the human brain, they have raised privacy and security concerns. To mitigate such risks, a large body of countermeasures has been proposed in the literature, but a general framework is lacking which would describe how privacy and security of BCI applications can be protected by design, i.e., already as an integral part of the early BCI design process, in a systematic manner, and allowing suitable depth of analysis for different contexts such as commercial BCI product development vs. academic research and lab prototypes. Here we propose the adoption of recent systems-engineering methodologies for privacy threat modeling, risk assessment, and privacy engineering to the BCI field. These methodologies address privacy and security concerns in a more systematic and holistic way than previous approaches, and provide reusable patterns on how to move from principles to actions. We apply these methodologies to BCI and data flows and derive a generic, extensible, and actionable framework for brain-privacy-preserving cybersecurity in BCI applications. This framework is designed for flexible application to the wide range of current and future BCI applications. We also propose a range of novel privacy-by-design features for BCIs, with an emphasis on features promoting BCI transparency as a prerequisite for informational self-determination of BCI users, as well as design features for ensuring BCI user autonomy. We anticipate that our framework will contribute to the development of privacy-respecting, trustworthy BCI technologies

Conceivable security risks and authentication techniques for smart devices

With the rapidly escalating use of smart devices and fraudulent transaction of users’ data from their devices, efficient and reliable techniques for authentication of the smart devices have become an obligatory issue. This paper reviews the security risks for mobile devices and studies several authentication techniques available for smart devices. The results from field studies enable a comparative evaluation of user-preferred authentication mechanisms and their opinions about reliability, biometric authentication and visual authentication techniques

EEG Authentication System Using Fuzzy Vault Scheme

Authentication is the process of recognizing a user’s identity by determining claimed user identity by checking user-provided evidence, combining cryptographic with biometric can solve many of security issues, including authentication. Our goal is to try to combine cryptography and biometrics to achieve authentication using fuzzy vault scheme. Electroencephalography (EEG) signals will be used as they are unique and also difficult to expose and copy; also they are difficult to be hack, using nine healthy persons’ EEGs from the BCI Competition and extracting power features from signals spectrum of beta and alpha band of EEG signal, the extracted features are from three channels (C3, Cz, and C4), then support vector Machine (SVM) is used for classification. In this chapter, two tasks (left hand and right hand) are used from a four tasks in the dataset, and the system achieves 96.98% validation accuracy, using 10-fold cross-validation on the training set and the model is saved, after extract features, these features will used to be evaluated on a polynomial generated from the secret key using reed Solomon code and chaff points generated using tent map are added to hide the data, which create the final result that is the vault, for decoding the system using Lagrange interpolation for polynomial reconstruction and returning the key

New intelligent network approach for monitoring physiological parameters : the case of Benin

Benin health system is facing many challenges as: (i) affordable high-quality health care to a growing population providing need, (ii) patients’ hospitalization time reduction, (iii) and presence time of the nursing staff optimization. Such challenges can be solved by remote monitoring of patients. To achieve this, five steps were followed. 1) Identification of the Wireless Body Area Network (WBAN) systems’ characteristics and the patient physiological parameters’ monitoring. 2) The national Integrated Patient Monitoring Network (RIMP) architecture modeling in a cloud of Technocenters. 3) Cross-analysis between the characteristics and the functional requirements identified. 4) Each Technocenter’s functionality simulation through: a) the design approach choice inspired by the life cycle of V systems; b) functional modeling through SysML Language; c) the communication technology and different architectures of sensor networks choice studying. 5) An estimate of the material resources of the national RIMP according to physiological parameters. A National Integrated Network for Patient Monitoring (RNIMP) remotely, ambulatory or not, was designed for Beninese health system. The implementation of the RNIMP will contribute to improve patients’ care in Benin. The proposed network is supported by a repository that can be used for its implementation, monitoring and evaluation. It is a table of 36 characteristic elements each of which must satisfy 5 requirements relating to: medical application, design factors, safety, performance indicators and materiovigilance