Continuous remote mobile identity management using biometric integrated touch-display

Abstract

While enriching the user experiences, the development of mobile devices and applications introduces new security and privacy vulnerabilities for the remote services accessed by mobile device users. A trusted and usable authentication architecture for mobile devices is thus in high demand. In this paper, we leverage a unified structure, consisting of transparent TFTbased fingerprint sensors, touchscreen, and display, to propose a novel identity management mechanism that authenticates users of touch based mobile devices for accessing the local devices and remote services. Our solution differs from the previous onetime and enforced authentication approaches through two novel features: (i) user transparent authentication process, requiring neither password nor extra login steps and (ii) continuous identity management based on fingerprint biometric, where each user-to-device touch interaction is used toward authentication. Moreover, we introduce two different security scenarios, one for local identity management, and the second extended solution for remote identity management. Finally we employ TRUST (Trust Reinforcement based on Unified Structural Touch-display) to solve the identity challenge in cyber space. © 2012 IEEE.