IDColor: A color based identification system

Guillermo Matas Miraz1, Pilar Castro Garrido1, Francisco José Bellido Outeiriño2, Irene Luque Ruiz1, Miguel Ángel Gómez-Nieto1

1Department of Computing and Numerical Analysis and 2Department of Electronics University of Córdoba

Córdoba, Spain {gmatas, pcgarrido, fjbellido, iluque, mangel}@uco.es

Abstract— This work describes the appropriateness of the application of color sensor and mobile devices for the design and development of secure personal identification systems in pervasive environments. The system proposes to use a color sequence as unique identification. The sequence will be properly encrypted along with user personal information in a structure called IDCKey and stored on a mobile device. The management and use of the IDCKeys is carried out by an application installed on the device that is the responsible for decrypting and displaying the color sequence. The sequence will be read and interpreted by real color sensor connected to any kind of object in a pervasive scenario. Data structure of IDCKeys, encryption type, processing and application of the system are described.

Color Sensor, Identification Systems, Mobile Devices, Blowfish Encryption, Pervasive Computing.

I. INTRODUCTION Identification systems are used to manage information

about people and objects. Generally, these systems require two basic components: an element containing the information encoded and an element with capacity to recognize that information [1].

Personal identification is the development of a procedure by which it is possible to determine unequivocally the identity of an individual. This type of systems allows access to previously authorized users to private venues, fairs, events, or restricted rooms [2]. These systems can also be adapted to limit the handling and access to mechanisms such as lathes step, parking car, access to computers, and so on [3].

There are different types of identification systems such as: identity cards [4], personal identification number (PINs) [5], biometric identification systems (voice, hand, fingerprint or retina) [6], Radio Frequency Identification Systems [7], Barcodes [8], electronic signatures [9], passwords, etc. [10]. Currently, the most widespread technology for the identification of objects is the barcode and in the last years the Radio Frequency Identification (RFID) [11].

But these systems are inappropriate for identifying people when they require security and privacy because unauthorized readers may compromise privacy by accessing tags without adequate access [12]. Therefore, other more secure and expensive identification systems are used [13].

Nowadays, the technological advances allow us to use other low cost technologies by which it is easier the personal

identification maintaining a high level of security at time. Thinking in a pervasive and general solution for the development of identification systems, the combining of mobile phones and real color sensor seems appropriate. Color sensors can detect different colors at high speed and high reliability. Moreover, today's mobile devices have an acceptable computational power, efficient operating systems, and mostly a high display capacity.

The aim of this work is to study the possibility of a secure and reliable personal identification system, different from the existing ones. We propose a system that makes use of color sensors and the mobile technology in the context of pervasive systems. The basic idea is to use a color sequence as identification key. This color sequence is not an isolated piece of information. Instead, each sequence is encapsulated together with user information, user device and use conditions, in an information structure that has been called IDCKey.

We conducted the study of photoelectric sensors in order to test its features and check whether they were adequate to achieve the objective, which was the reliable and fast recognition of color sequences. Moreover, we also studied the possibility of using existing mobile devices as an interaction tool (sequences generators) with these systems and as a method of personal identification.

This paper is focused on the use of secure color-based keys and mobile phones for the building of identification systems. Thus, Section 2 describes the main objectives and a brief description of the proposed system. We also analyze the characteristics and capacities of the sensor, we show the necessary adaptations. In section 3, we describe the elements that make up the system. Finally, we analyze and validate the proposed solution discussing the results obtained.

II. MATERIALS AND METHODS The main objectives of the work are:

• Study of the real color sensors, analysis of its characteristics and test of its capability for the color detection on the mobile devices screens.

• Study of the needs and characteristics of the keys based on a color sequence. Proposal for a solution, defining its properties, structure, management and security.

2011 IEEE International Conference on Consumer Electronics - Berlin (ICCE-Berlin)

978-1-4577-0234-1/11/$26.00 ©2011 IEEE 296

• Feasibility study of using mobile devices such as interaction devices and IDCKeys managers. Develop of algorithm and mobile applications to support the proposed IDCKey model.

• Defining use cases and test scenarios to analyze and, if appropriate, validate the use of IDCKeys as reliable and secure identification method.

In order to develop this project were necessary the following elements: a) color sensors: devices used to recognize the IDCKeys, b) mobile phones supporting screens with high or medium color quality to manage the IDCKeys and show the color sequence, c) one server to manage the information about users, devices and their associated IDCKeys and d) a element connected to the color sensors and running an application, in charge of recover their readings and execute actions based on them.

A simple use case of the system would be one in which a user requests an IDCKey on the server (via a website) and stores it on his mobile device. When identification is required, an application installed on the device will interpret the IDCKey, translating it into the color sequence that will be displayed and read by the sensor. This will be connected to a system that will determine the validity of the key, and will execute an action or will take a decision.

There are several models for representing the color. Some examples are RYB, RGB or CMYK model. In addition, there are different color spaces that are responsible for defining the color composition models. As examples we can point out RGB, HSV, YCbCr, YUV, YI'Q ', CMYK, sRGB or RGBA spaces. For our work we have used the RGB space and RGB model. This model defines three vectors, whose linear combination generates all the color space. Based on additive synthesis, any color can be represented by mixing the three primary light colors (Red, Green and Blue). To determine how involved each primary color, a numerical value is assigned to them. These values usually are between 0 and 255. Therefore, any color can be represented based on three components, a value for Red component, one for Green component and one for Blue component, expressed as (R, G, B).

A. Color sensor In our system we used the OPB780Z color sensor (Fig. 1a)

from Optek [14]. It is a full color sensor with 4 different frequencies relating directly to a specific color seen by the sensor. The OPB780Z uses a programmable light-to-frequency converter that combines 64 configurable silicon photodiodes and a current-to-frequency converter, with a white LED on a single and small TTL and CMOS integrated circuit. In order to reprogram and control the sensor, the Z8 Encore! XP Development Kit was used [15]. This kit includes a development board, and a USB smart cable, and an IDE with ANSI-C Compiler that allows us to modify the sensor internal code. Using the IDE and connecting the USB Smart Cable (Fig. 1b) to the OPB780 Evaluation Board we were able to reprograming it. Thus, we could modify sensor characteristic like the exposure time (integration time), the time between readings, the output, and so on according to our needs.

(a)

(b) Figure 1. OPB780Z Color Sensor

As mobile devices, we have used those with touch screen, as they are currently the most widespread.

Although the sensor performance and characteristics are well specified by the manufacturer, the special conditions of our system required a more detailed study of it. Thus, we tried to get answers and solutions to the sensor response when performed its readings on a device screen, how it responded to the light emitted by screens themselves, to the reflexes, the various types and technologies, the different qualities and resolutions, the environment conditions and so on.

Before continuing, it should be noted that in order to better understand the results of the readings (expressed in hertz) we performed the conversion to RGB values (in the range from 0 to 255). For this, we assumed 0 Hz as the minimum values out of the sensor and the output RGB values is obtained as follows:

((Reading * 255) / FullScaleValue) = RGB Value (1)

To carry out the tests on the devices, a basic MIDlet was developed. This MIDlet allowed showing any color by specifying its RGB components. It also allowed to automatically display the full range of colors from black (0, 0, 0) to white (255, 255, 255) using different intervals determined by different parameters.

Thus, we configured the sensor based on the study of:

1. White calibration of color sensor The first step was to calibrate the sensors for white. That is

telling the system, “This is white”. The white calibration for OPTEK sensor was performed automatically. The only modifiable parameter that initially could influence in the process was the exposure time, whose analysis is described below.

2. Sensor readings As in any measurement process an error was expected, so

the next step was to test the sensor sensitivity, and check if the taken readings were the expected ones. The idea was to program the MIDlet showing to the sensors all possible color combinations, capturing and analyzing their outputs, checking if the readings were correct, and if not, determining and eliminating the error. This study aims to analyze the sensitivity of readings for each RGB channel in a dependently and independently way.

297

Figure 2. OPB780Z readings

For example, Fig. 2 reflects the OPTEK sensor outputs to changes in the green color component. Based on this and other test we drew some conclusions to be taken into account in the IDCKey definition, such us: a) there was an initial gap in the readings, b) the sensor response, to the progressive change in the value of color components, was exponential but different depending on the component that was being measured, c) the sensor response to a linear increment in channel value was also linear, d) changes under 5 units in the variation of any color component, produced changes imperceptible by sensors, e) the sensor response to a color change was not immediate.

3. Integration time This study aimed to analyze the reading speed of the device

to determine information transmission rate to the sensor. The integration time is the how long of a period that is used to measure the frequency. A longer integration time will yield more accurate results, but take longer to make a measurement. Because one of our main objectives was speed reading, the problem here was finding the minimum stable value for the integration time without readings cease to be reliable.

OPB780Z sensor considers a single exposure time applied to all three channels equally. It counts the number of rising edges for the integration time period, and then it calculates a frequency based upon the count. This parameter varies from 100 to 1000 ms, but the default integration time is 200 milliseconds, where the relation between reading speed and reliability of them was good. For this reason, we just tried to see if it was possible to decrease the integration time to 100ms. After some test we could observe that the readings of a color were mixed with the following and it was impossible to distinguish between them properly. For this reason, the integration time was set at t=200ms.

4. Time between readings To speed up the readings, we try to minimize as much as

possible the time between them without losing accuracy.

We noticed that there were a couple of possible improvements that would optimize the reading time, so we decided to reprogram the sensor software. Firstly, we realized that the sensor after the RGB values, gave us a fourth component named Clear, whose value was not relevant for our purposes. So, we decided modify the code in order to avoid this reading. This would reduce cycle time by about 25% as the Clear sensor reading won't be made. Finally we decided to

eliminate all the unnecessary text output, so that we only received the frequency values.

5. Environment conditions We also take into consideration other factors such us

luminance intensity, distance to the object, angle of view, the image size, image position or display resolution.

Because the different lighting conditions and distance altered the readings significantly, it was decided as necessary to bring the device to the sensor so that both surfaces were in contact. Thus the amount of light, and the distance were always constant and therefore the readings were consistent. Also, because, the output frequency increased with the inclination of the sensor, the sensor should always be placed upright.

We also studied how the image size, image position or display resolution influenced the readings. We found that, even the readings were not the same, the difference was not significant, so, even if we should take into account, it would not be an essential aspect when validating the keys.

Based on testing, we describe the taken decisions about the chosen sensor, its configuration, the readings conditions and the final design of the IDCKeys.

To determine the number of colors displayed in the sequence we had to find a balance between the strength of the key (a greater number of colors, would increase security) and an acceptable exposure time.

However, due to the variation in the value of a component influenced the reading of the others, and because the difference between two consecutive colors should be considerable, we found that this sequence could not be anything. Thus, it was necessary to use just a small number of very distinct colors.

III. A IDENTIFICATION SYSTEM BASED ON COLOR For the proper functioning of the system, and proper

interaction with sensor, the following three subsystems have been created.

A. IDColor Server To achieve a secure ID system using color-based keys, it is

necessary to develop a system not only for the key generation, but also to keep information about keys, users and their devices that use them. The key generation subsystem is responsible for maintaining and managing user’s data, managing the IDCKeys and providing mechanisms for the provision of IDCKeys to the users.

Thus, after users authentication, this Web system allows them to view their IDCKeys, create (Fig. 3a), delete, rename and modify them or renewal their expiration date (we must take into account that keys will be valid only for a period of time, and after that, they will not be useful again). In addition it also allows the users to download (Fig. 3b) the IDCKey into their devices in two different ways, via USB connection or via GPRS connection (thanks to a MIDlet option).

An IDCKey represent in the system, the object generated by the server and stored and processed on the mobile device, which contains information representing unequivocally a

298

person and its associated key (a key identifier, the name, surnames and ID number of the person that uses the key, telephone number, the place where he will use the key, the phone's IMEI, the PIN to decrypt the key, the path where to store de IDCKey at device, the date of expiry of the key, and finally the color sequence. Each of the colors expressed in RGB values. In order to store and organize this information, XML technology has been used.

(a) (b) Figure 3. Some IDColor Server snapshots

One of the main issues in these kinds of systems is the security of keys. This important factor has been solved using an encryption algorithm. Thus, all the information stored in the XML file is encrypted using the Blowfish algorithm.

The encryption is done on the server using a PIN entered by the user during the IDCKey creation. The file is kept stored in encrypted form in the devices and it is decrypted by them only when it is necessary to use the key. To decrypt the user must enter the same PIN again. Using this strategy, no person may steal the keys of another user. But even in this case, you cannot interpret the information contained therein, nor may use them, because the PIN is personal and unknown.

In sum, once the IDCKey is created and the information is encrypted, it is stored in a XML file at server. This file will be placed on the mobile device in order to use it later as a key.

B. IDColor Application In order to test the overall operation of the system, it has

developed a simple application able to monitor and interpret the sensor readings and able to communicate with the server. Its main function is to emulate the behavior of the different possible applications or devices in which the identification systems based on color are useful. Therefore, the basic purpose is to compare if the readings made by the sensors match with the expected key color sequence.

Along with the generation of the IDCKey that will be stored in the user's device, the IDColor server also generates a XML configuration file for each of them. This file should be load in and used by the IDColor application to identify which is the expected key. The file contains data such as the user identification and device associated to each IDCKey.

In an example scenario, the IDColor application would emulate an electronic lock based on color recognition placed in a door, the application will ask the server for the key of the

door (that will be related with the user/guest and his device). Once received and stored, the door lock will start to evaluate the readings searching for the correct color sequence. When the user wants to open the door, he/she just needs to show to the sensor the sequence stored in his/her device. Then, the application will recognize it, will notify the event and will open the door.

(a)

(b)

Figure 4. Some IDColor MIDlet snapshots

C. IDColor MIDlet With the aims that the color sensor can interact with the

IDCKeys created by the server, it is necessary a device capable of processing the contents of the IDCKeys, recover and display the color sequence on a screen. For this reason, users interact with the system through a MIDlet installed in the mobile device.

The MIDlet facilitates the management of the IDCKeys created and assigned to each user and stored in the device (Fig. 4a). That is, it allows to downloading the IDCKeys, use or deleting them and showing the color sequences of one of the desired stored IDCKeys using the phone color screens. Also, the MIDlet allows the user requesting for new keys to the server, which once downloaded can be managed by the MIDlet locally.

Once the MIDlet is installed in the device the Keys download is so simple. During the IDCKey creation, the system assigns them a unique identifier or ID. To download an IDCKey, the user just has to indicate that ID (Fig. 4b).

The entire user IDCKeys are stored in a well-known directory in the device internal memory. Every IDCKey is directly associated with a user and their device and cannot be used in any other.

IV. DISCUSSION AND REMARKS The aim of this paper is to study new methods of personal

identification, which may be a real alternative to existing ones based for example on NFC technology, biometrics or magnetic strip. To this end, we have proposed the use of color sequence as an identifier, and color sensors and mobile devices as interaction devices. Color sequences will be associated with users and his/her device, and identification information, named IDCKey, is associated with place or units being created for each user.

299

The proposed system consists of three main components. The IDColor Server is responsible for users’ management and their IDCKeys. To facilitate this work an intuitive and easy to use website is offered to them. The IDColor MIDlet is a Java-based mobile application, which must be installed on devices to interact with the system. It allows the download, storage, management and use of IDCKeys and to show the color sequence when user identification is required.

Based on the study results, the IDCKey design and the security provided by the system and its efficiency, the ease of use and the ease of implementation, makes us to consider as a good choice of identification systems.

REFERENCES [1] M. Gevers, “A personal view of the development of system

identification: A 30-year journey through an exciting field,” Control Systems Magazine, IEEE. Vol. 26, issue 6, 2006.

[2] A. A. Bakar, R. Ismail, J. Jais, “A review on extended role based access control (E-RBAC) model in pervasive computing environment,” Networked Digital Technologies, 2009.

[3] Y. Y. Chen, M. L. Tsai, J. K. Jan, “The design of RFID access control protocol using the strategy of indefinite-index and challenge-response,” Computer communications. Vol. 34, issue 3, 2011.

[4] F. Mattatia, “The utility of electronic identity cards for a safer digital world,” Annales des telecommunications-annals of telecommunications. Vol. 62, issue 11-12, 2007.

[5] S. Zahid, M. Shahzad, S. A. Khayam, M. Farooq, “Keystroke-based user identification on smart phones,” in Proc. Recent advances in intrusion detection. Lecture Notes in Computer Science. Vol 5758, 2009

[6] R. T. Al-Zubi, D. I. Abu-Al-Nadi, “Automated personal identification system based on human iris analysis,” Pattern analysis and applications. Vol. 10. Issue 2, 2007.

[7] R. Mittra, “Radio frequency identification systems-present ptatus, Design Challenges and Future Outlook,” presented at APMC: 2008 Asia pacific microwave conference, vols 1-5, 2008.

[8] J. Sun, H. Q. Zhao, G. Z. Hu, “Study of the key techniques for implementing barcode network,” Computer and information science 2010. Studies in Computational Intelligence. Vol 317, 2010.

[9] X. Cui, C. T. Lv, “The research and application of digital signature,” presented at international conference of china communication. 2010

[10] J. Huiping, “Strong password authentication protocols,” Distance Learning and Education (ICDLE), 2010.

[11] F. Finkenzeller, RFID Handbook, Fundamentals and Applications in Contactless Smart Cards, Radio Frecuency Identification and Near Field Communication. John Wiley & Sons, Ltd., United Kingdom, 2010.

[12] S. A. Weis, S. E. Sarma, R. L. Rivest, D. W. Engels, “Security and privacy aspects of low-cost Radio Frequency Identification Systems,” D. Hutter et al. (Eds.): Security in Pervasive Computing 2003, LNCS 2802, pp. 201–212. Springer-Verlag Berlin Heidelberg, 2004.

[13] A. A. Y. Mustafa, “3D object recognition from color intensity images,” presented at 13th International Conference on Pattern Recognition, pp. 627-631. IEEE Press, Vienna, 1996.

[14] OPTEK Color Sensor. “Optek’s color sensor evaluation kit utilizes light reflection technique to easily identify colors,” OPTEK Technology. 2009.

[15] Z8 Encore! XP F042A Series 8-Pin Development Kit. User Manual UM018705-0508. 2008.

300