Secure Continuous Biometric-Enhanced Authentication (CMU-CS-00-134)

Biometrics have the potential to solidify person-authentication by examining \unforgeable" features of individuals. This paper explores issues involved with e ective integration of biometric-enhanced authentication into computer systems and design options for addressing them. Because biometrics are not secrets, systems must not use them like passwords; otherwise, biometric-based authentication will reduce security rather than increase it. A novel biometric-enhanced authentication system, based on a trusted camera that continuously uses face recognition to verify identity, is described and evaluated in the context of Linux. With cryptographically-signed messages and continuous authentication, the diAEculty of bypassing desktop authentication can be signi cantly increased.

[1]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[2]  J. M. Gilbert,et al.  A real-time face recognition system using custom VLSI hardware , 1993, 1993 Computer Architectures for Machine Perception.

[3]  Marcus Brown,et al.  User Identification via Keystroke Characteristics of Typed Names using Neural Networks , 1993, Int. J. Man Mach. Stud..

[4]  Theodore Y. Ts'o,et al.  Kerberos: an authentication service for computer networks , 1994, IEEE Communications Magazine.

[5]  Alex Waibel,et al.  Face locating and tracking for human-computer interaction , 1994, Proceedings of 1994 28th Asilomar Conference on Signals, Systems and Computers.

[6]  S. J. Shepherd Continuous authentication by analysis of keyboard typing characteristics , 1995 .

[7]  Vipin Samar,et al.  Unified login with pluggable authentication modules (PAM) , 1996, CCS '96.

[8]  John D. Woodward,et al.  Biometrics: privacy's foe or privacy's friend? , 1997, Proc. IEEE.

[9]  Mohammad S. Obaidat,et al.  Verification of computer users using keystroke dynamics , 1997, IEEE Trans. Syst. Man Cybern. Part B.

[10]  William A. Arbaugh,et al.  A secure and reliable bootstrap architecture , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[11]  Gerrit Bleumer Biometric yet Privacy Protecting Person Authentication , 1998, Information Hiding.

[12]  Takeo Kanade,et al.  Rotation Invariant Neural Network-Based Face Detection , 1998, Proceedings. 1998 IEEE Computer Society Conference on Computer Vision and Pattern Recognition (Cat. No.98CB36231).

[13]  B. Gutiérrez,et al.  Congenital dermatoglyphic malformations in severe bipolar disorder , 1998, Psychiatry Research.

[14]  Anil K. Jain,et al.  Integrating Faces and Fingerprints for Personal Identification , 1998, IEEE Trans. Pattern Anal. Mach. Intell..

[15]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[16]  D. D. Weinstein,et al.  Minor physical anomalies, dermatoglyphic asymmetries, and cortisol levels in adolescents with schizotypal personality disorder. , 1999, The American journal of psychiatry.

[17]  Michael K. Reiter,et al.  Password hardening based on keystroke dynamics , 2002, International Journal of Information Security.

[18]  Frédéric H. Pighin,et al.  Synthesizing realistic facial expressions from photographs , 1998, SIGGRAPH Courses.