IT Security

A biometric lifeless attack is one of the indispensable issues within biometric authentication. There are three major components in liveness detection systems: lifeless attack presentation, liveness detection, and lifeless attack instruments. The lifeless attack presentation is divided into artifact presentation and human-based presentation. The liveness detection method includes subject-based and scenario-based solutions, as well as other attributes such as decision elements, detection patterns, and implementations. The lifeless attack instrument is specified from aspects such as production elements, production types of artifacts, efficacy, etc. This document establishes terms and definitions in the field of biometric liveness detection and identifies characterizations of lifeless attack and liveness detection methods, with analysis on lifeless attack instruments. In addition, this document specifies the liveness detection process, implementation model, and metrics.

The standard describes an authentication scheme including the following features: 1) User needs single unique login credentials to logon to multi-Server setup 2) It offers a two-factor authentication scheme comprising of password as one and the soft token/hardware token as the second factor for authentication 3) The scheme does not require a password table to be maintained at the server 4) The scheme resists various known authentication related attacks

This standard specifies the requirements and methods for verifying the identity of a person equipped with human augmentation technologies. Human augmentation, also known as human enhancement, refers to technologies that add to the human body and enhance human productivity or capability. Recent advancements in many technical areas have led to a large variety of implants, wearables and other technologies that could be classified as human augmentation.

SAML is an XML-based framework for exchanging security information. This security information is expressed in the form of assertions about subjects, where a subject is an entity (either human or computer) that has an identity in some security domain. A single assertion might contain several different internal statements about authentication, authorization and attributes. This Recommendation defines a protocol by which clients can request assertions from SAML authorities and get a response from them. This protocol, consisting of XML-based request and response message formats, can be bound to many different underlying communications and transport protocols; SAML currently defines one binding to SOAP over HTTP. In creating their responses, SAML authorities can use various sources of information, such as external policy stores and assertions that were received as input in requests. This Recommendation defines SAML assertions elements, subjects, conditions, processing rules and statements. Additionally, it develops a comprehensive SAML metadata profile that includes associated namespace, common data types, processing rules and signature processing. Several protocol bindings such as SOAP, PAOS (reverse SOAP), HTTP redirect, HTTP POST, among others, are also developed. This Recommendation provides a comprehensive list of SAML profiles such as web browser SSO profile and single logout profile to enable the wide adoption of SAML 2.0 in the industry. Guidelines for authentication context and conformance are also provided.This Recommendation is technically equivalent and compatible with the OASIS SAML 2.0 standard.