Transparent and Constant Secure Service For User Identity Verification Using Biometrics

Transparent And Constant Secure Service For User Identity Verification
Using Biometrics
ABSTRACT
Secure user authentication is key in most of contemporary ICT systems. User authentication
systems square measure historically supported pairs of username and secret and verify the
identity of the user solely at login section. No checks square measure performed throughout
operating sessions, that square measure terminated by a precise logout or expire once associate
degree idle activity amount of the user. Security of web-based applications may be a serious
concern, as a result of the recent increase within the frequency and complexness of cyber-
attacks; biometric techniques supply rising answer for secure and sure authentication, wherever
username and secret square measure replaced by biometric information. However, parallel to the
spreading usage of biometric systems, the motivation in their misuse is additionally growing,
particularly considering their potential application within the money and banking sectors.
To timely notice misuses of laptop resources and stop that associate degree unauthorized user
maliciously replaces a licensed one, solutions supported multi-modal biometric continuous
authentication square measure planned, turning user verification into a nonstop method instead
of a erstwhile incidence. To avoid that one biometric attribute is solid; statistics authentication
will suppose multiple statistics traits. Finally, the utilization of biometric identification permits
credentials to be no inheritable transparently. Such ancient authentication approaches impair
usability for increased security, and supply no solutions against forgery or stealing of passwords.
We are implementing a new approach for user verification and session management that's
applied within the Context Aware Security by hierarchic structure design system for secure
biometric identification on the web. CASHMA is in a position to control firmly with any quite
internet service, as well as services with high security demands as on-line banking services, and
it's meant to be used from completely different consumer devices. Counting on the preferences
and needs of the owner of the net service, the CASHMA authentication service will complement
a standard authentication service, or we are able to replace it. we tend to exploit the novel chance
introduced by statistics to outline a protocol for continuous authentication that improves security
Using Biometrics
and value of user session. The protocol computes adaptative timeouts on the premise of the trust
expose within the user activity and within the quality and type of biometric information no
inheritable transparently through watching in background the users actions.
CHAPTER 2
LITERATURE SURVEY
1) Quantitative Security Evaluation of a Multi-Biometric Authentication
System
AUTHORS: L. Montecchi, P. Lollini, A. Bondavalli, and E. La Mattina,
Biometric authentication systems verify the identity of users by counting on their

distinctive traits, like fingerprint, face, iris, signature, voice, etc. statistics is often
perceived as a powerful authentication method; in apply many well-known
vulnerabilities exist, and security aspects ought to be rigorously thought-about,
particularly once it's adopted to secure the access to applications dominant
essential systems and infrastructures. During this paper we tend to perform a
quantitative security analysis of the CASHMA multi-biometric authentication
system, assessing the safety provided by totally different system configurations
against attackers with different capabilities. The analysis is performed
victimization the ADVISE modeling formalism, a formalism for security analysis
that extends attack graphs; it permits to mix data on the system, the offender, and
therefore the metrics of interest to supply quantitative results. The obtained results
offer helpful insight on the safety offered by the various system configurations, and
demonstrate the feasibleness of the approach to model security threats and
countermeasures in real eventualities.
Using Biometrics
2) Model-based evaluation of scalability and security tradeoffs: A case study

on a multi-service platform
AUTHORS: L. Montecchi, N. Nostro, A. Ceccarelli, G. Vella, A. Caruso, and

A. Bondavalli
Current ICT infrastructures square measure characterised by increasing needs of
irresponsibleness, security, performance, convenience, ability. A relevant issue is
described by the measurability of the system with regard to the increasing range of
users and applications, therefore requiring a careful orientating of resources. What
is more, new security problems to be long-faced arise from exposing applications
and information to the web, therefore requiring associate degree attentive analysis
of potential threats and therefore the identification of stronger security mechanisms
to be enforced, which can manufacture a negative impact on system performance
and measurability properties. The paper presents a model-based analysis of
measurability and security tradeoffs of a multi-service web-based platform, by
evaluating however the introduction of security mechanisms could cause a
degradation of performance properties. The analysis focuses on the OPENNESS
platform, a web-based platform providing completely different quite services, to
completely different classes of users. The analysis aims at characteristic the
bottlenecks of the system, underneath completely different configurations, and
assesses the impact of security countermeasures that were known by a radical
threat analysis activity antecedently disbursed on the target system. The modeling
Using Biometrics
activity has been disbursed victimization the random Activity Networks (SANs)
formalism, creating full use of its characteristics of modularity and reusability. The
analysis model is complete through the composition of a group of predefined guide
models, that facilitates the development of the general system model, and therefore
the analysis of various configuration by composing them in numerous ways that.
3) Attacks on Biometric Systems: A Case Study in Fingerprints

AUTHORS: U. Uludag and A.K. Jain
In spite of various blessings of biometrics-based personal authentication systems
over ancient security systems supported token or data, they're prone to attacks that
may decrease their security significantly. During this paper, we tend to analyze
these attacks within the realm of a fingerprint biometric system. We tend to
propose associate degree attack system that uses a hill rising procedure to
synthesize the target item templates and valuate its feasibleness with intensive
experimental results conducted on oversized fingerprint info. many measures that
may be utilized to decrease the chance of such attacks and their ramifications also
are conferred.
4) Automated Generation and Analysis of Attack Graphs

AUTHORS: O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J.M. Wing
An integral a part of modeling the worldwide read of network security is
constructing attack graphs. Manual attack graph construction is tedious, erring, and
impractical for attack graphs larger than 100 nodes. During this paper we tend to
gift an automatic technique for generating and analyzing attack graphs. We tend to
Using Biometrics
base our technique on symbolic model checking algorithms, belongings North

American country construct attack graphs mechanically and with efficiency. We
tend to additionally describe 2 analyses to assist decide that attacks would be most
cost-efficient to protect against. We tend to enforced our technique in an
exceedingly tool suite and tested it on satiny low network example, which
incorporates models of a firewall associate degreed an intrusion detection system.
5) Risk-Based Security Engineering through the Eyes of the Adversary

AUTHORS: S. Evans and J. Wallner
Today, security engineering for complicated systems is often done as a poster hoc
method. Taking a risk-based security engineering approach replaces today's
impromptu ways with a additional rigorous and disciplined approach that uses a
multi-criterion call model. This approach builds on existing techniques for
desegregation risk analysis with classical systems engineering. A ensuing security
metric are often compared with price and performance metrics in creating
engineering trade-off choices.
Using Biometrics
INTRODUCTION
Secure Computing
Computer security (Also referred to as cyber security or IT Security) is data

security as applied to computers and networks. The sphere covers all the processes
and mechanisms by that computer-based instrumentation, data and services square
measure protected against unplanned or unauthorized access, modification or
destruction. Laptop security additionally includes protection from unplanned
events and natural disasters. Otherwise, within the industry, the term security -- or
the phrase laptop security -- refers to techniques for guaranteeing that information
hold on in an exceedingly laptop cannot be browse or compromised by any people
while not authorization. Most laptop security measures involve encryption and
passwords. Encryption is that the translation of information into a type that's
unintelligible whiles not a deciphering mechanism. A secret may be a secret word
or phrase that offers a user access to a selected program or system.
Using Biometrics
Diagram clearly explain the about the secure computing
Working conditions and basic needs in the secure computing:
If you do not take basic steps to guard your work laptop, you set it and every one
the knowledge thereon in danger. Youll doubtless compromise the operation of
different computers on your organization's network, or maybe the functioning of
the network as a full.
1. Physical security:
Technical measures like login passwords, anti-virus square measure
essential. (More concerning those below) but, a secure physical area is that
the 1st and additional necessary line of defense.
Is the place you retain your work laptop secure enough to stop stealing or
access to that whereas you're away? Whereas the safety Department
provides coverage across the center, it solely takes seconds to steal a laptop,
significantly a conveyable device sort of a portable computer or a personal
organizer. A laptop ought to be secured like all different valuable possession
once you don't seem to be gift.
Using Biometrics
Human threats don't seem to be the sole concern. Computers are often
compromised by environmental mishaps (e.g., water, coffee) or physical
trauma. Make certain the physical location of your laptop takes account of
these risks yet.
2. Access passwords:
The University's networks and shared data systems square measure protected
partially by login credentials (user-IDs and passwords). Access passwords
also are a vital protection for private computers in most circumstances.
Offices square measure sometimes open and shared areas, thus physical
access to computers cannot be utterly controlled.
To protect your laptop, you must take into account setting passwords for
significantly sensitive applications resident on the pc (e.g., information
analysis software), if the package provides that capability.
3. Prying eye protection:
Because we tend to take care of all sides of clinical, research, instructional and
body information here on the medical field, it's necessary to try to everything
potential to reduce exposure of information to unauthorized people.
4. Anti-virus software:
Up-to-date, properly designed anti-virus package is important. whereas we've

server-side anti-virus package on our network computers, you continue to want it
on the consumer aspect (your computer).
5. Firewalls:
Using Biometrics
Anti-virus merchandise examines files on your laptop and in email. Firewall

package and hardware monitor communications between your laptop and therefore
the outside world. Thats essential for any networked laptop.
6. Software updates:
It is essential to stay package up thus far, particularly the software system, anti-
virus and anti-spyware, email and browser package. the latest versions can contain
fixes for discovered vulnerabilities.
Almost all anti-virus have automatic update options (including SAV). Keeping the
"signatures" (digital patterns) of malicious package detectors up-to-date is
important for this merchandise to be effective.
7. Keep secure backups:
Even if you are taking of these security steps, unhealthy things will still happen. Be
ready for the worst by creating backup copies of essential information, and keeping
those backup copies in an exceedingly separate, secure location. for instance, use
supplemental arduous drives, CDs/DVDs, or flash drives to store essential, hard-to-
replace information.
8. Report problems:
If you think that your laptop or any information thereon has been compromised,
your ought to create a data security incident report. that's needed by University
policy for all information on our systems, and de jure needed for health, education,
money and the other quite record containing place able personal data
Using Biometrics
Benefits of secure computing:
Protect yourself - Civil liability:

You may be control de jure prone to compensate a 3rd party ought to the
expertise money injury or distress as a results of their personal information
being taken from you or leaked by you
Protect your credibility - Compliance:

You may need complaisance with the info Protection Act, the FSA, SOX or
different restrictive standards. Every of those bodies stipulates that bound
measures be taken to guard the info on your network
Protect your reputation Spam:
A common use for infected systems is to affix them to a botnet (a assortment
of infected machines that takes orders from a command server) and use them
to channelize spam. This spam is often derived back to you, your server might
be blacklisted and you'll be unable to send email.
Protect your income - Competitive advantage:
There square measure variety of hackers-for-hire advertising their services
on the web commercialism their skills in breaking into companys servers to
steal consumer databases, proprietary package, merger and acquisition data,
personnel detail set al.
Protect your business Blackmail:
Using Biometrics
A seldom-reported supply of financial gain for hackers is tiebreak into your

server, modification all of your passwords and lock you out of it. The secret is
then sold-out back to you. Note: the hackers could implant a backdoor
program on your server in order that {they can they can theyll} repeat the
exercise at will.
Protect your investment - Free storage:
Your servers hard drive area is employed (or sold-out on) to accommodate the
hacker's video clips, music collections, pirated package or worse. Your server
or laptop then becomes endlessly slow and your web affiliation speeds
deteriorate as a result of the amount of individuals connecting to your server so
as to transfer the offered wares.
Software Environment
Java Technology
Java technology is both a programming language and a platform.
The Java Programming Language
The Java programming language is a high-level language that can be

characterized by all of the following buzzwords:
Simple
Using Biometrics
Architecture neutral
Object oriented
Portable
Distributed
High performance
Interpreted
Multithreaded
Robust
Dynamic
Secure
With most programming languages, you both compile or interpret software so that you
could run it in your computer. The Java programming language is individual in that a program
is both compiled and interpreted. With the compiler, first you translate software into an
intermediate language known as Java byte codes the platform-independent codes interpreted
by means of the interpreter on the Java platform. The interpreter parses and runs every Java
byte code guide on the laptop. Compilation occurs just as soon as; interpretation happens
whenever the software is executed. The next determine illustrates how this works.
You can suppose of Java byte codes because the computer code recommendations for the
Java virtual computing device (Java VM). Every Java interpreter, whether or not its a progress
Using Biometrics
instrument or a web browser that can run applets, is an implementation of the Java VM. Java
byte codes support makes write as soon as, run anyplace viable. That you may assemble your
application into byte codes on any platform that has a Java compiler. The byte codes can then be
run on any implementation of the Java VM. That means that so long as a laptop has a Java VM,
the identical program written within the Java programming language can run on windows 2000,
a Solaris workstation, or on an iMac.
The Java Platform

A platform is the hardware or software environment where a application runs.
Weve already recounted probably the most general structures like home windows 2000,
Linux, Solaris, and Mac OS. Most structures will also be described as a mixture of the
operating method and hardware. The Java platform differs from most different structures
in that its a application-only platform that runs on prime of different hardware-founded
platforms.
The Java platform has two components:

The Java Virtual Machine (Java VM)
The Java Application Programming Interface (Java API)
Using Biometrics
Youve already been introduced to the Java VM. Its the base for the Java platform
and is ported onto various hardware-based platforms.
The Java API is a gigantic collection of able-made application add-ons that furnish many
priceless capabilities, comparable to graphical consumer interface (GUI) widgets. The Java API
is grouped into libraries of associated courses and interfaces; these libraries are often called
programs. The subsequent part, what Can Java technology Do? Highlights what functionality
probably the most packages within the Java API provide.
The next figure depicts software thats walking on the Java platform. As the figure
suggests, the Java API and the virtual computer insulate the software from the hardware.
Native code is code that after you compile it, the compiled code runs on a particular hardware
platform. As a platform-unbiased environment, the Java platform can be a bit slower than native
code. Nevertheless, clever compilers, good-tuned interpreters, and simply-in-time byte code
compilers can deliver performance practically that of native code without threatening portability.
What Can Java Technology Do?
The most original varieties of applications written in the Java programming language are applets
and purposes. If you happen trove surfed the web, youre traditionally already familiar with
applets. An apple is software that adheres to certain conventions that enable it to run within a
Java-enabled browser.
However, the Java programming language isn't just for writing cute, unique applets for the
online. The final-intent, excessive-stage Java programming language can be a powerful program
platform. Utilizing the generous API, which you can write many forms of applications.
An application is a standalone application that runs immediately on the Java platform. A
distinctive type of utility often called a server serves and supports purchasers on a community.
Examples of servers are net servers, proxy servers, mail servers, and print servers. A further
specialized program is a servlet. A servlet can almost be suggestion of as an applet that runs on
Using Biometrics
the server part. Java Servlets are a general option for building interactive internet applications,
replacing the usage of CGI scripts. Servlets are much like applets in that they're runtime
extensions of applications. Alternatively of working in browsers, though, servlets run within Java
internet servers, configuring or tailoring the server.
How does the API help all most of these programs? It does so with packages of program
add-ons that supplies a large variety of functionality. Every full implementation of the
Java platform gives you the next features:
The essentials: Objects, strings, threads, numbers, input and output, data
structures, system properties, date and time, and so on.
Applets: The set of conventions used by applets.
Networking: URLs, TCP (Transmission Control Protocol), UDP (User Data gram
Protocol) sockets, and IP (Internet Protocol) addresses.
Internationalization: Help for writing programs that can be localized for users
worldwide. Programs can automatically adapt to specific locales and be displayed
in the appropriate language.
Security: Both low level and high level, including electronic signatures, public
and private key management, access control, and certificates.
Software components: Known as JavaBeansTM, can plug into existing
component architectures.
Object serialization: Allows lightweight persistence and communication via
Remote Method Invocation (RMI).
Java Database Connectivity (JDBCTM): Provides uniform access to a wide
range of relational databases.
The Java platform also has APIs for 2nd and 3-d images, accessibility, servers,
collaboration, telephony, speech, animation, and greater. the subsequent discern depicts
what is blanketed inside the Java 2 SDK.
Using Biometrics
ODBC
Microsoft Open Database Connectivity (ODBC) is a typical programming interface for software
developers and database systems vendors. Before ODBC grew to become a de facto ordinary for
home windows programs to interface with database systems, programmers had to use
proprietary languages for each and every database they wanted to connect with. Now, ODBC
has made the alternative of the database approach practically irrelevant from a coding
perspective, which is appropriately. Software builders have way more foremost things to worry
about than the syntax that is wanted to port their program from one database to yet another
when industry desires out of the blue exchange.
By way of the ODBC Administrator in manipulate Panel, which you could specify the targeted
database that's related to an information source that an ODBC application software is written to
make use of. Consider of an ODBC data source as a door with a name on it. Each door will lead
you to a distinctive database. For illustration, the info supply named income Figures possibly a
SQL Server database, whereas the debts Payable information source could refer to an access
database. The physical database noted by means of an information supply can live anyplace on
the LAN.
The ODBC system files usually are not hooked up for your system by windows ninety five.
Instead, they're hooked up while you setup a separate database application, equivalent to SQL
Server consumer or visible basic four.0. When the ODBC icon is hooked up in manage Panel, it
uses a file referred to as ODBCINST.DLL. It's also feasible to manage your ODBC knowledge
sources through a stand-by myself application called ODBCADM.EXE. There is a 16-bit and a
32-bit variation of this software and every keeps a separate list of ODBC knowledge sources.
Using Biometrics
From a programming point of view, the fantastic thing about ODBC is that the appliance can
also be written to use the identical set of operate calls to interface with any knowledge source,
whatever the database seller. The source code of the application doesnt exchange whether it
talks to Oracle or SQL Server. We only mention these two as an example. There are ODBC
drivers to be had for several dozen popular database systems. Even Excel spreadsheets and
undeniable text files may also be became data sources. The operating method makes use of the
Registry expertise written by means of ODBC Administrator to check which low-stage ODBC
drivers are wanted to talk to the information source (such because the interface to Oracle or
SQL Server). The loading of the ODBC drivers is obvious to the ODBC application application.
In a consumer/server environment, the ODBC API even handles some of the community
problems for the application programmer.
Some great benefits of this scheme are so numerous that you are traditionally considering there
must be some capture. The one disadvantage of ODBC is that it isnt as efficient as talking
directly to the native database interface. ODBC has had many detractors make the cost that it is
too sluggish. Microsoft has consistently claimed that the critical element in performance is the
great of the driving force application that's used. In our humble opinion, that is true. The
availability of good ODBC drivers has extended a fine deal recently. And anyway, the criticism
about efficiency is relatively analogous to those who mentioned that compilers would certainly
not match the pace of pure assembly language. Might be not, however the compiler (or ODBC)
gives you the opportunity to write down cleaner packages, which means that you finish sooner.
Meanwhile, computer systems get rapid each year.
JDBC
In an effort to set an independent database commonplace API for Java; sun Microsystems
developed Java Database Connectivity, or JDBC. JDBC offers a everyday SQL database access
mechanism that supplies a consistent interface to a form of RDBMSs. This regular interface is
achieved via using plug-in database connectivity modules, or drivers. If a database seller
desires to have JDBC support, he or she have to provide the driving force for every platform that
the database and Java run on.
Using Biometrics
To reap a wider acceptance of JDBC, sun founded JDBCs framework on ODBC. As you found
out earlier in this chapter, ODBC has well-known aid on a form of platforms. Basing JDBC on
ODBC will enable providers to carry JDBC drivers to market so much turbo than developing a
completely new connectivity solution.
JDBC used to be introduced in March of 1996. It was once launched for a ninety day public
evaluation that ended June 8, 1996. When you consider that of user input, the final JDBC
v1.Zero specification used to be launched soon after.
The rest of this part will cover sufficient expertise about JDBC for you to recognize what it is
about and how to use it conveniently. This is never a complete overview of JDBC. That may fill
an entire booklet.
JDBC Goals
Few software applications are designed without ambitions in mind. JDBC is one who, given that
of its many objectives, drove the development of the API. These goals, alongside early reviewer
suggestions, have finalized the JDBC category library into an effective framework for
constructing database purposes in Java.
The goals that had been set for JDBC are principal. They will provide you with some
perception as to why special courses and functionalities behave the way in which they do. The
eight design pursuits for JDBC are as follows:
1. SQL Level API

The designers felt that their fundamental intention used to be to outline a SQL
interface for Java. Despite the fact that no longer the bottom database interface stage viable,
it is at a low adequate degree for better-stage instruments and APIs to be created. Conversely,
it's at a excessive sufficient degree for software programmers to use it confidently. Achieving
this intention makes it possible for future device vendors to generate JDBC code and to
hide a lot of JDBCs complexities from the end person.
SQL Conformance
Using Biometrics
SQL syntax varies as you progress from database seller to database seller. So that you can
help a vast style of carriers, JDBC will enable any question declaration to be passed through
it to the underlying database driver. This enables the connectivity module to manage non-
usual functionality in a fashion that's suitable for its customers.
2. JDBC must be implemental on top of common database interfaces

The JDBC SQL API ought to sit down on top of alternative fashioned SQL stage
APIs. This purpose allows for JDBC to make use of existing ODBC level drivers by
means of a application interface. This interface would translate JDBC calls to ODBC and
vice versa.
3. Provide a Java interface that is consistent with the rest of the Java system
Because you consider that of Javas acceptance in the consumer neighborhood
accordingly a long way, the designers feel that they should not stray from the current
design of the core Java process.
4. Keep it simple
This purpose ordinarily seems in all software design purpose listings. JDBC is no
exception. Sun felt that the design of JDBC will have to be quite simple, permitting for
just one system of completing a assignment per mechanism. Allowing replica
functionality only serves to confuse the customers of the API.
5. Use strong, static typing wherever possible

Strong typing enables for more error checking to be executed at assemble
time; also, much less error show up at runtime.
6. Keep the common cases simple

Using Biometrics
Because more grounds that more typically than not, the average SQL calls
utilized by the programmer are easy choses, INSERTs, DELETEs and
updates, these queries will have to be easy to perform with JDBC.
Nevertheless, extra complicated SQL statements will have to also be feasible.
Finally we decided to precede the implementation using Java Networking.
And for dynamically updating the cache table we go for MS Access

database.
Java ha two things: a programming language and a platform.

Java is a high-level programming language that is all of the
following
Simple Architecture-neutral
Object-oriented Portable
Distributed High-performance
Interpreted multithreaded
Robust Dynamic
Secure
Java is also exceptional in that each Java program is each compiled and
interpreted. With a assemble you translate a Java application into an intermediate
language known as Java byte codes the platform-impartial code guide is passed
and run on the computer.
Compilation happens just as soon as; interpretation happens at any

time when the software is accomplished. The determine illustrates how
this works.
Using Biometrics
Java Program Interpreter
Compilers My Program
Networking
TCP/IP stack
The TCP/IP stack is shorter than the OSI one:

Using Biometrics
TCP is a connection-oriented protocol; UDP (User Datagram

Protocol) is a connectionless protocol.
Total address
The 32 bit address is usually written as 4 integers separated by dots.

Using Biometrics
Port addresses
A provider exists on a number, and is recognized by way of its port. It
is a 16 bit quantity. To ship a message to a server, you send it to the port for
that service of the host that it's jogging on. This isn't vicinity transparency!
Precise of those ports are "good known".
Sockets
A socket is a knowledge constitution maintained via the procedure to
control community connections. A socket is created using the decision
socket. It returns an integer that is sort of a file descriptor. Actually, below
windows, this handle can be utilized with read File and Write File
#include <sys/types.h>
#include <sys/socket.h>
int socket(int family, int type, int protocol);
Here "family" will be AF_INET for IP communications, protocol will

be zero, and type will depend on whether TCP or UDP is used. Two
processes wishing to communicate over a network create a socket each.
These are similar to two ends of a pipe - but the actual pipe does not yet
exist.
Using Biometrics
J2ME (Java 2 Micro edition):-
Sun Microsystems defines J2ME as "a incredibly optimized Java run-time environment focusing
on a broad range of client merchandise, including pagers, cell telephones, reveal-phones, digital
set-prime packing containers and auto navigation techniques." introduced in June 1999 on the
Java One Developer convention, J2ME brings the pass-platform performance of the Java
language to smaller gadgets, enabling mobile wi-fi devices to share functions. With J2ME, solar
has adapted the Java platform for patron products that incorporate or are headquartered on small
computing devices.
1. General J2ME architecture
J2ME uses configurations and profiles to customize the Java Runtime atmosphere (JRE). As a
entire JRE, J2ME is comprised of a configuration, which determines the JVM used, and a
profile, which defines the appliance by adding domain-distinct lessons. The configuration
Using Biometrics
defines the fundamental run-time atmosphere as a collection of core lessons and a designated
JVM that run on certain varieties of devices. We are going to speak about configurations in
element within the profile defines the appliance; notably, it adds domain-specified classes to the
J2ME configuration to define designated makes use of for contraptions. We'll quilt profiles in
depth in the next photo depicts the relationship between the unique digital machines,
configurations, and profiles. It additionally attracts a parallel with the J2SE API and its Java
digital computing device. Even as the J2SE digital machine is most commonly known as a JVM,
the J2ME digital machines, KVM and CVM, are subsets of JVM. Each KVM and CVM may
also be thought of as a kind of Java digital machine -- it can be simply that they're shrunken
types of the J2SE JVM and are distinct to J2ME.
2. Developing J2ME applications
Introduction in this section, we will be able to go over some concerns you ought to maintain in
intellect when constructing applications for smaller contraptions. We are going to take a seem on
the approach the compiler is invoked when utilising J2SE to collect J2ME applications. In the
end, we will discover packaging and deployment and the role preverification plays in this
approach.
3. Design considerations for small devices
Establishing purposes for small gadgets requires you to keep detailed approaches in mind for the
period of the design segment. It's quality to strategically design an application for a small gadget
earlier than you coding. Correcting the code considering that you did not recall the entire
"gotchas" earlier than setting up the appliance can be a painful system. Listed below are some
design strategies to do not forget:
* hold it simple. Dispose of unnecessary elements, possibly making these elements a separate,
secondary application.
* Smaller is best. This consideration should be a "no brainer" for all builders. Smaller functions
use less memory on the gadget and require shorter installation times. Consider packaging your
Java applications as compressed Java Archive (jar) records.
Using Biometrics
* curb run-time reminiscence use. To cut down the quantity of reminiscence used at run time, use
scalar types in position of object types. Additionally, don't rely upon the garbage collector. You
must manage the memory effectually yourself by means of atmosphere object references to null
if you find yourself finished with them. A further solution to lessen run-time memory is to use
lazy instantiation, best allocating objects on an as-needed groundwork. Other methods of
lowering overall and top memory use on small contraptions are to free up resources quickly,
reuse objects, and avert exceptions.
4. Configurations overview
The configuration defines the elemental run-time atmosphere as a suite of core courses and a
certain JVM that run on distinctive varieties of instruments. Presently, two configurations exist
for J2ME, although others are also outlined one day:
Connected limited tool Configuration (CLDC) Is used specially with the KVM for sixteen-bit
or 32-bit devices with constrained amounts of reminiscence. That is the configuration (and the
virtual computer) used for setting up small J2ME purposes. Its dimension boundaries make
CLDC more interesting and challenging (from a development point of view) than CDC. CLDC
can be the configuration that we will be able to use for constructing our drawing software
application. An illustration of a small wireless gadget running small applications is a Palm
handheld pc.
* Linked tool Configuration (CDC) is used with the C virtual machine (CVM) and is used for
32-bit architectures requiring greater than 2 MB of reminiscence. An instance of such a gadget is
an internet TV box.
5. J2ME profiles
What is a J2ME profile?
As we recounted earlier in this tutorial, a profile defines the form of gadget supported. The
cellular expertise device Profile (MIDP), for instance, defines classes for mobile phones. It adds
Using Biometrics
area-particular lessons to the J2ME configuration to outline uses for similar contraptions. Two
profiles had been defined for J2ME and are constructed upon CLDC: KJava and MIDP. Each
KJava and MIDP is related to CLDC and smaller contraptions. Profiles are constructed on top of
configurations. Considering that profiles are designated to the dimensions of the gadget (amount
of reminiscence) on which an utility runs, certain profiles are associated with distinct
configurations.
A skeleton profile upon which that you could create your possess profile, the foundation Profile,
is available for CDC.
Profile 1: KJava
KJava is sun's proprietary profile and includes the KJava API. The KJava profile is built on
prime of the CLDC configuration. The KJava digital computing device, KVM, accepts the equal
byte codes and class file structure because the classic J2SE virtual laptop. KJava involves a sun-
targeted API that runs on the Palm OS. The KJava API has a satisfactory deal in fashioned with
the J2SE summary Windowing Toolkit (AWT). However, when you consider that it is not a
regular J2ME package deal, its major bundle is com.Sun.Kjava. We'll be taught extra in regards
to the KJava API later in this tutorial after we improve some sample purposes.
Profile 2: MIDP
MIDP is geared towards cellular instruments comparable to mobile telephones and pagers. The
MIDP, like KJava, is developed upon CLDC and provides a regular run-time atmosphere that
allows for new purposes and offerings to be deployed dynamically on finish person instruments.
MIDP is a normal, industry-typical profile for cell devices that isn't dependent on a detailed
dealer. It is a whole and supported groundwork for cellular application
Development. MIDP contains the next programs, the first three of which can be core CLDC
applications, plus three MIDP-detailed programs.
* java.lang
* java.io
Using Biometrics
* java.util
* javax.microedition.io
* javax.microedition.lcdui
* javax.microedition.midlet
* javax.microedition.rms
SYSTEM ANALYSIS
EXISTING SYSTEM:
Once the users identity has been verified, the system resources square
measure accessible for a set amount of your time or till specific logout
from the user. This approach assumes that one verification (at the start of
the session) is ample, which the identity of the user is constant
throughout the complete session.
In existing, a multi-modal biometric verification system is intended and
developed to notice the physical presence of the user logged in an
exceedingly laptop.
The add another existing paper, proposes a multi-modal biometric
continuous authentication answer for native access to high-security
Using Biometrics
systems as ATMs, wherever the data no inheritable square measure

weighted within the user verification method, supported i) style of the
biometric traits and ii) time, since {different totally completely different
completely different} sensors square measure ready to offer data with
different timings. purpose ii) introduces the necessity of a temporal
integration methodology that depends on the provision of past
observations: supported the idea that as time passes, the boldness within
the no inheritable (aging) values decreases. The paper applies a
degeneracy perform that measures the uncertainty of the score computed
by the verification perform.
DISADVANTAGES OF EXISTING SYSTEM:
None of existing approaches supports continuous authentication. Emerging

biometric solutions permit subbing username and secret with biometric
information throughout session institution, however in such associate degree
approach still one verification is deemed ample, and therefore the identity of
a user is taken into account immutable throughout the whole session.
PROPOSED SYSTEM:
This paper presents a brand new approach for user verification and session
management that's applied within the context aware security by hierarchic
structure architectures (CASHMA) system for secure biometric identification
on the web.
CASHMA is in a position to control firmly with any quite internet service, as
well as services with high security demands as on-line banking services, and it's
Using Biometrics
meant to be used from completely different consumer devices, e.g., smart

phones, Desktop PCs or maybe biometric kiosks placed at the doorway of
secure areas. counting on the preferences and needs of the owner of the net
service, the CASHMA authentication service will complement a standard
authentication service, or will replace it.
Our continuous authentication approach is grounded on clear acquisition of
biometric information and on adaptative timeout management on the premise of
the trust expose within the user and within the completely different subsystems
used for authentication. The user session is open and secure despite potential
idle activity of the user, whereas potential misuses square measure detected by
endlessly confirming the presence of the right user.
ADVANTAGES OF PROPOSED SYSTEM:
Our approach doesn't need that the reaction to a user verification couple is
dead by the user device (e.g., the logout procedure), however it's
transparently handled by the CASHMA authentication service and therefore
the internet services that apply their own reaction procedures.
Provides a trade-off between usability and security.
SYSTEM DESIGN
SYSTEM ARCHITECTURE:
Using Biometrics
DATA FLOW DIAGRAM:
1. The DFD is additionally known as as bubble chart. it's an easy graphical

formalism that may be wont to represent a system in terms of computer file to the
system, numerous process disbursed on this information, and therefore the output
information is generated by this method.
2. the info multidimensional language (DFD) is one in all the foremost

necessary modeling tools. it's wont to model the system parts. These parts square
measure the system method, the info employed by the method, associate degree
external entity that interacts with the system and therefore the data flows within the
system.
3. DFD shows however the knowledge moves through the system and the way
it's changed by a series of transformations. it's a graphical technique that depicts
data flow and therefore the transformations that square measure applied as
information moves from input to output.
Using Biometrics
4. DFD is additionally referred to as bubble chart. A DFD is also wont to

represent a system at any level of abstraction. DFD is also partitioned off into
levels that represent increasing data flow and practical detail.
Using Biometrics
Login
User Server
Registration
Customer Details
Account Details
Activate Beneficial
Transaction
Transaction
Verification
Activate Blocked Account
Add Beneficial
Money Transfer
Using Biometrics
UML DIAGRAMS
UML stands for Unified Modeling Language. UML may be a standardized all-
purpose modeling language within the field of object-oriented package
engineering. the quality is managed, and was created by, the thing Management
cluster.
The goal is for UML to become a typical language for making models of object
minded laptop package. In its current type UML is comprised of 2 major
components: a Meta-model and a notation. within the future, some type of
methodology or method may be supplemental to; or related to, UML.
The Unified Modeling Language may be a normal language for specifying, mental
image, Constructing and documenting the artifacts of computer code, yet as for
business modeling and different non-software systems.
The UML represents a group of best engineering practices that have proved
successful within the modeling of huge and sophisticated systems.
The UML may be a vital a part of developing objects minded package and
therefore the package development method. The UML uses largely graphical
notations to precise the look of package comes.
GOALS:
The Primary goals in the design of the UML are as follows:
1. the first goals within the style of the UML square measure as follows:
2. Offer users a ready-to-use, communicatory visual modeling Language in
order that they will develop and exchange pregnant models.
Using Biometrics
3. Offer extendibility and specialization mechanisms to increase the core ideas.

4. Be freelance of specific programming languages and development method.
5. Offer a proper basis for understanding the modeling language.
6. Encourage the expansion of OO tools market.
7. Support higher level development ideas like collaborations, frameworks,
patterns and parts.
8. Integrate best practices.
USE CASE DIAGRAM:
A use case diagram within the Unified Modeling Language (UML) may be a style
of activity diagram outlined by and created from a Use-case analysis. Its purpose is
to gift a graphical summary of the practicality provided by a system in terms of
actors, their goals (represented as use cases), and any dependencies between those
use cases. The most purpose of a use case diagram is to point out what system
functions square measure performed that actor. Roles of the actors within the
system are often delineating.
Using Biometrics
Registration
Account Details
Transaction
Add Beneficial
Server
Money Transfer
User
Customer Details
Activate Beneficial
Transaction

Using Biometrics
CLASS DIAGRAM:
In package engineering, a category diagram within the Unified Modeling Language

(UML) may be a style of static structure diagram that describes the structure of a
system by showing the system's categories, their attributes, operations (or
methods), and therefore the relationships among the categories. It explains that
category contains data.
Using Biometrics
SEQUENCE DIAGRAM:
A sequence diagram in Unified Modeling Language (UML) may be a quite

interaction diagram that shows however processes operate with each other and in
what order. Its a construct of a Message Sequence Chart. Sequence diagrams
square measure typically known as event diagrams, event eventualities, and
temporal order diagrams.
Using Biometrics
Database
User
Server
Registration
Account Details
Verification
Add Beneficial
Money Transfer
Money Transfer
File Upload
Customer Details
Activate Beneficial
Transaction

Using Biometrics
ACTIVITY DIAGRAM:
Activity diagrams square measure graphical representations of workflows of

stepwise activities and actions with support for alternative, iteration and
concurrency. Within the Unified Modeling Language, activity diagrams are often
wont to describe the business and operational bit-by-bit workflows of parts in an
exceedingly system. Associate degree activity diagram shows the general flow of
management.
Using Biometrics
Login
User
Server
incorrect
verify user
user Invalid server
verify server
Account Details
Customer Details
Transaction
Activate Beneficial
Add Beneficial
Transaction
Money Transfer
Intra, Inter
Using Biometrics
IMPLEMENTATION
MODULES:
System Model
Authentication Server
CASHMA Certificate
Continuous Authentication
MODULES DESCRIPTION:
System Model:
In this module, we tend to produce the System model to judge and

implement our planned system. CASHMA will demonstrate to internet
services, starting from services with strict security needs as on-line banking
services to services with reduced security needs as forums or social
networks. to boot, it will grant access to physical secure areas as a restricted
zone in associate degree flying field, or a military zone (in such cases the
authentication system are often supported by biometric cubicle placed at the
doorway of the secure area). we tend to make a case for the usage of the
CASHMA authentication service by discussing the sample application
situation, wherever a user u needs to log into a web banking service.
"User Id" refers to the identity of the user obtained from the Bank for the
aim of work into the web Banking facility provided by the Bank.
Using Biometrics
"Login Password" may be a distinctive and at random generated secret

notable solely to the client, which might be modified by the user to his/her
convenience. this can be a method of authenticating the user ID for work
into web Banking.
"Transaction Password" may be a distinctive and at random generated secret

notable solely to the client, which might be modified to his/her convenience. this
can be a method of authentication needed to be provided by the client for putt
through the dealing in his/her/their/its accounts with Bank through web Banking.
whereas User ID and secret square measure for valid access into the web
application, giving valid dealing secret is for authentication of transaction/requests
created through web
Authentication Server:
In web banking like ancient banking ways, security may be a primary

concern. Server can take each precaution necessary to take care your data is
transmitted safely and firmly. the most recent ways in web banking industry
security square measure wont to increase and monitor the integrity and
security of the system.
The Server maintains the functionality:
o Customer Details
o Activation of Beneficiary
o Transaction Details
o Activate Blocked Account
CASHMA Certificate
Using Biometrics
In this module, we tend to gift the knowledge contained within the body of
the CASHMA certificate transmitted to the consumer by the CASHMA
authentication server, necessary to grasp details of the protocol. Time stamp
and sequence range univocally establish every certificate, and shield from
replay attacks. ID is that the user ID, e.g., a number.
Decision represents the result of the verification procedure disbursed on the
server aspect. It includes the expiration time of the session, dynamically
appointed by the CASHMA authentication server. In fact, the worldwide
trust level and therefore the session timeout square measure continually
computed considering the time instant during which the CASHMA
application acquires the biometric information, to avoid potential issues
associated with unknown delays in communication and computation.
Continuous Authentication:
A secure protocol is outlined for perpetual authentication through continuous

user verification. The protocol determines adaptative timeouts supported the
standard, frequency and sort of biometric information transparently no
inheritable from the user. the utilization of biometric identification permits
credentials to be no inheritable transparently, i.e., while not expressly
notifying the user or requiring his/her interaction, that is important to ensure
higher service usability.
The plan behind the execution of the protocol is that the consumer endlessly
and transparently acquires and transmits proof of the user identity to take
care of access to an internet service. The most task of the planned protocol is
Using Biometrics
to make and so maintain the user session adjusting the session timeout on the
premise of the boldness that the identity of the user within the system is real.
SYSTEM STUDY
FEASIBILITY STUDY
The feasibility of the undertaking is analyzed in this phase and

industry proposal is put forth with an extraordinarily common plan for the task and
some rate estimates. For the duration of method analysis the feasibility study of the
proposed approach is to be implemented. This is to make sure that the proposed
procedure is not a burden to the corporation. For feasibility evaluation, some
figuring out of the main necessities for the approach is essential.
Three key considerations involved in the feasibility analysis are
ECONOMICAL FEASIBILITY
TECHNICAL FEASIBILITY
SOCIAL FEASIBILITY
ECONOMICAL FEASIBILITY
Using Biometrics
This gain knowledge of is carried out to verify the economic have an

impact on that the method can have on the group. The quantity of fund that the
enterprise can pour into the research and progress of the system is constrained. The
expenses have got to be justified. For that reason the developed procedure as well
within the budget and this was carried out considering that many of the
technologies used are freely on hand. Best the customized products needed to be
bought
TECHNICAL FEASIBILITY
This be taught is carried out to examine the technical feasibility,

that's, the technical requirements of the procedure. Any system developed have to
no longer have an excessive demand on the to be had technical resources. This may
lead to high needs on the available technical resources. This may result in
excessive demands being positioned on the customer. The developed system ought
to have a modest requirement, as best minimal or null alterations are required for
enforcing this process.
SOCIAL FEASIBILITY
The aspect of be trained is to determine the extent of acceptance of the

system by the consumer. This entails the procedure of training the consumer to use
the method efficaciously. The person have got to not feel threatened via the
process, instead must accept it as a necessity. The extent of acceptance via the
users completely will depend on the approaches that are employed to coach the
user about the system and to make him acquainted with it. His degree of self
Using Biometrics
assurance must be raised so that he's also competent to make some positive
criticism, which is welcomed, as he's the final person of the method .
SYSTEM TESTING
The intent of testing is to discover error. Testing is the approach of trying to

become aware of each conceivable fault or weakness in a piece product. It presents
a method to verify the functionality of accessories, sub assemblies, assemblies
and/or a completed product it's the system of exercising program with the intent of
making sure that the
application system meets its requirements and person expectations and does now
not fail in an unacceptable manner. There are more than a few forms of scan. Every
scan kind addresses a detailed checking out requirement.
TYPES OF TESTS
Unit testing
Unit trying out involves the design of test instances that validate
that the inner program common sense is functioning properly, and that program
inputs produce legitimate outputs. All determination branches and interior code
drift will have to be validated. It's the trying out of individual program items of the
appliance .It is done after the completion of an individual unit before integration. It
Using Biometrics
is a structural trying out, that relies on capabilities of its building and is invasive.
Unit exams participate in basic exams at element level and experiment a distinct
industry system, utility, and/or approach configuration. Unit tests be certain that
each and every exact course of a trade approach performs effectively to the
documented requisites and contains certainly outlined inputs and anticipated
outcome.
Integration testing
Integration checks are designed to scan built-in software accessories to
determine if they truely run as one application. Checking out is occasion driven
and is more concerned with the elemental end result of monitors or fields.
Integration assessments show that despite the fact that the accessories were
individually pleasure, as shown by using effectively unit trying out, the blend of
components is proper and regular. Integration testing is mainly aimed at exposing
the issues that arise from the mixture of components.
Functional test
Practical assessments furnish systematic demonstrations that functions validated are on

hand as distinct by the industry and technical requirements, approach documentation, and user
manuals.
Functional testing is centered on the following items:

Using Biometrics
Valid Input : identified classes of valid input must be accepted.
Invalid Input : identified classes of invalid input must be rejected.
Functions : identified functions must be exercised.
Output : identified classes of application outputs must be exercised.
Systems/Procedures: interfacing systems or procedures must be invoked.
Institution and education of practical tests is serious about specifications, key features, or
specified experiment instances. In addition, systematic insurance policy referring to identify
industry system flows; data fields, predefined strategies, and successive approaches have to be
considered for checking out. Earlier than practical trying out is complete, extra tests are
recognized and the effective price of current checks is determined.
System Test
System trying out ensures that the entire built-in software approach meets standards. It
assessments a configuration to be certain recognized and predictable results. An example of
system checking out is the configuration oriented system integration experiment. Process
checking out is situated on approach descriptions and flows, emphasizing pre-pushed system
links and integration features.
White Box Testing

White field checking out is a checking out where the program tester has potential of
the interior workings, structure and language of the application, or at the least its rationale. It's
rationale. It is used to test areas that are not able to be reached from a black field level.
Using Biometrics
Black Box Testing

Black field testing is checking out the program with none potential of the inside
workings, structure or language of the module being confirmed. Black field exams, as most other
types of exams must be written from a definitive supply document, equivalent to specification or
requisites record, reminiscent of specification or necessities file. It's a trying out wherein the
program underneath test is handled, as a black box .You is not able to see into it. The test
provides inputs and responds to outputs without given that how the application works.
6.1 Unit Testing:
Unit trying out is normally carried out as part of a blended code and unit test phase of the
software lifecycle, even though it isn't unusual for coding and unit testing to be performed as two
awesome stages.
Test strategy and approach

Field checking out may be completed manually and purposeful tests may be written in
element.
Test objectives
All field entries must work properly.
Pages must be activated from the identified link.
The entry screen, messages and responses must not be delayed.
Features to be tested
Verify that the entries are of the correct format
Using Biometrics
No duplicate entries should be allowed

All links should take the user to the correct page.
6.2 Integration Testing
Software integration checking out is the incremental integration testing of or extra

integrated software components on a single platform to supply screw ups as a result of interface
defects.
The venture of the combination take a look at is to check that additives or software
program packages, e.g. components in a software gadget or one step up software program
programs on the organisation degree interact with out error.
Test Results: All the test cases mentioned above passed successfully. No defects
encountered.
6.3 Acceptance Testing
User popularity checking out is a critical section of any undertaking and

calls for tremendous participation via the end user. It additionally ensures that the
gadget meets the functional requirements.
Test Results: All the test cases mentioned above passed successfully. No defects
encountered.
Using Biometrics
SCREEN SHOTS
Using Biometrics
Using Biometrics
Using Biometrics
Using Biometrics
Using Biometrics
CONCLUSION
We exploited the novel chance introduced by statistics to outline a protocol for

continuous authentication that improves security and value of user session. The
protocol computes adaptative timeouts on the premise of the trust expose within
the user activity and within the quality and type of biometric information no
inheritable transparently through watching in background the users actions. Some
architectural style choices of CASHMA are here mentioned. First, the system
exchanges data and not the options extracted from them or templates, whereas
crypto-token approaches don't seem to be considered; as debated in Section three.1,
this can be as a result of discipline choices wherever the consumer is unbroken
terribly straightforward. we tend to remark that our planned protocol works with no
changes victimization options, templates or data. Second, privacy considerations
ought to be addressed considering National legislations. At present, our image
solely performs some checks on face recognition, wherever only 1 face (the biggest
one rust) from the face detection.
REFERENCES
[1] CASHMA-Context Aware Security by Hierarchical Multilevel Architectures,
MIUR FIRB, 2005.
[2] L. Hong, A. Jain, and S. Pankanti, Can Multibiometrics Improve

Performance? Proc. Workshop on Automatic Identification Advances
Technologies (AutoID 99) Summit, pp. 59-64, 1999.
Using Biometrics
[3] S. Ojala, J. Keinanen, and J. Skytta, Wearable Authentication Device for

Transparent Login in Nomadic Applications Environment, Proc. Second Intl
Conf. Signals, Circuits and Systems (SCS 08), pp. 1-6, Nov. 2008.
[4] BioID Biometric Authentication as a Service (BaaS), BioID Press Release,

https://www.bioid.com, Mar. 2011.
[5] T. Sim, S. Zhang, R. Janakiraman, and S. Kumar, Continuous Verification

Using Multimodal Biometrics, IEEE Trans. Pattern Analysis and Machine
Intelligence, vol. 29, no. 4, pp. 687-700, Apr. 2007.
[6] L. Montecchi, P. Lollini, A. Bondavalli, and E. La Mattina, Quantitative

Security Evaluation of a Multi-Biometric Authentication System, Proc. Intl Conf.
Computer Safety, Reliability and Security, pp. 209-221, 2012.
[7] S. Kumar, T. Sim, R. Janakiraman, and S. Zhang, Using Continuous

Biometric Verification to Protect Interactive Login Sessions, Proc. 21st Ann.
Computer Security Applications Conf. (ACSAC 05), pp. 441-450, 2005.
[8] A. Altinok and M. Turk, Temporal Integration for Continuous Multimodal

Biometrics, Proc. Workshop Multimodal User Authentication, pp. 11-12, 2003.
[9] C. Roberts, Biometric Attack Vectors and Defences, Computers & Security,
vol. 26, no. 1, pp. 14-25, 2007.
Using Biometrics
[10] S.Z. Li and A.K. Jain, Encyclopedia of Biometrics. first ed., Springer, 2009.
[11] U. Uludag and A.K. Jain, Attacks on Biometric Systems: A Case Study in
Fingerprints, Proc. SPIE-EI 2004, Security, Steganography and Watermarking of
Multimedia Contents VI, vol. 5306, pp. 622-633, 2004.
[12] E. LeMay, W. Unkenholz, D. Parks, C. Muehrcke, K. Keefe, and W.H.

Sanders, Adversary-Driven State-Based System Security Evaluation, Proc. the
Sixth Intl Workshop Security Measurements and Metrics (MetriSec 10), pp. 5:1-
5:9, 2010.
[13] O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J.M. Wing , Automated

Generation and Analysis of Attack Graphs, Proc. IEEE Symp. Security and
Privacy, pp. 273-284, 2002.
[14] D.M. Nicol, W.H. Sanders, and K.S. Trivedi, Model-Based Evaluation: From
Dependability to Security, IEEE Trans. Dependable and Secure Computing, vol.
1, no. 1, pp. 48-65, Jan.-Mar. 2004.
[15] T. Courtney, S. Gaonkar, L. Keefe, E.W.D. Rozier, and W.H. Sanders,

Mobius 2.3: An Extensible Tool for Dependability, Security, and Performance
Evaluation of Large and Complex System Models, Proc. IEEE/IFIP Intl Conf.
Dependable Systems & Networks (DSN 09), pp. 353-358, 2009.
Using Biometrics
[16] W.H. Sanders and J.F. Meyer, Stochastic Activity Networks: Formal
Definitions and Concepts, Lectures on Formal Methods and Performance
Analysis, pp. 315-343, Springer-Verlag, 2002.
[17] T. Casey, Threat Agent Library Helps Identify Information Security Risks,,
White Paper, Intel Corporation, Sept. 2007.
[18] A. Ceccarelli, A. Bondavalli, F. Brancati, and E. La Mattina, Improving

Security of Internet Services through Continuous and Transparent User Identity
Verification, Proc. Intl Symp. Reliable Distributed Systems (SRDS), pp. 201-
206, Oct. 2012.
[19] Adobe Products List, http://www.adobe.com/products, 2014.
[20] T.F. Dapp, Growing Need for Security in Online Banking: Biometrics Enjoy
Remarkable Degree of Acceptance,, Banking & Technology Snapshot, DB
Research, Feb. 2012.

Transparent and Constant Secure Service For User Identity Verification Using Biometrics

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Transparent and Constant Secure Service For User Identity Verification Using Biometrics

Încărcat de

Drepturi de autor:

Formate disponibile

Transparent And Constant Secure Service For User Identity Verification

1) Quantitative Security Evaluation of a Multi-Biometric Authentication

AUTHORS: L. Montecchi, P. Lollini, A. Bondavalli, and E. La Mattina,

Biometric authentication systems verify the identity of users by counting on their

2) Model-based evaluation of scalability and security tradeoffs: A case study

AUTHORS: L. Montecchi, N. Nostro, A. Ceccarelli, G. Vella, A. Caruso, and

3) Attacks on Biometric Systems: A Case Study in Fingerprints

4) Automated Generation and Analysis of Attack Graphs

base our technique on symbolic model checking algorithms, belongings North

5) Risk-Based Security Engineering through the Eyes of the Adversary

Computer security (Also referred to as cyber security or IT Security) is data

Diagram clearly explain the about the secure computing

Working conditions and basic needs in the secure computing:

3. Prying eye protection:

Up-to-date, properly designed anti-virus package is important. whereas we've

Anti-virus merchandise examines files on your laptop and in email. Firewall

7. Keep secure backups:

Benefits of secure computing:

Protect yourself - Civil liability:

Protect your credibility - Compliance:

A seldom-reported supply of financial gain for hackers is tiebreak into your

Java technology is both a programming language and a platform.

The Java Programming Language

The Java programming language is a high-level language that can be

The Java Platform

The Java platform has two components:

What Can Java Technology Do?

1. SQL Level API

2. JDBC must be implemental on top of common database interfaces

5. Use strong, static typing wherever possible

6. Keep the common cases simple

Finally we decided to precede the implementation using Java Networking.

And for dynamically updating the cache table we go for MS Access

Java ha two things: a programming language and a platform.

Compilation happens just as soon as; interpretation happens at any

Java Program Interpreter

The TCP/IP stack is shorter than the OSI one:

TCP is a connection-oriented protocol; UDP (User Datagram

The 32 bit address is usually written as 4 integers separated by dots.

Here "family" will be AF_INET for IP communications, protocol will

J2ME (Java 2 Micro edition):-

1. General J2ME architecture

2. Developing J2ME applications

3. Design considerations for small devices

What is a J2ME profile?

systems as ATMs, wherever the data no inheritable square measure

DISADVANTAGES OF EXISTING SYSTEM:

None of existing approaches supports continuous authentication. Emerging

meant to be used from completely different consumer devices, e.g., smart

ADVANTAGES OF PROPOSED SYSTEM:

DATA FLOW DIAGRAM:

1. The DFD is additionally known as as bubble chart. it's an easy graphical

2. the info multidimensional language (DFD) is one in all the foremost

4. DFD is additionally referred to as bubble chart. A DFD is also wont to

Activate Blocked Account

3. Offer extendibility and specialization mechanisms to increase the core ideas.

USE CASE DIAGRAM:

Activate Blocked Account

In package engineering, a category diagram within the Unified Modeling Language

A sequence diagram in Unified Modeling Language (UML) may be a quite

Activate Blocked Account

Activate Blocked Account

Activity diagrams square measure graphical representations of workflows of