SILS: a Smart Indoors Localization Scheme based on on-the-go cooperative Smartphones networks using onboard Bluetooth, WiFi and GNSS

Seamless outdoors-indoors localization based on Smartphones sensors is essential to realize the full potential of Location Based Services. This paper proposes a Smart Indoors Localization Scheme (SILS) whereby participating Smartphones (SPs) in the same outdoors and indoors vicinity, form a Bluetooth network to locate the indoors SPs. To achieve this, SILS will perform 3 functions: (1) synchronize & locate all reachable WiFi Access Points (WAPs) with live GNSS time available on the outdoors SPs; 2) exchange a database of all SPs location and time-offsets; 3) calculate approximate location of indoor-SPs based on hybridization of GNSS, Bluetooth and WiFi measurements. These measurements includes a) Bluetooth to Bluetooth relative pseudo ranges of all participating SPs based on hop-synchronization and Master-Slave role switching to minimize the pseudo-ranges error, b) GNSS measured location of outdoors-SPs with good geometric reference points, and c) WAPs-SPs Trilateration estimates for deep indoors localization. Results, obtained from OPNET simulation and live trials of SILS built for various SPs network size and indoors/outdoors combinations scenarios, show that we can locate under 1 meter in near-indoors while accuracy of around 2-meters can be achieved when locating SPs at deep indoors situations. Better accuracy can be achieved when large numbers of SPs (up to 7) are available in the network/vicinity at any one time and when at least 4 of them have a good sky view outdoors

oBiometrics: A Software protection scheme using biometric-based obfuscation

This paper proposes to integrate biometric-based key generation into an obfuscated interpretation algorithm to protect authentication application software from illegitimate use or reverse-engineering. This is especially necessary for mCommerce because application programmes on mobile devices, such as Smartphones and Tablet-PCs are typically open for misuse by hackers. Therefore, the scheme proposed in this paper ensures that a correct interpretation / execution of the obfuscated program code of the authentication application requires a valid biometric generated key of the actual person to be authenticated, in real-time. Without this key, the real semantics of the program can not be understood by an attacker even if he/she gains access to this application code. Furthermore, the security provided by this scheme can be a vital aspect in protecting any application running on mobile devices that are increasingly used to perform business/financial or other security related applications, but are easily lost or stolen. The scheme starts by creating a personalised copy of any application based on the biometric key generated during an enrolment process with the authenticator as well as a nuance created at the time of communication between the client and the authenticator. The obfuscated code is then shipped to the client’s mobile devise and integrated with real-time biometric extracted data of the client to form the unlocking key during execution. The novelty of this scheme is achieved by the close binding of this application program to the biometric key of the client, thus making this application unusable for others. Trials and experimental results on biometric key generation, based on client's faces, and an implemented scheme prototype, based on the Android emulator, prove the concept and novelty of this proposed scheme

eBiometrics: an enhanced multi-biometrics authentication technique for real-time remote applications on mobile devices

The use of mobile communication devices with advance sensors is growing rapidly. These sensors are enabling functions such as Image capture, Location applications, and Biometric authentication such as Fingerprint verification and Face & Handwritten signature recognition. Such ubiquitous devices are essential tools in today's global economic activities enabling anywhere-anytime financial and business transactions. Cryptographic functions and biometric-based authentication can enhance the security and confidentiality of mobile transactions. Using Biometric template security techniques in real-time biometric-based authentication are key factors for successful identity verification solutions, but are venerable to determined attacks by both fraudulent software and hardware. The EU-funded SecurePhone project has designed and implemented a multimodal biometric user authentication system on a prototype mobile communication device. However, various implementations of this project have resulted in long verification times or reduced accuracy and/or security. This paper proposes to use built-in-self-test techniques to ensure no tampering has taken place on the verification process prior to performing the actual biometric authentication. These techniques utilises the user personal identification number as a seed to generate a unique signature. This signature is then used to test the integrity of the verification process. Also, this study proposes the use of a combination of biometric modalities to provide application specific authentication in a secure environment, thus achieving optimum security level with effective processing time. I.e. to ensure that the necessary authentication steps and algorithms running on the mobile device application processor can not be undermined or modified by an imposter to get unauthorized access to the secure system

Privacy preserving, real-time and location secured biometrics for mCommerce authentication

Secure wireless connectivity between mobile devices and financial/commercial establishments is mature, and so is the security of remote authentication for mCommerce. However, the current techniques are open for hacking, false misrepresentation, replay and other attacks. This is because of the lack of real-time and current-precise-location in the authentication process. This paper proposes a new technique that includes freshly-generated real-time personal biometric data of the client and present-position of the mobile device used by the client to perform the mCommerce so to form a real-time biometric representation to authenticate any remote transaction. A fresh GPS fix generates the "time and location" to stamp the biometric data freshly captured to produce a single, real-time biometric representation on the mobile device. A trusted Certification Authority (CA) acts as an independent authenticator of such client's claimed real time location and his/her provided fresh biometric data. Thus eliminates the necessity of user enrolment with many mCommerce services and application providers. This CA can also "independently from the client" and "at that instant of time" collect the client's mobile device "time and location" from the cellular network operator so to compare with the received information, together with the client's stored biometric information. Finally, to preserve the client's location privacy and to eliminate the possibility of cross-application client tracking, this paper proposes shielding the real location of the mobile device used prior to submission to the CA or authenticators

Privacy in Biometric Systems

Biometrics are physiological and/or behavioral characteristics of a person that have been used to provide an automatic proof of identity in a growing list of applications including crime/terrorism fighting, forensics, access and border control, securing e-/m-commerce transactions and service entitlements. In recent years, a great deal of research into a variety of new and traditional biometrics has widened the scope of investigations beyond improving accuracy into mechanisms that deal with serious concerns raised about the potential misuse of collected biometric data. Despite the long list of biometrics’ benefits, privacy concerns have become widely shared due to the fact that every time the biometric of a person is checked, a trace is left that could reveal personal and confidential information. In fact, biometric-based recognition has an inherent privacy problem as it relies on capturing, analyzing, and storing personal data about us as individuals. For example, biometric systems deal with data related to the way we look (face, iris), the way we walk (gait), the way we talk (speaker recognition), the way we write (handwriting), the way we type on a keyboard (keystroke), the way we read (eye movement), and many more. Privacy has become a serious concern for the public as biometric systems are increasingly deployed in many applications ranging from accessing our account on a Smartphone or computer to border control and national biometric cards on a very large scale. For example, the Unique Identification Authority of India (UIDAI) has issued 56 million biometric cards as of January 2014 [1], where each biometric card holds templates of the 10 fingers, the two irises and the face. An essential factor behind the growing popularity of biometrics in recent years is the fact that biometric sensors have become a lot cheaper as well as easier to install and handle. CCTV cameras are installed nearly everywhere and almost all Smartphones are equipped with a camera, microphone, fingerprint scanner, and probably very soon, an iris scanner

LocBiometrics: Mobile phone based multifactor biometric authentication with time and location assurance

The continuing growth of Smartphones and Superphones has significantly increased mCommerce. The security of personal information on the phone and lack of the face-to-face identification has made the authentication process prone to identity theft and false impersonation. Biometric authentication offers personal identification but is missing the real-time and precise-position associated with the person. This paper proposes the use of freshly generated real-time personal-data and present-position to form a “one-time multi-factor biometric” representation. i.e. using GPS "time and location" to stamp the user’s fresh biometric data on the phone side, and then, the authenticator will compare this information with the position of the phone obtained independently from the cellular network at that instant in time

Localisation and obfuscation techniques for enhanced multi-factor authentification in mcommerce applications

Abstract The focus of this thesis is to investigate solutions that shall enhance the security of remote client authentication for mCommerce applications on phones such as Smartphones or Tablet-PCs. This thesis details three innovative authentication schemes developed during the course of this study. These schemes are based on the use of localisation and obfuscation techniques in combination with multi-factor authentication to enforce the knowledge of "who, when, where and how" necessary for any remote client authentication attempt. Thus, assuring the mCommerce service provider about the genuine client as well as ensuring correct capturing and processing of the client's authentication data on the remote phone. The author of this thesis believes that these schemes, when developed on commercial mCommerce applications, shall enhance the service provider's trust into the received client data and therefore shall encourage more service providers to offer their mCommerce services via phone applications to their clients. The first proposed scheme, called MORE-BAILS, combines multiple authentication factors into a One-Time Multi-Factor Biometric Representation (OTMFBR) of a client, so to achieve robust, secure, and privacy-preserving client authentication. Tests and trials of this scheme proved that it is viable for use in the authentication process of any type of mCommerce phone applications. The second and third schemes, called oBiometrics and LocAuth respectively, use a new obfuscated-interpretation approach to protect the mComrnerce application against misuse by attackers as well as to ensure the real-time and one-time properties of the client's authentication attempt. The novelty of combining biornetric-based keys with obfuscated-interpretation tightly binds the correct mCommerce application execution to the genuine client. Furthermore, integration of the client's current location and real-time in the LocAuth challenge / response scheme eliminates the risk that an attacker can illegitimately re-use previously gathered genuine client authentication data in a replay attack. f Based on appropriate criteria, the MORE-BAILS, oBiometrics and LocAuth levels of security, user-friendliness and algorithms' ease-of-implementation are proven m experiments and trials on state-of-the-art Android-based Smartphones.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

学会記事 第8回日本泌尿器科学会関西地方会

With the added security provided by LTE, geographical location has become an important factor for authentication to enhance the security of remote client authentication during mCommerce applications using Smartphones. Tight combination of geographical location with classic authentication factors like PINs/Biometrics in a real-time, remote verification scheme over the LTE layer connection assures the authenticator about the client itself (via PIN/biometric) as well as the client’s current location, thus defines the important aspects of “who”, “when”, and “where” of the authentication attempt without eaves dropping or man on the middle attacks. To securely integrate location as an authentication factor into the remote authentication scheme, client’s location must be verified independently, i.e. the authenticator should not solely rely on the location determined on and reported by the client’s Smartphone. The latest wireless data communication technology for mobile phones (4G LTE, Long-Term Evolution), recently being rolled out in various networks, can be employed to enhance this location-factor requirement of independent location verification. LTE’s Control Plane LBS provisions, when integrated with user-based authentication and independent source of localisation factors ensures secure efficient, continuous location tracking of the Smartphone. This feature can be performed during normal operation of the LTE-based communication between client and network operator resulting in the authenticator being able to verify the client’s claimed location more securely and accurately. Trials and experiments show that such algorithm implementation is viable for nowadays Smartphone-based banking via LTE communication

Balanitis Xerotica Obliterans

In this paper the author dealt with the case o n 30 years old male who showed clinical and histological findings corresponding to so-called Balanitis xerotica obliterans reported by Stiihmer. The pa t i ent was operated on his phimosis at the age of 18 and at that time urethral obturation was also pointed out by the physician. The symptom of urethral obturation became worse after the operation. The clinical findings c orresponded to the second type or Kraurosis alba among the 3 types classified by Peyre', and it was thought to be identical to Stiihmer's Balanitis xerotica obliterans after operation

WiMAX parameters adaptation through a baseband processor using discrete particle swarm method:International Journal of Microwave and Wireless Technologies

The measurements of physical level parameters can become the area where decisions about cognitive radio will have the most striking effect. Field-programmable gate array (FPGA) enables real-time analyses of physical layer data to satisfy constraints like dynamic spectrum allocations, data throughput, and the coding rate. Cognitive radio will be based on simple network management techniques, using remote procedure calls. Intelligent knowledge-base system (IKBS) techniques will be used to search the parameter space in selecting changes to the system. Worldwide Interoperability for Microwave Access (WiMAX) PHY-layer functions will be managed cognitively by a FPGA-based controller to optimize the performance of the system. Instead of simple bit loading methods, the global multi-criteria optimization promise possibility to adapt more parameters with respect to several objectives. In this paper, the application of particle swarm optimization to fixed WiMAX-OFDM (Orthogonal Frequency Division Multiplexing) parameter adaptation is presented and compared with the greedy bit loading algorith