On the design of forgiving biometric security systems

This work aims to highlight the fundamental issue surrounding biometric security systems: it's all very nice until a biometric is forged, but what do we do after that? Granted, biometric systems are by physical nature supposedly much harder to forge than other factors of authentication since biometrics on a human body are by right unique to the particular human person. Yet it is also due to this physical nature that makes it much more catastrophic when a forgery does occur, because it implies that this uniqueness has been forged as well, threatening the human individuality; and since crime has by convention relied on identifying suspects by biometric characteristics, loss of this biometric uniqueness has devastating consequences on the freedom and basic human rights of the victimized individual. This uniqueness forgery implication also raises the motivation on the adversary to forge since a successful forgery leads to much more impersonation situations when biometric systems are used i.e. physical presence at crime scenes, identi cation and access to security systems and premises, access to nancial accounts and hence the ability to use the victim's nances. Depending on the gains, a desperate highly motivated adversary may even resort to directly obtaining the victim's biometric parts by force e.g. severing the parts from the victim's body; this poses a risk and threat not just to the individual's uniqueness claim but also to personal safety and well being. One may then wonder if it is worth putting one's assets, property and safety into the hands of biometrics based systems when the consequences of biometric forgery far outweigh the consequences of system compromises when no biometrics are used

On the Design of Forgiving Biometric Security Systems

This work aims to highlight the fundamental issue surrounding biometric security systems: it's all very nice until a biometric is forged, but what do we do after that? Granted, biometric systems are by physical nature supposedly much harder to forge than other factors of authentication since biometrics on a human body are by right unique to the particular human person. Yet it is also due to this physical nature that makes it much more catastrophic when a forgery does occur, because it implies that this uniqueness has been forged as well, threatening the human individuality; and since crime has by convention relied on identifying suspects by biometric characteristics, loss of this biometric uniqueness has devastating consequences on the freedom and basic human rights of the victimized individual. This uniqueness forgery implication also raises the motivation on the adversary to forge since a successful forgery leads to much more impersonation situations when biometric systems are used i.e. physical presence at crime scenes, identi cation and access to security systems and premises, access to nancial accounts and hence the ability to use the victim's nances. Depending on the gains, a desperate highly motivated adversary may even resort to directly obtaining the victim's biometric parts by force e.g. severing the parts from the victim's body; this poses a risk and threat not just to the individual's uniqueness claim but also to personal safety and well being. One may then wonder if it is worth putting one's assets, property and safety into the hands of biometrics based systems when the consequences of biometric forgery far outweigh the consequences of system compromises when no biometrics are used

Usability and Trust in Information Systems

The need for people to protect themselves and their assets is as old as humankind. People's physical safety and their possessions have always been at risk from deliberate attack or accidental damage. The advance of information technology means that many individuals, as well as corporations, have an additional range of physical (equipment) and electronic (data) assets that are at risk. Furthermore, the increased number and types of interactions in cyberspace has enabled new forms of attack on people and their possessions. Consider grooming of minors in chat-rooms, or Nigerian email cons: minors were targeted by paedophiles before the creation of chat-rooms, and Nigerian criminals sent the same letters by physical mail or fax before there was email. But the technology has decreased the cost of many types of attacks, or the degree of risk for the attackers. At the same time, cyberspace is still new to many people, which means they do not understand risks, or recognise the signs of an attack, as readily as they might in the physical world. The IT industry has developed a plethora of security mechanisms, which could be used to mitigate risks or make attacks significantly more difficult. Currently, many people are either not aware of these mechanisms, or are unable or unwilling or to use them. Security experts have taken to portraying people as "the weakest link" in their efforts to deploy effective security [e.g. Schneier, 2000]. However, recent research has revealed at least some of the problem may be that security mechanisms are hard to use, or be ineffective. The review summarises current research on the usability of security mechanisms, and discusses options for increasing their usability and effectiveness

Assentication: User Deauthentication and Lunchtime Attack Mitigation with Seated Posture Biometric

Biometric techniques are often used as an extra security factor in authenticating human users. Numerous biometrics have been proposed and evaluated, each with its own set of benefits and pitfalls. Static biometrics (such as fingerprints) are geared for discrete operation, to identify users, which typically involves some user burden. Meanwhile, behavioral biometrics (such as keystroke dynamics) are well suited for continuous, and sometimes more unobtrusive, operation. One important application domain for biometrics is deauthentication, a means of quickly detecting absence of a previously authenticated user and immediately terminating that user's active secure sessions. Deauthentication is crucial for mitigating so called Lunchtime Attacks, whereby an insider adversary takes over (before any inactivity timeout kicks in) authenticated state of a careless user who walks away from her computer. Motivated primarily by the need for an unobtrusive and continuous biometric to support effective deauthentication, we introduce PoPa, a new hybrid biometric based on a human user's seated posture pattern. PoPa captures a unique combination of physiological and behavioral traits. We describe a low cost fully functioning prototype that involves an office chair instrumented with 16 tiny pressure sensors. We also explore (via user experiments) how PoPa can be used in a typical workplace to provide continuous authentication (and deauthentication) of users. We experimentally assess viability of PoPa in terms of uniqueness by collecting and evaluating posture patterns of a cohort of users. Results show that PoPa exhibits very low false positive, and even lower false negative, rates. In particular, users can be identified with, on average, 91.0% accuracy. Finally, we compare pros and cons of PoPa with those of several prominent biometric based deauthentication techniques

Social and Political Dimensions of Identity

We study the interior regularity of solutions to the Dirichlet problem Lu = g in Omega, u = 0 in R-nOmega, for anisotropic operators of fractional type Lu(x) = integral(+infinity)(0) dp integral(Sn-1) da(w) 2u(x) - u(x + rho w) - u(x - rho w)/rho(1+2s). Here, a is any measure on Sn-1 (a prototype example for L is given by the sum of one-dimensional fractional Laplacians in fixed, given directions). When a is an element of C-infinity(Sn-1) and g is c(infinity)(Omega), solutions are known to be C-infinity inside Omega (but not up to the boundary). However, when a is a general measure, or even when a is L-infinity(s(n-1)), solutions are only known to be C-3s inside Omega. We prove here that, for general measures a, solutions are C1+3s-epsilon inside Omega for all epsilon > 0 whenever Omega is convex. When a is an element of L-infinity(Sn-1), we show that the same holds in all C-1,C-1 domains. In particular, solutions always possess a classical first derivative. The assumptions on the domain are sharp, since if the domain is not convex and the measure a is singular, we construct an explicit counterexample for which u is not C3s+epsilon for any epsilon > 0 - even if g and Omega are C-infinity

Beliefs and attitudes of citizens in Norway towards smart surveillance and privacy

This document presents the Norway results of a qualitative study undertaken as part of the SMART project – “Scalable Measures for Automated Recognition Technologies” (SMART; G.A. 261727). The analysis and results are based on a set of 3 focus group discussions comprising 22 participants from different age groups, which were held in order to examine the awareness, understanding, beliefs and attitudes of citizens towards smart surveillance and privacy. The focus group discussions were conducted in line with a discussion guide consisting of different scenarios aimed at stimulating a discussion among participants. While some scenarios dealt with surveillance in everyday contexts, other scenarios were hypothetical in nature and their aim was to elicit the participants’ feelings, beliefs and attitudes in relation to dataveillance, the massive integration of data from different sources and the “security versus privacy” trade-off.Scalable Measures for Automated Recognition Technologies (G.A. 267127). The project was co-financed by the European Union within the Seventh Framework Programme (2007-2013).peer-reviewe

The Future of the Internet III

Presents survey results on technology experts' predictions on the Internet's social, political, and economic impact as of 2020, including its effects on integrity and tolerance, intellectual property law, and the division between personal and work lives

European citizens’ beliefs and attitudes towards smart surveillance and privacy

This document presents the results of a qualitative study undertaken as part of the SMART project - “Scalable Measures for Automated Recognition Technologies” (SMART; G.A. 261727) - in the following 14 partner countries: Austria, Bulgaria, Czech Republic, France, Germany, Italy, Malta, Norway, Romania, Slovakia, Slovenia, Spain, the Netherlands and the United Kingdom. The analysis and results are based on 42 focus group discussions comprising of 353 participants, which were held in order to examine the beliefs and attitudes of citizens towards smart surveillance and privacy.SMART Scalable Measures for Automated Recognition Technologies (G.A. 267127). The project was co-financed by the European Union within the Seventh Framework Programme (2007-2013).peer-reviewe