Browsing by Subject "authentication"
Now showing 1 - 7 of 7
Results Per Page
Sort Options
Item AuthN-AuthZ: Integrated, User-Friendly and Privacy-Preserving Authentication and Authorization(IEEE, 2020-10) Phillips, Tyler; Yu, Xiaoyuan; Haakenson, Brandon; Goyal, Shreya; Zou, Xukai; Purkayastha, Saptarshi; Wu, Huanmei; BioHealth Informatics, School of Informatics and ComputingIn this paper, we propose a novel, privacy-preserving, and integrated authentication and authorization scheme (dubbed as AuthN-AuthZ). The proposed scheme can address both the usability and privacy issues often posed by authentication through use of privacy-preserving Biometric-Capsule-based authentication. Each Biometric-Capsule encapsulates a user's biometric template as well as their role within a hierarchical Role-based Access Control model. As a result, AuthN-AuthZ provides novel efficiency by performing both authentication and authorization simultaneously in a single operation. To the best of our knowledge, our scheme's integrated AuthN-AuthZ operation is the first of its kind. The proposed scheme is flexible in design and allows for the secure use of robust deep learning techniques, such as the recently proposed and current state-of-the-art facial feature representation method, ArcFace. We conduct extensive experiments to demonstrate the robust performance of the proposed scheme and its AuthN-AuthZ operation.Item A Cancellable and Privacy-Preserving Facial Biometric Authentication Scheme(IEEE, 2017) Phillips, Tyler; Zou, Xukai; Li, Feng; Computer and Information Science, School of ScienceIn recent years, biometric, or "who you are," authentication has grown rapidly in acceptance and use. Biometric authentication offers users the convenience of not having to carry a password, PIN, smartcard, etc. Instead, users will use their inherent biometric traits for authentication and, as a result, risk their biometric information being stolen. The security of users' biometric information is of critical importance within a biometric authentication scheme as compromised data can reveal sensitive information: race, gender, illness, etc. A cancellable biometric scheme, the "BioCapsule" scheme, proposed by researchers from Indiana University Purdue University Indianapolis, aims to mask users' biometric information and preserve users' privacy. The BioCapsule scheme can be easily embedded into existing biometric authentication systems, and it has been shown to preserve user-privacy, be resistant to several types of attacks, and have minimal effects on biometric authentication system accuracy. In this research we present a facial authentication system which employs several cutting-edge techniques. We tested our proposed system on several face databases, both with and without the BioCapsule scheme being embedded into our system. By comparing our results, we quantify the effects the BioCapsule scheme, and its security benefits, have on the accuracy of our facial authentication system.Item CardioCam: Leveraging Camera on Mobile Devices to Verify Users While Their Heart is Pumping(ACM, 2019-05) Liu, Jian; Shi, Cong; Chen, Yingying; Liu, Hongbo; Gruteser, Marco; Computer and Information Science, School of ScienceWith the increasing prevalence of mobile and IoT devices (e.g., smartphones, tablets, smart-home appliances), massive private and sensitive information are stored on these devices. To prevent unauthorized access on these devices, existing user verification solutions either rely on the complexity of user-defined secrets (e.g., password) or resort to specialized biometric sensors (e.g., fingerprint reader), but the users may still suffer from various attacks, such as password theft, shoulder surfing, smudge, and forged biometrics attacks. In this paper, we propose, CardioCam, a low-cost, general, hard-to-forge user verification system leveraging the unique cardiac biometrics extracted from the readily available built-in cameras in mobile and IoT devices. We demonstrate that the unique cardiac features can be extracted from the cardiac motion patterns in fingertips, by pressing on the built-in camera. To mitigate the impacts of various ambient lighting conditions and human movements under practical scenarios, CardioCam develops a gradient-based technique to optimize the camera configuration, and dynamically selects the most sensitive pixels in a camera frame to extract reliable cardiac motion patterns. Furthermore, the morphological characteristic analysis is deployed to derive user-specific cardiac features, and a feature transformation scheme grounded on Principle Component Analysis (PCA) is developed to enhance the robustness of cardiac biometrics for effective user verification. With the prototyped system, extensive experiments involving 25 subjects are conducted to demonstrate that CardioCam can achieve effective and reliable user verification with over 99% average true positive rate (TPR) while maintaining the false positive rate (FPR) as low as 4%.Item Enhancing Biometric-Capsule-based Authentication and Facial Recognition via Deep Learning(ACM, 2019) Phillips, Tyler; Zou, Xukai; Li, Feng; Li, Ninghui; Computer and Information Science, School of ScienceIn recent years, developers have used the proliferation of biometric sensors in smart devices, along with recent advances in deep learning, to implement an array of biometrics-based authentication systems. Though these systems demonstrate remarkable performance and have seen wide acceptance, they present unique and pressing security and privacy concerns. One proposed method which addresses these concerns is the elegant, fusion-based BioCapsule method. The BioCapsule method is provably secure, privacy-preserving, cancellable and flexible in its secure feature fusion design. In this work, we extend BioCapsule to face-based recognition. Moreover, we incorporate state-of-art deep learning techniques into a BioCapsule-based facial authentication system to further enhance secure recognition accuracy. We compare the performance of an underlying recognition system to the performance of the BioCapsule-embedded system in order to demonstrate the minimal effects of the BioCapsule scheme on underlying system performance. We also demonstrate that the BioCapsule scheme outperforms or performs as well as many other proposed secure biometric techniques.Item Smart User Authentication through Actuation of Daily Activities Leveraging WiFi-enabled IoT(ACM, 2017) Shi, Cong; Liu, Jian; Liu, Hongbo; Chen, Yingying; Engineering Technology, School of Engineering and TechnologyUser authentication is a critical process in both corporate and home environments due to the ever-growing security and privacy concerns. With the advancement of smart cities and home environments, the concept of user authentication is evolved with a broader implication by not only preventing unauthorized users from accessing confidential information but also providing the opportunities for customized services corresponding to a specific user. Traditional approaches of user authentication either require specialized device installation or inconvenient wearable sensor attachment. This paper supports the extended concept of user authentication with a device-free approach by leveraging the prevalent WiFi signals made available by IoT devices, such as smart refrigerator, smart TV and thermostat, etc. The proposed system utilizes the WiFi signals to capture unique human physiological and behavioral characteristics inherited from their daily activities, including both walking and stationary ones. Particularly, we extract representative features from channel state information (CSI) measurements of WiFi signals, and develop a deep learning based user authentication scheme to accurately identify each individual user. Extensive experiments in two typical indoor environments, a university office and an apartment, are conducted to demonstrate the effectiveness of the proposed authentication system. In particular, our system can achieve over 94% and 91% authentication accuracy with 11 subjects through walking and stationary activities, respectively.Item Social Media, The Internet and Electronically Stored Information Challenges(National Business Institute, 2014) Hook, Sara AnneItem Usability and Security of Different Authentication Methods for an Electronic Health Records System(arXiv, 2021) Purkayastha, Saptarshi; Goyal, Shreya; Oluwalade, Bolu; Phillips, Tyler; Wu, Huanmei; Zou, Xukai; BioHealth Informatics, School of Informatics and ComputingWe conducted a survey of 67 graduate students enrolled in the Privacy and Security in Healthcare course at Indiana University Purdue University Indianapolis. This was done to measure user preference and their understanding of usability and security of three different Electronic Health Records authentication methods: single authentication method (username and password), Single sign-on with Central Authentication Service (CAS) authentication method, and a bio-capsule facial authentication method. This research aims to explore the relationship between security and usability, and measure the effect of perceived security on usability in these three aforementioned authentication methods. We developed a formative-formative Partial Least Square Structural Equation Modeling (PLS-SEM) model to measure the relationship between the latent variables of Usability, and Security. The measurement model was developed using five observed variables (measures). - Efficiency and Effectiveness, Satisfaction, Preference, Concerns, and Confidence. The results obtained highlight the importance and impact of these measures on the latent variables and the relationship among the latent variables. From the PLS-SEM analysis, it was found that security has a positive impact on usability for Single sign-on and bio-capsule facial authentication methods. We conclude that the facial authentication method was the most secure and usable among the three authentication methods. Further, descriptive analysis was done to draw out the interesting findings from the survey regarding the observed variables.