Privacy preserving multi-factor authentication with biometrics

Bhargav-Spantzel, Abhilasha; Squicciarini, Anna; Modi, Shimon; Young, Matthew R.; Bertino, Elisa; Elliott, Stephen J.

doi:10.3233/jcs-2007-15503

Cited by 83 publications

(24 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For this work, we assume that the smart-infrastructure has an authentication system which can reliably identify subjects, as in Bhargav-Spantzel et al [2006]. Note that the technology used by the authentication system is not the focus of this work; we simply assume that it has the ability to authenticate subjects reliably and provide this information to the access control system in place.…”

Section: System Modelmentioning

confidence: 99%

CAAC -- An Adaptive and Proactive Access Control Approach for Emergencies in Smart Infrastructures

Venkatasubramanian

Mukherjee

Gupta

2014

ACM Trans. Auton. Adapt. Syst.

View full text Add to dashboard Cite

The article presents an access control model called Criticality Aware Access Control (CAAC) for criticality (emergency) management in smart infrastructures. Criticalities are consequences of events which take a system (in our case, a smart infrastructure) into an unstable state. They require the execution of specific response actions in order to bring them under control. The principal aim of CAAC is to grant the right set of access privileges (to facilitate response action execution), at the right time, to the right set of subjects, for the right duration, in order to control the criticalities within the system. In this regard, the CAAC model uses a stochastic model called the Action Generation Model to determine the required response actions for the combination of criticalities present within the system. It then facilitates response actions by adaptively altering the privileges to specific subjects, in a proactive manner, without the need for any explicit access requests. In this article, we formalize the CAAC model and validate it based on two design goals -proactivity and adaptiveness. Finally, we present a case study demonstrating CAAC's operation on an oil-rig platform in order to aid in the response to health-and fire-related criticalities.

show abstract

Section: System Modelmentioning

confidence: 99%

CAAC -- An Adaptive and Proactive Access Control Approach for Emergencies in Smart Infrastructures

Venkatasubramanian

Mukherjee

Gupta

2014

ACM Trans. Auton. Adapt. Syst.

View full text Add to dashboard Cite

show abstract

“…Efforts are ongoing to replace password-based authentication with better alternatives [1,3,11,12]. With multi-factor authentication, users authenticate with a combination of authentication factors, i.e.…”

Section: Related Workmentioning

confidence: 99%

SmartAuth

Preuveneers

Joosen

2015

Proceedings of the 30th Annual ACM Symposium on Applied Computing

View full text Add to dashboard Cite

As recent incidents have shown, weak passwords are a severe security risk for authenticating users and granting access to protected resources. Additionally, strong passwords score low on usability, especially on mobile devices. In this work, we present SmartAuth, a scalable context-aware authentication framework built on top of OpenAM, a state-of-practice identity and access management suite. It uses adaptive and dynamic context fingerprinting based on Hoeffding trees to continuously ascertain whether a user's identity is authentic or not, and it respects privacy preferences by adopting consent-driven use of context information. We assess our approach from both an offensive and defensive security perspective. Our results show that dynamic context fingerprinting has good potential for a zero-interaction authentication scheme, with a minimal performance overhead compared to traditional authentication schemes.

show abstract

“…Although a simple client server biometric authentication system is proposed in [11], the decision can be computed after a decryption operation as in the schemes summarized in [7], thus the leakage of the system's secret keys endangers the security of the system. Besides, MFBA systems are proposed in [12], [13], [14], [15], [16], where the last two schemes performs the matching on card for a local authentication followed by a remote authentication. Also, cancelable biometrics is combined with a smart card for storing only the helper information [17], [18] for a MFBA.…”

Section: A Related Workmentioning

confidence: 99%

Practical multi-factor biometric remote authentication

Sarier

2010

2010 Fourth IEEE International Conference on Biometrics: Theory, Applications and Systems (BTAS)

View full text Add to dashboard Cite

In this paper, we evaluate the security properties of multi-factor biometric authentication (MFBA) and define the notion of User Privacy, where the biometrics is assumed as a set of features that can be either ordered or unordered depending on the biometric modality. We propose efficient schemes for MFBA, which do not incorporate secure sketches, thus, different template extraction methods are applicable. We formally describe the security model for MFBA, where the computations are performed in the encrypted domain but without requiring a decryption key for the authentication decision. Thus, leakage of the secret key of any system component does not affect the security of the scheme as opposed to the current biometric systems involving cryptographic techniques.

show abstract

Privacy preserving multi-factor authentication with biometrics

Cited by 83 publications

References 0 publications

CAAC -- An Adaptive and Proactive Access Control Approach for Emergencies in Smart Infrastructures

CAAC -- An Adaptive and Proactive Access Control Approach for Emergencies in Smart Infrastructures

SmartAuth

Practical multi-factor biometric remote authentication

Contact Info

Product

Resources

About