Strengthening and formally verifying privacy in identity management systems

In a digital world, users’ Personally Identifiable Information (PII) is normally managed with a system called an Identity Management System (IMS). There are many types of IMSs. There are situations when two or more IMSs need to communicate with each other (such as when a service provider needs to obtain some identity information about a user from a trusted identity provider). There could be interoperability issues when communicating parties use different types of IMS. To facilitate interoperability between different IMSs, an Identity Meta System (IMetS) is normally used. An IMetS can, at least theoretically, join various types of IMSs to make them interoperable and give users the illusion that they are interacting with just one IMS. However, due to the complexity of an IMS, attempting to join various types of IMSs is a technically challenging task, let alone assessing how well an IMetS manages to integrate these IMSs. The first contribution of this thesis is the development of a generic IMS model called the Layered Identity Infrastructure Model (LIIM). Using this model, we develop a set of properties that an ideal IMetS should provide. This idealized form is then used as a benchmark to evaluate existing IMetSs. Different types of IMS provide varying levels of privacy protection support. Unfortunately, as observed by Jøsang et al (2007), there is insufficient privacy protection in many of the existing IMSs. In this thesis, we study and extend a type of privacy enhancing technology known as an Anonymous Credential System (ACS). In particular, we extend the ACS which is built on the cryptographic primitives proposed by Camenisch, Lysyanskaya, and Shoup. We call this system the Camenisch, Lysyanskaya, Shoup - Anonymous Credential System (CLS-ACS). The goal of CLS-ACS is to let users be as anonymous as possible. Unfortunately, CLS-ACS has problems, including (1) the concentration of power to a single entity - known as the Anonymity Revocation Manager (ARM) - who, if malicious, can trivially reveal a user’s PII (resulting in an illegal revocation of the user’s anonymity), and (2) poor performance due to the resource-intensive cryptographic operations required. The second and third contributions of this thesis are the proposal of two protocols that reduce the trust dependencies on the ARM during users’ anonymity revocation. Both protocols distribute trust from the ARM to a set of n referees (n > 1), resulting in a significant reduction of the probability of an anonymity revocation being performed illegally. The first protocol, called the User Centric Anonymity Revocation Protocol (UCARP), allows a user’s anonymity to be revoked in a user-centric manner (that is, the user is aware that his/her anonymity is about to be revoked). The second protocol, called the Anonymity Revocation Protocol with Re-encryption (ARPR), allows a user’s anonymity to be revoked by a service provider in an accountable manner (that is, there is a clear mechanism to determine which entity who can eventually learn - and possibly misuse - the identity of the user). The fourth contribution of this thesis is the proposal of a protocol called the Private Information Escrow bound to Multiple Conditions Protocol (PIEMCP). This protocol is designed to address the performance issue of CLS-ACS by applying the CLS-ACS in a federated single sign-on (FSSO) environment. Our analysis shows that PIEMCP can both reduce the amount of expensive modular exponentiation operations required and lower the risk of illegal revocation of users’ anonymity. Finally, the protocols proposed in this thesis are complex and need to be formally evaluated to ensure that their required security properties are satisfied. In this thesis, we use Coloured Petri nets (CPNs) and its corresponding state space analysis techniques. All of the protocols proposed in this thesis have been formally modeled and verified using these formal techniques. Therefore, the fifth contribution of this thesis is a demonstration of the applicability of CPN and its corresponding analysis techniques in modeling and verifying privacy enhancing protocols. To our knowledge, this is the first time that CPN has been comprehensively applied to model and verify privacy enhancing protocols. From our experience, we also propose several CPN modeling approaches, including complex cryptographic primitives (such as zero-knowledge proof protocol) modeling, attack parameterization, and others. The proposed approaches can be applied to other security protocols, not just privacy enhancing protocols.

Identity management : strengthening one-time password authentication through usability

Usability in HCI (Human-Computer Interaction) is normally understood as the simplicity and clarity with which the interaction with a computer program or a web site is designed. Identity management systems need to provide adequate usability and should have a simple and intuitive interface. The system should not only be designed to satisfy service provider requirements but it has to consider user requirements, otherwise it will lead to inconvenience and poor usability for users when managing their identities. With poor usability and a poor user interface with regard to security, it is highly likely that the system will have poor security. The rapid growth in the number of online services leads to an increasing number of different digital identities each user needs to manage. As a result, many people feel overloaded with credentials, which in turn negatively impacts their ability to manage them securely. Passwords are perhaps the most common type of credential used today. To avoid the tedious task of remembering difficult passwords, users often behave less securely by using low entropy and weak passwords. Weak passwords and bad password habits represent security threats to online services. Some solutions have been developed to eliminate the need for users to create and manage passwords. A typical solution is based on generating one-time passwords, i.e. passwords for single session or transaction usage. Unfortunately, most of these solutions do not satisfy scalability and/or usability requirements, or they are simply insecure. In this thesis, the security and usability aspects of contemporary methods for authentication based on one-time passwords (OTP) are examined and analyzed. In addition, more scalable solutions that provide a good user experience while at the same time preserving strong security are proposed.

Using performance management systems as identity products

This paper explores how the effective use of performance management systems (PMS) essentialises collective identities through the use of textual performances. The discursive effect of PMS operates to simplify members’ logic to allow them to understand and negotiate the complex nature of collective performance. Two case studies, drawing on a qualitative study of the implementation of PMS in two public sector organisations, point to the unique contribution of symbolic effects of one popular PMS, the balanced scorecard (BSC). Findings suggest that the BSC visualising the trajectory of achieving organisational vision through multiple perspectives, measures and linkages is a valuable identity product to achieve organisational success. The case studies also provide an analysis that contrasts aspects of the diffusion and promotion of collective identities through the use of the BSC. This demonstrates that clear direction in the identity management process is an important factor in the design and implementation of successful PMS programs. The value of this paper is to heighten recognition of the symbolic agency of PMS, as it serves as a subtle mechanism for identity management, and also to foster the collaboration of communication specialists and management accountants to achieve common organisational goals.

Professional identity of management accountants : leadership in changing environments

The professional identity of management accountants (MAs) is evolving. According to 8,727 descriptors expressed by 1,158 participants, a range of characteristics of MAs are competing in shaping the identity of future MAs. Respondents strongly valued qualities such as professional principles, hard work, intelligence, analytical and forward thinking in MAs. Further, more innovative, dynamic and people-oriented qualities were strongly suggested for future MAs, with roles relating to multi-skilled business integrator, business partner/advisor, leader, change agent, and decision enabler/maker. Cultivating leadership qualities in the management accounting profession is critical according to participants. Projecting a positive image of the profession and CIMA, and innovative training in management and leadership skills can further support MAs to meet future challenges. Most of all, understanding business and continued personal development by individual MAs is highly valued in shaping the future leadership identity of MAs. Our quantitative data show positive relationships between the professional identification, image and reputation, and leadership qualities of MAs. This suggests that the more one identifies with the profession, the more one is likely to report higher levels of leadership qualities that support members to internalise the desired meaning of their profession and to create a positive image and reputation. After the financial crisis of 2008–2009, the image of financial professions has been tarnished and unpredictable markets and unstable employment opportunities have challenged the profession across all sectors. Many respondents, especially CIMA members, suggested that the turmoil of the financial crisis did not impact negatively but rather elevated the pivotal role of MAs in contributing to cost efficiency and value creation.

Privacy and trust management for electronic health records

Establishing a nationwide Electronic Health Record system has become a primary objective for many countries around the world, including Australia, in order to improve the quality of healthcare while at the same time decreasing its cost. Doing so will require federating the large number of patient data repositories currently in use throughout the country. However, implementation of EHR systems is being hindered by several obstacles, among them concerns about data privacy and trustworthiness. Current IT solutions fail to satisfy patients’ privacy desires and do not provide a trustworthiness measure for medical data. This thesis starts with the observation that existing EHR system proposals suer from six serious shortcomings that aect patients’ privacy and safety, and medical practitioners’ trust in EHR data: accuracy and privacy concerns over linking patients’ existing medical records; the inability of patients to have control over who accesses their private data; the inability to protect against inferences about patients’ sensitive data; the lack of a mechanism for evaluating the trustworthiness of medical data; and the failure of current healthcare workflow processes to capture and enforce patient’s privacy desires. Following an action research method, this thesis addresses the above shortcomings by firstly proposing an architecture for linking electronic medical records in an accurate and private way where patients are given control over what information can be revealed about them. This is accomplished by extending the structure and protocols introduced in federated identity management to link a patient’s EHR to his existing medical records by using pseudonym identifiers. Secondly, a privacy-aware access control model is developed to satisfy patients’ privacy requirements. The model is developed by integrating three standard access control models in a way that gives patients access control over their private data and ensures that legitimate uses of EHRs are not hindered. Thirdly, a probabilistic approach for detecting and restricting inference channels resulting from publicly-available medical data is developed to guard against indirect accesses to a patient’s private data. This approach is based upon a Bayesian network and the causal probabilistic relations that exist between medical data fields. The resulting definitions and algorithms show how an inference channel can be detected and restricted to satisfy patients’ expressed privacy goals. Fourthly, a medical data trustworthiness assessment model is developed to evaluate the quality of medical data by assessing the trustworthiness of its sources (e.g. a healthcare provider or medical practitioner). In this model, Beta and Dirichlet reputation systems are used to collect reputation scores about medical data sources and these are used to compute the trustworthiness of medical data via subjective logic. Finally, an extension is made to healthcare workflow management processes to capture and enforce patients’ privacy policies. This is accomplished by developing a conceptual model that introduces new workflow notions to make the workflow management system aware of a patient’s privacy requirements. These extensions are then implemented in the YAWL workflow management system.

Regulating roles of the use of the balanced scorecard in shaping corporate identities

The literature on corporate identity management suggests that managing corporate identity is a strategically complex task embracing the shaping of a range of dimensions of organisational life. The performance measurement literature and its applications likewise now also emphasise organisational ability to incorporate various dimensions considering both financial and non-financial performance measures when assessing success. The inclusion of these soft non-financial measures challenges organisations to quantify intangible aspects of performance such as corporate identity, transforming unmeasurables into measurables. This paper explores the regulatory roles of the use of the balanced scorecard in shaping key dimensions of corporate identities in a public sector shared service provider in Australia. This case study employs qualitative interviews of senior managers and employees, secondary data and participant observation. The findings suggest that the use of the balanced scorecard has potential to support identity construction, as an organisational symbol, a communication tool of vision, and as strategy, through creating conversations that self-regulate behaviour. The development of an integrated performance measurement system, the balanced scorecard, becomes an expression of a desired corporate identity, and the performance measures and continuous process provide the resource for interpreting actual corporate identities. Through this process of understanding and mobilising the interaction, it may be possible to create a less obtrusive and more subtle way to control “what an organisation is”. This case study also suggests that the theoretical and practical fusion of the disciplinary knowledge around corporate identities and performance measurement systems could make a contribution to understanding and shaping corporate identities.

My place through my eyes : a social constructionist approach to researching the relationships between socioeconomic living contexts and physical activity

There is a growing evidence-base in the epidemiological literature that demonstrates significant associations between people’s living circumstances – including their place of residence – and their health-related practices and outcomes (Leslie, 2005; Karpati, Bassett, & McCord, 2006; Monden, Van Lenthe, & Mackenbach, 2006; Parkes & Kearns, 2006; Cummins, Curtis, Diez-Roux, & Macintyre, 2007; Turrell, Kavanagh, Draper, & Subramanian, 2007). However, these findings raise questions about the ways in which living places, such as households and neighbourhoods, figure in the pathways connecting people and health (Frolich, Potvin, Chabot, & Corin, 2002; Giles-Corti, 2006; Brown et al, 2006; Diez Roux, 2007). This thesis addressed these questions via a mixed methods investigation of the patterns and processes connecting people, place, and their propensity to be physically active. Specifically, the research in this thesis examines a group of lower-socioeconomic residents who had recently relocated from poorer suburbs to a new urban village with a range of health-related resources. Importantly, the study contrasts their historical relationship with physical activity with their reactions to, and everyday practices in, a new urban setting designed to encourage pedestrian mobility and autonomy. The study applies a phenomenological approach to understanding living contexts based on Berger and Luckman’s (1966) conceptual framework in The Social Construction of Reality. This framework enables a questioning of the concept of context itself, and a treatment of it beyond environmental factors to the processes via which experiences and interactions are made meaningful. This approach makes reference to people’s histories, habituations, and dispositions in an exploration between social contexts and human behaviour. This framework for thinking about context is used to generate an empirical focus on the ways in which this residential group interacts with various living contexts over time to create a particular construction of physical activity in their lives. A methodological approach suited to this thinking was found in Charmaz’s (1996; 2001; 2006) adoption of a social constructionist approach to grounded theory. This approach enabled a focus on people’s own constructions and versions of their experiences through a rigorous inductive method, which provided a systematic strategy for identifying patterns in the data. The findings of the study point to factors such as ‘childhood abuse and neglect’, ‘early homelessness’, ‘fear and mistrust’, ‘staying indoors and keeping to yourself’, ‘conflict and violence’, and ‘feeling fat and ugly’ as contributors to an ongoing core category of ‘identity management’, which mediates the relationship between participants’ living contexts and their physical activity levels. It identifies barriers at the individual, neighbourhood, and broader ecological levels that prevent this residential group from being more physically active, and which contribute to the ways in which they think about, or conceptualise, this health-related behaviour in relationship to their identity and sense of place – both geographic and societal. The challenges of living well and staying active in poorer neighbourhoods and in places where poverty is concentrated were highlighted in detail by participants. Participants’ reactions to the new urban neighbourhood, and the depth of their engagement with the resources present, are revealed in the context of their previous life-experiences with both living places and physical activity. Moreover, an understanding of context as participants’ psychological constructions of various social and living situations based on prior experience, attitudes, and beliefs was formulated with implications for how the relationship between socioeconomic contextual effects on health are studied in the future. More detailed findings are presented in three published papers with implications for health promotion, urban design, and health inequalities research. This thesis makes a substantive, conceptual, and methodological contribution to future research efforts interested in how physical activity is conceptualised and constructed within lower socioeconomic living contexts, and why this is. The data that was collected and analysed for this PhD generates knowledge about the psychosocial processes and mechanisms behind the patterns observed in epidemiological research regarding socioeconomic health inequalities. Further, it highlights the ways in which lower socioeconomic living contexts tend to shape dispositions, attitudes, and lifestyles, ultimately resulting in worse health and life chances for those who occupy them.

Monitoring and regulating corporate identities using the balanced scorecard

Abstract: Purpose – The purpose of this paper is to provide a parallel review of the role and processes of monitoring and regulation of corporate identities, examining both the communication and the performance measurement literature. Design/methodology/approach – Two questions are posed: Is it possible to effectively monitor and regulate corporate identities as a management control process? and, What is the relationship between corporate identity and performance measurement? Findings – Corporate identity management is positioned as a strategically complex task embracing the shaping of a range of dimensions of organisational life. The performance measurement literature likewise now emphasises organisational ability to incorporate both financial and “soft” non-financial performance measures. Consequently, the balanced scorecard has the potential to play multiple roles in monitoring and regulating the key dimensions of corporate identities. These shifts in direction in both fields suggest that performance measurement systems, as self-producing and self-referencing systems, have the potential to become both organic and powerful as organisational symbols and communication tools. Through this process of understanding and mobilising the interaction of both approaches to management, it may be possible to create a less obtrusive and more subtle way to control the nature of the organisation. Originality/value – This paper attempts the theoretical and practical fusion of disciplinary knowledge around corporate identities and performance measurement systems, potentially making a significant contribution to understanding, shaping and managing organisational identities.

Mutual protection in a cloud computing environment

The term “cloud computing” has emerged as a major ICT trend and has been acknowledged by respected industry survey organizations as a key technology and market development theme for the industry and ICT users in 2010. However, one of the major challenges that faces the cloud computing concept and its global acceptance is how to secure and protect the data and processes that are the property of the user. The security of the cloud computing environment is a new research area requiring further development by both the academic and industrial research communities. Today, there are many diverse and uncoordinated efforts underway to address security issues in cloud computing and, especially, the identity management issues. This paper introduces an architecture for a new approach to necessary “mutual protection” in the cloud computing environment, based upon a concept of mutual trust and the specification of definable profiles in vector matrix form. The architecture aims to achieve better, more generic and flexible authentication, authorization and control, based on a concept of mutuality, within that cloud computing environment.

Monitoring and regulatory role of the balanced scorecard in controlling organisational identities

This thesis employs the theoretical fusion of disciplinary knowledge, interlacing an analysis from both functional and interpretive frameworks and applies these paradigms to three concepts—organisational identity, the balanced scorecard performance measurement system, and control. As an applied thesis, this study highlights how particular public sector organisations are using a range of multi-disciplinary forms of knowledge constructed for their needs to achieve practical outcomes. Practical evidence of this study is not bound by a single disciplinary field or the concerns raised by academics about the rigorous application of academic knowledge. The study’s value lies in its ability to explore how current communication and accounting knowledge is being used for practical purposes in organisational life. The main focus of this thesis is on identities in an organisational communication context. In exploring the theoretical and practical challenges, the research questions for this thesis were formulated as: 1. Is it possible to effectively control identities in organisations by the use of an integrated performance measurement system—the balanced scorecard—and if so, how? 2. What is the relationship between identities and an integrated performance measurement system—the balanced scorecard—in the identity construction process? Identities in the organisational context have been extensively discussed in graphic design, corporate communication and marketing, strategic management, organisational behaviour, and social psychology literatures. Corporate identity is the self-presentation of the personality of an organisation (Van Riel, 1995; Van Riel & Balmer, 1997), and organisational identity is the statement of central characteristics described by members (Albert & Whetten, 2003). In this study, identity management is positioned as a strategically complex task, embracing not only logo and name, but also multiple dimensions, levels and facets of organisational life. Responding to the collaborative efforts of researchers and practitioners in identity conceptualisation and methodological approaches, this dissertation argues that analysis can be achieved through the use of an integrated framework of identity products, patternings and processes (Cornelissen, Haslam, & Balmer, 2007), transforming conceptualisations of corporate identity, organisational identity and identification studies. Likewise, the performance measurement literature from the accounting field now emphasises the importance of ‘soft’ non-financial measures in gauging performance—potentially allowing the monitoring and regulation of ‘collective’ identities (Cornelissen et al., 2007). The balanced scorecard (BSC) (Kaplan & Norton, 1996a), as the selected integrated performance measurement system, quantifies organisational performance under the four perspectives of finance, customer, internal process, and learning and growth. Broadening the traditional performance measurement boundary, the BSC transforms how organisations perceived themselves (Vaivio, 2007). The rhetorical and communicative value of the BSC has also been emphasised in organisational self-understanding (Malina, Nørreklit, & Selto, 2007; Malmi, 2001; Norreklit, 2000, 2003). Thus, this study establishes a theoretical connection between the controlling effects of the BSC and organisational identity construction. Common to both literatures, the aspects of control became the focus of this dissertation, as ‘the exercise or act of achieving a goal’ (Tompkins & Cheney, 1985, p. 180). This study explores not only traditional technical and bureaucratic control (Edwards, 1981), but also concertive control (Tompkins & Cheney, 1985), shifting the locus of control to employees who make their own decisions towards desired organisational premises (Simon, 1976). The controlling effects on collective identities are explored through the lens of the rhetorical frames mobilised through the power of organisational enthymemes (Tompkins & Cheney, 1985) and identification processes (Ashforth, Harrison, & Corley, 2008). In operationalising the concept of control, two guiding questions were developed to support the research questions: 1.1 How does the use of the balanced scorecard monitor identities in public sector organisations? 1.2 How does the use of the balanced scorecard regulate identities in public sector organisations? This study adopts qualitative multiple case studies using ethnographic techniques. Data were gathered from interviews of 41 managers, organisational documents, and participant observation from 2003 to 2008, to inform an understanding of organisational practices and members’ perceptions in the five cases of two public sector organisations in Australia. Drawing on the functional and interpretive paradigms, the effective design and use of the systems, as well as the understanding of shared meanings of identities and identifications are simultaneously recognised. The analytical structure guided by the ‘bracketing’ (Lewis & Grimes, 1999) and ‘interplay’ strategies (Schultz & Hatch, 1996) preserved, connected and contrasted the unique findings from the multi-paradigms. The ‘temporal bracketing’ strategy (Langley, 1999) from the process view supports the comparative exploration of the analysis over the periods under study. The findings suggest that the effective use of the BSC can monitor and regulate identity products, patternings and processes. In monitoring identities, the flexible BSC framework allowed the case study organisations to monitor various aspects of finance, customer, improvement and organisational capability that included identity dimensions. Such inclusion legitimises identity management as organisational performance. In regulating identities, the use of the BSC created a mechanism to form collective identities by articulating various perspectives and causal linkages, and through the cascading and alignment of multiple scorecards. The BSC—directly reflecting organisationally valued premises and legitimised symbols—acted as an identity product of communication, visual symbols and behavioural guidance. The selective promotion of the BSC measures filtered organisational focus to shape unique identity multiplicity and characteristics within the cases. Further, the use of the BSC facilitated the assimilation of multiple identities by controlling the direction and strength of identifications, engaging different groups of members. More specifically, the tight authority of the BSC framework and systems are explained both by technical and bureaucratic controls, while subtle communication of organisational premises and information filtering is achieved through concertive control. This study confirms that these macro top-down controls mediated the sensebreaking and sensegiving process of organisational identification, supporting research by Ashforth, Harrison and Corley (2008). This study pays attention to members’ power of self-regulation, filling minor premises of the derived logic of their organisation through the playing out of organisational enthymemes (Tompkins & Cheney, 1985). Members are then encouraged to make their own decisions towards the organisational premises embedded in the BSC, through the micro bottom-up identification processes including: enacting organisationally valued identities; sensemaking; and the construction of identity narratives aligned with those organisationally valued premises. Within the process, the self-referential effect of communication encouraged members to believe the organisational messages embedded in the BSC in transforming collective and individual identities. Therefore, communication through the use of the BSC continued the self-producing of normative performance mechanisms, established meanings of identities, and enabled members’ self-regulation in identity construction. Further, this research establishes the relationship between identity and the use of the BSC in terms of identity multiplicity and attributes. The BSC framework constrained and enabled case study organisations and members to monitor and regulate identity multiplicity across a number of dimensions, levels and facets. The use of the BSC constantly heightened the identity attributes of distinctiveness, relativity, visibility, fluidity and manageability in identity construction over time. Overall, this research explains the reciprocal controlling relationships of multiple structures in organisations to achieve a goal. It bridges the gap among corporate and organisational identity theories by adopting Cornelissen, Haslam and Balmer’s (2007) integrated identity framework, and reduces the gap in understanding between identity and performance measurement studies. Parallel review of the process of monitoring and regulating identities from both literatures synthesised the theoretical strengths of both to conceptualise and operationalise identities. This study extends the discussion on positioning identity, culture, commitment, and image and reputation measures in integrated performance measurement systems as organisational capital. Further, this study applies understanding of the multiple forms of control (Edwards, 1979; Tompkins & Cheney, 1985), emphasising the power of organisational members in identification processes, using the notion of rhetorical organisational enthymemes. This highlights the value of the collaborative theoretical power of identity, communication and performance measurement frameworks. These case studies provide practical insights about the public sector where existing bureaucracy and desired organisational identity directions are competing within a large organisational setting. Further research on personal identity and simple control in organisations that fully cascade the BSC down to individual members would provide enriched data. The extended application of the conceptual framework to other public and private sector organisations with a longitudinal view will also contribute to further theory building.

Privacy by design : Does it matter for social networks?

Privacy is an important component of freedom and plays a key role in protecting fundamental human rights. It is becoming increasingly difficult to ignore the fact that without appropriate levels of privacy, a person’s rights are diminished. Users want to protect their privacy - particularly in “privacy invasive” areas such as social networks. However, Social Network users seldom know how to protect their own privacy through online mechanisms. What is required is an emerging concept that provides users legitimate control over their own personal information, whilst preserving and maintaining the advantages of engaging with online services such as Social Networks. This paper reviews “Privacy by Design (PbD)” and shows how it applies to diverse privacy areas. Such an approach will move towards mitigating many of the privacy issues in online information systems and can be a potential pathway for protecting users’ personal information. The research has also posed many questions in need of further investigation for different open source distributed Social Networks. Findings from this research will lead to a novel distributed architecture that provides more transparent and accountable privacy for the users of online information systems.

Behavioral biometrics for persistent single sign-on

Driven by the rapid development of ubiquitous and pervasive computing, personalized services and applications are deployed to support our lives. Accordingly, the number of interfaces and devices (smartphone, tablet computer, etc.) provided to access and consume these services is growing continuously. To simplify the complexity of managing many accounts with different credentials, Single Sign-On (SSO) solutions have been introduced. However, a single password for many accounts represents a single-point-of-failure. Furthermore, once initiated SSO session is a high potential risk when the working station is left unlocked and unattended. In this paper, we present a conception of a Persistent Single Sign-On (PSSO) for ubiquitous home environments by involving the capabilities of Behavioral Biometrics to check the identity of the user continuously in an unobtrusive manner.