Invisible, Passive, Continuous and Multimodal Authentication
Authentication, as traditionally achieved by means of a shared secret, is effortful and deliberate. Frequent and repeated authentication easily becomes a hurdle, an annoyance and a burden. This state of affairs needs to be addressed, and one of the ways of doing this is by moving towards automating the process as much as possible, and reducing the associated effort — ie. reducing its visibility. A shared secret clearly does not have the flexibility to support this, and we need therefore to consider using biometrics. Biometrics are a well-established authentication method. Physiological biometrics require a biometric reader and explicit action by the user. Furthermore, there are always a minority of users who cannot have a particular biometric measured. For example elderly women often lose their fingerprints, and iris biometrics don’t work for people with particular eye conditions.Behavioural biometrics, however, can be collected without the user having to take deliberate action. Hence there is a strong possibility that these biometrics could deliver the invisible and automatic authentication we are striving towards. One big advantage of these biometrics is that, since there is no reader, it is simple to utilise a number of different biometrics, and to combine these to authenticate the user. If one biometric fails the others can still perform authentication.
Here we propose using patterns such as keystroke dynamics, use patterns, and voice analysis techniques to create a multimodal biometric authentication mechanism. These behavioural biometrics take advantage of tasks that the user already performs thereby reducing the need for explicit authentication by more traditional means. In this way, the user is relieved of the burdens of constantly authenticating to multiple applications and devices.
KeywordsShared Secret Biometric System Voice Analysis Keystroke Dynamic Multimodal Biometric System
Unable to display preview. Download preview PDF.
- 1.Ahmed, A.A.E., Traore, I., Almulhem, A.: Digital Fingerprinting Based on Keystroke Dynamics. In: Proceedings of the Second International Symposium on Human Aspects of Information Security & Assurance (HAISA 2008), Plymouth, UK, pp. 94–104 (July 2008)Google Scholar
- 2.Bishop, C.M.: Neural Networks for Pattern Recognition. Oxford University Press (1995)Google Scholar
- 3.Bonastre, J.-F., Bimbot, F., Boe, L.-J., Cambell, J.P., Reynolds, D.A., Magrin-Chagnolleau, I.: Person Authentication by Voice: A Need for Caution. In: Proceedings of Eurospeech 2003 (2003)Google Scholar
- 5.Buchoux, A., Clarke, N.L.: Deployment of Keystroke Analysis on a Smartphone. In: Proceedings of the 6th Australian Information Security Management Conference, Perth, Western Australia, pp. 40–47. SECAU - Security Research Centre (2008)Google Scholar
- 7.Clarke, N.L., Furnell, S.M., Reynolds, P.L.: Biometric Authentication for Mobile Devices. In: Proceedings of the 3rd Australian Information Warfare and Security Conference 2002, pp. 61–69 (2002)Google Scholar
- 9.Garcia-Salicetti, S., Beumier, C., Chollet, G., Dorizzi, B., Leroux les Jardins, J., Lunter, J., Ni, Y., Petrovska-Delacretaz, D.: BIOMET: A Multimodal Person Authentication Database Including Face, Voice, Fingerprint, Hand and Signature Modalities. In: Kittler, J., Nixon, M.S. (eds.) AVBPA 2003. LNCS, vol. 2688, pp. 845–853. Springer, Heidelberg (2003)CrossRefGoogle Scholar
- 11.Hirschman, L.: Multi-Site Data Collection for a Spoken Language Corpus. In: Proceedings of the Workshop on Speech and Natural Language, pp. 7–14. ACM (1992)Google Scholar
- 12.Iwano, K., Hirose, T., Kamibayashi, E., Furui, S.: Audio-Visual Person Authentication Using Speech and Ear Images. In: Proceedings of Workshop on Multimodal User Authentication, pp. 85–90 (2003)Google Scholar
- 14.Karatzouni, S., Clarke, N.: Keystroke Analysis for Thumb-based Keyboards on Mobile Devices. In: Venter, H., Eloff, M., Labuschagne, L., Eloff, J., von Solms, R. (eds.) New Approaches for Security, Privacy and Trust in Complex Environments. IFIP, vol. 232, pp. 253–263. Springer, Boston (2007)CrossRefGoogle Scholar
- 16.Price Waterhouse Coopers. Information security breaches survey 2004. Technical report, Department of Trade and Industry (2004)Google Scholar
- 17.Psathas, G.: Conversation Analysis: The Study of Talk-in-Interaction. Sage Publications (1995)Google Scholar
- 18.Ross, A., Jain, A.K.: Multimodal Biometrics: An Overview. In: Proceedings of the 12th European Signal Processing Conference (EUSIPCO), pp. 1221–1224 (September 2004)Google Scholar
- 19.Saevanee, H., Bhattarakosol, P.: Authenticating User Using Keystroke Dynamics and Finger Pressure. In: Proceedings of the 6th IEEE Consumer Communications and Networking Conference, Las Vegas, NV, USA, pp. 1–2. IEEE (2009)Google Scholar
- 20.Smith, R.E.: Authentication: From Passwords to Public Keys. Addison-Wesley (2002)Google Scholar
- 21.Spillane, R.: Keyboard Apparatus for Personal Identification. Technical Report 17, IBM Technical Disclosure Bulletin (1975)Google Scholar
- 22.Taussig, K., Bernstein, J.: Macrophone: An American English Telephone Speech Corpus. In: Proceedings of the Workshop on Human Language Technology, Plainsboro, NJ, USA, pp. 27–30. ACM (1994)Google Scholar