5. EDUCACIÓN INCLUSIVA COMO POLÍTICA DE MEJORA DE LAS CONDICIONES DE
5.3. L A EDUCACIÓN INCLUSIVA EN E SPAÑA Y E UROPA
respect the limitations of the platform for which they are designed.
This consideration takes into account the likelihood that the user is trying to achieve other tasks that may require security provisions, and not to “do security” itself. Thus, on a mo- bile device platform, considerations must be made for the bursty, frequent use pattern that characterizes this platform, as well as the limitations this platform has on memory, processor speed, and power consumption. These limitations are especially important when considering the continuous nature of the Framework presented in this research, since the frequency of re- calculating device confidence may have an effect on these resources. Finally, the intended transparent nature of the Framework should also be kept in mind when selecting the biomet- rics to use in the Framework. They should be ones that may be gathered while the user goes about regular tasks, and the number should be sufficient to provide the accuracy needed by the specific application while respecting the resource limitations of mobile devices.
Efforts have been made in the Framework design to select processes that minimize complex- ity. For instance, the pattern classifiers tested are all simple to program and relatively fast in decision making. The processes and data structures that define the Framework have been selected to minimize battery use and memory. These choices were made deliberately, but it is left to future simulation work to determine whether these choices are as efficient as nec- essary. The choice of biometrics respects the platform since they can be gathered while the user goes about regular tasks. Finally, the continuous and transparent nature of the Frame- work blends well with the bursty nature of mobile device use since it largely removes the need for frequent explicit authentication.
9.3
Research Contributions
This research provided a framework for continuous, transparent authentication on mobile devices. The specific research question that drove this research was as follows:
It is possible to verify the identity of the current user of a mobile device in a secure, continuous, transparent and passive manner by using a combination of behavioral biometrics. Such authentication will not normally require explicit owner action, but will instead rely on the owner’s usual interaction with the mo- bile device. Finally, such a transparent authentication method will be acceptable to device owners.
This research question provided the basis for the hypotheses that drove the research and the creation of the Transparent Authentication Framework, as follows:
9.3. Research Contributions 170 H1: Behavioral biometrics such as keystroke dynamics and speaker verifi- cation are sufficiently distinctive to contribute to verification of the identity of a mobile device owner.
This hypothesis was addressed with the Keystroke Dynamics and Speaker Verification fea- sibility studies. In both cases, the studies showed that the owner of a mobile device had sufficient patterns in their typing and speaking patterns to justify using it as a behavioral biometric in the Transparent Authentication Framework. However, neither method provided low enough error rates to justify using it as a sole means of identity verification. These two feasibility studies have sufficiently low error rates to justify extended studies of the same type that have more participants and more data per participant. As such, this hypothesis is accepted since there is enough information in each of these biometrics to contribute to mobile device owner identity verification. Care should be taken, however, to select the behavioral biometrics used within the Framework to ensure that those chosen are sufficiently distinctive to make a similar contribution.
H2: Combining keystroke dynamics and speaker verification into a mul- timodal behavioral biometric reduces the error rates seen with the individual biometrics.
This hypothesis was addressed with the Multimodal Biometrics feasibility study, in which the speaker verification and keystroke dynamics study results were combined in a measurable and repeatable way. The results of this study showed that both the Na¨ıve and Posterior Prob- ability Methods (NM and PPM, respectively) showed improvements in error rates via higher AUC levels. While these results were not statistically significant at all levels, they do provide support for a larger study that further examines the applicability of these two combination methods. The results of this study indicate that applications that require lower security levels would benefit from using the Na¨ıve Method because it favors user convenience over resisting intruder access (i.e., allows fewer false negatives). The Posterior Probability method, on the other hand, is preferred for higher security applications since it favors blocking intruders over the inconvenience of asking legitimate owners to re-authenticate. Thus, since the error rates were indeed often lower for the multimodal biometrics compared to the single biometrics, this hypothesis is accepted.
H3: It is possible to gather keystroke dynamics and speaker verification biometrics while the mobile device user goes about other tasks on the device.
This hypothesis was addressed by undertaking the keystroke dynamics and speaker verifica- tion feasibility studies. While it is conceptually possible to collect both keystroke data and
9.3. Research Contributions 171 voice samples while the device owner goes about regular tasks on the device such as writ- ing email or making phone calls, the implementation of this functionality is somewhat less possible. The Apple iPhone and iPod Touch environment was chosen for the experimental platform. While writing the mobile device applications that supported these two studies, it became clear that Apple did not allow processes to run in the background as a regular work- ing condition. Since this is a requirement of gathering either keystroke dynamics or speaker verification biometrics in a transparent manner, further work into backgrounding these ap- plications was not pursued. However, the Android development environment does allow for background processes, and thus further research into this platform may provide a different result for this hypothesis. This hypothesis is rejected for Apple mobile device environments since background processes are disallowed, but accepted in theory since it is demonstrably possible on the Android platform.
Another consideration that was discovered during this research was the apparent mismatch between the idea of keystroke dynamics and the reality of it. During the keystroke dynam- ics feasibility study, several participants indicated that they would not feel comfortable with participating in the study if their keystrokes were sampled in the background. These par- ticipants were happy to provide their keystroke patterns for the study as long as they could choose what to type. However, the participants in the Transparent Authentication Percep- tions study did not seem to have an issue with their keystrokes being sampled and used for authentication purposes. One possible reason for this difference in opinion lies in the dif- ferences between the two studies’ design. In the keystroke dynamics study, the participants knew that their patterns would be removed from their device and compared to other such patterns, but in the transparent authentication perceptions study, the participants were led to believe that their keystroke patterns remained on the device. This is a small but very impor- tant difference, since the former has privacy implications while the latter appears to protect privacy. The discovery, then, is that privacy and control over their distinguishing information and data is important to device owners, and therefore must be considered carefully during design of applications that are based on the Framework presented here.
H4: Mobile device owners would consider using a transparent authentication method if it was available to them.
This hypothesis was addressed by the Transparent Authentication Perceptions (TAP) Study. The results of this study showed that the participants would at least consider using such an authentication method. There were several caveats to this claim, however. First, several participants indicated that they would trial such an application, but would not hesitate to remove or disable it if it either kept them from their data and device functionality, or if it seemed to not block unauthorized users (i.e., if their friend started using the device and
9.3. Research Contributions 172 was allowed the same access as the owner). The idea of security as a barrier was a theme identified during the TAP study; the number and frequency of the barriers to intended task completion should be considered when using the Framework. This hypothesis is accepted.
9.3.1
Major Contributions
This research has provided novel contributions to the field of authentication, particularly in the mobile device environment. The major contributions, which extend the design consider- ations and hypotheses provided in the previous sections, are as follows:
1. Developed a framework for continuous, transparent authentication on mobile devices that is intended to be independent of both device type and model, and also of the operating system type and version.
2. Designed the Framework so that it is plausible on a mobile device without a depen- dence on offline processing in order to allow the owner’s data to remain on the device and within their control.
3. Extended keystroke dynamics research into soft keyboards on mobile devices.
4. Gathered data on user perceptions of transparent authentication, and used these per- ceptions to inform the creation of the Transparent Authentication Framework, with the hope that this will help move transparent authentication beyond the research lab and into more regular use.
5. Provided support for the use of multimodal biometrics in such a Framework, which has not been proposed previously, and allowed for flexibility in the number and type of biometrics chosen.
9.3.2
Minor Contributions
In addition to the novel contributions discussed in the previous section, this research also provides support for the work of other researchers in the field. Although these minor contri- butions were not directly mandated by the research question and hypotheses that define this research, they are important since they may help advance the field of transparent authentica- tion.
1. Supported the results of similar work in keystroke dynamics, including verifying the conclusion that key hold times are not very distinctive on mobile devices and showing similar error rates to other research in this area.
9.4. Future Work 173