Linda Fransson; Therese Jeansson MCS-2004:05, pp. 33. TEK/avd. för programvaruteknik, 2004.
Our purpose with this thesis was to find biometric methods that can be used in access control of mobile access. The access control has two parts. Firstly, to validate the identity of the caller and, secondly, to ensure the validated user is not changed during the session that follows. Any solution to the access control problem is not available today, which means that anyone can get access to the mobile phone and the Internet. Therefore we have researched after a solution that can solve this problem but also on how to secure that no one else can take over an already validated session.
We began to search for biometric methods that are available today to find them that would be best suited together with a mobile phone. After we had read information about them we did choose three methods for further investigation. These methods were Fingerprint Recognition, Iris Scan and Speaker Verification.
Iris Scan is the method that is best suited to solve the authentication problem. The reasons for this are many. One of them is the uniqueness and stability of the iris, not even identical twins or the pair of the same individual has the same iris minutiae. The iris is also very protected behind eyelids, cornea and the aqueous humor and therefore difficult to damage. When it comes to the method itself, is it one of the most secure methods available today. One of the reasons for this is that the equal error rate is better than one in a million. However, this rate can be even better. It all depends on the Hamming Distance, which is a value that show how different the saved and temporarily template are, and what it is set to.
To solve our session authentication, which was to make sure that no one else could take over a connected mobile phone, a sensor plate is the answer. This sensor will be able to sense for touch, heat and pulse. These three sensor measurements will together secure a validated session since the mobile phone will disconnect if the sensor looses its sensor data.
There are, however, technological and other challenges to be solved before our proposed solutions will become viable. We address some of these issues in our thesis.