Basic Search / Detailed Display

Author: 曾亭媗
Ting-Hsuan Tseng
Thesis Title: 行動使用者環境下的位置導向身分鑑別協定
Location-based Authentication Protocols for Mobile User Environments
Advisor: 羅乃維
Nai-Wei Lo
Committee: 賴源正
Yuan-Cheng Lai
Chuan-Kai Yang
Degree: 碩士
Department: 管理學院 - 資訊管理系
Department of Information Management
Thesis Publication Year: 2016
Graduation Academic Year: 104
Language: 英文
Pages: 76
Keywords (in Chinese): 網路協定電視個人化服務身分鑑別行動裝置臉部識別
Keywords (in other languages): IPTV, Personalized Services, Authentication, Mobile Device, Face Recognition  
Reference times: Clicks: 378Downloads: 4
School Collection Retrieve National Library Collection Retrieve Error Report

隨著行動裝置的普及,加上行動裝置的優點是無論何時何地皆能透過無線網路即可使用服務,帶給現代人們便利性。而無線網路與現存的有線網路相較之下,帶來更多的安全威脅。因此,本篇論文考慮行動裝置的移動性與無線網路下的安全威脅,例如:非法存取、傳輸中的資料被竄改等,我們提出適用在各種環境下授予合法使用者透過行動裝置享受服務的身分鑑別機制。我們的環境分為家庭環境與特定地點環境,而家庭環境結合了網路協定電視(Internet Protocol TV,IPTV)提供使用者移動式網路協定電視( Mobile IPTV ) 個人化服務。
在本研究中,我們結合臉部識別技術與行動裝置提出基於家庭與特定地點環境下的三套安全的身分鑑別協定,可用於新穎的商業模式。分別為一套適用於家庭環境下的協定為Household-based Authentication Protocol,以及兩套適用於特定地點環境下分別為Location-based Authentication Protocol與Location-based ECC Authentication Protocol。通過身分鑑別的使用者,在家庭下可以使用IPTV供應商所提供的個人化服務,在特定地點環境下,透過不同地區搭配不同的機制可讓使用者享受個人化服務,進而提高利潤。經實驗與分析表明,本機制可滿足安全性需求並提供良好的系統易用性、可部署性及服務擴展性。

With the increasing popularity of mobile devices, services can be accessed via wireless networks anytime and anywhere. However, the wireless environment has more security threats than wired networks. Therefore, this thesis is concerned with the mobility of mobile devices and security threats in wireless networks, such as unauthorized access, data integrity, etc. We proposed an authentication and authorization mechanism for mobile devices in various environments. The application environments can be divided into household and public location environments with the household environment combined with IPTV to provide mobile IPTV personalized services for authorized users.
In this thesis, we proposed three authentication protocols by using face recognition and mobile devices in household-based and public location environments, which can be used for new business models. The first is the household-based authentication protocol used for the domestic environment. The second and third are the location-based authentication protocol and location-based ECC (Elliptic curve cryptography) authentication protocol for the public location environment. The authenticated user can be permitted to use the personalized services by the IPTV providers offered in the household environment. In the public location environment, service providers can use different regions with different mechanisms which allows users to enjoy personalized services, thereby increasing profits. The experiments and analysis show that the proposed mechanisms can meet the security requirements and provide great system usability, deploy ability and service scalability for personalized services.

中文摘要 I Abstract II 誌謝 III Contents IV List of Figures VI List of Tables VII Chapter 1 Introduction 1 Chapter 2 Related Work 8 2.1 Face Recognition and Automatic Age Estimation 8 2.1.1 Face Recognition in Practice 10 2.2.2 Automatic Age Estimation 12 2.2  Authentication Mechanism in Mobile IPTV 14 2.3 Threat Model 16 Chapter 3 Proposed Authentication Protocols 18 3.1 Overview 18 3.2 Notations 22 3.3 Household-based Authentication Protocol 23 3.3.1 Registration Phase 23 3.3.2 Authentication Phase 27 3.3.3 Password Update Phase 30 3.4 Location-based Authentication Protocols 36 3.4.1 Location-based Authentication Protocol 36 3.4.2  Location-based ECC Authentication Protocol 41 Chapter 4  Security Analysis 46 4.1 Household-based Authentication Protocol 46 4.1.1 Mutual Authentication 46 4.1.2  Resistance to an Impersonation Attack 47 4.1.3  Resistance to a Replay Attack 48 4.1.4  Resistance to a Man-in-the-Middle Attack 49 4.1.5  Resistance to a Server Spoofing Attack 50 4.2 Location-based Authentication Protocol 50 4.2.1  Mutual Authentication 50 4.2.2  Resistance to an Impersonation Attack 51 4.2.3  Resistance to a Replay Attack 51 4.2.4  Resistance to a Man-in-the-Middle Attack 52 4.2.5  Resistance to Server Spoofing Attack 52 4.3  Location-based ECC Authentication Protocol 52 4.3.1 Mutual Authentication 53 4.3.2  Resistance to an Impersonation Attack 53 4.3.3  Resistance to a Replay Attack 54 4.3.4  Resistance to a Man-in-the-Middle Attack 54 4.3.5  Resistance to a Server Spoofing Attack 54 Chapter 5 Performance Analysis 56 5.1  Prototype Implementation 56 5.2  Experiment Evaluation 59 Chapter 6 Discussion 63 6.1 Three-Factor Authentication 63 6.2 How to Do XOR Calculation for Values in Set of Vector and Hash Value 66 Chapter 7 Conclusion 68 Appendix 1 69 References 71

[1]S. Zeadally, H. Moustafa, and F. Siddiqui, “Internet Protocol Television (IPTV): Architecture, Trends, and Challenges,” IEEE Systems Journal, vol. 5, no. 4, pp. 518–527, Dec. 2011.
[2]Z. Liu, B. Wei, and H. Yu, “IPTV, Towards Seamless Infotainment,” in 6th IEEE Consumer Communications and Networking Conference, 2009. CCNC 2009, 2009, pp. 1–5.
[3]GSMA Intelligence, “GSMA Mobile Economy 2015,” Mobile Economy 2015.
[4]S. Park and S.H. Jeong, “Mobile IPTV: Approaches, Challenges, Standards, and QoS Support,” IEEE Internet Computing, vol. 13, no. 3, pp. 23–31, May 2009.
[5]S. Park, S.H Jeong, and C. Hwang, “Mobile IPTV Expanding the Value of IPTV,” in Seventh International Conference on Networking, 2008. ICN 2008, 2008, pp. 296–301.
[6]O.S. Adeoye, “A Survey of Emerging Biometric Technologies,” International Journal of Computer Applications, vol. 10, 2010.
[7]R. Jafri and H. R. Arabnia, “A Survey of Face Recognition Techniques,” Journal of Information Processing Systems, vol. 5, no. 2, pp. 41–68, Jun. 2009.
[8]D. Kridel, D. Dolk, and D. Castillo, “Adaptive Modeling for Real Time Analytics: The Case of ”Big Data “ in Mobile Advertising,” in 2015 48th Hawaii International Conference on System Sciences (HICSS), 2015, pp. 887–896.
[9]S. Yuan, J. Wang, and X. Zhao, “Real-time Bidding for Online Advertising: Measurement and Analysis,” in Proceedings of the Seventh International Workshop on Data Mining for Online Advertising, New York, NY, USA, 2013, pp. 3:1–3:8.
[10]A. L. Yuille, P. W. Hallinan, and D. S. Cohen, “Feature Extraction from Eaces Using Deformable Templates,” Int J Comput Vision, vol. 8, no. 2, pp. 99–111, Aug. 1992.
[11]R. Brunelli and T. Poggio, “Face Recognition: Features Versus Templates,” IEEE Transactions on Pattern Analysis and Machine Intelligence, vol. 15, no. 10, pp. 1042–1052, Oct. 1993.
[12]B. S. Manjunath, C. Shekhar, R. Chellappa, and C. von der Malsburg, “A Robust Method for Detecting Image Features with Application to Face Recognition and Motion Correspondence,” in , 11th IAPR International Conference on Pattern Recognition, 1992. Vol.II. Conference B: Pattern Recognition Methodology and Systems, Proceedings, 1992, pp. 208–212.
[13]C. S. Ávila, J. G. Casanova, F. Ballesteros, L. J. Martín García and M. F. Arriaga Gómez, “State of the Art of Mobile Biometrics, Liveness and Non-coercion Detection,” Personalised Centralized Authentication System, Jan. 2014.
[14]J. Galbally, S. Marcel, and J. Fierrez, “Biometric Antispoofing Methods: A Survey in Face Recognition,” IEEE Access, vol. 2, pp. 1530–1552, 2014.
[15]O. Kahm and N. Damer, “2D Face Liveness Detection: An Overview,” in Biometrics Special Interest Group (BIOSIG), 2012 BIOSIG - Proceedings of the International Conference of the, 2012, pp. 1–12.
[16]J. Zhang, Y. Yan, and M. Lades, “Face Recognition Eigenface, Elastic Matching, and Neural Nets,” Proceedings of the IEEE, vol. 85, no. 9, pp. 1423–1435, Sep. 1997.
[17]D. L. Swets and J. Weng, “Using Discriminant Eigenfeatures for Image Retrieval,” IEEE Transactions on Pattern Analysis and Machine Intelligence, vol. 18, no. 8, pp. 831–836, 1996.
[18]W. Zhao, R. Chellappa, P. J. Phillips, and A. Rosenfeld, “Face Recognition: A Literature Survey,” ACM Comput. Surv., vol. 35, no. 4, pp. 399–458, Dec. 2003.
[19]A. K. Jain, R. P. W. Duin, and J. Mao, “Statistical Pattern Recognition: A Review,” IEEE Transactions on Pattern Analysis and Machine Intelligence, vol. 22, no. 1, pp. 4–37, Jan. 2000.
[20]C. Liu, “The Development Trend of Evaluating Face-Recognition Technology,” in 2014 International Conference on Mechatronics and Control (ICMC), 2014, pp. 1540–1544.
[21]T. Kanade, “Picture Processing System by Computer Complex and Recognition of Human Faces,” Doctoral dissertation, Kyoto University, vol. 3952, pp. 83–97, 1973.
[22]M. A. Turk and A. P. Pentland, “Face Recognition Using Eigenfaces,” in IEEE Computer Society Conference on Computer Vision and Pattern Recognition, 1991. Proceedings CVPR ’91, 1991, pp. 586–591.
[23]M. Turk and A. Pentland, “Eigenfaces for Recognition,” Journal of Cognitive Neuroscience, vol. 3, no. 1, pp. 71–86, Jan. 1991.
[24]L. D. Harmon, M. K. Khan, R. Lasch, and P. F. Ramig, “Machine Identification of Human Face,” Pattern Recognition, vol. 13, no. 2, pp. 97–110, 1981.
[25]P. S. Penev and J. J. Atick, “Local Feature Analysis: A General Satistical Theory for Object Representation,” Network: Computation in Neural Systems, vol. 7, no. 3, pp. 477–500, Jan. 1996.
[26]M. Lades, J. C. Vorbruggen, J. Buhmann, J. Lange, C. von der Malsburg, R. P. Wurtz, and W. Konen, “Distortion Invariant Object Recognition in the Dynamic Link Architecture,” IEEE Transactions on Computers, vol. 42, no. 3, pp. 300–311, Mar. 1993.
[27]D. J. Burr, “Elastic Matching of Line Drawings,” IEEE Transactions on Pattern Analysis and Machine Intelligence, vol. 3, no. 6, pp. 708–713, 1981.
[28]S. Chaudhry and R. Chandra, “Design of A Mobile Face Recognition System for Visually Impaired Persons,” arXiv preprint arXiv:1502.00756, 2015.
[29]J. Fagertun, “Face Recognition,” Technical University of Denmark, DTU, DK-2800 Kgs. Lyngby, Denmark, 2005.
[30]C. Schneider, N. Esau, L. Kleinjohann, and B. Kleinjohann, “Feature Based Face Localization and Recognition on Mobile Devices,” in 9th International Conference on Control, Automation, Robotics and Vision, 2006. ICARCV ’06, 2006, pp. 1–6.
[31]T. T. Teoh, Y. Y. Nguwi, and S. Y. Cho, “Intelligent Face Locator for Smartphone,” in IEEE International Symposium on Industrial Electronics, 2009. ISIE 2009, 2009, pp. 1662–1667.
[32]G. Dave, X. Chao, and K. Sriadibhatla, “Face Recognition in Mobile Phones,” Department of Electrical Engineering, Stanford University, 2010.
[33]W. X. Gang, “Research and Implementation of Face Recognition System Based on Android,” in 2015 Seventh International Conference on Measuring Technology and Mechatronics Automation (ICMTMA), 2015, pp. 812–817.
[34]W. Gutfeter and A. Pacut, “Face 3D Biometrics Goes Mobile: Searching for Applications of Portable Depth Sensor in Face Recognition,” in 2015 IEEE 2nd International Conference on Cybernetics (CYBCONF), 2015, pp. 489–494.
[35]Y. Fu, G. Guo, and T. S. Huang, “Age Synthesis and Estimation via Faces: A Survey,” IEEE Transactions on Pattern Analysis and Machine Intelligence, vol. 32, no. 11, pp. 1955–1976, Nov. 2010.
[36]A. Gunay and V. V. Nabiyev, “Automatic Age Classification with LBP,” in 23rd International Symposium on Computer and Information Sciences, 2008. ISCIS ’08, 2008, pp. 1–4.
[37]C. H. Ju and Y. D. Wang, “Automatic Age Estimation Based on Local Feature of Face Image and Regresion,” in 2009 International Conference on Machine Learning and Cybernetics, 2009, vol. 2, pp. 885–888.
[38]X. Geng, Z. H. Zhou, and K. S. Miles, “Automatic Age Estimation Based on Facial Aging Patterns,” IEEE Transactions on Pattern Analysis and Machine Intelligence, vol. 29, no. 12, pp. 2234–2240, Dec. 2007.
[39]C. T. Lin, D. L. Li, J. H. Lai, M. F. Han, and J.-Y. Chang, “Automatic Age Estimation System for Face Images,” International Journal of Advanced Robotic Systems, vol. 29, 2012.
[40]J. C. Klontz, B. F. Klare, S. Klum, A. K. Jain, and M. J. Burge, “Open Source Biometric Recognition,” in 2013 IEEE Sixth International Conference on Biometrics: Theory, Applications and Systems (BTAS), 2013, pp. 1–8.
[41]U. Park, Y. Tong, and A. K. Jain, “Age-invariant Face Recognition,” IEEE Transactions on Pattern Analysis and Machine Intelligence, vol. 32, no. 5, pp. 947–954, May 2010.
[42]Z. Hua, C. Chunxiao, Z. Li, Y. S. Qiang, and Z. Lizhu, “Content Protection for IPTV-current State of The Art and Challenges,” in IMACS Multiconference on Computational Engineering in Systems Applications, 2006, vol. 2, pp. 1680–1685.
[43]C. Xu and S. Li, “Digital Rights Management Solutions Based on IPTV DRM,” in 2010 2nd International Conference on Networking and Digital Society (ICNDS), 2010, vol. 2, pp. 43–46.
[44]J. H. Park, “Subscriber Authentication Technology of AAA Mechanism for Mobile IPTV Service Offer,” Telecommun Syst, vol. 45, no. 1, pp. 37–45, Dec. 2009.
[45]H. Roh and S. Jung, “An Authentication Scheme for Consumer Electronic Devices Accessing Mobile IPTV Service from Home Networks,” in 2011 IEEE International Conference on Consumer Electronics (ICCE), 2011, pp. 717–718.
[46]S. C. Kim, S. S. Yeo, and S. K. Kim, “A Hybrid User Authentication Protocol for Mobile IPTV Service,” Multimed Tools Appl, vol. 65, no. 2, pp. 283–296, May 2011.
[47]A. A. Alsaffar, M. V. Nguyen, Y. R. Shin, and E. N. Huh, “Secure Migration of IPTV Services from A STB to Mobile Devices for Pay Per View Video,” in 2010 6th International Conference on Digital Content, Multimedia Technology and its Applications (IDC), 2010, pp. 91–97.
[48]A. A. Alsaffar and E. N. Huh, “Secure Migration Service for Mobile IPTV Using DCAS,” Information Technology Journal, vol. 10, no. 11, pp. 2044–2051, 2011.
[49]L. M. Yeal, P. J. Pyo, and Y. S. Min, “An Analysis on Invasion Threat and A Study on Security Measures for Mobile IPTV,” International Journal of Advancements in Computing Technology, vol. 5, no. 13, p. 586, 2013.
[50]S. A. Nimeh, “Three-Factor Authentication,” in Encyclopedia of Cryptography and Security, H. C. A. van Tilborg and S. Jajodia, Eds. Springer US, 2011, pp. 1287–1288.