WebID + biometrics with permuted disposable features

ABSTRACTFor networked communications, cyber security and authentication are critical components. This work deals with the issue of security and authentication as it relates to features of the Semantic Web. The phrase "Semantic Web" alludes to the World Wide Web Consortium's idea of standards to make internet data machine-readable and reusable. WebID, for example, is a technique for managing profile data connected with people and services at self-defined locations. While the WebID protocol alone allows users more control over their connections to online services, biometric authentication is an additional process that can add security and convenience for individuals. The WebID protocol with biometric authentication allows more control for the individual user, but networked connections are still vulnerable to replay attacks (an attack in which the network is compromised and authenticating information is captured and replayed to allow unauthorized access). Replay attacks on a biometrics authentication system are particularly damaging since biometrics are more difficult to change than passwords. Prior work has been done to develop unique and accurate representations of one's biometric, such that if a bad actor captures any authenticating biometric data, it will not be useful in a replay attack as the system uses a new representation of biometrics after each access attempt. In this paper, we suggest extending previous work to increase the number of unique and reliable data representations in conjunction with WebID identifiers. This paper will provide an overview of the system that is currently under development, as well as additional WebID components.