SECURE CONTINUOUS
    BIOMETRIC-ENHANCED AUTHENTICATION


    [ Overview | People | Publications | Links ]

    Overview

    System Overview

    Biometric authentication promises to distinguish between users based on measurements of their physical features, something that a user is. Traditional authentication has relied on passwords and physical tokens, secrets a user knows or objects a user has. This difference poses several issues that must be handled when implementing biometric authentication systems. Consider, for example, that fingerprints are not secrets: anyone can capture them from a surface with the correct tools. Since biometrics are mostly public information, care must be taken to ensure that measured values can be securely traced back to the time and location of observation. Other issues related to implementing these systems, such as computational expense, lack of "yes" and "no" evaluation results, and privacy risks, are explored in our research.

    To explore these design challenges, we have extended authentication on a Linux system with face recognition by a "smart" camera system. At initial login, a password check is performed. Additionally, a new PAM module communicates with the camera system and verifies the face of the user logging in as matching a stored image. After passing these tests, an authentication daemon on the Linux system periodically queries the camera to determine if the initial user is still present. All communication between the camera and protected system is cryptographically secured, ensuring authenticity and integrity of messages. Offloading the computation of biometric algorithms and the storage of the biometric database from the client system onto the camera system allows the client to concentrate on providing services to users.

    People

    FACULTY

    • Greg Ganger
    • Tsuhan Chen
    • B. V. K. Vijaya Kumar

    STUDENTS

    • Andrew J. Klosterman
    • Xiaoming Liu
    • Fu Jie Huang
    • Trista Pei-chun Chen

    Publications

    • Position Summary: Authentication Confidences. Gregory R. Ganger. Appears in HotOS-VIII (IEEE Workshop on Hot Topics in Operating Systems), May 2001.
      Abstract / Postscript [66K] pdf format [16K]

    • Authentication Confidences Gregory R. Ganger. CMU SCS Technical Report CMU-CS-01-123, May 2001.
      Abstract / Postscript [335K] pdf format [42K]

    • Secure Continuous Biometric-Enhanced Authentication Andrew J. Klosterman and Gregory R. Ganger. CMU SCS Technical Report CMU-CS-00-134, May 2000.
      Abstract / Postscript [1.1M] pdf format [245K]

    Links

    • BioAPI Consortium
    • The Biometric Digest
    • Biometric Consortium
    • A Linux-PAM Page


    PDL Home Abacus Top

    © 2008.
    Last updated 17 November, 2004