Open-Source, Web-Based, Framework for Integrating Applications with Social Media Services and Personal Cloudlets

“Open-Source, Web-Based, Framework for Integrating Applications with

Social Media Services and Personal Cloudlets”

Deliverable D5.1

Security related services evaluation phase 1

Disclaimer:

The OPENi project is co-funded by the European Commission under the 7th _{Framework Programme. This document reflects only} authors’ views. EC is not liable for any use that may be done of the information contained therein.

Workpackage: WP5 – Service and Application Development

Authors: Aranzazu Narganes (CGI), Susana Ortega Guilló(CGI) Status: Draft

Date: 19/09/2014 Version: 0.5

OPENi Project Profile

Partners

Waterford Institute of Technology

Coordinator Ireland

National Technical University of Athens (NTUA),

Decision Support Systems Laboratory, DSSLab Greece Fraunhofer-Gesellschaft Zur Foerderung Der

Angewandten Forschung E.V Germany

INFORMATICA GESFOR SA Spain

AMBIESENSE LTD UK

VELTI SA Greece

BETAPOND LIMITED Ireland

Contract No.: FP7-ICT-317883 Acronym: OPENi

Title: Open-Source, Web-Based, Framework for Integrating Applications with Social Media Services and Personal Cloudlets

URL: www.openi-ict.eu

Start Date: 01/10/2012 Duration: 30 months

Document History

Version Date Author (Partner) Remarks

0.1 01/07/2014 Aranzazu Narganes (CGI) First version 0.2 12/08/2014 Susana Ortega (CGI) Minor updates 0.3 08/09/2014 Susana Ortega(CGI) Updates 0.5 18/09/2014 Susana Ortega (CGI) Minor updates

Executive Summary

This deliverable describes the outcome of “T5.1 Security related services evaluation software, phase 1” of the OPENi project. This task is responsible of developing the Service Enablers that provide enhanced features to OPENi developers. These features will be available for WP6 applications. For this first phase, the selected security related service is the Biometric Recognition Service Enabler (SE).

For this Service Enabler, it is provided its features, design and a demonstration for the first phase implementation.

Table of Contents

1

Introduction ... 6

2

Biometrics SE Overview, Motivation and Goals ... 7

2.1 Overview ... 7

2.2 Motivation, Goals and innovations ... 7

2.3 Methodology ... 7

3

Biometrics SE Design and Architecture ... 8

3.1 Component overview ... 8

3.2 Workflow... 8

3.3 API Specification ... 10

4

Biometrics SE prototype Implementation ... 11

4.1 Outline key components in the Implementation phase ... 11

4.2 How it will interface with OPENi ... 11

5

Biometrics SE Demonstration and Source code ... 13

1

Introduction

Biometric authentication has to ways to confirm the user’s identity and profile in an organization: using one or more physical traits or using a behavioural feature. This kind of processes have greatly increased in popularity with the advent of faster computer processors and increased quality in the data collection devices.

Physical traits are body features as fingerprint, iris, or ratios between facial features, while behavioural features as speech and tone cadence or rhythm.

2 Biometrics SE Overview, Motivation and Goals

2.1 Overview

The Biometric Comparison Service Enabler (SE) is included in the Task 5.1 as part of the Security related Services in combination with the Security Framework.

This SE aims at give OPENi developers the opportunity of including one more security level in their applications.

2.2 Motivation, Goals and innovations

For many years, the identification process in an application has been providing a “written” login and password to access the system. This has been also the traditional method for mobile applications to identify users.

Biometric recognition has risen as the most secure identification process. A Gartner report1 _{from last}

year predicts that 30% of all companies will use biometric recognition on mobile devices by 2016. Mobile devices are evolving in such a high speed that in a near future almost very mobile device will be able to accept some kind of biometric recognition. Fingerprint, facial and voice recognition, are the most extended biometrics to identify a user.

Among biometric recognition methods we have focused on face recognition. Nowadays, nearly all mobile devices have a good quality camera. We use this camera for taking a picture of the user and comparing it with other ones stored into the device.

2.3 Methodology

The focus in this first phase for the Service Enablers has been placed in:

a) the design of Biometric Comparison SE (in terms of features, information flow and APIs); b) the design and implementation of the Biometric Comparison SE GUI (android application); In the second phase it is intended to integrate the Biometric Comparison SE in the OPENi platform and Security component.

3 Biometrics SE Design and Architecture

3.1 Component overview

The objective of BIOMETRIC SE Prototype is to allow users to log on to their applications across a picture of theirs. This is called face recognition. This process can be split three steps:

 Face detection: identify a face into a photo

 Feature extraction: identify key features as distance between eyes

 Face recognition: identify if the given image matches with the set of stored ones.

3.2 Workflow

At this time, the Biometric SE prototype is an Android library which a developer can add to his application. There are two main steps in the flow: training and recognition. First step when using Biometric SE is running the training operation. In the training operation, user’s face photos are stored into the mobile device and they will be the identification key for the user. At least ten images are needed to be stored in order to guarantee the recognition. The subsequent recognition process compares one photo, taken in the current moment, with the stored ones for the current user.

For the time being, training images are stored into the user’s device. In the next phase these images will be stored into the user’s cloudlet.

The objective of the first implementation phase is providing to the developer a basic API with the features to include in the OPENi application.

Training

The library identifies the person who will be able to log on to the application.

The prerequisite for training is having ten stored images of the person when logging. The images names must have the following format: name + “i” + jpg, where “i” is an integer between 1 and 10. The developer must call the public method “train” in which the training operation is performed. The steps in this method are:

 Storing 10 images

 Detecting faces in every one of those images

 Generating a gray image from each of the stored ones.

 A correspondence between every of the original images and their gray one is established.

 Generating a storage space in which to store this correspondence Recognition

The library recognizes the person in the picture as a valid user of the application.

Figure 2: Diagram from recognition feature

The developer must call the public method “recognize”. The steps followed to perform this action are listed below:

 Charging the image from the user who intends to be identified.

 Detecting the face in the provided image.

 Processing the image with openCV methods.

 With openCV FaceRecognizer, this image will be compared with the stored training images.

3.3 API Specification

For this first phase, the defined Android API is the following /**

@cloudletId: cloudlet which user is going to be identified **/

public void train(String cloudletId)

/**

@cloudletId: cloudlet which user is going to be identified

@myImage: Image file which is going to be used to identify the cloudlet owner. **/

4 Biometrics SE prototype Implementation

4.1 Outline key components in the Implementation phase

The Prototype BIOMETRIC SE is a library based on open source technology. It has been developed using JavaCV2 _{with OpenCV}3 _{for Android. We have selected the OpenCV due to it has become the}

main tool for software computer vision, is open source and it provides an Android SDK. Wide information and examples are available. One main point to have in mind is that OpenCV needs a huge amount of RAM to process images.

The minimum requirements for developing with OpenCV in Android are the following:

 Sun JDK 6 (Sun JDK 7 is also possible)

 Android SDK Tools, revision 20 or newer.

 SDK Platform Android 3.0 (API 11): Android 2.2 (API 8 is the minimal platform supported by

OpenCV Java)

4.2 How it will interface with OPENi

The Biometric SE will be in full contact with the Authentication and Authorization component. This will be the component which will really give access to the OPENi platform. On the other hand, the future Service Enabler will have to access to the cloudlet in order to access to the user’s personal data e.g. to the user’s profile photo, to compare it with the given one.

So that, we can say the Biometric SE will interact with components from WP4:  Profile API (supposed the images for training are accessible via this API)  Authentication & Authorization (next phase)

 User’s cloudlet

And of course, any application developed in WP6 or by any OPENi developer will be able to add this feature to its development.

5 Biometrics SE Demonstration and Source code

To demonstrate the operation of BIOMETRIC SE, we have implemented a test application that only includes a button that connects to the library of facial recognition (Figure 4).

Figure 4: Login to the app

Figure 5: Screen with camera button Training

The "Entrenar" (Training) button is pressed, the face is focused, the person's name is entered, the "Rec" button and finally press the "Parar Entreno" (Stop Training) button (Figure 6) is pressed.

Figure 6: Training process Recognition

Figure 7: Ok result

6 Biometrics SE Conclusions and Outlook

With the Biometric Comparison SE, OPENi is able to offer a higher level of security to developers. Each of them will decide if include this feature to his application.

Next step for this component will be implementing the interaction with de Authentication and Authorization component and the cloudlet integration.