Continuous Authentication of Users to Robotic Technologies Using Behavioural Biometrics

Collaborative robots and current human–robot interaction systems, such as exoskeletons and teleoperation, are key technologies with profiles that make them likely security targets. Without sufficient protection, these robotics technologies might become dangerous tools that are capable of causing damage to their environments, increasing defects in work pieces and harming human co-workers. As robotics is a critical component of the current automation drive in many advanced economies, there may be serious economic effects if robot security is not appropriately handled. The development of suitable security for robots, particularly in industrial contexts, is critical. Collaborative robots, exoskeletons and teleoperation are all examples of robotics technologies that might need close collaboration with humans, and these interactions must be appropriately protected. There is a need to guard against both external hackers (as with many industrial systems) and insider malfeasance. Only authorised users should be able to access robots, and they should use only those services and capabilities they are qualified to access (e.g. those for which they are appropriately cleared and trained). Authentication is therefore a crucial enabling mechanism. Robot interaction will largely be ongoing, so continuous rather than one-time authentication is required. In robot contexts, continuous biometrics can be used to provide effective and practical authentication of individuals to robots. In particular, the working behaviour of human co-workers as they interact with robots can be used as a means of biometric authentication. This thesis demonstrates how continuous biometric authentication can be used in three different environments: a direct physical manipulation application, a sensor glove application and a remote access application. We show how information acquired from the collaborative robot's internal sensors, wearable sensors (similar to those found in an exoskeleton), and teleoperated robot control and programming can be harnessed to provide appropriate authentication. Thus, all authentication uses data that are collected or generated as part of the co-worker simply going about their work. No additional action is needed. For manufacturing environments, this lack of intrusiveness is an important feature. The results presented in this thesis show that our approaches can discriminate appropriately between users. We believe that our machine learning-based approaches can provide reasonable and practical solutions for continually authenticating users to robots in many environments, particularly in manufacturing contexts

Challenges in the Safety-Security Co-Assurance of Collaborative Industrial Robots

The coordinated assurance of interrelated critical properties, such as system safety and cyber-security, is one of the toughest challenges in critical systems engineering. In this chapter, we summarise approaches to the coordinated assurance of safety and security. Then, we highlight the state of the art and recent challenges in human-robot collaboration in manufacturing both from a safety and security perspective. We conclude with a list of procedural and technological issues to be tackled in the coordinated assurance of collaborative industrial robots.Comment: 23 pages, 4 tables, 1 figur

A Survey Study of the Current Challenges and Opportunities of Deploying the ECG Biometric Authentication Method in IoT and 5G Environments

The environment prototype of the Internet of Things (IoT) has opened the horizon for researchers to utilize such environments in deploying useful new techniques and methods in different fields and areas. The deployment process takes place when numerous IoT devices are utilized in the implementation phase for new techniques and methods. With the wide use of IoT devices in our daily lives in many fields, personal identification is becoming increasingly important for our society. This survey aims to demonstrate various aspects related to the implementation of biometric authentication in healthcare monitoring systems based on acquiring vital ECG signals via designated wearable devices that are compatible with 5G technology. The nature of ECG signals and current ongoing research related to ECG authentication are investigated in this survey along with the factors that may affect the signal acquisition process. In addition, the survey addresses the psycho-physiological factors that pose a challenge to the usage of ECG signals as a biometric trait in biometric authentication systems along with other challenges that must be addressed and resolved in any future related research.

Anonymous subject identification and privacy information management in video surveillance

The widespread deployment of surveillance cameras has raised serious privacy concerns, and many privacy-enhancing schemes have been recently proposed to automatically redact images of selected individuals in the surveillance video for protection. Of equal importance are the privacy and efficiency of techniques to first, identify those individuals for privacy protection and second, provide access to original surveillance video contents for security analysis. In this paper, we propose an anonymous subject identification and privacy data management system to be used in privacy-aware video surveillance. The anonymous subject identification system uses iris patterns to identify individuals for privacy protection. Anonymity of the iris-matching process is guaranteed through the use of a garbled-circuit (GC)-based iris matching protocol. A novel GC complexity reduction scheme is proposed by simplifying the iris masking process in the protocol. A user-centric privacy information management system is also proposed that allows subjects to anonymously access their privacy information via their iris patterns. The system is composed of two encrypted-domain protocols: The privacy information encryption protocol encrypts the original video records using the iris pattern acquired during the subject identification phase; the privacy information retrieval protocol allows the video records to be anonymously retrieved through a GC-based iris pattern matching process. Experimental results on a public iris biometric database demonstrate the validity of our framework

The Card Reader and the Conundrum of Digital Tools in Electioneering in Nigeria

The track records of elections in Nigeria have continued to generate mixed feelings Many political observers remain sceptical about the appropriateness and ultimate utility of digital tools in the conduct of elections in the country It is no gainsaying that one of the key elements for the sustenance of democracy is digital tools technology Taking a stroll down the electoral process of Nigeria since 1999 it can be noted that elections have been characterised by electoral malpractices and violence The recent introduction of the Smart Card Readers SCRs has a great impact on the 2015 general elections and the consolidation of democracy across the country For instance the card reader facilities and its security monitoring operating system provide password restricted access to store data with specific playback for criminal investigation and its impact on the 2015 general elections This paper therefore takes a critical look at the use of the Smart Card Readers SCRs as it affects Nigeria s move towards a viable electoral system and the promotion of democratic values The paper further argues that the usage of the Card Reader enhances the credibility of general elections in Nigeria Nevertheless there are some peculiar factors that stringently inhibit its manifestations in the 2015 general elections in Nigeri

Strong authentication based on mobile application

The user authentication in online services has evolved over time from the old username and password-based approaches to current strong authentication methodologies. Especially, the smartphone app has become one of the most important forms to perform the authentication. This thesis describes various authentication methods used previously and discusses about possible factors that generated the demand for the current strong authentication approach. We present the concepts and architectures of mobile application based authentication systems. Furthermore, we take closer look into the security of the mobile application based authentication approach. Mobile apps have various attack vectors that need to be taken under consideration when designing an authentication system. Fortunately, various generic software protection mechanisms have been developed during the last decades. We discuss how these mechanisms can be utilized in mobile app environment and in the authentication context. The main idea of this thesis is to gather relevant information about the authentication history and to be able to build a view of strong authentication evolution. This history and the aspects of the evolution are used to state hypothesis about the future research and development. We predict that the authentication systems in the future may be based on a holistic view of the behavioral patterns and physical properties of the user. Machine learning may be used in the future to implement an autonomous authentication concept that enables users to be authenticated with minimal physical or cognitive effort

Challenges in the safety-security co-assurance of collaborative industrial robots

The coordinated assurance of interrelated critical properties, such as system safety and cyber-security, is one of the toughest challenges in critical systems engineering. In this chapter, we summarise approaches to the coordinated assurance of safety and security. Then, we highlight the state of the art and recent challenges in human-robot collaboration in manufacturing both from a safety and security perspective. We conclude with a list of procedural and technological issues to be tackled in the coordinated assurance of collaborative industrial robots

IoT Health Devices: Exploring Security Risks in the Connected Landscape

The concept of the Internet of Things (IoT) spans decades, and the same can be said for its inclusion in healthcare. The IoT is an attractive target in medicine; it offers considerable potential in expanding care. However, the application of the IoT in healthcare is fraught with an array of challenges, and also, through it, numerous vulnerabilities that translate to wider attack surfaces and deeper degrees of damage possible to both consumers and their confidence within health systems, as a result of patient-specific data being available to access. Further, when IoT health devices (IoTHDs) are developed, a diverse range of attacks are possible. To understand the risks in this new landscape, it is important to understand the architecture of IoTHDs, operations, and the social dynamics that may govern their interactions. This paper aims to document and create a map regarding IoTHDs, lay the groundwork for better understanding security risks in emerging IoTHD modalities through a multi-layer approach, and suggest means for improved governance and interaction. We also discuss technological innovations expected to set the stage for novel exploits leading into the middle and latter parts of the 21st century

Social, Private, and Trusted Wearable Technology under Cloud-Aided Intermittent Wireless Connectivity

There has been an unprecedented increase in the use of smart devices globally, together with novel forms of communication, computing, and control technologies that have paved the way for a new category of devices, known as high-end wearables. While massive deployments of these objects may improve the lives of people, unauthorized access to the said private equipment and its connectivity is potentially dangerous. Hence, communication enablers together with highly-secure human authentication mechanisms have to be designed.In addition, it is important to understand how human beings, as the primary users, interact with wearable devices on a day-to-day basis; usage should be comfortable, seamless, user-friendly, and mindful of urban dynamics. Usually the connectivity between wearables and the cloud is executed through the user’s more power independent gateway: this will usually be a smartphone, which may have potentially unreliable infrastructure connectivity. In response to these unique challenges, this thesis advocates for the adoption of direct, secure, proximity-based communication enablers enhanced with multi-factor authentication (hereafter refereed to MFA) that can integrate/interact with wearable technology. Their intelligent combination together with the connection establishment automation relying on the device/user social relations would allow to reliably grant or deny access in cases of both stable and intermittent connectivity to the trusted authority running in the cloud.The introduction will list the main communication paradigms, applications, conventional network architectures, and any relevant wearable-specific challenges. Next, the work examines the improved architecture and security enablers for clusterization between wearable gateways with a proximity-based communication as a baseline. Relying on this architecture, the author then elaborates on the social ties potentially overlaying the direct connectivity management in cases of both reliable and unreliable connection to the trusted cloud. The author discusses that social-aware cooperation and trust relations between users and/or the devices themselves are beneficial for the architecture under proposal. Next, the author introduces a protocol suite that enables temporary delegation of personal device use dependent on different connectivity conditions to the cloud.After these discussions, the wearable technology is analyzed as a biometric and behavior data provider for enabling MFA. The conventional approaches of the authentication factor combination strategies are compared with the ‘intelligent’ method proposed further. The assessment finds significant advantages to the developed solution over existing ones.On the practical side, the performance evaluation of existing cryptographic primitives, as part of the experimental work, shows the possibility of developing the experimental methods further on modern wearable devices.In summary, the set of enablers developed here for wearable technology connectivity is aimed at enriching people’s everyday lives in a secure and usable way, in cases when communication to the cloud is not consistently available