Keystroke Dynamics Authentication For Collaborative Systems

We present in this paper a study on the ability and the benefits of using a keystroke dynamics authentication method for collaborative systems. Authentication is a challenging issue in order to guarantee the security of use of collaborative systems during the access control step. Many solutions exist in the state of the art such as the use of one time passwords or smart-cards. We focus in this paper on biometric based solutions that do not necessitate any additional sensor. Keystroke dynamics is an interesting solution as it uses only the keyboard and is invisible for users. Many methods have been published in this field. We make a comparative study of many of them considering the operational constraints of use for collaborative systems

User Authentication in Smartphones for Telehealth

Many functions previously conducted on desktop computers are now performed on smartphones. Smartphones provide convenience, portability, and connectivity.  When smartphones are used in the conduct of telehealth, sensitive data is invariably accessed, rendering the devices in need of user authentication to ensure data protection. User authentication of smartphones can help mitigate potential Health Insurance Portability and Accountability Act (HIPAA) breaches and keep sensitive patient information protected, while also facilitating the convenience of smartphones within everyday life and healthcare. This paper presents and examines several types of authentication methods available to smartphone users to help ensure security of sensitive data from attackers. The applications of these authentication methods in telehealth are discussed. Keywords: Authentication, Biometrics, HIPAA, Mobile security, Telehealt

Identification and Authentication: Technology and Implementation Issues

Computer-based information systems in general, and Internet e-commerce and e-business systems in particular, employ many types of resources that need to be protected against access by unauthorized users. Three main components of access control are used in most information systems: identification, authentication, and authorization. In this paper we focus on authentication, which is the most problematic component. The three main approaches to user authentication are: knowledge-based, possession-based, and biometric-based. We review and compare the various authentication mechanisms of these approaches and the technology and implementation issues they involve. Our conclusion is that there is no silver bullet solution to user authentication problems. Authentication practices need improvement. Further research should lead to a better understanding of user behavior and the applied psychology aspects of computer security

Ідентифікація користувачів на основі клавіатурного почерку

В роботі отримано нове вирішення актуальної практичної задачі підвищення безпеки в інформаційних інфраструктура, а саме ідентифікації користувачів на основі клавіатурного почерку та проведено дослідження основних підходів до ідентифікації користувачів. Значну увагу в роботі приділено практичній реалізації та дослідженні її ефективності. Результати цього розроблення підтвердили достовірність теоретичних відомостей.In this work a new solution of the actual practical task of improving security in the information infrastructure, namely, identifying users based on keyboard writing, was obtained, and the main approaches to identifying users were studied. The considerable attention in the work is devoted to the practical realization and research of its efficiency. The results of this development confirmed the reliability of theoretical information.В работе получено новое решение актуальной практической задачи повышения безопасности в информационных инфраструктура, а именно идентификации пользователей на основе клавиатурного почерка и проведено исследование основных подходов к идентификации пользователей. Значительное внимание в работе уделено практической реализации и исследовании ее эффективности. Результаты этой разработки подтвердили достоверность теоретических сведений

Autenticação contínua pela dinâmica da digitação usando máquinas de comitê

Dissertação (mestrado) - Universidade Federal de Santa Catarina, Centro Tecnológico. Programa de Pós-Graduação em Ciência da ComputaçãoO uso de sistemas automatizados simplifica a vida das pessoas, no entanto a dependência destes sistemas gera informações críticas armazenadas nos computadores tornando-os possíveis alvos de ataques. Para proteger o acesso a estas informações existem mecanismos de autenticação. Atualmente a maioria destes mecanismos autentica o usuário apenas na entrada do sistema, sendo que o usuário pode deixar o computador sem sair da sessão ou bloquear seu acesso, possibilitando a um intruso acessar os recursos disponíveis. Isto mostra a insuficiência dos mecanismos de autenticação realizados apenas na entrada do sistema. O objetivo deste trabalho é apresentar uma metodologia de baixo custo e não intrusiva que possibilite a autenticação contínua do usuário enquanto este está utilizando o teclado de um computador. A autenticação é realizada através do reconhecimento do padrão de digitação do usuário, que é uma característica biométrica comportamental. Neste trabalho foram abordadas duas metodologias para solução deste problema de reconhecimento de padrões, ambas utilizando Redes Neurais Artificiais (RNAs). Na primeira abordagem, uma única RNA é utilizada para representar o modelo de cada usuário e classificar dados apostos ao sistema biométrico, já na segunda abordagem é utilizado o conceito de máquinas de comitê, onde um conjunto de RNAs combinadas formam o modelo do usuário. Cada uma destas RNAs possui a capacidade de resolver uma tarefa simples, mas ao serem combinadas possibilitam a solução de uma tarefa complexa. Experimentos realizados para testar as abordagens propostas mostram que a utilização da primeira abordagem não possibilitou a classificação dos usuários testados neste trabalho, no entanto na segunda abordagem, os resultados mostram que, utilizando como informação alvo um texto fixo e limiares diferentes para cada usuário, o sistema apresentou taxa de falsa aceitação (FAR) de 0,15% e taxa de falsa rejeição (FRR) de 0%

Understanding users keystroke patterns for computer access security

User authentication is a major problem in gaining access rights for computer resources. A recent approach to enhance the computer access rights is the use of biometric properties as the keystroke rhythms of users. Therefore user authentication for computers can be more secure using keystroke rhythms as biometric authentication. Methods like minimum distance, statistical, vector based, neural network type and data mining techniques have been applied in analyzing the keystroke patterns. In this paper, a vector based algorithm for a recent approach has been applied in the identification of keystroke patterns. Keystroke Identification system that is a neuro physical characteristic is studied to realize biometric authentication

User Authentication and Supervision in Networked Systems

This thesis considers the problem of user authentication and supervision in networked systems. The issue of user authentication is one of on-going concern in modem IT systems with the increased use of computer systems to store and provide access to sensitive information resources. While the traditional username/password login combination can be used to protect access to resources (when used appropriately), users often compromise the security that these methods can provide. While alternative (and often more secure) systems are available, these alternatives usually require expensive hardware to be purchased and integrated into IT systems. Even if alternatives are available (and financially viable), they frequently require users to authenticate in an intrusive manner (e.g. forcing a user to use a biometric technique relying on fingerprint recognition). Assuming an acceptable form of authentication is available, this still does not address the problem of on-going confidence in the users’ identity - i.e. once the user has logged in at the beginning of a session, there is usually no further confirmation of the users' identity until they logout or lock the session in which they are operating. Hence there is a significant requirement to not only improve login authentication but to also introduce the concept of continuous user supervision. Before attempting to implement a solution to the problems outlined above, a range of currently available user authentication methods are identified and evaluated. This is followed by a survey conducted to evaluate user attitudes and opinions relating to login and continuous authentication. The results reinforce perceptions regarding the weaknesses of the traditional username/password combination, and suggest that alternative techniques can be acceptable. This provides justification for the work described in the latter part o f the thesis. A number of small-scale trials are conducted to investigate alternative authentication techniques, using ImagePIN's and associative/cognitive questions. While these techniques are of an intrusive nature, they offer potential improvements as either initial login authentication methods or, as a challenge during a session to confirm the identity of the logged-in user. A potential solution to the problem of continuous user authentication is presented through the design and implementation o f a system to monitor user activity throughout a logged-in session. The effectiveness of this system is evaluated through a series of trials investigating the use of keystroke analysis using digraph, trigraph and keyword-based metrics (with the latter two methods representing novel approaches to the analysis of keystroke data). The initial trials demonstrate the viability of these techniques, whereas later trials are used to demonstrate the potential for a composite approach. The final trial described in this thesis was conducted over a three-month period with 35 trial participants and resulted in over five million samples. Due to the scope, duration, and the volume of data collected, this trial provides a significant contribution to the domain, with the use of a composite analysis method representing entirely new work. The results of these trials show that the technique of keystroke analysis is one that can be effective for the majority of users. Finally, a prototype composite authentication and response system is presented, which demonstrates how transparent, non-intrusive, continuous user authentication can be achieved