63 research outputs found
Security and accuracy of fingerprint-based biometrics: A review
Biometric systems are increasingly replacing traditional password- and token-based authentication systems. Security and recognition accuracy are the two most important aspects to consider in designing a biometric system. In this paper, a comprehensive review is presented to shed light on the latest developments in the study of fingerprint-based biometrics covering these two aspects with a view to improving system security and recognition accuracy. Based on a thorough analysis and discussion, limitations of existing research work are outlined and suggestions for future work are provided. It is shown in the paper that researchers continue to face challenges in tackling the two most critical attacks to biometric systems, namely, attacks to the user interface and template databases. How to design proper countermeasures to thwart these attacks, thereby providing strong security and yet at the same time maintaining high recognition accuracy, is a hot research topic currently, as well as in the foreseeable future. Moreover, recognition accuracy under non-ideal conditions is more likely to be unsatisfactory and thus needs particular attention in biometric system design. Related challenges and current research trends are also outlined in this paper
Security and accuracy of fingerprint-based biometrics: A review
Biometric systems are increasingly replacing traditional password- and token-based authentication systems. Security and recognition accuracy are the two most important aspects to consider in designing a biometric system. In this paper, a comprehensive review is presented to shed light on the latest developments in the study of fingerprint-based biometrics covering these two aspects with a view to improving system security and recognition accuracy. Based on a thorough analysis and discussion, limitations of existing research work are outlined and suggestions for future work are provided. It is shown in the paper that researchers continue to face challenges in tackling the two most critical attacks to biometric systems, namely, attacks to the user interface and template databases. How to design proper countermeasures to thwart these attacks, thereby providing strong security and yet at the same time maintaining high recognition accuracy, is a hot research topic currently, as well as in the foreseeable future. Moreover, recognition accuracy under non-ideal conditions is more likely to be unsatisfactory and thus needs particular attention in biometric system design. Related challenges and current research trends are also outlined in this paper
Privacy Protection in Distributed Fingerprint-based Authentication
Biometric authentication is getting increasingly popular due to the
convenience of using unique individual traits, such as fingerprints, palm
veins, irises. Especially fingerprints are widely used nowadays due to the
availability and low cost of fingerprint scanners. To avoid identity theft or
impersonation, fingerprint data is typically stored locally, e.g., in a trusted
hardware module, in a single device that is used for user enrollment and
authentication. Local storage, however, limits the ability to implement
distributed applications, in which users can enroll their fingerprint once and
use it to access multiple physical locations and mobile applications
afterwards.
In this paper, we present a distributed authentication system that stores
fingerprint data in a server or cloud infrastructure in a privacy-preserving
way. Multiple devices can be connected and perform user enrollment or
verification. To secure the privacy and integrity of sensitive data, we employ
a cryptographic construct called fuzzy vault. We highlight challenges in
implementing fuzzy vault-based authentication, for which we propose and compare
alternative solutions. We conduct a security analysis of our biometric
cryptosystem, and as a proof of concept, we build an authentication system for
access control using resource-constrained devices (Raspberry Pis) connected to
fingerprint scanners and the Microsoft Azure cloud environment. Furthermore, we
evaluate the fingerprint matching algorithm against the well-known FVC2006
database and show that it can achieve comparable accuracy to widely-used
matching techniques that are not designed for privacy, while remaining
efficient with an authentication time of few seconds.Comment: This is an extended version of the paper with the same title which
has been accepted for publication at the Workshop on Privacy in the
Electronic Society (WPES 2019
State of the Art in Biometric Key Binding and Key Generation Schemes
Direct storage of biometric templates in databases exposes the authentication system and legitimate users to numerous security and privacy challenges. Biometric cryptosystems or template protection schemes are used to overcome the security and privacy challenges associated with the use of biometrics as a means of authentication. This paper presents a review of previous works in biometric key binding and key generation schemes. The review focuses on key binding techniques such as biometric encryption, fuzzy commitment scheme, fuzzy vault and shielding function. Two categories of key generation schemes considered are private template and quantization schemes. The paper also discusses the modes of operations, strengths and weaknesses of various kinds of key-based template protection schemes. The goal is to provide the reader with a clear understanding of the current and emerging trends in key-based biometric cryptosystems
Protection of privacy in biometric data
Biometrics is commonly used in many automated veri cation systems offering several advantages over traditional veri cation methods. Since biometric features are associated with individuals, their leakage will violate individuals\u27 privacy, which can cause serious and continued problems as the biometric data from a person are irreplaceable. To protect the biometric data containing privacy information, a number of privacy-preserving biometric schemes (PPBSs) have been developed over the last decade, but they have various drawbacks. The aim of this paper is to provide a comprehensive overview of the existing PPBSs and give guidance for future privacy-preserving biometric research. In particular, we explain the functional mechanisms of popular PPBSs and present the state-of-the-art privacy-preserving biometric methods based on these mechanisms. Furthermore, we discuss the drawbacks of the existing PPBSs and point out the challenges and future research directions in PPBSs
Fingerprint template protection schemes: A literature review
The fingerprint is the most widely used technology for identification or authentication systems, which can be known as fingerprint authentication systems (FAS).In addition to providing security, the fingerprint is also easy to use, very reliable and has a high accuracy for identity recognition. FAS is still exposed to security attacks because fingerprint information is unencrypted.Therefore, fingerprint information requires protection known as fingerprint template protection (FTP).This paper aims to provide an organized literature on FTP.Three research questions were formulated to guide the literature analysis.First, this
analysis focuses on the types of FTP schemes; second, the metrics used for evaluating the FTP schemes; and finally, the common datasets used for evaluating the FTP schemes. The latest information and references are analysed and classified based on FTP methods and publication year to obtain information related to the development and application of FTP.This study mainly surveyed 62 documents reported on FTP schemes between the year 2000 and 2017.The results of this survey can be a source of reference for other researchers in finding literature relevant to the FTP
- …