Security of multimodal biometric systems against spoof attacks

A biometric system is essentially a pattern recognition system being used in ad-versarial environment. Since, biometric system like any conventional security system is exposed to malicious adversaries, who can manipulate data to make the system ineffective by compromising its integrity. Current theory and de- sign methods of biometric systems do not take into account the vulnerability to such adversary attacks. Therefore, evaluation of classical design methods is an open problem to investigate whether they lead to design secure systems. In order to make biometric systems secure it is necessary to understand and evalu-ate the threats and to thus develop effective countermeasures and robust system designs, both technical and procedural, if necessary. Accordingly, the extension of theory and design methods of biometric systems is mandatory to safeguard the security and reliability of biometric systems in adversarial environments. In this thesis, we provide some contributions towards this direction. Among all the potential attacks discussed in the literature, spoof attacks are one of the main threats against the security of biometric systems for identity recognition. Multimodal biometric systems are commonly believed to be in-trinsically more robust to spoof attacks than systems based on a single biomet-ric trait, as they combine information coming from different biometric traits. However, recent works have question such belief and shown that multimodal systems can be misled by an attacker (impostor) even by spoofing only one of the biometric traits. Therefore, we first provide a detailed review of state-of-the-art works in multimodal biometric systems against spoof attacks. The scope ofstate-of-the-art results is very limited, since they were obtained under a very restrictive “worst-case” hypothesis, where the attacker is assumed to be able to fabricate a perfect replica of a biometric trait whose matching score distribu-tion is identical to the one of genuine traits. Thus, we argue and investigate the validity of “worst-case” hypothesis using large set of real spoof attacks and provide empirical evidence that “worst-case” scenario can not be representa- ixtive of real spoof attacks: its suitability may depend on the specific biometric trait, the matching algorithm, and the techniques used to counterfeit the spoofed traits. Then, we propose a security evaluation methodology of biometric systems against spoof attacks that can be used in real applications, as it does not require fabricating fake biometric traits, it allows the designer to take into account the different possible qualities of fake traits used by different attackers, and it exploits only information on genuine and impostor samples which is col- lected for the training of a biometric system. Our methodology evaluates the performances under a simulated spoof attack using model of the fake score distribution that takes into account explicitly different degrees of the quality of fake biometric traits. In particular, we propose two models of the match score distribution of fake traits that take into account all different factors which can affect the match score distribution of fake traits like the particular spoofed biometric, the sensor, the algorithm for matching score computation, the technique used to construct fake biometrics, and the skills of the attacker. All these factors are summarized in a single parameter, that we call “attack strength”. Further, we propose extension of our security evaluation method to rank several biometric score fusion rules according to their relative robustness against spoof attacks. This method allows the designer to choose the most robust rule according to the method prediction. We then present empirical analysis, using data sets of face and fingerprints including real spoofed traits, to show that our proposed models provide a good approximation of fake traits’ score distribution and our method thus providing an adequate estimation of the security1 of biometric systems against spoof attacks. We also use our method to show how to evaluate the security of different multimodal systems on publicly available benchmark data sets without spoof attacks. Our experimental results show that robustness of multimodal biometric systems to spoof attacks strongly depends on the particular matching algorithm, the score fusion rule, and the attack strength of fake traits. We eventually present evidence, considering a multimodal system based on face and fingerprint biometrics, that the proposed methodology to rank score fusion rules is capable of providing correct ranking of score fusion rules under spoof attacks

CHALLENGES AND OPPORTUNITIES OF ADOPTING MANAGEMENT INFORMATION SYSTEMS (MIS) FOR PASSPORT PROCESSING: COMPARATIVE STUDY BETWEEN LESOTHO AND SOUTH AFRICA

Thesis ( M. Tech. (Business Administration )) - Central University of Technology, Free State, 2014Fast and secure public service delivery is not only a necessity, but a compulsory endeavour. However, it is close to impossible to achieve such objectives without the use of Information Technology (IT). It is correspondingly important to find proper sustainability frameworks of technology. Organisations do not only need technology for efficient public service; the constant upgrading of systems and cautious migration to the newest IT developments is also equally indispensable in today’s dynamic technological world. Conversely, countries in Africa are always lagging behind in technological progresses. Such deficiencies have been identified in the passport processing of Lesotho and South Africa, where to unequal extents, problems related to systems of passport production have contributed to delays and have become fertile grounds for corrupt practices. The study seeks to identify the main impediments in the adoption of Management Information Systems (MIS) for passport processing. Furthermore, the study explores the impact MIS might have in attempting to combat long queues and to avoid long waiting periods – from application to issuance of passports to citizens. The reasonable time frame between passport application and issuance, and specific passport management systems, have been extensively discussed along with various strategies that have been adopted by some of the world’s first movers in modern passport management technologies. In all cases and stages of this research, Lesotho and South Africa are compared. The research approach of the study was descriptive and explorative in nature. As a quantitative design, a structured questionnaire was used to solicit responses in Lesotho and South Africa. It was established that both Lesotho and South Africa have somewhat similar problems – although, to a greater extent, Lesotho needs much more urgent attention. Although the processes of South Africa need to be improved, the Republic releases a passport much faster and more efficiently than Lesotho. Economic issues are also revealed by the study as unavoidable factors that always affect technological developments in Africa. The study reveals that the latest MIS for passport processing has facilitated modern, automated border-control systems and resultant e-passports that incorporate more biometric information of citizens to passports – thanks to modern RFID technologies. One can anticipate that this study will provide simple, affordable and secure IT solutions for passport processing. Key words: Information Technology (IT); Management Information Systems (MIS); E-Government; E-Passport; Biometrics; and RFID

Investigation of Multimodal Template-Free Biometric Techniques and Associated Exception Handling

The Biometric systems are commonly used as a fundamental tool by both government and private sector organizations to allow restricted access to sensitive areas, to identify the criminals by the police and to authenticate the identification of individuals requesting to access to certain personal and confidential services. The applications of these identification tools have created issues of security and privacy relating to personal, commercial and government identities. Over the last decade, reports of increasing insecurity to the personal data of users in the public and commercial domain applications has prompted the development of more robust and sound measures to protect the personal data of users from being stolen and spoofing. The present study aimed to introduce the scheme for integrating direct and indirect biometric key generation schemes with the application of Shamir‘s secret sharing algorithm in order to address the two disadvantages: revocability of the biometric key and the exception handling of biometric modality. This study used two different approaches for key generation using Shamir‘s secret sharing scheme: template based approach for indirect key generation and template-free. The findings of this study demonstrated that the encryption key generated by the proposed system was not required to be stored in the database which prevented the attack on the privacy of the data of the individuals from the hackers. Interestingly, the proposed system was also able to generate multiple encryption keys with varying lengths. Furthermore, the results of this study also offered the flexibility of providing the multiple keys for different applications for each user. The results from this study, consequently, showed the considerable potential and prospect of the proposed scheme to generate encryption keys directly and indirectly from the biometric samples, which could enhance its success in biometric security field

Electronic capture and analysis of fraudulent behavioral patterns : an application to identity fraud

The objective of this research was to find a transparent and secure solution for mitigating identity fraud and to find the critical factors that determine the solution\u27s acceptance. Identity fraud is identified as a key problem with total losses exceeding fifty two billion dollars (Javelin Strategy and Research 2005). A common denominator in most identity-fraud-prone transactions is the use of a keypad; hence this research focuses on keypad data entry and proposes a biometric solution. Three studies develop, evaluate and investigate the feasibility of this solution. The first study was done in three stages. Stage one investigated the technical feasibility of the biometric keypad, stage two evaluated the keypad under different field conditions and stage three investigated acceptable user parameters. A key shortcoming with current authentication methods is the use of external identifiers that are prone to theft, unlike biometric patterns. A biometric keypad that supplements the present external identifiers was proposed, prototyped and evaluated. The results demonstrated that a biometric keypad can be a feasible medium performance solution. Addition of pressure and higher typing speeds were found to enhance discrimination accuracy while typing patterns were found to vary with elapsed time which led to deterioration in accuracy. The second study interviewed executives with experience in the introduction of new technologies with the objective of identifying and ranking critical factors that are important in the adoption of new biometrics. Performance, ease-of-use and trust-privacy issues were the most cited factors. A biometric acceptance model was formulated and five hypotheses were proposed from these interviews and prior research. Executives rated the keypad\u27s ease-of-use high in comparison to other biometric approaches but were concerned about its accuracy. The third study was a user attitude survey whose objective was to validate the formulated biometric acceptance model and acquire data on acceptable usage parameters. The proposed biometric model was validated and the proposed hypotheses were supported. Acceptable error rates and training times indicated that the biometric keypad would be more complex to engineer. The dissertation concludes by summarizing the contributions and limitations of the three studies followed by several suggestions for future research

Race & Mobility in the Digital Periphery: New Urban Frontiers of Migration Control

Global movement and information technologies are changing practices of bordering, globally. Such matters are now also substantially urban. As cities of refuge rely increasingly on tech companies to develop digital urban infrastructures for accessing information, services, and socioeconomic life at large, they are also inviting the border closer to cities and migrant bodies. This marks a convergence of Silicon Valley logics, austere and xenophobic migration management practices, and racial capitalism. In New York City, infrastructural technologies such as sophisticated public Wi-Fi, smart ID cards, and digitalised city services, in an environment prone to deportation raids, has led to deep information “panics”. In Berlin, a combination of civil society and private sector technology initiatives have produced a deluge of largely unused or distrusted information services, job-matching, house-sharing, social credit, and identity management tools in the name of refugees. In lieu of mitigating conditions of displacement, these practices compound analogue borders by engaging in a practice of digitally fusing borders to racialised characteristics, resulting in symbolic, material, and epistemic forms of technological marginalization. Through following and documenting how migrant communities navigate and experience these digital urban interventions, and the logics of those who develop them, this dissertation 1) highlights how migrant bodies and urban spaces become contested spaces in the battle for racial capital – a frontier in which technology actors are chiefly concerned with reconstituting conceptions of race for power and profit, and; 2). unveils how digital urban infrastructures interact with subtle practices of racialised bordering. Drawing on an analytical lens rooted predominantly in the Black radical tradition, critical development and migration studies, and science and technology studies, it challenges the paradigms of techno-solutionism and techno-chauvinism, as well as critical digital studies that has tended to treat race and racialism as a symptom of, rather than as integral to, the technology industry. By extension, the field of migration has also tended to impart greater weight to the positive affordances of technology in contexts of displacement, in absence of the critical voice of would-be recipients and “users”. By attending to the frontiers of racial capitalism and increasing technology deployments, I advance the idea of the ‘digital periphery’ to make sense of how urban migrant environments and subjectivities are commodified and ‘datafied’. As a concept, the digital periphery allows for the rapid advance of technology upon displaced populations to be disaggregated. It reveals an inseparable and mutually constitutive entanglement of race, borders, and migration, advancing racial capitalism beyond its conventional physical and spatial limitations.This dissertation was completed with the financial support of the Jo Cox PhD Studentship at Pembroke College, University of Cambridge, and the Cambridge Commonwealth, European and International Trust

Introduction to development engineering: a framework with applications from the field

This open access textbook introduces the emerging field of Development Engineering and its constituent theories, methods, and applications. It is both a teaching text for students and a resource for researchers and practitioners engaged in the design and scaling of technologies for low-resource communities. The scope is broad, ranging from the development of mobile applications for low-literacy users to hardware and software solutions for providing electricity and water in remote settings. It is also highly interdisciplinary, drawing on methods and theory from the social sciences as well as engineering and the natural sciences. The opening section reviews the history of “technology-for-development” research, and presents a framework that formalizes this body of work and begins its transformation into an academic discipline. It identifies common challenges in development and explains the book’s iterative approach of “innovation, implementation, evaluation, adaptation.” Each of the next six thematic sections focuses on a different sector: energy and environment; market performance; education and labor; water, sanitation and health; digital governance; and connectivity. These thematic sections contain case studies from landmark research that directly integrates engineering innovation with technically rigorous methods from the social sciences. Each case study describes the design, evaluation, and/or scaling of a technology in the field and follows a single form, with common elements and discussion questions, to create continuity and pedagogical consistency. Together, they highlight successful solutions to development challenges, while also analyzing the rarely discussed failures. The book concludes by reiterating the core principles of development engineering illustrated in the case studies, highlighting common challenges that engineers and scientists will face in designing technology interventions that sustainably accelerate economic development. Development Engineering provides, for the first time, a coherent intellectual framework for attacking the challenges of poverty and global climate change through the design of better technologies. It offers the rigorous discipline needed to channel the energy of a new generation of scientists and engineers toward advancing social justice and improved living conditions in low-resource communities around the world

Introduction to Development Engineering

This open access textbook introduces the emerging field of Development Engineering and its constituent theories, methods, and applications. It is both a teaching text for students and a resource for researchers and practitioners engaged in the design and scaling of technologies for low-resource communities. The scope is broad, ranging from the development of mobile applications for low-literacy users to hardware and software solutions for providing electricity and water in remote settings. It is also highly interdisciplinary, drawing on methods and theory from the social sciences as well as engineering and the natural sciences. The opening section reviews the history of “technology-for-development” research, and presents a framework that formalizes this body of work and begins its transformation into an academic discipline. It identifies common challenges in development and explains the book’s iterative approach of “innovation, implementation, evaluation, adaptation.” Each of the next six thematic sections focuses on a different sector: energy and environment; market performance; education and labor; water, sanitation and health; digital governance; and connectivity. These thematic sections contain case studies from landmark research that directly integrates engineering innovation with technically rigorous methods from the social sciences. Each case study describes the design, evaluation, and/or scaling of a technology in the field and follows a single form, with common elements and discussion questions, to create continuity and pedagogical consistency. Together, they highlight successful solutions to development challenges, while also analyzing the rarely discussed failures. The book concludes by reiterating the core principles of development engineering illustrated in the case studies, highlighting common challenges that engineers and scientists will face in designing technology interventions that sustainably accelerate economic development. Development Engineering provides, for the first time, a coherent intellectual framework for attacking the challenges of poverty and global climate change through the design of better technologies. It offers the rigorous discipline needed to channel the energy of a new generation of scientists and engineers toward advancing social justice and improved living conditions in low-resource communities around the world