5 research outputs found

    Process of Fingerprint Authentication using Cancelable Biohashed Template

    Get PDF
    Template protection using cancelable biometrics prevents data loss and hacking stored templates, by providing considerable privacy and security. Hashing and salting techniques are used to build resilient systems. Salted password method is employed to protect passwords against different types of attacks namely brute-force attack, dictionary attack, rainbow table attacks. Salting claims that random data can be added to input of hash function to ensure unique output. Hashing salts are speed bumps in an attackerā€™s road to breach userā€™s data. Research proposes a contemporary two factor authenticator called Biohashing. Biohashing procedure is implemented by recapitulated inner product over a pseudo random number generator key, as well as fingerprint features that are a network of minutiae. Cancelable template authentication used in fingerprint-based sales counter accelerates payment process. Fingerhash is code produced after applying biohashing on fingerprint. Fingerhash is a binary string procured by choosing individual bit of sign depending on a preset threshold. Experiment is carried using benchmark FVC 2002 DB1 dataset. Authentication accuracy is found to be nearly 97\%. Results compared with state-of art approaches finds promising

    Bring Your Own Device (BYOD): Risks to Adopters and Users

    Get PDF
    Bring your own device (BYOD) policy refers to a set of regulation broadly adopted by organizations that allows employee-owned mobile devices ā€“ like as laptops, smartphones, personal digital assistant and tablets ā€“ to the office for use and connection to the organizations IT infrastructure. BYOD offers numerous benefits ranging from plummeting organizational logistic cost, access to information at any time and boosting employeeā€™s productivity. On the contrary, this concept presents various safety issues and challenges because of its characteristic security requirements. This study explored diverse literature databases to identify and classify BYOD policy adoption issues, possible control measures and guidelines that could hypothetically inform organizations and users that adopt and implement BYOD policy. The literature domain search yielded 110 articles, 26 of them were deemed to have met the inclusion standards. In this paper, a list of possible threats/vulnerabilities of BYOD adoption were identified. This investigation also identified and classified the impact of the threats/vulnerabilities on BYOD layered components according to security standards of ā€œFIPS Publication 199ā€ for classification. Finally, a checklist of measures that could be applied by organizations & users to mitigate BYOD vulnerabilities using a set layered approach of data, device, applications, and people were recommended

    Facial biohashing based user-device physical unclonable function for bring your own device security

    No full text
    Bring your own device (BYOD) is gaining popularity. Using multifarious personal devices in the workplace to perform work-related tasks brings new challenges to trust and privacy management. Existing authentication schemes usually target at user or device separately, while the BYOD system needs to ensure that only the authorized user with the trusted devices can be given access. This paper presents a novel biohashing based user-device physical unclonable function (UD PUF) to provide a bipartite authentication of both user and device for the BYOD system. Biometric features are extracted as user identity while PUF endows the device with an inseparable and unclonable ā€œfingerprintā€. Biohashing acts as an intermediary between these two incoherent macroscopic biometric and microscopic silicon entropy sources for security enhancement. The concept is demonstrated using a 64 Ɨ 64 image sensor PUF simulated in 180nm 3.3 V CMOS technology, and the ORL and yale databases of faces. Our preliminary experimental results showed that a genuine (user, device, challenge) combination exhibits a very low equal error rate of 0.032, and tampering of any elements of the tuple will cause the hamming distance between the ā€œliveā€ and enrolled templates to have nearly random distribution.MOE (Min. of Education, Sā€™pore)Accepted versio

    BYOD-Insure: A Security Assessment Model for Enterprise BYOD

    Get PDF
    As organizations continue allowing employees to use their personal mobile devices to access the organizationsā€™ networks and the corporate data, a phenomenon called ā€˜Bring Your Own Deviceā€™ or BYOD, proper security controls need to be adopted not only to secure the corporate data but also to protect the organizations against possible litigation problems. Until recently, current literature and research have been focused on specific areas or solutions regarding BYOD. The information associated with BYOD security issues in the areas of Management, IT, Users and Mobile Device Solutions is fragmented. This research is based on a need to provide a holistic approach to securing BYOD environments. This dissertation puts forth design science research methods to develop a comprehensive security assessment model, BYOD-Insure, to assess the security posture of an organizationā€™s BYOD environment. BYOD-Insure aims to identify security vulnerabilities in organizations that allow (or are planning to adopt) BYODs. The main questions this research aims to answer are: 1) In order to protect the enterprise and its corporate data, how can an organization identify and mitigate the security risks associated with BYOD? 2) How can a holistic approach to security strengthen the security posture of BYOD environments? BYOD-Insure is composed of 5 modules that, in tandem, use a holistic approach to assess the security posture of the four domains of BYOD environments: assessment of management (BYOD-Insure-Management), assessment of IT (BYOD-Insure-IT), assessment of usersā€™ behavior/security (BYOD-Insure-User), and assessment of the mobile device security adopted by the organization (BYOD-Insure-Mobile). The combined results of the 4 domains provide the overall security posture of the organization (BYOD-Insure-Global). The evaluation process for this model is based on a design science method for artifact evaluation. For BYOD-Insure, this process involves the use of descriptive scenarios to describe different types of BYOD security postures. This entails a detailed description of scenarios that depict low, moderate and high security postures with respect to BYOD. The results, for a particular organization, show the security controls that need to be strengthened, and the safeguards recommended. The BYOD-Insure assessment model helps answer the research questions raised in this study
    corecore