1
|
- Viraj S. Chavan, Sharat Chikkerur, Sergey Tulyakov and Venu Govinda=
raju
- Center for Unified Biometrics and Sensors,
- University at Buffalo
- http://www.cubs.buffalo.edu
|
2
|
- Challenges in pervasive computing environments
- Computing devices are numerous and ubiquitous
- Traditional authentication including login schemes do not work well
with so many devices
- Proposed Solution
- Use biometrics for authentication
- At the same time, ensure security of biometric templates in an open
environment
- Contributions
- Propose a biometrics based framework for securing pervasive enviro=
nment
- Implemented a novel scheme for securing biometric data in an open
environment using symmetric hash functions
|
3
|
- “The most profound technologies are those that disappear. They
weave themselves into the fabric of everyday life until they are
indistinguishable from it” – Mark Weiser
- Pervasive Computing
- A web of computing devices and sensors embedded in everyday objects
ranging from cars to house appliances
- The devices are context sensitive and user ‘aware’
- Focus on human computer interaction and AI
- Existing efforts
- Project Oxygen , MIT [1]
- Project Aura, CMU [2]
- Planet Blue, IBM [3]
|
4
|
- User Interaction
- User interacts with speech, gestures and movements
- The sensors and computing devices are ‘aware’ of the u=
ser
and in the ideal case are also aware of his ‘intent’.<=
/li>
- Proactivity
- The computing devices should interact and query other devices on
Transparency
- Technology has to be transparent.
- behalf of the user and his intent
- Device interaction
- Frequent Multiparty interactions
- No central authority or third party
|
5
|
- Consequences of a pervasive network
- Devices are numerous, ubiquitous and shared
- The network shares the context and preferences of the user
- Smart spaces are aware of the location and intent of the user
- Security Concerns
- Only authorized individuals need to be given access
- Authentication should be minimally intrusive
- Devices should be trustworthy
- Privacy issues
- User should be aware of when he is being observed
- The user context should be protected within the network
- Need to balance accessibility and security
- Should be scalable with multiple users operating in the network
|
6
|
- Wireless networks
- Initial research focused on implementing wireless and ad hoc netwo=
rking
devices and protocols
- Security an afterthought?
- Lessons for pervasive computing
- Human computer interface issues will be solved eventually
- Network infrastructure will mature
- Security has to be considered in the design stage
- Foresights
- Authentication has to be transparent
- Trusted third party may not be available
- Traditional key based systems will not scale well
- Trust based models work well with devices and agents
- Trust is not well defined for human user
|
7
|
- Definition
- Biometrics is the science of verifying and establishing the identi=
ty of
an individual through physiological features or behavioral traits.=
- Examples
- Physical Biometrics
- Fingerprint
- Hand Geometry
- Iris patterns
- Behavioral Biometrics
- Handwriting
- Signature
- Speech
- Gait
- Chemical/Biological Biometrics
- Perspiration
- Skin composition(spectroscopy)
|
8
|
- With numerous devices, traditional paradigm of user name and passwo=
rd
based scenarios are not practical
- Only authorized users should have access to data and services
- Biometrics provide an unobtrusive and convenient authentication
mechanism
- Advantages of biometrics
- Uniqueness
- No need to remember passwords or carry tokens
- Biometrics cannot be lost, stolen or forgotten
- More secure than a long password
- Solves repudiation problem
- Not susceptible to traditional dictionary attacks
|
9
|
|
10
|
|
11
|
|
12
|
|
13
|
|
14
|
|
15
|
- Definition
- It is the method of recognizing a person based on his voice
- It is one of the forms of biometric identification
- Depends of speaker specific characteristics.
|
16
|
|
17
|
|
18
|
- Literature
- 0.3%, Colombi et al. (Cepstrum)
- 6-8%, Reynolds(MelCepstrum)
- 4% Wan and Renals, (SVM)
- NIST Speaker Recognition evaluation
- ~1% FAR, 10-15% FRR (Text independent)
- Via voice
- IBM voice recognition engine is being open sourced
- ‘Speech recognition on a chip’
- CMU is developing a chip architecture to completely embed speech
recognition on a single chip
|
19
|
|
20
|
- Issues in biometrics
- Biometrics is secure but not secret
- Permanently associated with user
- Used across multiple applications
- Can be covertly captured
- Types of circumvention
- Denial of service attacks(1)
- Fake biometrics attack(2)
- Replay and Spoof attacks(3,5)
- Trojan horse attacks(4,6,7)
- Back end attacks(8)
- Collusion
- Coercion
|
21
|
- Hashing
- Instead of storing the original password P, a hashed values
P’=3DH(P) is stored instead.
- The user is authenticated if H(password) =3D P’.
- It is computationally hard to recover P given H(P)
- H() – one way hashing function
- Problem with biometrics
- Biometric data has high uncertainty
- Matching is inexact/probabilistic
- Therefore, hashing function should be error tolerant
|
22
|
|
23
|
|
24
|
|
25
|
|
26
|
|
27
|
|
28
|
- n=3D2, m=3D1: for eac=
h minutia
point we find it nearest neighbor, and
|
29
|
|
30
|
- Smart spaces and pervasive computing are moving from concepts to
implementations
- Security has to be incorporated in the design stage
- Traditional authentication and access control paradigms cannot scal=
e to
numerous and ubiquitous devices
- Biometrics serves as a reliable alternative for minimally intrusive
authentication
- Biometrics solves key management and repudiation problem
- Securing biometrics is a major challenge in an open environment
- Biometric hashing can be used to create revocable biometric templat=
es
|
31
|
- http://www.cubs.buffalo.edu
|
32
|
|