CONTINUOUS AND TRANSPARENT USER IDENTITY VERIFICATION FOR SECURE INTERNET SERVICES

ABSTRACT

Session management in distributed Internet services is traditionally based on username and password, explicit logouts and mechanisms of user session expiration using classic timeouts. Emerging biometric solutions allow substituting username and password with biometric data during session establishment, but in such an approach still a single verification is deemed sufficient, and the identity of a user is considered immutable during the entire session. Additionally, the length of the session timeout may impact on the usability of the service and consequent client satisfaction. This paper explores promising alternatives offered by applying biometrics in the management of sessions. A secure protocol is defined for perpetual authentication through continuous user verification. The protocol determines adaptive timeouts based on the quality, frequency and type of biometric data transparently acquired from the user. The functional behavior of the protocol is illustrated through Mat lab simulations, while model-based quantitative analysis is carried out to assess the ability of the protocol to contrast security attacks exercised by different kinds of attackers. Finally, the current prototype for PCs and Android smart phones is discussed.

AIM

The aim of this paper is explores promising alternatives offered by applying biometrics in the management of sessions. A secure protocol is defined for perpetual authentication through continuous user verification.

SCOPE:

The Scope of this paper is tends to protocol determines adaptive timeouts based on the quality, frequency and type of biometric data transparently acquired from the user.

EXISTING SYSTEM

To timely detect misuses of computer resources and prevent that an unauthorized user maliciously replaces an authorized one, solutions based on multi-modal biometric continuous authentication  are proposed, turning user verification into a continuous process rather than a onetime occurrence . To avoid that a single biometric trait is forged, biometrics authentication can rely on multiple biometrics traits. Finally, the use of biometric authentication allows credentials to be acquired transparently, i.e. without explicitly notifying the user or requiring his/her interaction, which is essential to guarantee better service usability. We present some examples of transparent acquisition of biometric data. Face can be acquired while the user is located in front of the camera, but not purposely for the acquisition of the biometric data; e.g., the user may be reading a textual SMS or watching a movie on the mobile phone. Voice can be acquired when the user speaks on the phone or with other people nearby if the microphone always captures background. Key-stroke data can be acquired whenever the user types on the keyboard, for example when writing an SMS, chat-ting, or browsing on the Internet.

DISADVANTAGES

1.  In such an approach still a single verification is deemed sufficient, and the identity of a user is considered immutable during the entire session
2. The length of the session timeout may impact on the usability of the service and consequent client satisfaction.

PROPOSED SYSTEM

This paper a new approach for user verification and session management that is applied in the CASHMA (Context Aware Security by Hierarchical Multilevel Architectures) system for secure bi-metrics authentication on the Internet. CASHMA is able to operate securely with any kind of web service, including services with high security demands as online banking services, and it is intended to be used from different client devices e.g., smart phones, Desktop PCs or even biometric kiosks placed at the entrance of secure areas. De-pending on the preferences and requirements of the owner of the web service, the CASHMA authentication ser-vice can complement a traditional authentication service, or can replace it. CASHMA for usable and highly secure user sessions is a continuous sequential (a single biometric modality at once is presented to the system multi-modal biometric authentication protocol, which adaptively computes and refreshes session timeouts on the basis of the trust put in the client. Such global trust is evaluated as a numeric value, computed by continuously evaluating the trust both in the user and the (biometric) subsystems used for acquiring biometric data.

 ADVANTAGES

1.  The novel possibility introduced by biometrics to define a protocol for continuous authentication that improves security and usability of user session. Avoidance of (complex) homomorphic (or any type of public-key) encryption of the multimedia content.
2.  When data is acquired in an uncontrolled environment, the quality of biometric data could strongly depend on the surroundings.

SYSTEM CONFIGURATION

HARDWARE REQUIREMENTS:-

·                Processor          -   Pentium –III

·                Speed                -    1.1 Ghz

·                RAM                 -    256 MB(min)

·                Hard Disk         -   20 GB

·                Floppy Drive    -    1.44 MB

·                Key Board                 -    Standard Windows Keyboard

·                Mouse               -    Two or Three Button Mouse

·                Monitor             -    SVGA

SOFTWARE REQUIREMENTS:-

·                Operating System              : Windows  7                                       

·                Front End                  : JSP AND SERVLET

·                Database                  : MYSQL

·                Tool                           :NETBEANS

REFERENCE

Montecchi, L. , Brancati, F. ,Lollini, P. Ceccarelli, A.,“ Continuous and Transparent User Identity Verification for Secure Internet Services,” IEEE Transactions on Dependable and Secure Computing, Volume 12  Issue 3 , January 2014.