Zur Kurzanzeige

dc.creatorKopsidas, S.en
dc.creatorZisiadis, D.en
dc.creatorTassiulas, L.en
dc.date.accessioned2015-11-23T10:35:30Z
dc.date.available2015-11-23T10:35:30Z
dc.date.issued2006
dc.identifier10.1109/HOTWEB.2006.355266
dc.identifier.isbn9781424405954
dc.identifier.isbn1424405955
dc.identifier.urihttp://hdl.handle.net/11615/29618
dc.description.abstractSecure end-to-end information exchange is a constant challenge in electronic communications. Novel security architectures and approaches are proposed constantly, to be followed by announcements of sophisticated attack methods that compromise them, while people suspect others, even more sophisticated attack methods never see the daylight. In the present work we propose a novel method for secure end-to-end communication based on biometric evidence to ensure security and integrity of the information exchanged. The traditional approach for securing the communication between two peers is through the use of secret key encryption combined with a public key approach for exchanging the common secret key to be used by the end peers. The public key part of the communication is based on a trusted authority for providing the public keys, a service provided through a Public Key Infrastructure (PKI). Public key infrastructures are vulnerable to man in the middle attacks, among other approaches that compromise their integrity. There has been a lot of work for providing robust PKI infrastructures, the proposed solutions are fairly demanding on network resources, hence public key solutions are not the security approach of choice in several applications that require light weight solutions. Here we propose an approach for providing secure end-to-end communications in environments where it is possible to have biometric based authentication, exploiting the nature of the application; voice communication being the typical example that we use as our paradigm for describing the method. During the establishment of the communication session, the end-peers exchange a challenge/signature token, the integrity of which is confirmed vocally when the voice communication initiates. The security of the method relies on the inability to mechanically impersonate an individual both because of the biometric user specific attributes of the human voice and video as well as the user customized profile of the exchanged information. The method is appropriate for ensuring the security of an encrypted phone conversation, guaranteeing the integrity of the session key exchanged in the beginning of the conversation. It requires minimal resources from the user handsets and no additional support from the network, so it is inherently scalable and readily deployable as it only needs an appropriately enhanced secure handset. ©2006 IEEE.en
dc.source.urihttp://www.scopus.com/inward/record.url?eid=2-s2.0-50049087086&partnerID=40&md5=ccc12cdf70c5a9ddb1d799876d73696e
dc.subjectBiometric securityen
dc.subjectCryptographyen
dc.subjectIntrusion detectionen
dc.subjectKey exchangeen
dc.subjectPrivacyen
dc.subjectVoice communicationen
dc.subjectBiometricsen
dc.subjectComputer systemsen
dc.subjectInternet protocolsen
dc.subjectInternet telephonyen
dc.subjectLightingen
dc.subjectMetropolitan area networksen
dc.subjectPublic key cryptographyen
dc.subjectQuality assuranceen
dc.subjectReliabilityen
dc.subjectSecurity of dataen
dc.subjectTechnologyen
dc.subjectTelecommunicationen
dc.subjectTelecommunication networksen
dc.subjectTelephone setsen
dc.subjectTelephone systemsen
dc.subjectWorld Wide Weben
dc.subjectAttack methodsen
dc.subjectBiometric based authenticationen
dc.subjectBiometric evidenceen
dc.subjectBiometric verificationen
dc.subjectElectronic communicationsen
dc.subjectEnd-to-end communicationsen
dc.subjectEnd-to-end securityen
dc.subjectHuman voiceen
dc.subjectInformation exchangingen
dc.subjectKey exchangesen
dc.subjectLight weightingen
dc.subjectMan in the middle attacksen
dc.subjectMinimal resourcesen
dc.subjectNetwork resourcesen
dc.subjectNovel methodsen
dc.subjectPublic keyen
dc.subjectPublic keysen
dc.subjectPublic-key infrastructureen
dc.subjectPublic-key infrastructuresen
dc.subjectSecret keysen
dc.subjectSecurity approachen
dc.subjectSecurity architecturesen
dc.subjectSession keysen
dc.subjectTrusted authorityen
dc.subjectWeb systemsen
dc.subjectCommunicationen
dc.titleVoice interactive personalized security (VoIPSEC) protocol: Fortify internet telephony by providing end-to-end security through inbound key exchange and biometric verificationen
dc.typeconferenceItemen


Dateien zu dieser Ressource

DateienGrößeFormatAnzeige

Zu diesem Dokument gibt es keine Dateien.

Das Dokument erscheint in:

Zur Kurzanzeige