Skip to main content
SpringerLink
Log in
Book cover

Advances in Human Factors in Cybersecurity pp 43–53Cite as

Biometric-Based Cybersecurity Techniques

  • Conference paper
  • First Online:

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 501))

Abstract

This paper describes biometric-based methods for achieving strong, low cost mutual and multi-factor authentication on the Internet of Things (IoT). These methods can leverage telebiometric authentication objects (TAO), tagged physical objects functionally coupled with biometric sensors and connected to a telecommunications network. Methods presented are convenient for people to use, support Universal Access (UA) goals, and ensure the confidential exchange of information between communicating parties. The described one and two-factor authentication methods use cryptographic techniques to achieve mutual authentication and data confidentiality through password and biometric authenticated key exchange (AKE). These key establishment techniques rely on the use of a Diffie-Hellman key agreement scheme to create a strong symmetric key from a weak secret. AKE protocols can provide forward secrecy and prevent disclosure of user credentials during authentication attempts to thwart active phishing and man-in-the-middle attacks. TAO combined with AKE provides mutual authentication and strong, three-factor user authentication.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    Both ITU-T X.1035: Password-Authenticated Key Exchange (PAK) protocol (2007) and ISO/IEC 11770-4:2006 Information technology—Security techniques—Key management—Part 4: Mechanisms based on weak secrets standardize PAKE techniques.

References

  1. Mayron, L.M., Hausawi, Y., Bahr, G.S.: Secure, usable biometric authentication systems. In: Universal Access in Human-Computer Interaction., Design Methods, Tools, and Interaction Techniques for Inclusion, 8009, pp. 195–204. Springer, Berlin (2013)

    Google Scholar 

  2. Griffin, P.H.: Biometric Knowledge extraction for multi-factor authentication and key exchange. Complex adaptive systems proceedings. Procedia Comput. Sci. 61, 66–71(2015) (Elsevier B.V)

    Google Scholar 

  3. Griffin, P.H.: Transport layer secured password-authenticated key exchange. Inf. Syst. Secur. Assoc. J. 13(6) (2015)

    Google Scholar 

  4. Griffin, P.H.: Telebiometric security and safety management. In: Proceedings of ITU Kaleidoscope Conference—Building Sustainable Communities (2013)

    Google Scholar 

  5. Griffin, P.H.: U.S. Patent Number 8,289,135. Washington, DC

    Google Scholar 

  6. X9 Financial Services. ANSI X9.117 Secure Remote Access—Mutual Authentication (2012)

    Google Scholar 

  7. Griffin, P.H.: Telebiometric authentication objects. Complex adaptive systems proceedings. Procedia Comput. Sci. 36, 393–400 (2014) (Elsevier B.V)

    Google Scholar 

  8. Griffin, P.H.: Security for ambient assisted living—multi-factor authentication in the internet of things. In: IEEE Global Communications (GLOBECOM), IoT Ambient Assisted Living Workshop (IoTAAL), San Diego, California (2015)

    Google Scholar 

  9. International organization for standardization. ISO 19092—Financial services—Biometrics—Security framework (2008)

    Google Scholar 

  10. Larmouth, J.: ASN.1 Complete. Morgan Kaufmann, Burlington (2000)

    Google Scholar 

  11. Alsaid, A., Mitchell, C.: Preventing phishing attacks using trusted computing technology. In: Proceedings of the 6th International Network Conference (INC’06), pp. 221–228 (2006)

    Google Scholar 

  12. Manulis, M., Stebila, D., Denham, N.: Secure modular password authentication for the web using channel bindings. In: Chen, L., Mitchell, C. (eds.) Security Standardisation Research: First International Conference, SSR 2014, London, UK, December 16–17, 2014. Proceedings, vol. 8893, pp. 167–189. Springer International Publishing (2014)

    Google Scholar 

  13. Pour, B.: ‘There’s a Metric for that’: How ‘Big Data’ Impacts Biometrics Market and Industry (2012)

    Google Scholar 

  14. Fong, S., Zhuang, Y., Fister, I.: A biometric authentication model using hand gesture images. Biomed. Eng. Online 12(1), 111 (2013)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Griffin Information Security, 1625 Glenwood Avenue, Raleigh, NC, 27608, USA

    Phillip H. Griffin

Authors
  1. Phillip H. Griffin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Phillip H. Griffin .

Editor information

Editors and Affiliations

  1. Soar Technology, Inc. , Orlando, USA

    Denise Nicholson

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Griffin, P.H. (2016). Biometric-Based Cybersecurity Techniques. In: Nicholson, D. (eds) Advances in Human Factors in Cybersecurity. Advances in Intelligent Systems and Computing, vol 501. Springer, Cham. https://doi.org/10.1007/978-3-319-41932-9_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-41932-9_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-41931-2

  • Online ISBN: 978-3-319-41932-9

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation