The WebID Protocol Enhanced with Biometrics and a Federated Enrollment Protocol

Authors

Taylor Martin, North Carolina Agricultural and Technical State University

Student Classification

Junior

Faculty Mentor

Albert Esterline, Ph.D.

Department

Department of Computer Science

Document Type

Poster

Publication Date

Spring 2019

Disciplines

Computer Sciences

Abstract

We are currently working to integrate WebIDs and biometrics into the cyber security environment. This includes developing a strategy for user verification that considers simple and safe access. WebIDs provide these necessities when compared with the traditional username and password user authentication. However, with WebIDs, authentication data can be stolen if an attacker either gains direct access to the client's workstation or somehow acquires the client's unique certificate. This threat can be mitigated with the inclusion of biometrics to the authentication process since biometric information (e.g., fingerprints, iris scan) is unique and not easily copied. We first created an enrollment protocol that verifies whether a user has a WebID while attempting to access a service. If they have, we grant access to the service, and if they haven't, we enroll the user by accessing their own server.

Recommended Citation

Martin, Taylor, "The WebID Protocol Enhanced with Biometrics and a Federated Enrollment Protocol" (2019). Undergraduate Research and Creative Inquiry Symposia. 224.
https://digital.library.ncat.edu/ugresearchsymposia/224