Implementing WebIDs + Biometrics with Enrollment

Student Classification

Senior

Faculty Mentor

Albert Esterline, Ph.D.

Department

Department of Computer Science

Document Type

Poster

Publication Date

Fall 2019

Disciplines

Computer Sciences

Abstract

We are in the process of establishing a seamless way to accommodate WebIDs and biometrics into the cyber environment. This involves constructing a method of user verification that allows for simple, easy, and safe access. It is known that WebIDs are equipped to provide these such things when compared to the traditional username and password user authentication. However, with the use of WebIDs, important information can be stolen if an attacker is either to gain direct access to the user’s computer or they somehow obtain the user’s unique certificate. This possibility can be interrupted with the inclusion of biometrics to the authentication process since biometric data (eg, fingerprints, iris scan, etc.) is unique and not easily duplicated. We first created an enrollment protocol that verifies if a user has a WebID while attempting to access a server. If they do, we permit the use to have access to the server, and if they do not, we register the user by accessing their own server. Implementing these features in the WebID protocol would significantly improve the security of user authentication and reduce replay attacks in conducting biometric assessment.

This document is currently not available here.

Share

COinS