Cloud-Security

Using Cloud security increases accuracy of recognition. Typically, the authentication system is trained to recognize the user on her/his computer. Often this is sufficient but accuracy can be further improved by using the cloud security approach. With our Cloud security end users experience high accuracy with system authentication. Accuracy is very important in biometric authentication systems since the system must be able to accurately detect a multitude of users and distinguish them from among a variety of possible intruders. Allowing unauthorized users into the system will inevitably lead to mangling or leaking of sensitive information as well as the loss and misuse of confidential data. Conversely, in some instances the system fails to properly recognize an authorized user. Failure to properly authenticate results in inefficiencies and loss in time and productivity.

Neurologix uses the Cloud Computing approach to train our authentication system in order to increase accuracy of recognition. Our authentication system consists of a set of large neural networks with the most advanced technology. They can be trained to recognize users’ behavior with HPA Core technology. Using such massive computations leads to a more thorough generation of the parameters of the neural networks and with a greater ability to fine tune them with outstanding accuracy. This approach may be possible on conventional computers but not realistic since it would take years to develop. The high accuracy and the security levels offered with the HPA Cloud approach can not be rivaled.

Through an easy integration with the Cloud Architecture solutions, trust that customers already devote to the Cloud Solutions Enterprise can be leveraged. The Neurologix HPA System increases the level of security without adding an additional intrusion point into the whole communication channel between the Cloud Solutions Enterprise and their customers.

The flow of actions between the modules in the HPA Cloud Platform in a typical authentication attempt is shown in the figure below:

  1. The user types in a username/password combination or enters a smart ID card.
  2. User’s credentials are verified using one of the two options:
  3. By checking the local credential database. This option is more suitable for device authentication and when the system should be able to work in offline mode.
  4. By using the Enterprise Application Cloud where credentials for all users are stored. This option is more suitable for application/service authentication when the user needs to authenticate to get access to some service or application.
  5. A unique user id that corresponds to the username or the smart ID card is sent to the Neurologix HPA API.
  6. Biometric input is entered. If the keystroke data is entered, then this step is performed simultaneously with the input of username and password. If more types of biometric inputs are expected this step will be performed several times, each time providing different type of biometric input.
  7. The provided user’s id and the biometric data are processed locally inside the Neurologix HPA API and compared to the user’s model, which is stored in the local database.
  8. The new biometric data is stored in the local database for further analysis.
  9. Occasionally, depending on the update policies, when the device is in online working mode the Neurologix HPA API may upload the locally stored biometric data into the HPA Cloud for recalculating the biometric parameters of the user’s model.
This is just one possible use of the HPA Cloud Platform – other scenarios exist including the use of original BioToken and Automated BioToken.

No Single Point of Failure – Client-, Server-, and Cloud-side Redundancy

Our system design is to ensure no single point of failure; while providing load balancing, health checking, secure updating and monitoring of all components and other related functions necessary to keep the system running even if several hardware or other failures occur simultaneously. NEUROLOGIX Architecture is based on distributed methodology, rendering the system safe even from catastrophic disasters including explosion, fire, vandalism, theft and loss.

HPA SaaS

This product provides all the advantages as described above, but is hosted by our Neurologix Cloud Platform and provides biometrics security to various customers/companies.

Additional options provided by HPA SaaS:

  • Users can choose the geo location of servers across the world
  • When starting a new instance of our Front/End backend servers we can handle the increased traffic in a matter of minutes
  • Automated load balancing
  • Automated database replication and failover
  • Automated failover of servers
  • No lost messages – it is taken care of automatically.
  • Online updating of server versions. No down time of our HPA Cloud Platform even when major updates are deployed.
  • We guarantee 99.95% uptime as the most contemporary cloud platforms.

 

HPA Security Server

Where a simpler version of the HPA Cloud Platform is needed, this product provides a minimal solution to the authentication needs of the enterprise. It is an independent server that works only inside the corporate’s network, without any need for Internet. This server also comes in two versions – an Express Edition and a Standard Edition, depending on the number of total clients and the number of simultaneous clients handled by this server. The HPA Security Server can run on a single computer and serve reasonable number of client devices/applications. More precisely, in an environment with one server, the HPA Security Server can handle several hundreds users of the server.

HPA on Device

The customer application/device is a third party application (such as a financial application) or a device (such as a workstation, a smart phone or an ATM) that requires strong authentication, thus a Neurologix HPA API is integrated on the same application/device. The first line of authentication of the customer application/device is by a standard username/password combination or a smart ID card. The customer application and the Neurologix HPA API can have various policies of authentication that depend on a configurable timeout interval after which the user is prompted for re-authentication. The protocol for message passing between the customer application and the Neurologix HPA client is carefully chosen so no “footprints” are left on the device.

When the user’s device is in an offline mode, the local AI will process the input from the sensors and validate the user’s biometric input against the local HPA model and the local database. The input is stored securely on the device and automatically synchronized with server’s data at appropriate intervals. The storing of the user’s models in the HPA Cloud provides users an easy transition from one device to another. Actually no specific user action is needed to migrate from one device to another. The degree of encryption in the local HPA database can be made with the desired level of security, according to the security standards of the organization. We will provide an unconnected authentication using 384k.

Neurologix provides a defined procedure in the case of theft which invalidates any encrypted data stored on the device. The internal values of the local AI are computed beforehand in the HPA Cloud. We are using patent-pending technology that makes it nearly impossible to decipher these internal values of the local AI and makes it impossible to imitate the biometric input of the user.

Neurologix HPA API

No matter which product you decide, the Neurologix HPA API provides easy, documented access to the functionality of the Neurologix HPA security system. This allows for easy integration of the most advanced security functions into a variety of the client systems. It processes locally the biometric input from the sensors and exchanges data with the distributed databases in order to confirm whether the authentication was successful, calls methods for pattern recognition from the library, uploads data to the cloud for recalculating the parameters according to the new state of the biometrics data, or downloads upgrades for the database, the authentication policies and configurations as well as other necessary functions. We provide APIs that cover most operating systems, are able to communicate with third parties with a variety of standards (i.e. SOAP and REST) and exchange data in various formats.