Possibility to apply a position information as part of a user’s authentication

David Jaroš, Radek Kuchta, Radimír VrbaSecurity and Protection of Information

2009

ContentsIntroductionPosition determinationGPS (Global Positioning System)BluetoothAuthentication process Authentication deviceConclusions

Introductionauthentication necessity

o download emails,o fill out forms for the government,o access to company private information

position as factor of authentication (FOA)o GSM network,o Wi-Fi AP, o GPS or the other navigation system

GPS as one of useful possibilities of FOA

Position determinationThree basic conditions

1. space description 2. anchor points with

known position3. distance between

subject and anchor point

GPS developed in the 1970s by U.S.

Department of Defense initially designed for 24 satellites

(about 32 satellites on the present) 20 200 km AGL 3.8 kms-1

extremely accurate clock (atomic clock in satellites and pseudoatomic clock in receiver)

visibility at least 4 satellites (3-dimensional position)

transmition time stamp in specially coded signal

protocol - NMEA 0183 interfaces – UART, IIC, USB, SPI update position up to 4 Hz

Bluetoothwireless low-power technology for data exchange over short distances

The other suitable wireless technologies:

•Wi-Fi•Zigbee •IQRF

Authentication process

Communication sequence used for user authentication with position information

Authentication deviceauthentication

device is connected to user’s terminal via USB

fingerprint readeralpha numeric

displaysecure data

repositoryGPS receiver

Authentication device

Alphanumeric LCD Display

Keyboard / Fingerprint Reader

Central Processor

UnitUSB

Power Management

Secure Data Repository

GPS Receiver

Users Terminal

Authentication Server

Conclusionposition as new factor of authenticationbasic principle of position determinationexploitation of GPS and Bluetoothauthentication processauthentication device