Abstract
Human operators in control rooms are often responsible of issuing critical commands, and in charge of managing sensitive data. Insiders must be prevented to operate on the system: they may benefit of their position in the control room to fool colleagues, and gain access to machines or accounts. This paper proposes an authentication system for deterring and detecting malicious access to the workstations of control rooms. Specifically tailored for the operators in the control room of the crisis management system Secure!, the solution aims to guarantee authentication and non-repudiation of operators, reducing the risk that unauthorized personnel (including intruders) misuses a workstation. A continuous multi-biometric authentication mechanism is developed and applied in which biometric data is acquired transparently from the operator and verified continuously through time. This paper presents the authentication system design and prototype, its execution and experimental results.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Secure! Project. http://secure.eng.it
Kumar, S., Sim, T., Janakiraman, R., Zhang, S.: Using continuous biometric verification to protect interactive login sessions. In: 21st Annual Computer Security Applications Conference (ACSAC), pp. 441–450 (2005)
Altinok, A., Turk, M.: Temporal integration for continuous multimodal biometrics. In: Proceedings of the Workshop on Multimodal User Authentication (2003)
Azzini, A., Marrara, S., Sassi, R., Scotti, F.: A fuzzy approach to multimodal biometric continuous authentication. Fuzzy Optim. Decis. Making 7(3), 243–256 (2008)
Crawford, H., Renaud, K., Storer, T.: A framework for continuous, transparent mobile device authentication. Comput. Secur. 39, 127–136 (2013)
Jain, A.K., Ross, A., Prabhakar, S.: An introduction to biometric recognition. IEEE Trans. Circ. Syst. Video Technol. 14(1), 4–20 (2004)
Tripathi, K.P.: A comparative study of biometric technologies with reference to human interface. Int. J. Comput. Appl. 14(5), 10–15 (2011)
SecuGen OptiMouse Plus. http://www.secugen.com/products/po.htm
The OpenCV Reference Manual, Release 2.4.9.0 (2014)
Davison, A.: Killer Game Programming in Java. O’Reilly Media Inc., Sebastopol (2005)
Bours, P., Barghouthi, H.: Continuous authentication using biometric keystroke dynamics. In: The Norwegian Information Security Conference (NISK) (2009)
Ceccarelli, A., Bondavalli, A., Brancati, F., La Mattina, E.: Improving security of internet services through continuous and transparent user identity verification. In: IEEE 31st Symposium on Reliable Distributed Systems, (SRDS), pp. 201–206 (2012)
Ceccarelli, A., Montecchi, L., Brancati, F., Lollini, P., Marguglio, A., Bondavalli, A.: Continuous and transparent user identity verification for secure internet services. IEEE Trans. Dependable Secure Comput. 12(3), 270–283 (2015)
Nostro, N., Ceccarelli, A., Bondavalli, A., Brancati, F.: Insider threat assessment: a model-based methodology. Oper. Syst. Rev. (ACM) 48(2), 3–12 (2014)
Ross, A., Jain, A.K.: Information fusion in biometrics. Pattern Recogn. Lett. 24(13), 2115–2125 (2003)
Hong, L., Jain, A.K., Pankanti, S.: Can multibiometrics improve performance? Proc. AutoID 99, 59–64 (1999)
Montecchi, L., Nostro, N., Ceccarelli, A., Vella, G., Caruso, A., Bondavalli, A.: Model-based evaluation of scalability and security tradeoffs: a case study on a multi-service platform. In: Electronic Notes in Theoretical Computer Science, vol. 310, pp. 113–133 (2015)
Nostro, N., Ceccarelli, A., Bondavalli, A., Brancati, F.: A methodology and supporting techniques for the quantitative assessment of insider threats. In: Proceedings of the 2nd International Workshop on Dependability Issues in Cloud Computing (ACM), (3), pp. 1–6 (2013)
Acknowledgments
This work has been partially supported by the POR-CREO 2007-2013 Secure! project funded by the Tuscany Region, by the European FP7-IRSES project DEVASSES, and by the TENACE PRIN Project (n. 20103P34XC) funded by the Italian Ministry of Education, University and Research.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Schiavone, E., Ceccarelli, A., Bondavalli, A. (2015). Continuous User Identity Verification for Trusted Operators in Control Rooms. In: Wang, G., Zomaya, A., Martinez, G., Li, K. (eds) Algorithms and Architectures for Parallel Processing. ICA3PP 2015. Lecture Notes in Computer Science(), vol 9532. Springer, Cham. https://doi.org/10.1007/978-3-319-27161-3_17
Download citation
DOI: https://doi.org/10.1007/978-3-319-27161-3_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-27160-6
Online ISBN: 978-3-319-27161-3
eBook Packages: Computer ScienceComputer Science (R0)