ABSTRACT: Userauthentication systems are traditionally based on pairs of username andpassword and verify the identity of the user only at login phase. No checks areperformed during working sessions, which are terminated by an explicit logoutor expire after an idle activity period of the user. Emerging biometric OTPgeneration, question and answers solutions allow substituting username andpassword with data during session establishment, but in such an approach stilla single verification is deemed sufficient, and the identity of a user isconsidered immutable during the entire session. Additionally in this system weare going to implement the session authentication with various approach likebiometric, OTP(one time password) generation, question and answers withspecified time limiting. A secure protocol is defined for perpetualauthentication through continuous user verification. The protocol determinesadaptive time outs based on the quality, frequency and type of biometric, OTPgeneration, question. And answers data transparently acquired from the user.
Keywords: Continuous user authentication, CASHMAverification certificate , various authentication data like biometric, OTP generation, question. And answers data