Resilient and active authentication and user-centric identity ecosystems
Project Members
Yan Sui, Xukai Zou
Yan Sui, Xukai Zou
Abstract
Existing proxy based authentication approaches have problems
(e.g., non-binding, susceptible to theft and dictionary attack, burden
on end-users, re-use risk). Biometrics, which authenticates users by
intrinsic biological traits, arises to address the drawbacks. However,
the biometrics is irreplaceable once compromised and leak sensitive
information about the human user behind it. In this research, we
propose a usable, privacy-preserving, secure biometrics based identity
verification and protection system. Specifically, we propose a novel
biometric authentication token called Bio-Capsule (BC) which is
generated by a secure fusion of user biometrics and a (selected)
reference subject biometrics. The fusion process preserves the
biometric robustness and accuracy in the sense that the BC can be used
in place of the original user’s biometric template without sacrificing
the system’s acceptability for the same user and distinguishability
between different users. There are more potential applications on this
research: a user-centric identity ecosystem - a highly resilient,
privacy-preserving, revocable, interoperable, and efficient
user-centric identity verification and protection ecosystem; and an
active authentication system - a provably secure, privacy-preserving,
biometric active authentication system to support continuous and
non-intrusive authentication.