Redundant and Tractable User Account Validation for Protective Internet Services

Abstract: In distributed internet services, session management is performed based on username and password, session logout and some mechanism of users session expiration using classic timeouts. While establishing session, biometric solutions are used which allows substituting username and password, furthermore the session timeout length may affect on the service usability and also on client satisfaction. Work focuses on alternative provided by using biometric while managing sessions. Verification is conducted to identify a secure protocol for proper authentication. Taking frequency, quality and the kind of biometric data clearly acquired from the user in to consideration, the protocol determines adaptive timeouts. For demonstrating the behavior of the protocol simulation is used and further to determine the kind of attackers and the ability of the protocol model-based quantitative analysis is used