Resilient Infrastructure and Building Security

Abstract

Traditionelle autentificerings systemer anses som vedvarende da de sjældent begrænser den tid autentificeringen er gyldig. Omvendt, betragtes sensor-baserede autentificerings systemer som kortvarige, da de tillader kontinuerlig autentificering af brugerne.I denne afhandling præsenterer vi en ny fremgangsmåde til autentificering, der kombinere traditionelle adgangskontrolsystemer med sensor teknologi og sporing i smarte miljøer. Metoden kaldes Persistent Authentication for Locationbased Services. Persistent Authentication muliggøre sikker lokationsbaserede tjenester gennem ikke-invasiv autentificering af mobile brugere i smarte miljøer. Formålet er at ændre det nuværende autentificerings paradigme fra en diskret begivenhed til en kontinuerlig session. Dette opnås ved at udnytte de kontekstuelle faktorer fra det smarte miljø til at spore brugere fra deres indledende autentificering til det punkt autentificeringen skal bruges af lokationsbaserede tjenester. Ansigtsgenkendelse og udseende analyse er integreret i systemet som indirekte biometriske eksperter, der opererer på afstand og ikke kræver nogen interaktion fra brugerne. Eksperterne foretager løbende autentificering ved at behandle prøver af de biometriske modaliteter, som de er tilgængelig. Kombinationen af scorer fra flere biometriske eksperter er kendt som sensor fusion. En almindelig udfordring er at resultaterne fra evaluering af de forskellige biometriske modaliteter normalt er uforenelige, da de har forskellige score intervaller og sandsynlighedsfordelinger. Error-based-fusion præsenteres som en ny fusions teknik, der omdanner individuelle score fra forskellige biometriske systemer til objektive beviser der kombineres ved hjælp af Bayesiansk interferens. Persistent Authentication er en effektiv integreret beskyttelsesforanstaltning, der distribueres direkte i bygningen. Den er ikke-invasiv for offentligheden og økonomisk overkommelig for de bygnings ejeren. Persistent Authentication er velegnet til sikkerheds følsomme anvendelser og kan hjælpe med at beskytte bygninger mod terrorisme og andre former for kriminalitet.Traditional authentication systems are considered persistent as they rarely limit the time the authentication is valid. Conversely, sensor-based authentication systems are considered transient as they allow continuous authentication of the users.In this thesis we present a new approach to authentication that combines traditional access control systems with the sensing technologies and tracking capabilities offered by smart environments. Our approach is called Persistent Authentication for Location-based Services. Persistent authentication enables the secure provision of location-based services through non-intrusive authentication of mobile users in a smart environment. The objective is to shift the current authentication paradigm from a single discrete event to a continuous session. This is accomplished by utilising the contextual awareness provided by the smart environment to track principals from the point of initial authentication to the point where authorisation is requested by location-based services. Facial recognition and appearance analysis are integrated in the persistent authentication system as remote biometric experts that operate at a distance and require no interaction from the users. The experts perform continuous authentication by processing samples of the biometric modalities as they become available. Combining scores from multiple biometric experts is known as sensor fusion. A common challenge in this field is that the results from evaluating different biometric characteristic are usually incompatible, as they have different score ranges as well as different probability distributions. Error-rate-based fusion is presented as a novel fusion technique that transforms individual scores from different biometric systems into objective evidences and combine them using Bayesian inference. Persistent authentication offers an effective integrated protection measure that is distributed directly in the facility and is non-intrusive to the public and affordable to the facility owners. Persistent authentication is suitable for security sensitive applications and can help protect the facility against terrorism and other types of crime