The U.S. agency that brought you the Internet is now angling to develop new biometric techniques for authentication that will tap computer users as human secrets.
The U.S. Defense Advanced Research Projects Agency (DARPA) is soliciting proposals for biometric research with the intent of developing software-based systems that identify users based on movements or habits while they use their computers or laptops.
The project, called Active Authentication (AA), would eventually move authentication from passwords and Common Access Cards to biometrics for validating the identity of users on Department of Defense IT systems.
AA isn’t focused on extending current technology, it seeks innovative ways to identify a user by collecting behavior metrics, or what DARPA calls “cognitive fingerprints” or “human secrets.” The fingerprint could include eye movement, keystrokes, mouse tracking or even language usage patterns.
The first phase of the project, slated to run until April 2013, focuses on developing methods of continuous authentication, which tracks the user at the keyboard after they log-in to ensure they are the same person who originally signed on to the computer.
“My house key will get you into my house, but the dog in my living room knows you’re not me. No amount of holding up my key and saying you’re me is going to convince my dog you’re who you say you are,” says Richard Guidorizzi, the program manager for AA. ” My dog knows you don’t look like me, smell like me or act like me. What we want out of this program is to find those things that are unique to you, and not some single aspect of computer security that an adversary can use to compromise your system...”