Continuous authentication and its application in personal health record systems

Shekoufa, Navid (2017) Continuous authentication and its application in personal health record systems. Masters thesis, Memorial University of Newfoundland.

[img] [English] PDF - Accepted Version
Available under License - The author retains copyright ownership and moral rights in this thesis. Neither the thesis nor substantial extracts from it may be printed or otherwise reproduced without the author's permission.

Download (6MB)


Authenticating users in commercial smartphones is currently a naive process putting the smartphone owner in security risks in events such as unauthorized device sharing, device loss or theft, and session hijacking. With the recent interest of gov- ernmental and health organizations to provide their users with applications that can be run on their smartphones, securing these devices with measures above the cur- rent solutions is imperative. In this research, we propose a continuous authentication module for a Personal Health Record system that monitors its users for authenticity over time via their touch biometrics and denies access to those who can not satisfy authentication criteria. The proposed solution can be used in any smartphone application that is highly sensitive in terms of privacy and security which needs continuous authentication while running. We will also propose a notification module that helps to build transparency for the user about how their shared personal information is used in the system, so they will be more willing to trust our application. The proposed continuous authentication was implemented in an actual Personal Health Record system for Android enabled smartphones to make it more secure and practical to use. The results show an average precision of above 95% in detecting whether a user is the legit owner of a smartphone or not. Finally, we composed an open-source dataset for touch biometrics and made it available to the public. This is the first publicly available dataset related to touch biometrics.

Item Type: Thesis (Masters)
Item ID: 12845
Additional Information: Includes bibliographical references (pages 83-90).
Keywords: Continuous authentication, Biometrics, Touch Dynamics, PHR, Authentication, Security and Privacy, Smartphones
Department(s): Science, Faculty of > Computer Science
Date: August 2017
Date Type: Submission
Library of Congress Subject Heading: Biometric identification; Authentication; Smartphones -- Security measures

Actions (login required)

View Item View Item


Downloads per month over the past year

View more statistics