Privacy in Biometric Systems

Biometrics are physiological and/or behavioral characteristics of a person that have been used to provide an automatic proof of identity in a growing list of applications including crime/terrorism fighting, forensics, access and border control, securing e-/m-commerce transactions and service entitlements. In recent years, a great deal of research into a variety of new and traditional biometrics has widened the scope of investigations beyond improving accuracy into mechanisms that deal with serious concerns raised about the potential misuse of collected biometric data. Despite the long list of biometrics’ benefits, privacy concerns have become widely shared due to the fact that every time the biometric of a person is checked, a trace is left that could reveal personal and confidential information. In fact, biometric-based recognition has an inherent privacy problem as it relies on capturing, analyzing, and storing personal data about us as individuals. For example, biometric systems deal with data related to the way we look (face, iris), the way we walk (gait), the way we talk (speaker recognition), the way we write (handwriting), the way we type on a keyboard (keystroke), the way we read (eye movement), and many more. Privacy has become a serious concern for the public as biometric systems are increasingly deployed in many applications ranging from accessing our account on a Smartphone or computer to border control and national biometric cards on a very large scale. For example, the Unique Identification Authority of India (UIDAI) has issued 56 million biometric cards as of January 2014 [1], where each biometric card holds templates of the 10 fingers, the two irises and the face. An essential factor behind the growing popularity of biometrics in recent years is the fact that biometric sensors have become a lot cheaper as well as easier to install and handle. CCTV cameras are installed nearly everywhere and almost all Smartphones are equipped with a camera, microphone, fingerprint scanner, and probably very soon, an iris scanner

Encryption by Heart (EbH)-Using ECG for time-invariant symmetric key generation

Wearable devices are a part of Internet-of-Things (IoT) that may offer valuable data of their porting user. This paper explores the use of ElectroCardioGram (ECG) records to encrypt user data. Previous attempts have shown that ECG can be taken as a basis for key generation. However, these approaches do not consider time-invariant keys. This feature enables using these so-created keys for symmetrically encrypting data (e.g. smartphone pictures), enabling their decryption using the key derived from the current ECG readings. This paper addresses this challenge by proposing EbH, a mechanism for persistent key generation based on ECG. EbH produces seeds from which encryption keys are generated. Experimental results over 24 h for 199 users show that EbH, under certain settings, can produce permanent seeds (thus time-invariant keys) computed on-the-fly and different for each user up to 95.97% of users produce unique keys. In addition, EbH can be tuned to produce seeds of different length (up to 300 bits) and with variable min-entropy (up to 93.51). All this supports the workability of EbH in a real setting. (C) 2017 Elsevier B.V. All rights reserved.Funding: This work was supported by the MINECO grants TIN2013-46469-R (SPINY: Security and Privacy in the Internet of You) and TIN2016-79095-C2-2-R (SMOG-DEV); by the CAM grant S2013/ICE-3095 (CIBERDINE: Cybersecurity, Data, and Risks), which is co-funded by European Funds (FEDER); and by the Programa de Ayudas para la Movilidad of Carlos III University of Madrid, Spain (J. M. de Fuentes and L. Gonzalez-Manzano grants). Data used for this research was provided by the Telemetric and ECG Warehouse (THEW) of University of Rochester, NY

A framework for biometric recognition using non-ideal iris and face

Off-angle iris images are often captured in a non-cooperative environment. The distortion of the iris or pupil can decrease the segmentation quality as well as the data extracted thereafter. Moreover, iris with an off-angle of more than 30° can have non-recoverable features since the boundary cannot be properly localized. This usually becomes a factor of limited discriminant ability of the biometric features. Limitations also come from the noisy data arisen due to image burst, background error, or inappropriate camera pixel noise. To address the issues above, the aim of this study is to develop a framework which: (1) to improve the non-circular boundary localization, (2) to overcome the lost features, and (3) to detect and minimize the error caused by noisy data. Non-circular boundary issue is addressed through a combination of geometric calibration and direct least square ellipse that can geometrically restore, adjust, and scale up the distortion of circular shape to ellipse fitting. Further improvement comes in the form of an extraction method that combines Haar Wavelet and Neural Network to transform the iris features into wavelet coefficient representative of the relevant iris data. The non-recoverable features problem is resolved by proposing Weighted Score Level Fusion which integrates face and iris biometrics. This enhancement is done to give extra distinctive information to increase authentication accuracy rate. As for the noisy data issues, a modified Reed Solomon codes with error correction capability is proposed to decrease intra-class variations by eliminating the differences between enrollment and verification templates. The key contribution of this research is a new unified framework for high performance multimodal biometric recognition system. The framework has been tested with WVU, UBIRIS v.2, UTMIFM, ORL datasets, and achieved more than 99.8% accuracy compared to other existing methods

An enhanced fingerprint template protection scheme

Fingerprint template protection (FTP) is required to secure authentication due to fingerprint has been widely used for user authentication systems. Fingerprint authentication consists of a microcontroller, fingerprint sensor, secure access control, and human interface. However, as many users frequently assess the systems, fingerprints could be replicated and modified by attackers. Currently, most existing FTP schemes fail to meet the properties of fingerprint authentication systems, namely diversity, revocability, security, and match/recognition performance, due to intra-user variability in fingerprint identifiers and matching issues in unencrypted domains. Therefore, this study aims to enhance the existing schemes by using chaos-based encryption and hash functions to meet the specified properties by securing users’ fingerprint templates (FT) within the embedded systems. Furthermore, an improved chaos-based encryption algorithm was proposed for encrypting FT. The MATLAB simulation with Fingerprint Verification Competition (FVC) 2002 database was used to measure the encryption results, secret key spaces, key sensitivity, histogram, correlation, differential, entropy information, matching/recognition analysis, and revocability. The proposed FTP scheme was also evaluated using Burrows–Abadi– Needham (BAN) logic analysis for protocol robustness with resistance to replay attacks, stolen-verifier attacks, and perfect forward secrecy. The results demonstrate that the enhanced chaos-based encryption algorithm for FTP improves its encryption time, which is 0.24 seconds faster than the selected benchmark study. The enhanced FTP scheme also achieved security, revocability, diversity, and matching/recognition performance properties. The matching/recognition performance evaluation produced higher verification rates and a low false rejection rate. The rates were 99.10 % and 0.90%, respectively. The equal error rate decreased from 2.10% to 1.05%. As a conclusion, the enhanced FTP scheme could be an alternative to the existing FTP for embedded system authentication to withstand various possible attacks and provides the desired security features. The scheme also can be a reference to comprehensive security analysis

Personalised cryptographic key generation based on FaceHashing

Among the various computer security techniques practice today, cryptography has been identified as one of the most important solutions in the integrated digital security system. Cryptographic techniques such as encryption can provide very Long passwords that are not required to be remembered but are in turn protected by simple password, hence defecting their purpose. In this,paper, we proposed a novel two-stage technique to generate personalized cryptographic keys from the face biometric, which offers the inextricably link to its owner. At the first stage, integral transform of biometric input is to discretise to produce a set of bit representation with a set of tokenised pseudo random number, coined as FaceHash. In the second stage, FaceHash is then securely reduced to a single cryptographic key via Shamir secret-sharing. Tokenised FaceHashing is rigorously protective of the face data, with security comparable to cryptographic hashing of token and knowledge key-factor. The key is constructed to resist cryptanalysis even against an adversary who captures the user device or the feature descriptor. (C) 2004 Elsevier Ltd. All rights reserved

Simple and secured access to networked home appliances via internet using SSL, BioHashing and single Authentication Server

This thesis describes a web-based application that will enable users to access their networked home appliances over the Internet in an easy, secured, accessible and cost effective manner, using the user's iris image only for authentication. As Internet is increasingly gaining significance and popularity in our daily lives, various home networking technologies also started gaining importance from consumers, which helped in facilitating interoperability, sharing of services and exchange of information between different electronic devices at home. As a result, the demand to be able to access home appliances or security cameras over the Internet gradually grew. In this research, we propose an efficient, secured, low-cost and user-friendly method to access networked home appliances over the Internet, providing strong, well integrated, three levels of security to the whole application and user data. According to our design, the user's iris data after hashing (using BioHashing) is sent through a secure communication channel utilizing Secure Sockets Layer v-3.0. The deterministic feature sequence from the iris image is extracted using 1D log-Gabor filters and while performing BioHashing, the orthonormalization of the pseudorandom number is implemented employing Gram-Schmidt orthonormalization algorithm. In addition to this protected data transfer mechanism, we propose the design of an Authentication Server that can be shared among multiple homes, allowing numerous users to access their home appliances in a trouble-free and secured manner. It can also bring down the cost of commercial realization of this endeavor and increase its accessibility without compromising on system security. We demonstrate that the recognition efficiency of this system is computationally effective with equal error rate (EER) of 0% and 6.75% (average) in two separate conditions on CASIA 1 and CASIA 2 iris image datasets

Recent Application in Biometrics

In the recent years, a number of recognition and authentication systems based on biometric measurements have been proposed. Algorithms and sensors have been developed to acquire and process many different biometric traits. Moreover, the biometric technology is being used in novel ways, with potential commercial and practical implications to our daily activities. The key objective of the book is to provide a collection of comprehensive references on some recent theoretical development as well as novel applications in biometrics. The topics covered in this book reflect well both aspects of development. They include biometric sample quality, privacy preserving and cancellable biometrics, contactless biometrics, novel and unconventional biometrics, and the technical challenges in implementing the technology in portable devices. The book consists of 15 chapters. It is divided into four sections, namely, biometric applications on mobile platforms, cancelable biometrics, biometric encryption, and other applications. The book was reviewed by editors Dr. Jucheng Yang and Dr. Norman Poh. We deeply appreciate the efforts of our guest editors: Dr. Girija Chetty, Dr. Loris Nanni, Dr. Jianjiang Feng, Dr. Dongsun Park and Dr. Sook Yoon, as well as a number of anonymous reviewers