This paper proposes a new mechanism called HMADCAS for continuous user authentication and adaptive session management in distributed internet services. HMADCAS uses biometric information like facial recognition to authenticate users transparently without requiring explicit user actions. It assigns adaptive session timeouts based on the quality, frequency and type of biometric data obtained from the user. The goal is to balance security and usability by keeping user sessions open even during periods of user inactivity, while continuously authenticating the user to detect potential intrusions. The paper discusses the system architecture of HMADCAS and describes modules for authentication servers, certificates and continuous authentication using biometrics. It concludes that the protocol can improve security and usability compared to traditional single-factor authentication methods with fixed
Ijricit 01-004 progressive and translucent user individuality
1. 10
International Journal of Research and Innovation on Science, Engineering and Technology (IJRISET)
International Journal of Research and Innovation in
Computers and Information Technology (IJRICIT)
PROGRESSIVE AND TRANSLUCENT USER INDIVIDUALITY
Shaik Zameer Basha1
, K.Ramesh2
.
1 Research Scholar, Department of Computer Science and Engineering, Chintalapudi Engineering College, Guntur, AP, India.
2 Associate professor, Department of Computer Science and Engineering, Chintalapudi Engineering College, Guntur, AP, India.
*Corresponding Author:
Shaik Zameer Basha,
Research Scholar, Department of Computer Science and Engi-
neering, Chintalapudi Engineering College, Guntur, AP, India.
Email: shaikzameerbasha.cec@gmail.com
Year of publication: 2016
Review Type: peer reviewed
Volume: I, Issue : I
Citation: Shaik Zameer Basha, Research Scholar, "Progressive
and Translucent User Individuality" International Journal of
Research and Innovation on Science, Engineering and Technol-
ogy (IJRISET) (2016) 10-13
INTRODUCTION
Secure Computing exploration?
Computer protection (Also known as cyber security or
IT Security) is information security as applied to com-
puters and networks. The field covers all the processes
and mechanisms by which computer-based equipment,
information and services are protected from unintended
or unauthorized access, change or destruction. Computer
security also includes protection from unplanned events
and natural disasters. Otherwise, in the computer indus-
try, the term security -- or the phrase computer security
-- refers to techniques for ensuring that data stored in
a computer cannot be read or compromised by any in-
dividuals without authorization. Most computer security
measures involve data encryption and passwords. Data
encryption is the translation of data into a form that is
unintelligible without a deciphering mechanism. A pass-
word is a secret word or phrase that gives a user access to
a particular program or system.
Diagram clearly explain the about the secure computing
Working conditions and basic needs in the secure
computing:
If you don't take basic steps to protect your work com-
puter, you put it and all the information on it at risk. You
can potentially compromise the operation of other com-
puters on your organization's network, or even the func-
tioning of the network as a whole.
1. Physical security:
Technical measures like login passwords, anti-virus are
essential. (More about those below) However, a secure
physical space is the first and more important line of de-
fense.
Is the place you keep your workplace computer secure
enough to prevent theft or access to it while you are
away? While the Security Department provides coverage
across the Medical center, it only takes seconds to steal a
computer, particularly a portable device like a laptop or a
PDA. A computer should be secured like any other valu-
able possession when you are not present.
Human threats are not the only concern. Computers can
be compromised by environmental mishaps (e.g., water,
Abstract
In distributed Internet services, Session management is a conventional technique involves credentials like user-id and
password, unambiguous logouts and procedures of user session expiration using typical timeouts. upcoming biometric
mechanism permit alternates user-id and password with biometric information throughout session administration,
however that mechanism still a single authentication is considered adequate, and the individuality of a end-user is
deemed unchallengeable throughout the whole session. In Addition, the duration of the session time-out may effect on
the utilizability of the service and consequential consumer approval. In this paper we deals with guaranteed substitutes
obtainable by considering biometrics in the administration of sessions.
Thus we propose protected protocol is emphasized for continuous verification through perpetual user authentication.
This protocol emphasizes about adaptive timeouts in terms of the excellency, occurrence and type of biometric data
transparently obtained from the end-user. Illustration of operational behavior of the protocol is done through Matlab
simulations by base paper author, whereas model-based quantitative investigation is been carried out to review the
capability of the protocol to distinct security attack practiced by diverse kinds of attackers. In conclusion, the contem-
porary prototype for PCs and Android smartphones is discussed.
2. 11
International Journal of Research and Innovation on Science, Engineering and Technology (IJRISET)
coffee) or physical trauma. Make sure the physical loca-
tion of your computer takes account of those risks as well.
2.Access passwords:
The University's networks and shared information sys-
tems are protected in part by login credentials (user-IDs
and passwords). Access passwords are also an essential
protection for personal computers in most circumstances.
Offices are usually open and shared spaces, so physical
access to computers cannot be completely controlled.
To protect your computer, you should consider setting
passwords for particularly sensitive applications resident
on the computer (e.g., data analysis software), if the soft-
ware provides that capability.
3.Prying eye protection:
Because we deal with all facets of clinical, research, ed-
ucational and administrative data here on the medical
campus, it is important to do everything possible to mini-
mize exposure of data to unauthorized individuals.
4.Anti-virus software:
Up-to-date, properly configured anti-virus software is es-
sential. While we have server-side anti-virus software on
our network computers, you still need it on the client side
(your computer).
5.Firewalls:
Anti-virus products inspect files on your computer and in
email. Firewall software and hardware monitor commu-
nications between your computer and the outside world.
That is essential for any networked computer.
6.Software updates:
It is critical to keep software up to date, especially the
operating system, anti-virus and anti-spyware, email and
browser software. The newest versions will contain fixes
for discovered vulnerabilities.
Almost all anti-virus have automatic update features (in-
cluding SAV). Keeping the "signatures" (digital patterns)
of malicious software detectors up-to-date is essential for
these products to be effective.
7.Keep secure backups:
Even if you take all these security steps, bad things can
still happen. Be prepared for the worst by making back-
up copies of critical data, and keeping those backup cop-
ies in a separate, secure location. For example, use sup-
plemental hard drives, CDs/DVDs, or flash drives to store
critical, hard-to-replace data.
8.Report problems:
If you believe that your computer or any data on it has
been compromised, your should make a information se-
curity incident report. That is required by University
policy for all data on our systems, and legally required for
health, education, financial and any other kind of record
containing identifiable personal information.
EXISTING SYSTEM
• Session management is a conventional technique in dis-
tributed Internet services that involves credentials like
user-id and password, unambiguous logouts and proce-
dures of user session expiration using typical timeouts.
upcoming biometric mechanism permit alternates user-
id and password with biometric information throughout
session administration, however that mechanism still a
single authentication is considered adequate, and the
individuality of a end-user is deemed unchallengeable
throughout the whole session.
•Upon authenticating user credentials, desired permitted
service resources are made available for finite duration of
time or up to initiating logout by user.
•Once the user’s identity has been verified, the system
resources are available for a fixed period of time or until
explicit logout from the user. This Mechanism focused as
a single authentication is adequate, and that the individ-
uality of the user is steady throughout the entire session.
•None of conventional mechanisms supports uninter-
rupted authentication.
PROPOSED SYSTEM
• Through This paper we introduce a new mechanism for
user authentication and session administration that is
applied in the hierarchical multilevel architectures driven
circumstance attentive safety by - HMADCAS scheme for
secure biometric validation at the Internet level.
• HMADCAS is able to function steadily with any kind of
web service, added-up services with extreme protection
demands as online banking services, and it is proposed
to be used from diverse end-user devices, e.g., Desktop
PCs, smartphones or even biometric kiosks sited at the
way in of protected regions. Depending on the favorites
and necessities of the proprietor of the web service, the
HMADCAS verification service can harmonize a conven-
tional verification service, or may substitute it.
•Our continuous verification approach is platformed on
transparent achievement of biometric information and
on adaptive time-out administration on the basis of the
certainty pretense in the user and in the diverse subsys-
tems used for validation. The end-user session is open
and protected in spite of probable inoperative activity of
the end-user, while potential exploitations are identifyed
by constantly validating the existence of the correct user.
Advantages Of Proposed System
•Our scheme does not necessitate the reaction to a user
authentication disparity is executed by the user device
(e.g., the logout procedure), but it is transparently han-
dled by the HMADCAS verification service and the web
services, which affect their own responsive measures.
•Endows with a transaction between usability and pro-
tection
3. 12
International Journal of Research and Innovation on Science, Engineering and Technology (IJRISET)
System Architecture
Architechture of HMADCAS scheme
IMPLEMENTATION MODULES:
• System Model
• Authentication Server
• HMADCAS Certificate
• Continuous Authentication
MODULES DESCRIPTION:
System Model:
• In this module, we create the System model to evalu-
ate and implement our proposed system. HMADCAS can
authenticate to web services, ranging from services with
strict security requirements as online banking services to
services with reduced security requirements as forums
or social networks. Additionally, it can grant access to
physical secure areas as a restricted zone in an airport,
or a military zone (in such cases the authentication sys-
tem can be supported by biometric kiosk placed at the
entrance of the secure area). We explain the usage of the
HMADCAS authentication service by discussing the sam-
ple application scenario, where a user u wants to log into
an online banking service.
• User-Id refers to the individuality of the user attained
from the Bank for the reason of logging into the Internet
Banking service granted by the Bank.
• Login-Password is a distinct and arbitrarily produced
password recognized only to the customer, which can
be altered by the user to his/her convenience. This is a
means of validating the userID for logging into Internet
Banking service.
• Transaction-Password is a distinct and arbitrarily pro-
duced password recognized only to the customer, which
can be altered to his/her convenience. This is a means
of verification necessary to be provided by the custom-
er for putting through the transaction in his/her/their/
its accounts with Bank through Internet Banking. While
UserID and Password are for legitimate access into the
internet application, submitting legitimate Transaction
Password is for verification of transaction/requests made
through internet.
Authentication Server:
• In Internet banking as with traditional banking meth-
ods, security is a primary concern. Server will take eve-
ry precaution necessary to be sure your information is
transmitted safely and securely. The latest methods in In-
ternet banking system security are used to increase and
monitor the integrity and security of the system.
• The Server maintains the functionality:
o Customer Details
o Activation of Beneficiary
o Transaction Details
o Activate Blocked Account
HMADCAS Certificate
• In this module, we present the information contained
in the body of the HMADCAS certificate transmitted to
the client by the HMADCAS authentication server, neces-
sary to understand details of the protocol. Time stamp
and sequence number univocally identify each certificate,
and protect from replay attacks. ID is the user ID, e.g., a
number.
• Decision represents the outcome of the verification
procedure carried out on the server side. It includes the
expiration time of the session, dynamically assigned by
the HMADCAS authentication server. In fact, the global
trust level and the session timeout are always computed
considering the time instant in which the HMADCAS ap-
plication acquires the biometric data, to avoid potential
problems related to unknown delays in communication
and computation.
Continuous Authentication:
• A protected practice is defined for everlasting verifica-
tion through progressive user authentication. The proto-
col concludes adaptive time-outs based on the excellence,
occurrence and kind of biometric data translucently
attained from the end-user. The utilization of biomet-
ric verification permits recommendations to be attained
translucently, i.e., lacking openly informing the user or
necessitating his/her initiation, which is necessary as-
surance for improved service utilization.
• The background intention is the implementation of the
protocol is that the client Progressively and Translucently
obtains and conveys evidence of the user individuality to
sustain access to a web service. The prime task of the
proposed practice is to generate and then keep up the
user session regulating the session time-out on the basis
of the self-assurance that the individuality of the user in
the system is authentic.
CONCLUSION
Through this we developed the innovative opportunity
commenced by biometrics to describe a protocol for con-
tinuous verification that progress protection and usability
of end-user session. The procedure calculates adaptive
time-outs on the foundation of the faith pretense in the
user activity and in the excellence and variety of biometric
data acquired transparently through examining in back-
drop the user’s initiations. Some architectural design de-
cisions of HMADCAS are here talked about. primary, the
system exchanges raw data and not the features taken
out from them or patterns, while cripto-token approaches
are not measured even; This is due to architectural im-
pressions where the client is kept very trouble-free. We
comment that our planned protocol workings with no al-
ter by features, patterns or raw data.
4. 13
International Journal of Research and Innovation on Science, Engineering and Technology (IJRISET)
Subsequently, confidentiality concerns should be speak
to take into consideration of National legislations. Cur-
rently, our model only performs some verifications on face
identification, where only one face (the biggest one rusting
from the face detection .
REFERENCES
[1] L. Hong, A. Jain, and S. Pankanti, “Can Multibiomet-
rics Improve Performance?”Proc. Workshop on Automatic
Identification Advances Technologies (AutoID ’99) Sum-
mit, pp. 59-64, 1999.
[2] S. Ojala, J. Keinanen, and J. Skytta, “Wearable Au-
thentication Device for Transparent Login in Nomadic Ap-
plications Environment,” Proc. Second Int’l Conf. Signals,
Circuits and Systems (SCS ’08), pp. 1-6, Nov. 2008.
[3] BioID “Biometric Authentication as a Service (BaaS),”
BioID Press Release, https://www.bioid.com, Mar. 2011
AUTHORS
Shaik Zameer Basha
Research Scholar,
Department of Computer Science and Engineering,
Chintalapudi Engineering College, Guntur, AP, India.
K.Ramesh,
Associate professor,
Department of Computer Science and Engineering,
Chintalapudi Engineering College, Guntur, AP, India.