“Everyone knows there is a problem with
passwords. What I would like to do is
I’d like to move us to a world where you sit down at a console, identify
yourself, and you just start working.
The authentication happens in the background – invisible to you – while
you continue doing your work without interruptions.” - Mr. Richard Guidorizzi, DARPA Program
Manager, Beyond Passwords
The current standard method for
validating a user’s identity for authentication on an information system
requires humans to do something that is inherently unnatural: create, remember,
and manage long, complex passwords.
Moreover, as long as the session remains
active, typical systems incorporate no mechanisms to verify that the user
originally authenticated is the user still in control of the keyboard.
Thus unauthorized individuals may
improperly obtain extended access to information system resources if a password
is compromised or if a user does not exercise adequate vigilance after
initially authenticating at the console.
The Active Authentication program seeks
to address this problem by developing novel ways of validating the identity of
the person at the console that focus on the unique aspects of the individual
through the use of software based biometrics.
Biometrics are defined as the characteristics used to uniquely recognize
humans based on one or more intrinsic physical or behavioral traits.
This program focuses on the behavioral
traits that can be observed through how we interact with the world. Just as when you touch something your finger
you leave behind a fingerprint, when you interact with technology you do so in
a pattern based on how your mind processes information, leaving behind a
“cognitive fingerprint.”
The first phase of the program will
focus on researching biometrics that do not require the installation of
additional hardware sensors, rather the program will look for research on
biometrics that can be captured through the technology we already use looking
for aspects of this “cognitive fingerprint.”
These could include, for example, how
the user handles the mouse and how the user crafts written language in an
e-mail or document. A heavy emphasis
will be placed on validating any potential new biometrics with empirical tests
to ensure they would be effective in large scale deployments.
The later phases of the program will
focus on developing a solution that integrates any available biometrics using a
new authentication platform suitable for deployment on a standard a Department
of Defense desktop or laptop.
The combinatorial approach of using
multiple modalities for continuous user identification and authentication is
expected to deliver a system that is accurate, robust, and transparent to the
user’s normal computing experience. The
authentication platform will be developed with open Application Programming
Interfaces (APIs) to allow the integration of other software or hardware
biometrics available in the future from other sources.
Information for this article and video
provided by DARPA
Posts
No comments:
Post a Comment