Biblio

Electrocardiogram (ECG) biometric authentication (EBA) is a promising approach for human identification, particularly in consumer devices, due to the individualized, ubiquitous, and easily identifiable nature of ECG signals. Thus, computing architectures for EBA must be accurate, fast, energy efficient, and secure. In this article, first, we implement an EBA algorithm to achieve 100% accuracy in user authentication. Thereafter, we extensively analyze the algorithm to show the distinct variance in execution requirements and reveal the latency bottleneck across the algorithm's different steps. Based on our analysis, we propose a domain-specific architecture (DSA) to satisfy the execution requirements of the algorithm's different steps and minimize the latency bottleneck. We explore different variations of the DSA, including one that features the added benefit of ensuring constant timing across the different EBA steps, in order to mitigate the vulnerability to timing-based side-channel attacks. Our DSA improves the latency compared to a base ARM-based processor by up to 4.24×, while the constant timing DSA improves the latency by up to 19%. Also, our DSA improves the energy by up to 5.59×, as compared to the base processor.

Network architecture design and verification has become increasingly complicated as a greater number of security considerations, implementations, and factors are included in the design process. In the design process, one must account for various costs of interwoven layers of security. Generally these costs are simplified for evaluation of risk to the network. The obvious implications of adding security are the need to account for the impacts of loss (risk) and accounting for the ensuing increased design costs. The considerations that are not traditionally examined are those of the adversary and the defender of a given system. Without accounting for the view point of the individuals interacting with a network architecture, one can not verify and select the most advantageous security implementation. This work presents a method for obtaining a security metric that takes into account not only the risk of the defender, but also the probability of an attack originating from the motivation of the adversary. We then move to a more meaningful metric based on a monetary unit that architects can use in choosing a best fit solution for a given network critical path design problem.

The Internet of Things (IoT) is a design implementation of embedded system design that connects a variety of devices, sensors, and physical objects to a larger connected network (e.g. the Internet) which requires human-to-human or human-to-computer interaction. While the IoT is expected to expand the user's connectivity and everyday convenience, there are serious security considerations that come into account when using the IoT for distributed authentication. Furthermore the incorporation of biometrics to IoT design brings about concerns of cost and implementing a 'user-friendly' design. In this paper, we focus on the use of electrocardiogram (ECG) signals to implement distributed biometrics authentication within an IoT system model. Our observations show that ECG biometrics are highly reliable, more secure, and easier to implement than other biometrics.