ASP.NET CORE 3.0
AI-Powered Biometric
Security in ASP.NET Core
Stefano Tempesta
This article, in two parts, introduces the policy-based authorizationmodelinASP.NETCore3,whichaimstodecouple authorization logic from the underlying user roles. It presents a specific example of this authorization process based on biometric information, such as face or voice recognition. In this case, access to a building is restricted when an unauthorized intrusion is detected. The severity of the intrusion is assessed by an anomaly detection service built into Azure Machine Learning.
Site Access
The context is an extremely secured site—think of a military area, or a hospital, or a datacenter. Access is restricted to authorized people,
with some limitations. The following steps describe the security flow enforced at the door of each building to check people in:
1. A person requesting access to a building swipes their access pass on the door’s card reader.
2. Cameras detect motion and capture the face and body of the person; this should prevent the use of a printed photo, for example, to trick the camera with face-only recognition.
3. The card reader and cameras are registered as Internet of Things (IoT) devices and stream recorded data to Azure IoT Hub.
4. Microsoft Cognitive Services compares the person against a database of people authorized to access the building.
5. An authorization flow matches the biometric information
collected by the IoT devices with the identity of the person
on the access pass.
6. An Azure Machine Learning service is invoked to assess
the risk level of the access request, and whether it’s an
unauthorized intrusion.
7. Authorization is granted by an ASP.NET Core Web API
by checking for specific policy requirements owned by
the profile defined in the previous steps.
If there’s a mismatch between the detected identity of the person
and the access pass, access to the site is blocked immediately. Otherwise, the flow continues by checking whether any of the following anomalies have been encountered:
• Atypical frequency of access to the building.
• Whether the person has exited the building earlier (check out). • Number of accesses permitted per day.
Some of the technology discussed in this article is still in preview. All information is subject to change.
This article discusses:
• Site access security flow
• Authorization in ASP.NET Core
• Face and voice recognition using Microsoft Cognitive Services
Technologies discussed:
ASP.NET Core 3, Microsoft Azure Cognitive Services Vision and Speech APIs
Code download available at:
bit.ly/2IXPZCo
18 msdn magazine