Upload
thiago-santos
View
219
Download
0
Embed Size (px)
Citation preview
8/11/2019 Known User Continuous Authentication System
1/2
Known User Continuous Authentication System
Ines Brosso1 Fernando Ferreira2
College of Computation and Informatics,
Mackenzie Presbyterian University,Sao Paulo, Brazil
[email protected] [email protected]
Graa Bressan3 Wilson V Ruggiero4
Laboratory of Computer Architecture and Networks,
Department of Computer and Digital System Engineering,Polytechnic School of So Paulo University, Brazil
[email protected] 3 [email protected] 4
Abstract This work presents KUCAS (Known User ContinuousAuthentication System), a work-in-progress security system, that hasa continuous authentication mechanism of users in software
application. The KUCAS system makes use of environmental contextinformation, users behavior analysis, the behavior theories of Skinnerand the Mathematical Confidence of Dempster-Shafer EvidencesTheory, that establishes trust levels to authenticate the user by his
behavior analysis, during an application software, in a specificdomain of the computer networks, in a period of time. The dynamicsof enclosed management in this system compares the currentbehavior with the users previous behaviors description and with the
trust restrictions. In case of indications of changes in the users
behavior, the system provides the behavior analysis of the user usingdatabase restrictions information. If there are uncertainties anddivergences, mechanisms of security and alert signals are triggered.
Keywords-component: Security and Content Protection,
Pervasive and Ambient Applications Computer, Access control,
Continuous Authentication Process, Behavioral science, Adaptative
Security Policy.
I. THE KUCASSYSTEM
KUCAS (Known User Continuous Authentication System)
is a security system that has a continuous authenticationmechanism of users [1]. A continuous authentication of theuser in an application software is extremely important and acomplement to the initial authentication. KUCAS Systemextracts behavioral information of users, in the environment,using context-aware computing. The human behavior is basedon contextual information, based on previous behavioralhistory, previous history of reinforcement of behavior andconduct of the person to immediately interact with theenvironment. The key concept of the thinking of Skinner'sbehavior is operant conditioning that is a mechanism thatrewards a response of an individual until he is conditioned toassociate the need for action [4]. The human behavior isuncertain and complex, defying the attempts of analysis, for
this should be based on rigorous methods of isolation ofvariables. The scientific analysis of the human behavior startsin the knowledge and isolation of the parts of an event, todetermine the characteristics and the dimensions of theoccasion where the behavior occurs, and to define the changesproduced in answers to the environment, space, time andopportunities. Thus, it can be said that the environment, thevirtual space and the physical space establish the conditions tooccur a behavior. When the organism answers to anenvironmental stimulation and the consequences of its reply
are awardees, this makes the probability of similar answersincrease; when the consequences are punitive, diminish suchprobability. It is in this way, the environmental variablesmodel the behavior of the users, in a conditioning process. Inanalogous way, during a software application session, the userbehavior is conditioned when interacting with an electro-electronic device and the software application. The user willassociate the situations occurred with other similar,generalizing this learning to a larger context of life. This may
be considered in the context of an authentication system andthe security aspects. KUCAS system has two different types ofauthentication: 1. Initial Authentication: the person informsthe access code and password which will be used for accessingthe software applications. 2. Continuous authentication:ensuring the authenticity of the person during thecommunication and over-application processing software, thesystem verifies the databases periodically, without thenecessity for confirmation of the authentication, everything isdone so ubiquitously, an authentication which extendscontinuously over the time interval in which the user interactswith the application software. The KUCAS System has aninfrastructure composed by one framework (F-KUCAS), aSecurity Module (S-KUCAS) and an Algorithm of ContinuousAuthentication (A-KUCAS) that analyzes the user behaviorand give him the trust level. The user accesses a softwareapplication in the wired or wireless network, the system isactivated and KUCAS capture the user behavior informationin the environment through the F-KUCAS framework, whichtriggers the algorithm A-KUCAS and the security module S -KUCAS; with the increase of user interaction with theenvironment, the KUCAS system will varying the initial levelof trust attributed to the user [3, 4]. The KUCAS system hasthree distinct stages: 1stage - to capture the information of theuser behavior in the environment, 2stage - to analyze the userbehavior, 3stage to increment/decrement the trust. Thecapture of user behavioral information in the environment is
done from the time when the user is identified and accesses asoftware application to the time when he closes it. Theinformation obtained is the evidence of user behavior. Theprocess of continuous authentication is done by The KUCASSystem that capture the environment context informationusing the contextual dimensions {who, where, when, what}defined by the Context-aware Computing and a variable calledrest that represents the behavioral restrictions for a user.
978-1-4244-5176-0/10/$26.00 2010 IEEE
This full text paper was peer reviewed at the direction of IEEE Communications Society subject matter experts for publication in the IEEE CCNC 2010 proceedings
8/11/2019 Known User Continuous Authentication System
2/2
Figure 1: The KUCAS Implementation
At the first moment, the user is identified by the KUCAS
system that starts a behavioral analysis of the user in a
software application session using the trust. The trust, the
concept that we humans use to give trust or not to a person is
based in the behavior and in the reputation. The trust in a
person is not the dichotomy of trust or not, it is dimensional
and it can be measured. For this, KUCAS System stipulatestrust levels based in the behavioral analysis of the user and in
the trust restrictions generated by the user. Along the time and
in accordance with the behavior analysis, the user trust level
can suffer variations, and thus, KUCAS System interacts with
the user and determines evidences to increase or to decrease
the trust in the user. The measures of trust and distrust are so
mutually dual and therefore, the measure of distrust can also
be defined as independent of the measure of trust. With the
time passing and in accordance with the behavior analysis, the
trust level in the user can suffer variations, and thus, KUCAS
System interacts with the user and it determines evidences to
increase or to decrease the trust in the user. Trust is based in
two not complementary measures: Confidence is an abstractconcept that shows a belief in the sincerity / authenticity of a
person in another person. Given the uncertainty and doubt, it is
often necessary to take decisions based on evidences, which
are not always accurate. The heuristic to define the initial trust
value is determined by a model based on the user behavior, his
activity at the moment, his localization, the schedule where the
current behavior occurs and the user behavior description. The
KUCAS system is being validated with successful tests and
simulations to continuous authenticate a user identity in
Internet banking and to protect financial information
resources.The KUCAS System, based on the evidences of the
behavior, establishes if it trusts or not in the user and the
behavior analysis reflects the personality of the user/consumer,
even in a conditioned environment. The KUCAS System
preserves the privacy of the consumer and it is possible to
define adaptive security policy, based on behavioral analysis
of user in computers networks.
II.
THE DEMONSTRATION OF KUCAS
Figure 2: Using KUCAS in Internet Banking Application
The Figure 2 shows KUCAS applied in a softwareapplication to access a bank account via Internet Banking orMobile Banking with the following variables: who={BankAccount and Password (Security Key)}, where= {Place or IPof computer}, when={Date and Time using Internet banking},
what={type of application (payment, transfer of money orfinancial investment} and the variable rest= {set of the
behavioral restrictions for a user in Internet Banking}.
Figure 3: KUCAS Presentation
Figure 3 shows how KUCAS can be demonstrated or usedin a place without using Internet.
III.
REFERENCES
[1] Brosso, I.; Bressan, G.; Ruggiero, W. V. - The ContinuousAuthentication- 22nd IEEE Computer Security Foundations Symposium(CSF 2009), Short Talks Session, July 8-10, Port Jefferson, New York,USA, ( 2009).
[2]
Dempster, A. P. -Upper and Lower Probabilities Induced by a Multi-valued Mapping, Annals of Mathematical Statistics, Vol.38, pp.325-339,(1967).
[3]
Shaffer, G. A Mathemathical Theory of Evidence. Princeton, PrincetonUniversity Press, (1976).
[4]
Skinner, B. F. Cincia e Comportamento Humano. So Paulo:Ed.Martins Fontes, (2003).
[5]
Calderon, T.G., Chandra, Akhilesh and Cheh, John J. - Modeling anintelligent continuous authentication system to protect financialinformation resources- International Journal of Accounting InformationSystems, Volume 7, Issue 2, Pages 91-109, June (2006).
This full text paper was peer reviewed at the direction of IEEE Communications Society subject matter experts for publication in the IEEE CCNC 2010 proceedings