Embedded access points for trusted data and resources access in HPC systems

Biometric authentication systems represent a valid alternative to the conventional username-password based approach for user authentication. However, authentication systems composed of a biometric reader, a smartcard reader, and a networked workstation which perform user authentication via software algorithms have been found to be vulnerable in two areas: firstly in their communication channels between readers and workstation (communication attacks) and secondly through their processing algorithms and/or matching results overriding (replay attacks, confidentiality and integrity threats related to the stored information of the networked workstation). In this paper, a full hardware access point for HPC environments is proposed. The access point is composed of a fingerprint scanner, a smartcard reader, and a hardware core for fingerprint processing and matching. The hardware processing core can be described as a Handel-C algorithmic-like hardware programming language and prototyped via a Field Programmable Gate Array (FPGA) based board. The known indexes False Acceptance Rate (FAR) and False Rejection Rate (FRR) have been used to test the prototype authentication accuracy. Experimental trials conducted on several fingerprint DBs show that the hardware prototype achieves a working point with FAR=1.07% and FRR=8.33% on a proprietary DB which was acquired via a capacitive scanner, a working point with FAR=0.66% and FRR=6.13% on a proprietary DB which was acquired via an optical scanner, and a working point with FAR=1.52% and FRR=9.64% on the official FVC2002-DB2B database. In the best case scenario (depending on fingerprint image size), the execution time of the proposed recognizer is 183.32 ms. © 2010 Springer Science+Business Media, LLC.