Physical Access Protection using Continuous Authentication

Traditional password based authentication systems assume that the user who manages to sign-on into the system is the actual authorized user. There is no differentiation between the authorized user and an intruder who knows how to sign-on into the system. This paper describes an authentication mechanism which reduces the risk of un-authorized system usage by continuously authenticating the current user. This is achieved by using biometric sensors which can verify the user in a transparent fashion. We have developed two such prototype systems - one for Linux, and the other for Windows - both of which are directly integrated with the operating system. This paper focuses on the Windows platform. The benefit of our continuous authentication system is that it gives a higher degree of assurance that the authorized user is indeed the one presently using the system, and does so in a way that is transparent to the user. Preliminary user studies on Windows demonstrate that continuous authentication can be used successfully on a user population using Windows on a variety of interactive applications which simulate a general task mix. Our studies show that the goal of transparency is achieved as most users were not bothered nor affected by presence of the continuous authentication system.