Continuous and Transparent User Identity Verification for Secure Internet Services

“…We define the subsystem trust level m(S k ,t) as the probability that the unimodal subsystem S k at time t does not authenticate an impostor (a non-legitimate user) considering the quality of the sensor, the accuracy of the underlying verification algorithm (i.e., FAR k , FRR k ), and the risk that the subsystem is intruded or the biometric trait is forged [3].…”

“…The user trust level g(u, t) indicates the trust placed by the authentication service in the user u at time t, i.e., the probability that the user u is a legitimate user just considering his behavior in terms of device utilization (e.g., time since last interaction with a sensor) and the time since last acquisition of biometric data [3].…”

“…It describes the belief that at time t the user u is actually a legitimate user of the system, considering the combination of all subsystems trust levels and of the user trust level [3].…”

“…Therefore, solutions based on biometric continuous authentication have been studied in literature [16]- [21]. Those approaches shift user identity verification from a single-occurrence to a continuous process; relatively recent solutions are able to transparently acquire biometric data to perform authentication without significantly reducing the system usability [3], [17], [18].…”

“…We choose the approach of [3] for multi-biometric continuous authentication as a starting point, because it is sufficiently general and is one of the few solutions in literature which improve security of the user session without reducing usability [38]. The idea is to introduce in its architecture and in its protocol the modifications needed to provide also continuous non-repudiation.…”

Continuous Biometric Verification for Non-Repudiation of Remote Services

“…We define the subsystem trust level m(S k ,t) as the probability that the unimodal subsystem S k at time t does not authenticate an impostor (a non-legitimate user) considering the quality of the sensor, the accuracy of the underlying verification algorithm (i.e., FAR k , FRR k ), and the risk that the subsystem is intruded or the biometric trait is forged [3].…”

“…The user trust level g(u, t) indicates the trust placed by the authentication service in the user u at time t, i.e., the probability that the user u is a legitimate user just considering his behavior in terms of device utilization (e.g., time since last interaction with a sensor) and the time since last acquisition of biometric data [3].…”

“…It describes the belief that at time t the user u is actually a legitimate user of the system, considering the combination of all subsystems trust levels and of the user trust level [3].…”

“…Therefore, solutions based on biometric continuous authentication have been studied in literature [16]- [21]. Those approaches shift user identity verification from a single-occurrence to a continuous process; relatively recent solutions are able to transparently acquire biometric data to perform authentication without significantly reducing the system usability [3], [17], [18].…”

“…We choose the approach of [3] for multi-biometric continuous authentication as a starting point, because it is sufficiently general and is one of the few solutions in literature which improve security of the user session without reducing usability [38]. The idea is to introduce in its architecture and in its protocol the modifications needed to provide also continuous non-repudiation.…”

Continuous Biometric Verification for Non-Repudiation of Remote Services

Securing Cloud Storage by Transparent Biometric Cryptography

Multi-device Continuous Authentication Mechanism Based on Homomorphic Encryption and SVM Algorithm