|
Most traditional security systems authenticate a user only at the initial log-in session. As a result, it is possible for another user, authorized or unauthorized, to access the system information, with or without the permission of the signed-on user, until the initial user logs out. This could be a critical security flaw even for high-security systems. Traditional one-time (e.g., password) or two-factor (e.g., password with fingerprint) authentication methods are no longer sufficient. Continuous authentication is a form of dynamic, risk-based authentication that changes the perspective of authentication from an event to a process, and has the potential to address the vulnerability of existing security systems by continuously verifying the user's identity during the session use. This interdisciplinary team explores a novel continuous authentication through a transformative non-contact heart-based biometrics. This project could transform the understanding of non-volatile components in cardiac motion, and convert this new knowledge and related technologies into improved security in increasingly vulnerable cyberspace. The project establishes a unique inter university research and education program on cyber security, which involves both K-12, undergraduate students, and underrepresented populations.
The Cardiac Password project investigates a holistic hardware/software solution to secure and trustworthy continuous authentication via non-contact cardiac motion sensing. The new authentication system can recognize humans in a non-contact, unobtrusive and even non-line-of-sight fashion. Towards this goal, the project has three thrusts. First, the team develops a high-fidelity non-contact cardiac motion sensing device. Second, the team investigates invariant cardiac descriptors and propose continuous authentication methodologies. Third, the team assesses the performance, usability, and vulnerability of the proposed Cardiac Password system. The outcome of this research can advance state-of-the-art heart-based biometrics in user authentication, and provide insights on developing more undeceivable, disclosure-resistant and user-friendly biometric solutions. The investigators will disseminate the results of the project through publications, talks, and demos, and integrate the research results into education curricula.
|
SaTC: CORE: Small: Collaborative: Cardiac Password: Exploring a Non-Contact and Continuous Approach to Secure User Authentication