Using Continuous Biometric Verification to Protect Interactive Login Sessions

Kumar, Sandeep; Sim, Terence; Janakiraman, Rajkumar; Zhang, Sheng

doi:10.1109/csac.2005.61

Cited by 30 publications

(25 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Finally, the use of biometric authentication allows credentials to be acquired transparently i.e. without explicitly notifying the user to enter data over and over, which provides guarantee of more security of system than traditional one [13] [14].…”

Section: Fig 1: System Architecturementioning

confidence: 99%

“…CASHMA is able to operate securely with any kind of web service, including services with high security demands as online banking services. Depending on the preferences and requirements of the owner of the web service the CASHMA authentication service replace the traditional authentication service [14]. Algorithm for Bio-Metric verification for x = 0 to image.…”

Section: Cashma Systemmentioning

confidence: 99%

“…Intuitively, the subsystem trust level could be simply set to the static value mðSk; tÞ ¼ 1 _ FMRðSkÞ for each unimodal subsystem Sk and any time t (we assume that information on the subsystems used, including their FMRs, is contained in a repository accessible by the CASHMA authentication server) [12][13] [14].…”

Section: Cashma Systemmentioning

confidence: 99%

“…Among the possible models we selected the function in (1), which: i) asymptotically decreases towards zero; ii) yields trustðti_1Þ for D ti ¼ 0; and iii) can be tuned with two parameters which control the delay ðsÞ and the slope ðkÞ with which the trust level decreases over time [14] [15].…”

Section: Cashma Systemmentioning

confidence: 99%

See 3 more Smart Citations

A Survey on User Identity Verification for Secure Login Session

Borude¹,

Chokhar²,

Bhosale³

et al. 2017

IJARCSSE

View full text Add to dashboard Cite

Abstract-In web applications, user authentication is normally based on username and password, come forth biometric solutions allow biometric data during session establishment. But in Unimodel biometric approaches only use a single verification is considered and the identity of the user is permanent during the entire session. A secure protocol is defined for constant authentication through continuous user verification. Biometric techniques suggest solution for secure, trusted and protected authentication. In between the logging session time, the one-time-password (OTP) is send on users registered email id and also randomly one questions will be asked to the user between the 5-10 mints. The user's identity has been verified, the system resources are available for fixed period of time and identity of the user is constant during entire session. The proposed system detects misuses of computer resources and prevents malicious activities based on multi-modal biometric continuous authentication. Biometric and user information's are stored in smart phones and web services. Keywords-Authentication, Security, Mobile environments, web servers I. INTRODUCTIONIn this technology era security of web-based applications is a serious concern, due to the recent increase in the frequency and complexity of cyber-attacks, biometric techniques offer emerging solution for secure and trusted user identity verification, where username and password are replaced by bio-metric traits, Gmail OTP verification and users personal information. Biometrics is the science and technology of determining identity based on physiological and behavioural traits. Biometrics includes retinal scans, finger and handprint recognition, and face recognition, handwriting analysis, voice recognition and Keyboard biometrics. Also, parallel to the spreading usage of biometric systems, the incentive in their misuse is also growing, especially in the financial and banking sectors[1] [2].In fact, similarly to traditional authentication processes which rely on username and password with OTP verification, biometric user authentication is typically formulated as a single shot, providing user verification periodically during login time when one or more biometric traits may be required. Once the user's identity has been verified, the system resources are available for a fixed period of time or until explicit logout from the user. This approach is also susceptible for attack because the identity of the user is constant during the whole session[2] [3]. Suppose, here we consider this simple scenario: a user has already logged into a security-critical service, and then the user leaves the PC unattended in the work area for a while the user session is active, allowing impostors to impersonate the user and access strictly personal data. In these scenarios, the services where the users are authenticated can be misused easily. The basic solution for this is to use very short session timeouts and request the user to input his login data again and again, but this is not a satisfactor...

show abstract

Section: Fig 1: System Architecturementioning

confidence: 99%

Section: Cashma Systemmentioning

confidence: 99%

Section: Cashma Systemmentioning

confidence: 99%

Section: Cashma Systemmentioning

confidence: 99%

See 2 more Smart Citations

A Survey on User Identity Verification for Secure Login Session

Borude¹,

Chokhar²,

Bhosale³

et al. 2017

IJARCSSE

View full text Add to dashboard Cite

show abstract

“…In this paper, we attempt to answer this question. The answer will help in the design of continuous authentication systems [5], in which the system continuously checks for the presence of the authorized user after initial login. In such a scenario, it is impractical to demand the user to repeatedly type her userid or any other pre-determined text.…”

Section: Introductionmentioning

confidence: 99%

Keystroke Dynamics in a General Setting

Janakiraman

Sim

Advances in Biometrics

View full text Add to dashboard Cite

Abstract.It is well known that Keystroke Dynamics can be used as a biometric to authenticate users. But most work to date use fixed strings, such as userid or password. In this paper, we study the feasibility of using Keystroke Dynamics as a biometric in a more general setting, where users go about their normal daily activities of emailing, web surfing, and so on. We design two classifiers that appropriate for one-time and continuous authentication. We also propose a new Goodness Measure to compute the quality of a word used for Keystroke Dynamics. From our experiments we find that, surprisingly, non-English words are better suited for identification than English words.

show abstract

Thermostability Enhancement of Clostridium thermocellum Cellulosomal Endoglucanase Cel8A by a Single Glycine Substitution

2010

View full text Add to dashboard Cite

The thermostability of endoglucanase (E.C. 3.2.1.4) Cel8A, a major component of the cellulosome complex from Clostridium thermocellum, was significantly enhanced using a directed evolution strategy. To ensure that thermostability would not compromise enzyme activity, a two‐step screening strategy was employed that involved consecutive activity and thermostability assays. We have combined three of the mutations from the thermostability screen to obtain a Cel8A variant with a significant increase in thermal resistance without substantial alteration of kinetic parameters. One of the three mutations (S329G) provided the highest contribution to enzyme stability. This single mutation served to increase the Tm by 7.0 °C and the half‐life of activity by eight fold at 85 °C. Site‐saturation mutagenesis at position 329 revealed that only the glycine residue could confer thermostability. The structural changes responsible for the properties of the mutant enzymes are discussed.

show abstract

Using Continuous Biometric Verification to Protect Interactive Login Sessions

Abstract: Abstract

Cited by 30 publications

References 10 publications

A Survey on User Identity Verification for Secure Login Session

A Survey on User Identity Verification for Secure Login Session

Keystroke Dynamics in a General Setting

Thermostability Enhancement of Clostridium thermocellum Cellulosomal Endoglucanase Cel8A by a Single Glycine Substitution

Contact Info

Product

Resources

About