1. Field of the Invention
This invention relates to an apparatus and method for path concealment, and particularly to a path concealment apparatus and method where a verification grammar and a key are dynamically generated each time a keyphrase verification task is performed, and in which the semantic annotation takes place in the form of matrix vector operations.
2. Description of Background
User verification is an often-performed task in speech applications. When the speech application takes place in a distributed or network environment (e.g., in a telephony environment) the application designer takes into consideration the possibility that the confidentiality of the data in the network or in the application servers is vulnerable to network eavesdroppers, intruders, or even malicious application analysts. If the network traffic is not secure or encrypted, the intruder is able to observe the sequence of request and response cycles between the application components and analyze markup, submitted values, and application artifacts. In addition, even if the communication is encrypted, a typical speech application leaves behind a substantial set of resources and artifacts (cached grammars, lexica, log files, etc.) that can be collected and reverse engineered to extract or infer the authentication information.
Due to industry trends like business process outsourcing and application hosting, and to the emergence of sophisticated analysis tools, more and more information is made available by the application for system analysts and tools to perform their jobs. The information that makes the application more analyzable but it also makes it more prone to be reverse engineered.
A common way to perform user verification, without using biometrics, is to verify a password or a multi-word utterance (the keyphrase, denoted by uk) for a specific user userk under the assumption that only this user knows it. Examples of what can constitute a good keyphrase are: date of birth, social security number, amount of last account transaction, etc. This process is called text-dependent user verification. A basic keyphrase verification algorithm can be formulated as follows: let ûk be the recognition hypothesis to the challenge question specific to userk, and âk be its semantic annotation using the annotation grammar A (i.e., âk=A (ûk)). This process may be performed concurrently by the decoding verification grammar G, which is the combination of a decoding network D and the semantic annotation network A. Keyphrase validation is performed in terms of a distance computation between âk and ak.
In an unprotected system, an intruder can obtain for a specific session âk and A, and based on session information can associate this information with userk, and can compute A−1 and infer ûk=A−1 (âk). For example, the annotation “A-03-75” might be traceable to “august third 1975” if A is available and easily invertible. In an unprotected system, an intruder might be able to associate this date as the birthday of user John Doe.
The above scenario provides a motivation for information concealment so that an intruder cannot easily compromise the verification process for a userk by observing any of the application information or network traffic.
Considering the limitations of the aforementioned methods, it is clear that there is a need for a method for concealing keyphrase verification. In the proposed method a verification grammar and a key are dynamically generated each time a keyphrase verification task is performed, and in which the semantic annotation takes place in the form of matrix vector operations. If the keyphrase is correct, the annotation will converge to the key. In this way, the client can generate annotations robust to reverse engineering. An intruder capable of observing network traffic, voice browser markup, annotation grammars, annotation scripts, and the resulting annotation hypothesis will not be able to infer the keyphrase.