Collective human biological signal-based identification and authentication in access control environments

Van der Haar, Dustin Terence

13 October 2014

Ph.D. (Computer Science) / The introduction of new portable sensors that monitor physiological systems in the human body has allowed quality of life and medical diagnostic applications to be taken directly to the user, without the constraints of physical space or inconvenience. The potential of these sensors in the domain of authentication and identi cation is becoming more feasible each day and current research in these biometric systems show a great deal of promise. Novel biometric systems are being introduced that use biological signals (also known as biosignals) in the human body captured by these sensors (such as brain waves or heart rate) as the core unique attribute. The study builds on the proliferation of these sensors and proposes an interoperable model called CoBI, which allows individual or multi-factor authentication and identi cation to take place. The model provides a platform for any viable biosignal that can be used for the purposes of identi cation and authentication, by providing pluggable sensor and signal processing components. These components can then convert biosignals into a common format, a feature vector consisting of estimated autoregressive (AR) coe cients. Once they are in a common format they can then be merged together to form a consolidated feature vector using feature fusion. This consolidated feature vector can then be persisted during enrolment or passed further for matching using classi cation techniques, such as K-Nearest Neighbour. The results, from the comprehensive benchmark performed (called BAMBI) on an implemented version of the model (called CaNViS), have shown that biological signals that contain cardiac and neurological components (ie. from an electrocardiogram (ECG) and electroencephalogram (EEG), respectively) can be captured, processed, consolidated and classi ed using the CoBI model successfully. By utilising the correct AR model order during feature estimation for the cardiac and neurological components, along with the appropriate classi er for matching, the biometric system yields nominal results for authentication and identi cation in access control environments.

Computers - Access control

Biometric identification

Biosensors

Authorisation as audit risk in an information technology environment

Kruger, Willem Jacobus

05 February 2014

M.Comm. / Please refer to full text to view abstract

Auditing - Access control.

Computer networks - Security measures

Lip password-based speaker verification system with unknown language alphabet

Zhou, Yichao

31 August 2018

The traditional security systems that verify the identity of users based on password usually face the risk of leaking the password contents. To solve this problem, biometrics such as the face, iris, and fingerprint, begin to be widely used in verifying the identity of people. However, these biometrics cannot be changed if the database is hacked. What's more, verification systems based on the traditional biometrics might be cheated by fake fingerprint or the photo.;Liu and Cheung (Liu and Cheung 2014) have recently initiated the concept of lip password, which is composed of a password embedded in the lip movement and the underlying characteristics of lip motion [26]. Subsequently, a lip password-based system for visual speaker verification has been developed. Such a system is able to detect a target speaker saying the wrong password or an impostor who knows the correct password. That is, only a target user speaking correct password can be accepted by the system. Nevertheless, it recognizes the lip password based on a lip-reading algorithm, which needs to know the language alphabet of the password in advance, which may limit its applications.;To tackle this problem, in this thesis, we study the lip password-based visual speaker verification system with unknown language alphabet. First, we propose a method to verify the lip password based on the key frames of lip movement instead of recognizing the individual password elements, such that the lip password verification process can be made without knowing the password alphabet beforehand. To detect these key frames, we extract the lip contours and detect the interest intervals where the lip contours have significant variations. Moreover, in order to avoid accurate alignment of feature sequences or detection on mouth status which is computationally expensive, we design a novel overlapping subsequence matching approach to encode the information in lip passwords in the system. This technique works by sampling the feature sequences extracted from lip videos into overlapping subsequences and matching them individually. All the log-likelihood of each subsequence form the final feature of the sequence and are verified by the Euclidean distance to positive sample centers. We evaluate the proposed two methods on a database that contains totally 8 kinds of lip passwords including English digits and Chinese phrases. Experimental results show the superiority of the proposed methods for visual speaker verification.;Next, we propose a novel visual speaker verification approach based on diagonal-like pooling and pyramid structure of lips. We take advantage of the diagonal structure of sparse representation to preserve the temporal order of lip sequences by employ a diagonal-like mask in pooling stage and build a pyramid spatiotemporal features containing the structural characteristic under lip password. This approach eliminates the requirement of segmenting the lip-password into words or visemes. Consequently, the lip password with any language can be used for visual speaker verification. Experiments show the efficacy of the proposed approach compared with the state-of-the-art ones.;Additionally, to further evaluate the system, we also develop a prototype of the lip password-based visual speaker verification. The prototype has a Graphical User Interface (GUI) that make users easy to access.

Design Implementation Of A Microcontroller Based External Facility Access Control System

Fulbright, Thomas

01 January 2005

In order to solve the College of Engineering and Computer Science facility access problem, an automated system that provides exterior doors with a time schedule and allows authorized users to gain access to the facility after hours was developed. A microcontroller based system has been designed to interface with a personal computer. The system designed within this thesis can be used as a starting point for multiple facility access control systems. This thesis will describe the design, integration, test, and final delivery of a facility access system that incorporates the Texas Instruments MSP430 microcontroller, a magnetic card swipe reader, and software developed in Microsoft Visual Basic .Net to provide a reliable and robust system for the College of Engineering and Computers Sciences needs.

Access Control

MSP430

Microcontroller

Computer Engineering

Engineering

Formalization and Verification of Rewriting-Based Security Polices

Veselinov, Roman Nikolov

30 April 2008

Term rewriting -- an expressive language based on equational logic -- can be used to author and analyze policies that are part of an access control system. Maude is a simple, yet powerful, reflective programming language based on term rewriting that models systems along with the subjects, objects and actions within them. We specify the behavior of the system as a theory defined by conditional rewrite rules, and define the access control policy as an equational theory in a separate module. The tools that Maude provides, such as the Maude Model Checker and the Sufficient Completeness Checker, are used to reason about the behavior and verify properties of access control systems in an automated manner.

Maude

term rewriting

access control

Computers

Access control

Maude (Computer program language)

Access and accessibility to Canadian vital event records

Hemmings, Michael A.

11 1900

The transfer of copies of vital event records into a government archives repository is necessary not only to ensure their ongoing preservation, but also to provide access and accessibility to them for all researchers in an appropriate setting. At present all vital event records gatekeepers in Canada, except two, do not have in place a system providing for such regular transferral. The central reason for this lack of process is the assumption that vital event records are somehow different in kind, and not just in type, from other public records that contain personal information. This thesis evaluates that assumption through an analysis of the history of vital statistics legislation and a comparative study of the privacy regime of that legislation with the legislative regime of access to information and privacy. Having done these two studies, the thesis then recommends a way in which legal transfer from the gatekeepers to the repository can be achieved. That recommendation is, first, that all discussion regarding access must be accomplished before their acquisition. Secondly, their acquisition and accessibility must be based upon the expiration of time—limits.

Records - Access control.

Public records - Access control.

Attribute-based access control for distributed systems

Cheperdak, David J. B.

26 April 2013

Securing information systems from cyber attacks, malware and internal cyber threats is a difficult problem. Attacks on authentication and authorization (access control) is one of the more predominant and potentially rewarding attacks on distributed architectures. Attribute-Based Access Control (ABAC) is one of the more recent mechanisms to provide access control capabilities. ABAC combines the strength of cryptography with semantic expressions and relational assertions. By this composition, a powerful grammar is devised that can not only define complex and scalable access control policies, but defend against attacks on the policy itself. This thesis demonstrates how ABAC can be used as a primary access control solution for enterprise and commercial applications. / Graduate / 0984 / djbchepe@gmail.com

Access Control

Cyber Securty

Cloud Computing

ABAC

Attribute-Based Access Control

Access to Geographic Scientific and Technical Data in an Academic Setting

Van Loenen, Bastiaan

January 2001

No description available.

Databases -- Access control

Freedom of information

Information technology -- Access control

Assurance Management Framework for Access Control Systems

January 2012

abstract: Access control is one of the most fundamental security mechanisms used in the design and management of modern information systems. However, there still exists an open question on how formal access control models can be automatically analyzed and fully realized in secure system development. Furthermore, specifying and managing access control policies are often error-prone due to the lack of effective analysis mechanisms and tools. In this dissertation, I present an Assurance Management Framework (AMF) that is designed to cope with various assurance management requirements from both access control system development and policy-based computing. On one hand, the AMF framework facilitates comprehensive analysis and thorough realization of formal access control models in secure system development. I demonstrate how this method can be applied to build role-based access control systems by adopting the NIST/ANSI RBAC standard as an underlying security model. On the other hand, the AMF framework ensures the correctness of access control policies in policy-based computing through automated reasoning techniques and anomaly management mechanisms. A systematic method is presented to formulate XACML in Answer Set Programming (ASP) that allows users to leverage off-the-shelf ASP solvers for a variety of analysis services. In addition, I introduce a novel anomaly management mechanism, along with a grid-based visualization approach, which enables systematic and effective detection and resolution of policy anomalies. I further evaluate the AMF framework through modeling and analyzing multiparty access control in Online Social Networks (OSNs). A MultiParty Access Control (MPAC) model is formulated to capture the essence of multiparty authorization requirements in OSNs. In particular, I show how AMF can be applied to OSNs for identifying and resolving privacy conflicts, and representing and reasoning about MPAC model and policy. To demonstrate the feasibility of the proposed methodology, a suite of proof-of-concept prototype systems is implemented as well. / Dissertation/Thesis / Ph.D. Computer Science 2012

Computer science

Access control model

Access control policy

Analysis

Privacy

Security

Social network

Access and accessibility to Canadian vital event records

Hemmings, Michael A.

11 1900

The transfer of copies of vital event records into a government archives repository is necessary not only to ensure their ongoing preservation, but also to provide access and accessibility to them for all researchers in an appropriate setting. At present all vital event records gatekeepers in Canada, except two, do not have in place a system providing for such regular transferral. The central reason for this lack of process is the assumption that vital event records are somehow different in kind, and not just in type, from other public records that contain personal information. This thesis evaluates that assumption through an analysis of the history of vital statistics legislation and a comparative study of the privacy regime of that legislation with the legislative regime of access to information and privacy. Having done these two studies, the thesis then recommends a way in which legal transfer from the gatekeepers to the repository can be achieved. That recommendation is, first, that all discussion regarding access must be accomplished before their acquisition. Secondly, their acquisition and accessibility must be based upon the expiration of time—limits. / Arts, Faculty of / Library, Archival and Information Studies (SLAIS), School of / Graduate

Records - Access control.

Public records - Access control.