A Non-Intrusive Technique for Asserting User Identity in Internet of Things
Ameera Al-Karkhi
Internet of Things environments are an exciting new computing scene due to the recent advances in wireless communications and digital electronics. These environments are small smart worlds that have many advantages, such as continuous and distributed interaction with people using a variety of wireless devices, which are ubiquitous and sharable, to provide useful services. In addition, each user has wide interaction with a huge number of entities. It would be impractical to require people to authenticate themselves every time they cross various network boundaries, as the frequent authentication process would disrupt the users’ normal activities. The use of frequent authentication contradicts the objectives of Internet of Things in creating seamless environments and delivering distributed services. Due to the characteristics of these environments there is a challenge in dealing with asserting user identity. As a result, the need for a system to apply a non-intrusive authentication technique to assert user identity across the environment, and for every interaction within these environments, becomes one of the main challenges in these environments. My research aims to develop a technique for verifying user identity when interacting with such environments. User identity information is used by the system in Internet of Things environments to retrieve a variety of contextual information, which is necessary for providing the required services. In doing so, a new approach for asserting user identity that is non-intrusive and adaptable is developed. The approach, called Non-Intrusive Identity Assertion System (NIAS), would be aware of the intentions of the user and authenticate her/him continuously throughout the day to maintain confidence in user identity. It is assumed that users in smart environments carry identification devices which are used by NIAS to detect when users attempt to access resources. Although these devices provide a basic mechanism for identifying users, they are not sufficient to assert users’ identity, for they could easily be picked up by other people. Therefore, NIAS attempts to assert users’ identity by monitoring a minimum amount of their activities instead of extensive tracking. The system then uses these activities to infer user events. User events inference is achieved using an unsupervised clustering technique, which gathers a group of user activities and creates an event. Then each user event has to be converted to a numeric value and passed to the system to assert user identity. The system should be able to cope with various situations, such as users losing their smart tags or people impersonating other people and raise an alarm to block an intruder from being asserted as a legitimate user. NIAS provides an alternative to the intrusive periodic user authentication process and, at the same time, minimize the risk of false identity in Internet of Things environments.
About the Author
Dr. Ameera Al-Karkhi is a professor at Sheridan college, she developed and conducted new courses on Internet of Things (IoT) such as cybersecurity and data analysis. She has worked as post doctorate fellow in Electrical and Computer Engineering department at Ryerson University, in the area of context aware systems and the Internet of Things (IoT) to design predictive systems and apply machine learning algorithms for various fields such as health centers in Ontario, to provide security and data analysis. She has various academic publications in various conferences and journals in computer engineering, control systems, machine learning and IoT domains. She contributed as a co-author to an introductory text on the Internet of Things technology published by Springer which covers the introduction to the entire IoT domain. Her recent publication is a chapter book on Mobile Edge cloud computing in Springer.