This paper discusses the challenges in computer systems research posed by the emerging field of pervasive computing. It first examines the relationship of this new field to its predecessors: distributed systems and mobile computing. It then identifies four new research thrusts: effective use of smart spaces, invisibility, localized scalability, and masking uneven conditioning. Next, it sketches a couple of hypothetical pervasive computing scenarios, and uses them to identify key capabilities missing from today's systems. The paper closes with a discussion of the research necessary to develop these capabilities.

The latest research indicates using a combination of biometric avenues for human identification is more effective, and far more challenging.

In recent years there has been exponential growth in the use of biometrics for user authentication applications because biometrics-based authentication offers several advantages over knowledge and possession-based methods such as password/PIN-based systems. However, it is important that biometrics-based authentication systems be designed to withstand different sources of attacks on the system when employed in security-critical applications. This is even more important for unattended remote applications such as e-commerce. In this paper we outline the potential security holes in a biometrics-based authentication scheme, quantify the numerical strength of one method of fingerprint matching, then discuss how to combat some of the remaining weaknesses. 1

The most common computer authentication method is to use alphanumerical usernames and passwords. This method has been shown to have significant drawbacks. For example, users tend to pick passwords that can be easily guessed. On the other hand, if a password is hard to guess, then it is often hard to remember. To address this problem, some researchers have developed authentication methods that use pictures as passwords. In this paper, we conduct a comprehensive survey of the existing graphical password techniques. We classify these techniques into two categories: recognition-based and recall-based approaches. We discuss the strengths and limitations of each method and point out the future research directions in this area. We also try to answer two important questions: “Are graphical passwords as secure as text-based passwords?”; “What are the major design and implementation issues for graphical passwords?” This survey will be useful for information security researchers and practitioners who are interested in finding an alternative to text-based authentication methods. 1.

Graphical passwords are an alternative to alphanumeric passwords in which users click on images to authenticate themselves rather than type alphanumeric strings. We have developed one such system, called PassPoints, and evaluated it with human users. The results of the evaluation were promising with respect to rmemorability of the graphical password. In this study we expand our human factors testing by studying two issues: the effect of tolerance, or margin of error, in clicking on the password points and the effect of the image used in the password system. In our tolerance study, results show that accurate memory for the password is strongly reduced when using a small tolerance (10 х 10 pixels) around the user’s password points. This may occur because users fail to encode the password points in memory in the precise manner that is necessary to remember the password over a lapse of time. In our image study we compared user performance on four everyday images. The results indicate that there were few significant differences in performance of the images. This preliminary result suggests that many images may support memorability in graphical password systems.

Traditionally, computer security monitoring systems are built around the audit systems supplied by operating systems. These OS audit sources were not necessarily designed to meet modern security needs. This dissertation addresses this situation by categorizing monitoring systems based on their goals of detection and the time constraints of operation. This categorization is used to clarify what information is needed to perform detection as well as how the audit system should be structured to supply it in an appropriate manner. A prototype audit source was designed and constructed based on the information from the categorization. This audit system supplies information based on the type of detection to be performed. The new audit source was compared against an existing OS audit source and shown to have less overhead in many instances, generate a smaller volume of data, and generate useful information not currently available.

Current software interfaces for entering text on touch screen devices mimic existing mechanisms such as keyboard typing or handwriting. These techniques are poor for entering private text such as passwords since they allow observers to decipher what has been typed simply by looking over the typist’s shoulder, an activity known as shoulder surfing. In this paper, we outline a general approach for designing security-sensitive onscreen virtual keyboards that allow users to enter private text without revealing it to observers. We present one instantiation, the Spy-Resistant Keyboard, and discuss design decisions leading to the development of this keyboard. We also describe the results of a user study exploring the usability and security of our interface. Results indicate that although users took longer to enter their passwords, using the Spy-Resistant Keyboard rather than a standard soft keyboard resulted in a significant increase in their ability to protect their passwords from a watchful observer.

This paper review the state of the art in o#-line Roman cursive han dw iting recognition. The input provided to an o#-line han iting recognition system is an image of a digit, aw ord, or - more generally - some text, and the system produces, as output, an ASCII transcription of the input. This taskinvolves a number of processing steps, some of w ich are quite di#cult. Typically, preprocessing, normalization, feature extraction, classification, and postprocessing operations are required. We'll survey the state of the art, analyze recent trends, and try to identify challenges for future research in this field.

Introduction More than a century has passed since Alphonse Bertillon first conceived and then industriously practiced the idea of using body measurements for solving crimes [1]. Just as his idea was gaining popularity, it faded into relative obscurity by a far more significant and practical discovery of the uniqueness of the human fingerprints 1 . Soon after this discovery, many major law enforcement departments embraced the idea of first "booking" the fingerprints of criminals, so that their records are readily available and later using leftover fingerprint smudges (latents), the identity of criminals can be determined. These agencies sponsored a rigorous study of fingerprints, developed scientific 1 In 1893, the Home Ministry Office, UK, accepted that no two individuals have the same fingerprints. 1 methods for visual matching of fingerprints and strong programs/cultures for training fingerprint experts, and applied the art

The human factor is often described as the weakest part of a security system and users are often described as the weakest link in the security chain. This workshop will seek to understand the roles and demands placed on users of security systems, and explore design solutions that can assist in making security systems usable and effective. In addition to examining end-users, this workshop will also examine the issues faced by security system developers and operators.