Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Issue title: The Second ACM Workshop on Digital Identity Management – DIM 2006
Guest editors: A. Goto
Article type: Research Article
Authors: Bhargav-Spantzel, Abhilashaa | Squicciarini, Anna C.a | Modi, Shimonb | Young, Matthewb | Bertino, Elisaa | Elliott, Stephen J.b
Affiliations: [a] Department of Computer Science, Purdue University, West Lafayette, IN 47907, USA. Email: bhargav@cs.purdue.edu, squiccia@cs.purdue.edu, bertino@cs.purdue.edu | [b] Department of Industrial Technology, Purdue University, West Lafayette, IN 47906-1416, USA. Email: shimon@purdue.edu, myoung@purdue.edu, elliot@purdue.edu
Abstract: An emerging approach to the problem of identity theft is represented by the adoption of biometric authentication systems. Such systems however present several challenges, related to privacy, reliability and security of the biometric data. Inter-operability is also required among the devices used for authentication. Moreover, very often biometric authentication in itself is not sufficient as a conclusive proof of identity and has to be complemented with multiple other proofs of identity such as passwords, SSN, or other user identifiers. Multi-factor authentication mechanisms are thus required to enforce strong authentication based on the biometric and identifiers of other nature. In this paper we propose a two-phase authentication mechanism for federated identity management systems. The first phase consists of a two-factor biometric authentication based on zero knowledge proofs. We employ techniques from the vector-space model to generate cryptographic biometric keys. These keys are kept secret, thus preserving the confidentiality of the biometric data, and at the same time exploit the advantages of biometric authentication. The second phase combines several authentication factors in conjunction with the biometric to provide a strong authentication. A key advantage of our approach is that any unanticipated combination of factors can be used. Such authentication system leverages the information of the user that are available from the federated identity management system.
Keywords: Identity management, biometric, security, privacy
DOI: 10.3233/JCS-2007-15503
Journal: Journal of Computer Security, vol. 15, no. 5, pp. 529-560, 2007
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
sales@iospress.com
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
info@iospress.nl
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office info@iospress.nl
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
china@iospress.cn
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
如果您在出版方面需要帮助或有任何建, 件至: editorial@iospress.nl