Advertisement

Contextual Biometric-Based Authentication for Ubiquitous Services

  • Ileana Buhan
  • Gabriele Lenzini
  • Saša Radomirović
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6406)

Abstract

We introduce and comment on the concept of contextual pseudo identity. A contextual pseudo identity is a soft identity token that is built from both a user’s biometric and the context. When it comes to ubiquitous authentication, a contextual pseudo identity promises better security than that offered by traditional biometrics-based identity tokens: the use of context improves the tokens’ disposability and renewability, which are two essential properties in the protection of a user’s real identity. Our algorithm for generating contextual pseudo identities extends a Fuzzy Embedder so that it accepts both biometric and context-dependent input. We prove that our way of processing the context preserves the security and reliability properties of the Fuzzy Embedder used in our extension. An example shows how a user can utilize contextual pseudo identity to authenticate to and access ubiquitous services.

Keywords

Context-aware Authentication Ubiquitous Services Biometrics Fuzzy Embedder 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Anderson, R.: Security Engineering, 2nd edn. Wiley, Chichester (2007)Google Scholar
  2. 2.
    Bardram, J., Kjær, R.E., Pedersen, M.Ø.: Context-aware user authentication - supporting proximity-based login in pervasive computing. In: Dey, A.K., Schmidt, A., McCarthy, J.F. (eds.) UbiComp 2003. LNCS, vol. 2864, pp. 107–123. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  3. 3.
    Böhm, S., Koolwaaij, J., Souville, M.L., Wagner, B., Wibbels, M.: Introducing IYOUIT. In: Sheth, A.P., Staab, S., Dean, M., Paolucci, M., Maynard, D., Finin, T., Thirunarayan, K. (eds.) ISWC 2008. LNCS, vol. 5318, pp. 804–817. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  4. 4.
    Böhm, S., Koolwaaij, J., Luther, M.: Share whatever you like. In: Proc. of the 1st Int. DisCoTec Workshop on Context-aware Adaptation Mechanisms for Pervasive and Ubiquitous Services (CAMPUS 2008), Oslo, Norway, June 3, vol. 11. EASS (2008)Google Scholar
  5. 5.
    Bolle, R., Connell, J., Pankanti, S., Ratha, N., Senior, A.: Guide to Biometrics. Springer, Heidelberg (2003)Google Scholar
  6. 6.
    Brands, S., Chaum, D.: Distance-bounding protocols (extended abstract). In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 344–359. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  7. 7.
    Breebaart, H., Yang, B., Buhan-Dulman, I., Busch, C.: Biometric Template Protection: The need of open standard. Datenschutz und Datensicherheit - DuD 33(5), 299–304 (2008)CrossRefGoogle Scholar
  8. 8.
    Buhan, I., Doumen, J., Hartel, P., Tang, Q., Veldhuis, R.: Embedding renewable cryptographic keys into continuous noisy data. In: Chen, L., Ryan, M.D., Wang, G. (eds.) ICICS 2008. LNCS, vol. 5308, pp. 294–310. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  9. 9.
    Buhan, I., Doumen, J., Hartel, P., Tang, Q., Veldhuis, R.: Embedding renewable cryptographic keys into continuous noisy data. In: Chen, L., Ryan, M.D., Wang, G. (eds.) ICICS 2008. LNCS, vol. 5308, pp. 296–310. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  10. 10.
    Castelli, G., Mamei, M., Zambonelli, F.: Enginnering contextual information for pervasive multiagent systems. In: Weyns, D., Brueckner, S.A., Demazeau, Y. (eds.) EEMMAS 2007. LNCS (LNAI), vol. 5049, pp. 223–239. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  11. 11.
    Castelli, G., Rosi, A., Mamei, M., Zambonelli, F.: A simple model and infrastructure for context-aware browsing of the world. In: Proc. of the 5th Annual IEEE Conf. on Pervasive Computing and Communication (PERCOM 2007), White Plains, NY, USA, March 19-23, pp. 229–238. IEEE Computer Society, Los Alamitos (2007)Google Scholar
  12. 12.
    Desmedt, Y.: Major security problems with the ”unforgeable” (Feige-)Fiat-Shamir proofs of identity and how to overcome them. In: Securicom 1988, 6th Worldwide Congress on Computer and Communications Security and Protection, pp. 147–159 (1988)Google Scholar
  13. 13.
    Dey, A.K.: Understanding and Using Context. Personal and Ubiquitous Conputating Journal 5(16), 4–7 (2001)CrossRefGoogle Scholar
  14. 14.
    Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523–540. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  15. 15.
    Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523–540. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  16. 16.
    Gruteser, M., Grunwald, D.: Enhancing location privacy in wireless lan through disposable interface identifiers: a quantitative analysis. Mob. Netw. Appl. 10(3), 315–325 (2005)CrossRefGoogle Scholar
  17. 17.
    Lenzini, G.: Design of architectures for proximity-aware services: Experiments in context-based authentication with subjective logic. Architecting Dependable Systems 5835, 284–307 (2009)Google Scholar
  18. 18.
    Ratha, N., Chikkerur, S., Connell, J.H., Bolle, R.: Generating cancelable fingerprint templates. IEEE Transactions on Pattern Analysis and Machine Intellingence 29(4) (April 2007)Google Scholar
  19. 19.
    Simoen, K., Tuyls, P., Preneel, B.: Privacy Weakenesses in Biometric Sketches. In: Proc. of the IEEE Symposium on Security and Privacy (S&P 2009), Oakland, California, USA, May 7-20, pp. 188–203. IEEE Computer Society, Los Alamitos (2009)CrossRefGoogle Scholar
  20. 20.
    Simoens, K., Tuyls, P., Preneel, B.: Privacy weakness in biometric sketches. In: IEEE Symposium on Security and Privacy, Oakland, California, USA, pp. 188–203 (May 2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Ileana Buhan
    • 1
  • Gabriele Lenzini
    • 2
  • Saša Radomirović
    • 3
  1. 1.Philips ResearchEindhovenThe Netherlands
  2. 2.Interdisciplinary Centre for Security, Reliability and TrustUniversity of LuxembourgLuxembourgLuxembourg
  3. 3.Faculty of Science, Technology and CommunicationUniversity of LuxembourgLuxembourgLuxembourg

Personalised recommendations