|
Project Proposal:
We propose creating a client / server
authentication protocol based on the Ipaq H5550’s biometric API.
Instead of using the traditional user name and password pair to
authenticate users, a user name and finger print pair will be used in
its place. This is beneficial for the following reasons:
- Heightened security – Passwords are
susceptible to attacks due to easily guessed passwords, carelessness
about passwords (i.e. passwords written down in your desk), etc. A
finger print allows each user to have a unique identifier which
cannot be easily stolen or reproduced.
- Ease of use – Users no longer have to remember
a password. They simply need to remember their user name in order
to authenticate.
The system will use the Ipaq H5550 as both clients
and servers. Servers will store a list of user names and their
corresponding finger prints. In order for a client to authenticate
itself, it sends a user name and finger print pair to the server. The
server would verify that the user name and password were in the database
and upon this condition being true, distribute an authentication token
to the client. The token can then be used by the client to consume
services provided by the server.
The protocol can be used in arbitrary applications
to ensure that a legitimate user is interacting with the server. The
goal of this project is to provide a simple API that can be used in
applications to authenticate remote clients to a central server. A
sample code segment of the server side authentication would ideally work
like this:
if (AuthentiationProtocol::IsAuthorized() )
provide protected service;
else
return error code;
Milestones / Division of labor: (note
after item 6 – there is no one assigned as this is getting further into
the project and we will probably need to re-evaluate at this point).
- Specify the exact behavior of the new
biometric authentication protocol as well as the API that will
provide access to the protocol (Jyothish and Mike).
- Download, install, and practice with Embedded
Visual c++ (Jyothish and Mike).
- Research communication options for the Ipaq
H5550 – 802.11, Bluetooth, RF port, etc (Jyothish).
- Create communication prototype in which a two
Ipaqs perform a ping pong communication (Jyothish).
- Research the Ipaq’s biometrics API (Mike).
- Create biometrics prototype in which an Ipaq
requests a user’s finger print and compares to a stored finger
print. The prototype will print out whether the finger print
matched or not (Mike).
- Create simple prototype using both
communications and biometrics. This prototype will have a client
and server. The client will request a finger print and send the
data to the server. The server will compare the finger print to a
stored finger print and report back to the client whether the finger
print matched or not.
- Create a prototype of the authentication
prototype in which the server has a database of users and finger
prints. Multiple clients should be able to connect to this database
by specifying a user name and a finger print.
- Build the biometric authentication into an
existing client / server application for the Pocket PC. Time
transactions with biometric authentication versus the same
application without biometric authentication. This will give an
idea of the overhead the biometric authentication will add to the
program.
|
