Browsing by Author "Phillips, Tyler"

Now showing 1 - 9 of 9
  • Thumbnail Image
    Item
    AuthN-AuthZ: Integrated, User-Friendly and Privacy-Preserving Authentication and Authorization
    (IEEE, 2020-10) Phillips, Tyler; Yu, Xiaoyuan; Haakenson, Brandon; Goyal, Shreya; Zou, Xukai; Purkayastha, Saptarshi; Wu, Huanmei; BioHealth Informatics, School of Informatics and Computing
    In this paper, we propose a novel, privacy-preserving, and integrated authentication and authorization scheme (dubbed as AuthN-AuthZ). The proposed scheme can address both the usability and privacy issues often posed by authentication through use of privacy-preserving Biometric-Capsule-based authentication. Each Biometric-Capsule encapsulates a user's biometric template as well as their role within a hierarchical Role-based Access Control model. As a result, AuthN-AuthZ provides novel efficiency by performing both authentication and authorization simultaneously in a single operation. To the best of our knowledge, our scheme's integrated AuthN-AuthZ operation is the first of its kind. The proposed scheme is flexible in design and allows for the secure use of robust deep learning techniques, such as the recently proposed and current state-of-the-art facial feature representation method, ArcFace. We conduct extensive experiments to demonstrate the robust performance of the proposed scheme and its AuthN-AuthZ operation.
  • Thumbnail Image
    Item
    A Cancellable and Privacy-Preserving Facial Biometric Authentication Scheme
    (IEEE, 2017) Phillips, Tyler; Zou, Xukai; Li, Feng; Computer and Information Science, School of Science
    In recent years, biometric, or "who you are," authentication has grown rapidly in acceptance and use. Biometric authentication offers users the convenience of not having to carry a password, PIN, smartcard, etc. Instead, users will use their inherent biometric traits for authentication and, as a result, risk their biometric information being stolen. The security of users' biometric information is of critical importance within a biometric authentication scheme as compromised data can reveal sensitive information: race, gender, illness, etc. A cancellable biometric scheme, the "BioCapsule" scheme, proposed by researchers from Indiana University Purdue University Indianapolis, aims to mask users' biometric information and preserve users' privacy. The BioCapsule scheme can be easily embedded into existing biometric authentication systems, and it has been shown to preserve user-privacy, be resistant to several types of attacks, and have minimal effects on biometric authentication system accuracy. In this research we present a facial authentication system which employs several cutting-edge techniques. We tested our proposed system on several face databases, both with and without the BioCapsule scheme being embedded into our system. By comparing our results, we quantify the effects the BioCapsule scheme, and its security benefits, have on the accuracy of our facial authentication system.
  • Thumbnail Image
    Item
    Design and Implementation of Privacy-Preserving, Flexible and Scalable Role-Based Hierarchical Access Control
    (IEEE, 2019-12) Phillips, Tyler; Yu, Xiaoyuan; Haakenson, Brandon; Zou, Xukai; Computer and Information Science, School of Science
    In many domains, organizations must model personnel and corresponding data access privileges as fine-grained hierarchical access control models. One class of such models, Role-based Access Control (RBAC) models, has been widely accepted and deployed. However, RBAC models are often used without involving cryptographic keys nor considering confidentiality/privacy at the data level. How to design, implement and dynamically modify such a hierarchy, ensure user and data privacy and distribute and manage necessary cryptographic keys are issues of the utmost importance. One elegant solution for cryptography-based hierarchical access control combines the collusion-resistant and privacy-preserving Access Control Polynomial (ACP) and Atallah's Dynamic and Efficient Extended Key Management scheme. Such a model involves cryptographic keys used to encrypt data, can address confidentiality/privacy at the data level and can efficiently support dynamic changes to the RBAC access hierarchy. In this paper, we discuss several implementation challenges and propose solutions when deploying such a system including: data encryption and decryption, key storage and key distribution. Furthermore, we provide analysis of the efficiency and scalability of the resulting system.
  • Thumbnail Image
    Item
    Enabling Secure and Effective Biomedical Data Sharing through Cyberinfrastructure Gateways
    (arXiv, 2020) Goyal, Shreya; Purkayastha, Saptarshi; Phillips, Tyler; Quick, Robert; Britt, Alexis; BioHealth Informatics, School of Informatics and Computing
    Scientific cyberinfrastructures promise solutions to computational challenges with rich resources; they embrace collaborative workflows in which users can access and share scientific data and computing resources to perform research and education tasks, which catalyze scientific discovery. The Dynaswap project reports on developing a coherently integrated and trustworthy holistic secure workflow protection architecture for cyberinfrastructures which can be used on virtual machines deployed through cyberinfrastructure (CI) services such as JetStream. This service creates a user-friendly cloud environment designed to give researchers access to interactive computing and data analysis resources on demand. The Dynaswap cybersecurity architecture supports roles, role hierarchies, and data hierarchies, as well as dynamic changes of roles and hierarchical relations within the scientific infrastructure. Dynaswap combines existing cutting-edge security frameworks (including an Authentication Authorization-Accounting framework, Multi-Factor Authentication, Secure Digital Provenance, and Blockchain) with advanced security tools (e.g., Biometric-Capsule, Cryptography-based Hierarchical Access Control, and Dual-level Key Management). The security technologies have been developed and integrated with the Open Medical Record System for enhanced security purposes and delivering a secure scientific infrastructure, which allows researchers, educators, practitioners, and students to remotely access and share sensitive data, computing resources, and workflows with flexibility and convenience while also having the highest security and privacy protection. The CI is being validated in life-science research environments and in the education settings of Health Informatics.
  • Thumbnail Image
    Item
    Enhancing Biometric-Capsule-based Authentication and Facial Recognition via Deep Learning
    (ACM, 2019) Phillips, Tyler; Zou, Xukai; Li, Feng; Li, Ninghui; Computer and Information Science, School of Science
    In recent years, developers have used the proliferation of biometric sensors in smart devices, along with recent advances in deep learning, to implement an array of biometrics-based authentication systems. Though these systems demonstrate remarkable performance and have seen wide acceptance, they present unique and pressing security and privacy concerns. One proposed method which addresses these concerns is the elegant, fusion-based BioCapsule method. The BioCapsule method is provably secure, privacy-preserving, cancellable and flexible in its secure feature fusion design. In this work, we extend BioCapsule to face-based recognition. Moreover, we incorporate state-of-art deep learning techniques into a BioCapsule-based facial authentication system to further enhance secure recognition accuracy. We compare the performance of an underlying recognition system to the performance of the BioCapsule-embedded system in order to demonstrate the minimal effects of the BioCapsule scheme on underlying system performance. We also demonstrate that the BioCapsule scheme outperforms or performs as well as many other proposed secure biometric techniques.
  • Thumbnail Image
    Item
    Learning Discriminative Features for Adversarial Robustness
    (IEEE Xplore, 2022-04) Hosler, Ryan; Phillips, Tyler; Yu, Xiaoyuan; Sundar, Agnideven; Zou, Xukai; Li, Feng; Computer and Information Science, School of Science
    Deep Learning models have shown incredible image classification capabilities that extend beyond humans. However, they remain susceptible to image perturbations that a human could not perceive. A slightly modified input, known as an Adversarial Example, will result in drastically different model behavior. The use of Adversarial Machine Learning to generate Adversarial Examples remains a security threat in the field of Deep Learning. Hence, defending against such attacks is a studied field of Deep Learning Security. In this paper, we present the Adversarial Robustness of discriminative loss functions. Such loss functions specialize in either inter-class or intra-class compactness. Therefore, generating an Adversarial Example should be more difficult since the decision barrier between different classes will be more significant. We conducted White-Box and Black-Box attacks on Deep Learning models trained with different discriminative loss functions to test this. Moreover, each discriminative loss function will be optimized with and without Adversarial Robustness in mind. From our experimentation, we found White-Box attacks to be effective against all models, even those trained for Adversarial Robustness, with varying degrees of effectiveness. However, state-of-the-art Deep Learning models, such as Arcface, will show significant Adversarial Robustness against Black-Box attacks while paired with adversarial defense methods. Moreover, by exploring Black-Box attacks, we demonstrate the transferability of Adversarial Examples while using surrogate models optimized with different discriminative loss functions.
  • Thumbnail Image
    Item
    A New Look at Old Abe’s Color Guard
    (Coddington, 2019) Phillips, Tyler; Zou, Xukai; Byrd, Kenneth E.; Computer and Information Science, School of Science
    Many images of the American Civil War exist today and allow us to gain insight into the lives’ of those involved in the conflict. Unfortunately, these images also pose questions as many of the soldiers they depict are unidentified or identified with unknown reliability. One such image is that of the Wisconsin Infantry Color Guard and their bald eagle mascot “Old Abe.” One of the men in the color guard has been identified as George W. Riley due to an inscription on the back of the image. We perform state-of-art biometric-facial analysis of this soldier and several candidate identities. Through this biometric analysis and corroborating historical documents, we present compelling evidence that this soldier is not George W. Riley, but is more likely Walter J. Quick.
  • Thumbnail Image
    Item
    Usability and Security of Different Authentication Methods for an Electronic Health Records System
    (arXiv, 2021) Purkayastha, Saptarshi; Goyal, Shreya; Oluwalade, Bolu; Phillips, Tyler; Wu, Huanmei; Zou, Xukai; BioHealth Informatics, School of Informatics and Computing
    We conducted a survey of 67 graduate students enrolled in the Privacy and Security in Healthcare course at Indiana University Purdue University Indianapolis. This was done to measure user preference and their understanding of usability and security of three different Electronic Health Records authentication methods: single authentication method (username and password), Single sign-on with Central Authentication Service (CAS) authentication method, and a bio-capsule facial authentication method. This research aims to explore the relationship between security and usability, and measure the effect of perceived security on usability in these three aforementioned authentication methods. We developed a formative-formative Partial Least Square Structural Equation Modeling (PLS-SEM) model to measure the relationship between the latent variables of Usability, and Security. The measurement model was developed using five observed variables (measures). - Efficiency and Effectiveness, Satisfaction, Preference, Concerns, and Confidence. The results obtained highlight the importance and impact of these measures on the latent variables and the relationship among the latent variables. From the PLS-SEM analysis, it was found that security has a positive impact on usability for Single sign-on and bio-capsule facial authentication methods. We conclude that the facial authentication method was the most secure and usable among the three authentication methods. Further, descriptive analysis was done to draw out the interesting findings from the survey regarding the observed variables.
  • Thumbnail Image
    Item
    User-Friendly Design of Cryptographically-Enforced Hierarchical Role-based Access Control Models
    (IEEE, 2020-08) Yu, Xiaoyuan; Haakenson, Brandon; Phillips, Tyler; Zou, Xukai; Computer and Information Science, School of Science
    Data access control is a critical issue for any organization generating, recording or leveraging sensitive information. The popular Role-based Access Control (RBAC) model is well- suited for large organizations with various groups of personnel, each needing their own set of data access privileges. Unfortunately, the traditional RBAC model does not involve the use of cryptographic keys needed to enforce access control policies and protect data privacy. Cryptography-based Hierarchical Access Control (CHAC) models, on the other hand, have been proposed to facilitate RBAC models and directly enforce data privacy and access controls through the use of key management schemes. Though CHAC models and efficient key management schemes can support large and dynamic organizations, they are difficult to design and maintain without intimate knowledge of symmetric encryption, key management and hierarchical access control models. Therefore, in this paper we propose an efficient algorithm which automatically generates a fine-grained CHAC model based on the input of a highly user-friendly representation of access control policies. The generated CHAC model, the dual-level key management (DLKM) scheme, leverages the collusion-resistant Access Control Polynomial (ACP) and Atallah's Efficient Key Management scheme in order to provide privacy at both the data and user levels. As a result, the proposed model generation algorithm serves to democratize the use of CHAC. We analyze each component of our proposed system and evaluate the resulting performance of the user-friendly CHAC model generation algorithm, as well as the DLKM model itself, along several dimensions.