• Open Access

Single authentication through in convergence space using collaborative smart cameras

Authors


Abstract

In recent years, the convergence of IT space and physical space is increasingly studied. In the legacy IT-based systems, developments of services were focusing on just the cyber space. However, as ubiquitous computing environment is expanding into the real world, considerations about how to design and develop the systems for ensuring the interoperability between two spaces must be taken. For indeed converging IT/physical spaces and ensuring the ubiquity, a new model to efficiently identify a moving object needs to be established. Although the identifier information resulted from successful authentication procedure is used in the most security systems, each authentication method adopts a variety of identifiable information (II) specification. So in this paper, we suggest a scheme to access any ubiquitous service with single authentication at initial stage for efficiently identifying an object moving multiple convergence spaces by relaying the II along the movement. This is performed by enabling distributed smart cameras to deliver II of the identified moving object. Copyright © 2014 John Wiley & Sons, Ltd.

1 Introduction

As ubiquitous computing environment is expanding into our real lives and the majority of security applications designed and developed considering the ubiquity, the services tend to be provided anywhere, anytime, and with any device [1]. Also, it is believed that the first major trend will be a shift from ownership-focused ubiquity to application-focused ubiquity [2, 3]. For guaranteeing the safety and reliability of ubiquitous systems, the procedure of recognizing an entity identifier must precede. It means that majority of security systems have been designed based on the identifier of entity.

Generally, a user who attempts to verify himself or herself must send a credential to the server. As a result, the authentication process is successful if and only if all identities sent to the server match those stored in the servers database. With an untrustworthy provider, authentication of the user by sending a credential to the server would threaten the users security and privacy [4].

With the advent of ubiquitous computing environment, it has become increasingly important for applications to take full advantage of contextual information, such as the users location, to offer greater services to the user without any explicit requests [5]. Recently, various applications of the users location-based services have been required such as buddy finding services and position tracking services [6]. The ubiquitous services mostly authenticate accessing entities whenever they are reques-ted to provide services, and what is more, the entity ID is valid only within IT space. It means that the entitys ID is lost during the traversal and additional authenti-cation process is required in other service domain. It decreases the efficiency and disturbs the realiza-tion of ubiquitous society. So in this paper, we suggest a scheme of single authentication through (SAT) distributed smart cameras by collaboratively tracking identifiable information (II), wherein each camera is capable of preserving privacy information in gathered video frames.

For seamless ID management in physical space, each smart camera monitoring its own physical area must be able to detect and keep track of an object and deliver the associate II to sibling smart cameras/authentication servers whenever the object moves into other spaces. The ID of the object is delivered by other smart camera/authentication server controlling space that it has been moved from.

If we can use any service under different authenticating subjects with only single authentication process, then significant enhancement of user convenience and performance can be reached because an authentication process requires relatively much resource than other computations, especially cryptographic computation inclu-ding random number generation, asymmetric key-related calculation, key generation/distribution, and so on.

This paper is organized as follows. In Section 2, we identify related works. Section 3 describes the architecture for ID globalization across multiple convergence spaces. In Section 4, we suggest the II tracking across collaborative smart cameras. Section 5 reports the experimental results of the proposed approach. Finally, we present conclusion in Section 6.

2 Related Works

2.1 ID management

For the sake of secure, convenient sharing of personal information, e-ID wallet system has been developed. In this system, there are three types of components: clients, servers, and other types of servers. First, the client implements personal ID management S/W and provides services including registration, authentication, sharing, synchronization, and accounting.

This scheme supports a few technologies. First, it supports global authentication and integrated credential management. The global authentication technology enables integrated authentication framework supporting a variety of authentication mechanisms in unified interface environment, and the integrated credential management technology manages credentials of heterogeneous formats and working methods issued by distributed sites. Second, it provides identity management among domains with a technology for internet identification management, and a technology for sharing, synchronizing XID bidirectional identity. This enables the definition and management of unique identifier usable in the Internet. It is also a self-controllable identity control technology. Users protect identity information with link contracts, and share, securely secure protect the identity information based on them. But, the critical restriction of this scheme is that it is valid only within IT space.

2.2 Object tracking across distributed smart cameras

2.2.1 Object tracking across overlapped distributed smart cameras

Many researches have been made to detect motion of moving object using static camera or an active camera. The former has fixed camera view, which is compa-red to the latter one. Motion detection using a static camera is not difficult work because the motion of camera is not included. The motion has been detected by differencing among consecutive images. Meanwhile, the motion detection of moving object using an active camera has challenged. To detect motion of moving object, estimation of camera motion or computation of optical flow method has been proposed [7-9]. To detect camera motion, features between adjacent image frames are tracked, and coordinate between consecutive images is transformed.

Object tracking technology has been developed by many vendors that are developing intelligent video surveillance system. As object tracking is regarded a basic module in providing intelligent video services, most of applied systems are focusing on this technology.

The operator could interact with the system in a virtual top–down view of the site, obtained by composing ground-plane image data from all available cameras into a single view [10].

2.2.2 Object tracking across disjoint distributed smart cameras

Despite the huge amount of effort to remove or reduce the effect using inter-camera color calibration or appearance similarity models [11-14], the matching of single individuals moving across disjoint camera views based on appearance features is very difficult.

So, it focuses on the problem of tracking an unknown number of objects in a system of not-calibrated cameras sparsely distributed without overlapping fields of view. It assumes that each camera can track targets in its field of view but that the identity of a target is indistinguishable. Information about the track obtained by camera is referred to as an observation. Then, multicamera tracking is reduced to associate a set of observations with a set of object trajectories. This problem is very similar to the data association problem in multiple-object motion is not available in multicamera tracking. Thus, multicamera tracking necessitates another model capable of describing the movement of objects in a monito-red region.

To compensate for the lack of dynamics, most multicamera tracking algorithms explicitly or implicitly employ a stochastic transition model represents the probability that an object will appear in one camera after it has disappeared in another. The stochastic transition model is usually represented as a camera network topology, a directed graph with the edges weighted by transition probabilities. This graph model provides information about not only connectivity between cameras but also the paths that objects are likely to take in the monitored region, so the graph is sometimes called an activity topology [15]. The popularity of the camera topology in tracking comes from the fact that transforms the multicamera tracking problem to a linear assignment problem, which can be solved in polynomial time. However, because the weighted assignment algorithms use correspondences between only two observations, other useful information such as the length and the frequency of paths should be decomposed into between-two-camera terms with a decomposable assumption [16]. A high-order transition model can be used to associate the observations, but it turns object tracking into a multidimensional assignment problem.

An alternative approach for data association in multicamera tracking is a Markov chain Monte Carlo (MCMC) method, which has been widely used in combinatorial optimization problems or high-dimensional integration [17]. MCMC-based tracking algorithms approximate the intractable solution space by producing a set of plausible paths that might generate a set of observa-tions. While MCMC-based tracking algorithms do not require the decomposition of a posterior into pair-wise terms, MCMC sampling is computationally more intensive and its results highly depend on an initial sample [18].

3 Architecture for ID Globalization Across Multiple Convergence Spaces

3.1 Single authentication through

The objective of SAT is similar to that of single sign on (SSO) in that it aims just single authentication phase. But, the explicit scheme has been significantly differentiated.

The basic scenario of the SSO and idM is that the ID has been registered to the trusted third party already, and whenever the object is accessing a new service, the registered ID is referred without additional interruption for authentication. On contrary to the schemes of them, the SAT ensures that the once authentication ID is maintained across multiple physical spaces.

When the tracking fails and the smart camera keeps track of the wrong object, which is not interesting to it (false-positive tracking), the unauthorized access is concerned. As no addition authentication is necessary in the ID globalization, the incorrect tracking causes the grant of inappropriate privilege to another object.

During the tracking, several situations of tracking failure may be found. In each case, the tracking succeeds/fails or the false-positive tracking is occurred. Unfortunately, the false-positive tracking is likely to be unnoticeable. So we need to maintain the tracking index, indicating the possibility of correct tracking. Whenever the possible situations of tracking failure are met, the tracking index is revised. Therefore, before the ID globalization is performed, the tracking index is checked. If the tracking index is above the threshold value set by security policy system, the tracking is considered to be successfully performed, the ID globalization begins. Else, false-positive tracking is concerned, and additional authentication is required for secure service provision. The threshold value for tracking index is varied according to the security class of the authentication and system requirements.

In our suggestion, the false-positive tracking corresponds to the tracking failure, and the specific mecha-nism for detecting it is beyond of scope. Figure 1 shows the functional flow of ID globalization. The functions mainly perform ID authentication, ID delivery, and ID globalization. The ID delivery is divided into object tracking, privacy masking, II generation, and II delivery again. Each function transits to other function based on the triggered event. The events of functional flow are described in Table 1.

Figure 1.

Functional flow of ID globalization.

Table 1. Events of functional flow.
EventDescription
E11The object moves into physical space
E12The object moves into logical space
E21The smart camera detects the moving
 object and decides the ROI
E22The CMS restores the original video stream
E23The object moves into other physical space
E24The CMS delivers the revised identifiable information
E25The object stays within the physical space
E26The object moves into other logical space and
 II delivery is successfully performed
E27The II delivery fails
E31The object moves into physical space
E32?The objects moves into logical space

3.2 Hierarchical architecture for ID globalization

The architecture proposed in this paper consists of four layers; a space layer, a delivery layer, an authentication layer, and a coordination layer.

In the space layer, there are a number of spaces, wherein each space means a specific area where the service is valid, which may be logical or physical. The logical space includes cyber space that anyone electronically visits, but invisible. On the other hand, the physical space means the area wherein we physically work, move, and live, namely real world.

The space establishes a foundation for every system to run, gives resources, and sometimes becomes a target of control and surveillance.

In the delivery layer, distributed smart cameras are deployed. Each smart camera is capable of detecting and tracking the objects that are interesting. During the detection and tracking among distributed smart cameras, the ID-related information, namely II, is also delivered. It ensures that we do not need additional authentication process for gathering the ID information.

The II consists of Logical Identification Information (LII) part and Physical Identification Information (PII) part. The LII part is divided into source Device ID (DID) field and source ID field again. The source DID is indicating the authenticators DID that has issued and validated the objects ID. The source ID means the objects current ID. The PII contains information about the objects physical appearance, such as an object type, color, height, width, and current location. The source DID and source ID are immutable, while the object is moving into other space. Meanwhile, the PII is subject to change along with the movement. The PII is delivered to other smart camera. But receiving the PII, the smart camera is likely to modify the PII according to its lens capability and constraints.

In the authentication layer, the authentication processes are performed whenever the object accesses to use the services. Each authentication instance is likely to implement different mechanism compared to other authentication instances. However, it cooperates with ascendant authentication coordinators to ensure the ID globalization.

4 Identifiable Information Tracking Across Collaborative Smart Cameras

Figure 2 describes the overview of ID globalization across multiple spaces. The object makes use of service provided by the service application A after successful authentication. Afterward, the object moves to other space where the service application B is dominating. Although the AI adopted by the service application B should authenticate the object, it verifies ID from the LII from the service application A without giving any disturbance to the object by requesting additional authentication process. The PII has been used during this traversal.

Figure 2.

Overview of ID globalization across multiple spaces.

4.1 ID globalization

An ID that is verified by some AI is generally valid in the limited boundary of the space. It means that the verified ID is not useful outside of the space when the object is moving.

If the identifier of the object has been already registered in the new authentication server, then it is not necessary to verify validity of the delivered II. Instead, the process for verifying that the delivered ID is related to the registered ID must be performed. The already registered ID might be different from the delivered ID. In order to efficiently identify the delivered ID, all IDs of the object must be maintained by the mediate authentication coordinator (MAC) in advance.

The information maintained by MAC for the already registered ID is shown in Table 2. Each registration requires the real-time revision of the table by the MAC. When we register the source ID, the new table is generated. And whenever the associate ID is registered, the table is revised to reflect the new registration so that it is listing all associate IDs for the source ID. This table is referred before generating the globalized ID. If the correspondent record is found, then the associated ID is transmitted instead of generating a new globalized ID.

Table 2. Fields for registered IDs of an object.
FieldsDescriptions
Home IndexIt uniquely identifies the object. This is generated by hashing and concatenating the source DID and source ID.
Associate Index[]Each associate index consists of the associate DID and ID. The associate DID indicates the domain the object has been registered to, and the associate ID indicates a registered ID of the object to the domain of DID.

If all spaces are logical, then this issue can be easily resolved with conventional technologies such as SSO and idM. But they are not applicable to the physical space.

As to support both types of spaces, we propose a globalized authentication scheme using distributed smart cameras. In our proposed scheme, LII and PII are delivered between AIs along the movement of the object. The globalized authentication structure is composed of two layers: an authentication layer and a coordination layer. In the authentication layer, multiple AIs are deployed, wherein each AI implements the different authentication instance. It also communicates with the ascendant MACs and sibling AIs for delivering LII and PII, respectively. Especially, the AI in physical space is capable of retrieving PII for moving object. For example, a smart camera gathers physical appearance information about the moving object, such as type of object, color, license plate number, current position, direction, and size. The gathered PII varies according to implementation. On the other hand in the coordination layer, multiple ACs are deployed. An AC in the root layer is called a root authentication coordinator, and an AC in the lower layer of the root authentication coordinator is called a MAC. A MAC administrates child MACs and/or AIs. Actually, the MAC does not participate in generating local IDs used in the descendent AIs and DIDs in descendent MACs. Receiving the local ID of the descendent AI, it generates a new global ID valid within its space and delivers it to other descendent AI that the object is just entering, or just relays it to the ascendant ACs.

Figure 3 describes the state diagram for ID globalization. There are four states: AUTH, TRACE, DELIVERY, and GLOBAL. The ID globalization starts at the initial state (AUTH) (Equation (1)).

display math(1)

The input event (EVT) (Equation (2)) is defined as

display math(2)

Therefore, the function fst() (Equation (3)) for state transition is defined as

display math(3)
Figure 3.

State diagram for ID globalization.

Table 3 shows the state transition for ID globalization based on the input triggering event.

Table 3. State Transition of ID Globalization.
 Current stateEventsNext stateActions
AUTHmove_to_PAITRACEPII Gathering
AUTHmove_to_ELSETRACEPII Gathering
AUTHmove_to_LAIGLOBALLII Delivery
TRACEmove_to_PAIDELIVERYPII Delivery
DELIVERY TRACEPII Delivery
TRACEmove_to_LAIGLOBALPII Delivery
TRACEmove_to_ELSETRACEPII Gathering

4.2 Generation of globalized ID

The operations for globalizing ID consist of five steps: a step for requesting globalized ID(OPS_LII_STEP1), a step for requesting a local ID(OPS_LII_STEP2), a step for delivering the local ID(OPS_LII_STEP3), a step for generating a new globalized ID(OPS_LII_STEP4), and a step for delivering the newly generated globalized ID(OPS_LII_STEP5).

The operations for ID globalization (OPS_GID) also include steps for recognizing the movement of the object and translating the delivered LII to get a local ID(OPS_PII) as well as OPS_LII for generating a globalized ID. The details about the OPS_PII will be identified in the next section. The OPS_GID (Equation (4)) is defined as

display math(4)
display math(5)

Figure 4 shows a procedure for OPS_LII (Equation (5)).

  • OPS_LII1

    This procedure for requesting globalized ID is triggered by the AI that recognizes the movement of the object. Because the local ID gathered from the II is not useful any more in this space, the MAC needs a new ID for the object that is valid. With the OPS_LII1, the MAC requests a new globalized ID to authenticate the object.

    The OPS_LII1 consists of two operations: recognition of movement (REC) and transmission of REQ_GID_MSG. The OPS_LII1 (Equation (6)) is defined as

    display math(6)

    The realization of REC is various depending on the implementation. Generally, the object firstly requests an authentication and provides an ID. But when specific AIs such as smart cameras are deployed, then recognize the object ahead.

    The function for REC is presented as {II → REC → REQ_GID_MSG}. The REQ_GID _MSG contains (MSG_TY PE,V ersion,Totallength, ID2length,ID2,ID2,LocalDIDlength,LocalDID,No − nce2,hash_algorithm,SIG).

  • OPS_LII2

    Receiving the REQ_GID_MSG, the MAC0 checks the validity including the signature with preshared secretary material. After successful verification, the MAC0 generates and transmits the REQ_LID_MSG to the AI1.

    The OPS_LII2 consists of two operations: verification of the REQ_GID_MSG (V ER) and transmission of REQ_LID_MSG. The OPS_LII2 (Equation (7)) is defined as

    display math(7)

    The immutable fields (IMF) of REQ_GID_MSG are used in verifying the signature. The IMF (Equation (8)) is defined as

    display math(8)

    IMF[11] = {MSG_TY PE,V ersion,Totallength, ID2length,ID2,localDIDlength,localDID, localIDlength,localID,Nonce2,hashalgorithm} Therefore, the implementation of IMF (IMFI (Equation (9)) returns a SIG and is represented as

    display math
    display math(9)

    SM = SecurityMaterial(key)

    The REQ_LID_MSG also contains (MSG_TY PE,V ersion,Totallength,CoordinatorID length,CoordinatorID,LocalIDlength,LocalID, Coordinatornonce,Hashalgorithm,SIG).

  • OPS_LII3

    Receiving the REQ_LID_MSG, the AI1 verifies it. If the verification procedure is successfully finished, the AI1 generates a LID_MSG and transmits it to the MAC0.

    The OPS_LII3 consists of two operations: verification of the REQ_LID_MSG (V ER) and transmission of LID_MSG.

    The immutable fields of REQ_GID_MSG includes (Msg_Type,V ersion,Totallength,Coordina − torIDlength,CoordinatorID,LocalIDlength,LocalID, Coordinatornonce,Hashalgorithm) that are used in verifying the signature. If the verification is failed, It returns NACK_MSG.

    The OPS_LII3 (Equation (10)) is defined as

    display math(10)

    The LID_MSG contains (MSG_TY PE,V ersion, Totallength,CoordinatorIDlength,CoordinatorID, LocalIDlength,LocalID,Coordinatornonce, Hashalgorithm,SIG).

  • OPS_LII4

    The generation of a new global ID is a significantly important procedure. Supposing that the newly generated global ID must be unique within the space, a unique value is recommended to be used in generating is. In our proposed model, DID of the MAC is used.

    Figure 5 describes the procedure for generating a global ID. For generating a global ID, two inputs are necessary: a local ID of the object and a DID of the MAC. The global ID of 128-bit length consists of two parts: prefix and postfix. The prefix of global ID is of 64-bit length, derived from the DID, and the postfix is derived from the local ID.

    As lengths of the local ID and DID are variable, a hash function H() is used to generate 64-bit hash values. The first 64-bit string of the hash value (128-bit) of DID is used in the prefix of the global ID, and the last 64-bit string of the hash value (128-bit) of local ID is used in the postfix of the global ID. The generated global ID (GLOBAL_ID (Equation (11))) is defined as

    display math(11)

    where the length of (GLOBAL_ID,GLOBAL_ IDprefix(Equation (12)), GLOBAL_IDpostfix (Equation(13))) is (128-bit, 64-bit, 64-bit) respectively.

    display math(12)
    display math(13)

    Where H(key,string) → 128-bit string, implementing HMAC_MD5,

    PRE (string) → first 64-bit string,

    POST (string) → last 64-bit string, and → means return.

  • OPS_LII5

    After generating a global ID, the MAC0 returns a GID_MSG to the AI2. The OPS_LII5 consists of two operations: generation of the GID_MSG and transmission. Once the object is globalized authenticated, its local ID and newly registered globalized ID are stored in the MAC for further efficient indexing.

Figure 4.

Procedure of OPS_LII.

Figure 5.

Procedure for generating a global ID.

4.3 II delivery

While the object is located within the logical space 1, the II1 is continuously managed based on the gathered FTR1 and PAP1. If the object is entering into the boundary of physical space A, the gathered II1 is relayed to the AI controlling the physical space A. In the physical space A, FTR2, PAP2 are generated and maintained along the II2. When the object is moving to the physical space B, the II2 reflecting the FTR2 and PAP2 is also relayed.

With the real-time relay of II along the movement of the object, the AI in the logical space 2 can gather information useful in ID globalization. Generally, FTR and PAP in each II are used for tracking the object across multiple physical spaces and II is used when authentication method is running.

5 Evaluation

Let n be the total number of deployed AIs, including PAIs and LAIs and m is the total number of LAIs.

Figure 6 shows the ratio for ID globalization according to the change of PAI ratio. We are interesting in the ratio for ID globalization and the ratio for authentication. The occurrence of authentication means that the object tracking has been failed and the II was not delivered correctly. So we need additional authentication for providing ID-based services. The occurrence of ID globalization means that the II was successfully delivered along with the movement. The result was simulated 10,000 times, and the tracking algorithm [19] used in this simulation is a video processing algorithms to define the position and identity of athletes playing on a sport field, surrounded by a set of loosely synchronized cameras, as the PAI ratio increases 10.

Figure 6.

ID globalization according to PAI ratio.

In addition, set the delay_ID/PW, average delayed time for performing ID/PW authentication, 3 s, the delay_CERT, average delayed time for performing X.509 Certificate authentication, 4 s, the delay_BIO, average delayed time for performing biometric authentication, 5 s, and delay_RFID, average delayed time for performing RFID authentication, 1 s.

Furthermore, θ is the average staying duration of an object within space controlled by a smart camera, and Δ is the average delayed time for ID globalization. Then, the average delayed time in conventional authentication systems, Equation (14)

display math(14)

And, the average delayed time in SAT system, Equation (15)

display math(15)

In the earlier equations, (n − m − 1) × θ is constant. So we can derive the equations as (Equations (16) and (17))

display math(16)
display math(17)

In each experiment, n = (3,5,10,20,30), m = (2,4,6,,30) incremented by 2, and Δ is 2 s. Figure 7 shows the average delayed time without tracking accuracy, where-in, (a) depicts the experimental result of conventional authentication systems, and (b) depicts the experimental result of SAT. Each experiment has been performed 1000 times. In addition, we need to consider the accuracy of object tracking across multiple smart cameras. In case of failure, we must apply additional authentication to the lost objects. According to [20], the average accuracy in indoor environment, the value of ρ is approxima-tely 0.9.

Figure 7.

Average delayed time without tracking accuracy.

However, the experiment was not regarding overlapped locations among smart cameras. So we can enhance the accuracy if using current locations of the moving objects

Therefore, the average delayed time with tracking accuracy in SAT system (Equation (18))

D1 = averagedelayedtimeforinitialAI0)

Di = prob(1,i) × Δ + (1 + prob(1,i)) × AIi, where prob(1,i) means the tracking accuracy from AI1 to AIi, and AIi is the first AI following AI0.

Dj = ρ(j − i) × Δ + (1 + ρ(j − i)) × AIj

display math(18)

Figure 8 depicts the average delayed times of various tracking accuracies for object tracking. We experimented four cases, wherein the ρ representing the accuracy of object tracking is set 0.90, 0.93, 0.95, and 0.97, respectively.

Figure 8.

Average delayed times with tracking accuracy.

The performance comparison is shown in Table 4.

Table 4. Comparison of Performance in SAT.
mLegacySAT without probabilitySAT with probability
0.900.930.950.97
410.480.960.930.930.91
810.400.910.880.850.79
1210.360.840.800.770.73
1610.350.840.800.780.75
2010.310.790.780.750.73
2410.340.920.910.900.88
2810.331111

From the earlier table, we can reduce the average delayed time by more than 50

6 Conclusion

For several decades, IT industry has developed and produced a number of outstanding results, and the ubiquitous technology has shown tremendous proliferation. The fact that we are able to use any IT service regardless of current situation stimulates our curiosity giving a thought that we are ready to enjoy other life pattern. Along with this trend, interest on security is increasing. Every security system is operating based on ID, and a step for identifying the entitys ID must be followed by the processes for appropriate service provision. Nevertheless, the frequent authentications force users patience and inconvenience. And furthermore, it causes security weakness by frequent usage of key material, immature implementations of security, and complicate key management. So in this dissertation, we suggest the SAT scheme. In the SAT, if once the entity is successfully authenticated at the initial stage, it does not need to pass through the additional authentication processes whenever it tries to use other domains service. Unlike other ID management scheme, that is, SSO and idM, the SAT is achieved through multiple physical domains. The smart cameras between authentication instances take a role of generating and delivering II about the interesting. This ensures that the object can use services with any further interruption for authentication. We can reduce the average delayed time by more than 50.

Ancillary