Presentation is loading. Please wait.

Presentation is loading. Please wait.

Private and Secure Biometric User Authentication in the Web Master Thesis Defense Zaki Alsubhi Department of Computer Science University of Colorado.

Published byMervyn Francis Modified over 6 years ago

Similar presentations

Presentation on theme: "Private and Secure Biometric User Authentication in the Web Master Thesis Defense Zaki Alsubhi Department of Computer Science University of Colorado."— Presentation transcript:

1 Private and Secure Biometric User Authentication in the Web Master Thesis Defense Zaki Alsubhi Department of Computer Science University of Colorado at Colorado Springs

2 Privacy and Secure Biometric user Authenticaiton in the Web
Outline Overview of the research problem The research contributions Implementing the Biocryptographic Secure Socket Layer (BSSL) on the Mozilla Network Secure Services (NSS) library Extending the implementation of the Mozilla Firefox web browser to support the HTTPB using our implementation of BSSL on the Mozilla NSS library Reconfigure the Apache web server to support the BSSL ABCS handshake protocol Using the fingerprint scanner to read the user biometric in order to allow only the legitimate user to use his/her bioprivate key Demo of our implementation & Experimental Results Conclusion and future work 5/28/15 Privacy and Secure Biometric user Authenticaiton in the Web

3 Overview of the research problem.
Introduction Hypertext Transfer Protocol Secure (HTTPS) pages typically use SSL/TLS to encrypt communications. SSL/TLS does not obligate client authentication. SSL/TLS relies on password-based client side authentication. 5/28/15 Privacy and Secure Biometric user Authenticaiton in the Web

4 Overview of the research problem.
What is the problem? The client private key protected by password Password-based authentication suffers from lack of authenticity and usability It can be stolen, guessing or given It does not provide a strong non-repudiation Hard to memorize 5/28/15 Privacy and Secure Biometric user Authenticaiton in the Web

5 Privacy and Secure Biometric user Authentication in the Web
Overall research goal Our goal is to address the HTTPS/SSL security and usability problem and pay more attention to the client side authentication. Failure to authenticate a transacting party properly may lead to situations such as illegal transfer of funds or repudiation of completed transactions. Complex authentication systems may sacrifice the convenience of online services and turn them unusable. 5/28/15 Privacy and Secure Biometric user Authentication in the Web

6 The research contributions
Privacy Enhanced Biometric [ 2 ] Using encrypted biometrics to protects the private key instead of plain biometric There are four properties that should be possessed to respect the biometric privacy [ 5 ] The template should be unique It can be reissued It must be hard to obtain the original biometric from the secure template The scheme that is used must not decrease the recognition of the biometric system 5/28/15 Privacy and Secure Biometric user Authentication in the Web

7 The research contributions
1. Implementing the Biocryptographic Secure Socket Layer (BSSL) on the Mozilla Network Secure Services (NSS) library Biocryptographic Key Infrastructure (BKI) BKI provides biometric authentication capabilities into PKI BKI's certificate provides two elements to authenticates remote BKI certificate holder Biocryptographic system A.K.A. Biotoken Biometric public key which is a part of BKI's Asymmetric Bio-Cryptographic Subsystem (ABCS). 5/28/15 Privacy and Secure Biometric user Authenticaiton in the Web

8 The research contributions
Using BSSL ABCS Protocol BSSL ABCS provides the same security services that provided by SSL/TLS in addition to the biometric-based client-side authentication [1] BSSL ABCS providing a challenge that encrypted using the biometric public key 5/28/15 Privacy and Secure Biometric user Authenticaiton in the Web

9 The research contributions
2. Implement the Hypertext Transfer Protocol Biocryptographic (HTTPB) on Mozilla Firefox HTTPB relies on BSSL ABCS using mutual authentication The server would request the client to provide a certificate in addition to the server certificate issued to the client. It requires an extra round trip time for client certificate exchange 5/28/15 Privacy and Secure Biometric user Authenticaiton in the Web

10 The research contributions
3. Reconfigure the Apache Web-Server Change the Apache configuration to support the HTTPB protocol Use the BSSL ABCS instead of SSL/TLS Create a digital certificate and self-sign it for the server 5/28/15 Privacy and Secure Biometric user Authenticaiton in the Web

11 The research contributions
4. Using Fingerprint Scanner Every time Firefox web-browser asks for fresh and new biometric Does not store the biometric data in the PC 5/28/15 Privacy and Secure Biometric user Authenticaiton in the Web

12 Demo of Our Implementation & Experimental Results
You can see the demo as a “MOV” type uploaded. 5/28/15 Privacy and Secure Biometric user Authenticaiton in the Web

13 Demo of Our Implementation & Experimental Results
5/28/15 Privacy and Secure Biometric user Authentication in the Web Run the client and the server on the same machine The server supports the HTTPB and HTTPS in the same time Repeat the web page request 30 times for each protocol The HTTPB is slower by ~ 1.5 second than HTTPS HTTPB is usable and practical.

14 Future work & Conclusion
Future Research Direction: Allow the usage of the secure on-chip matching sensors for remote authentication. Our implementation is applied on Firefox web browser and it can be applied on other web browsers ( e.g., Google Chrome, Internet Explorer) 5/28/15 Privacy and Secure Biometric user Authenticaiton in the Web

15 Future work & Conclusion
The communication link between the client PC and the server is usually vulnerable by eavesdropping. In response Paying attention to the client-side authentication. Extending the implementation of the Mozilla Firefox web browser to support the HTTPB protocol Reconfigure the Apache to supports the BSSL ABCS protocol Reading the finger print from scanner Experiments shows that HTTPB is usable and practical 5/28/15 Privacy and Secure Biometric user Authentication in the Web

16 Privacy and Secure Biometric user Authenticaiton in the Web
References Albahdal Abdullah, and Terrance Boult. "Biocryptographic Secure Socket Layer (BSSL)." (2014). W. Scheirer and T. Boult, “Bipartite Biotokens: Definition, Implementation, and Analysis,” Advances in Biometrics, pp. 775–785, 2009. W. Scheirer, B. Bishop, and T. Boult, “Beyond PKI: The Biocryptographic Key Infrastructure,” in Proceedings of the IEEE International Workshop on Information Forensics and Security (WIFS), 2010, pp. 1–6. A. A. Albahdal, H. Alzahrani, L. P. Jain, and T. E. Boult, “Trusted BWI: Privacy and Trust Enhanced Biometric Web Identities,” in Biometrics: Theory, Applications and Systems (BTAS), 2013 IEEE Sixth International Conference on. IEEE, 2013, pp. 1–8. 5/28/15 Privacy and Secure Biometric user Authenticaiton in the Web

17 Prezi Presentation If you have Internet you can see my real presentation where I used Prezi tool which relies on zoooooming… Here is the link: 5/28/15 Privacy and Secure Biometric user Authenticaiton in the Web

18 Privacy and Secure Biometric user Authentication in the Web
5/28/15 Privacy and Secure Biometric user Authentication in the Web Any Questions?

Download ppt "Private and Secure Biometric User Authentication in the Web Master Thesis Defense Zaki Alsubhi Department of Computer Science University of Colorado."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Copyright © 1995-2003 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.
Firewalls Presented By Hareesh Pattipati. Outline Introduction Firewall Environments Type of Firewalls Future of Firewalls Conclusion.

Firewalls Presented By Hareesh Pattipati. Outline Introduction Firewall Environments Type of Firewalls Future of Firewalls Conclusion.
Web and Internet Part I ST: Introduction to Web Interface Design Prof. Angela Guercio Spring 2007.

Web and Internet Part I ST: Introduction to Web Interface Design Prof. Angela Guercio Spring 2007.
NETWORK SECURITY.

NETWORK SECURITY.
Secure Remote Access to an Internal Web Server Christian Gilmore, David Kormann, and Aviel D. Rubin ATT Labs - Research “The security policy usually amounts.

Secure Remote Access to an Internal Web Server Christian Gilmore, David Kormann, and Aviel D. Rubin ATT Labs - Research “The security policy usually amounts.
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.

E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Design Extensions to Google+ CS6204 Privacy and Security.

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Design Extensions to Google+ CS6204 Privacy and Security.
Internet Security for Small & Medium Business Week 6

Internet Security for Small & Medium Business Week 6
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
TECHNOLOGY GUIDE THREE Protecting Your Information Assets.

TECHNOLOGY GUIDE THREE Protecting Your Information Assets.

Similar presentations

Ads by Google