Published January 9, 2024
| Version v1
Publication
A Dual-Factor Access Control System Based on Device and User Intrinsic Identifiers
Contributors
Description
This paper proposes an access control system based
on the simultaneous authentication of what the user has and who
the user is. At enrollment phase, the wearable access device (a
smart card, key fob, etc.) stores a template that results from the
fusion of the intrinsic device identifier and the user biometric
identifier. At verification phase, both the device and user
identifiers are extracted and matched with the stored template.
The device identifier is generated from the start-up values of the
SRAM in the device hardware, which are exploited as a
Physically Unclonable Function (PUF). Hence, if the device
hardware is cloned, the authentic identifier is not generated. The
user identifier is obtained from level-1 fingerprint features
(directional image and singular points), which are extracted from
the fingerprint images captured by the sensor in the access
device. Hence, only genuine users with genuine devices are
authorized to access and no sensitive information is stored or
travels outside the access device. The proposal has been validated
by using 560 fingerprints acquired in live by an optical sensor
and 560 SRAM-based identifiers.
Additional details
Identifiers
- URL
- https://idus.us.es/handle//11441/153058
- URN
- urn:oai:idus.us.es:11441/153058