Secure Network Authentication Based on Biometric National Identification Number

number: 
3691
English
Degree: 
Author: 
Muntasser Saleem Falih
Supervisor: 
Dr. Mahmood K. Ibrahem
year: 
2016

Networks authentication is a very important security issue. The classical authentication methods (token-based and knowledge-based) suffer from drawbacks like; stealing, forgotten and guessing, these drawbacks lead to the use of “biometric authentication”. Fingerprint is one of the important physiological biometric types which has sufficient uniqueness to distinguish among persons and led to use in several security applications. This research present a proposed authentication system based on fingerprint as biometric type and some of static credential personal information such as name and birth date. The system generates a Unique National Identification Number (NIDN) by combining fingerprint minutiae features with user’s personal information (name and birthdate) printed in Quick Response
code (QR) image used as a token card for accessing the system. One-to-one fingerprint verification is used to verify user’s identity for the application with high security level. The proposed system provides two authentication services: The first is normal authentication service to protect the public application that contains public data such as billing payments application. This authentication service needs only the user’s QR token for system access. The second service is strong authentication for protecting private application that contains sensitive data such as banking. This authentication service needs user’s QR token and fingerprint for system access.  The experimental work of the proposed system shows that, with threshold value under (50), user’s acceptance accuracy is 100%, and with threshold value
equal to (50), user’s acceptance accuracy is 96.153. Incrementing the threshold leads to increase in user’s rejection rate by dropping the less matching experiments and keeping the full match experiments. High threshold value (>50) can be used with high level security applications.