Edge-centric multimodal authentication system using encrypted biometric templates

Data security, complete system control, and missed storage and computing opportunities in personal portable devices are some of the major limitations of the centralized cloud environment. Among these limitations, security is a prime concern due to potential unauthorized access to private data. Biometrics, in particular, is considered sensitive data, and its usage is subject to the privacy protection law. To address this issue, a multimodal authentication system using encrypted biometrics for the edge-centric cloud environment is proposed in this study. Personal portable devices are utilized for encrypting biometrics in the proposed system, which optimizes the use of resources and tackles another limitation of the cloud environment. Biometrics is encrypted using a new method. In the proposed system, the edges transmit the encrypted speech and face for processing in the cloud. The cloud then decrypts the biometrics and performs authentication to confirm the identity of an individual. The model for speech authentication is based on two types of features, namely, Mel-frequency cepstral coefficients and perceptual linear prediction coefficients. The model for face authentication is implemented by determining the eigenfaces. The final decision about the identity of a user is based on majority voting. Experimental results show that the new encryption method can reliably hide the identity of an individual and accurately decrypt the biometrics, which is vital for errorless authentication

Secure Authentication for Mobile Users

RÉSUMÉ :L’authentification biométrique telle que les empreintes digitales et la biométrie faciale a changé la principale méthode d’authentification sur les appareils mobiles. Les gens inscrivent facilement leurs modèles d’empreintes digitales ou de visage dans différents systèmes d’authentification pour profiter de leur accès facile au smartphone sans avoir besoin de se souvenir et de saisir les codes PIN/mots de passe conventionnels. Cependant, ils ne sont pas conscients du fait qu’ils stockent leurs caractéristiques physiologiques ou comportementales durables sur des plates-formes non sécurisées (c’est-à-dire sur des téléphones mobiles ou sur un stockage en nuage), menaçant la confidentialité de leurs modèles biométriques et de leurs identités. Par conséquent, un schéma d’authentification est nécessaire pour préserver la confidentialité des modèles biométriques des utilisateurs et les authentifier en toute sécurité sans compter sur des plates-formes non sécurisées et non fiables.La plupart des études ont envisagé des approches logicielles pour concevoir un système d’authentification sécurisé. Cependant, ces approches ont montré des limites dans les systèmes d’authentification sécurisés. Principalement, ils souffrent d’une faible précision de vérification, en raison des transformations du gabarit (cancelable biometrics), de la fuite d’informations (fuzzy commitment schemes) ou de la réponse de vérification non en temps réel, en raison des calculs coûteux (homomorphic encryption).---------- ABSTRACT: Biometric authentication such as fingerprint and face biometrics has changed the main authentication method on mobile devices. People easily enroll their fingerprint or face template on different authentication systems to take advantage of their easy access to the smartphone with no need to remember and enter the conventional PINs/passwords. However, they are not aware that they store their long-lasting physiological or behavioral characteristics on insecure platforms (i.e., on mobile phones or on cloud storage), threatening the privacy of their biometric templates and their identities. Therefore, an authentication scheme is required to preserve the privacy of users’ biometric templates and securely authenticate them without relying on insecure and untrustworthy platforms. Most studies have considered software-based approaches to design a privacy-reserving authentication system. However, these approaches have shown limitations in secure authentication systems. Mainly, they suffer from low verification accuracy, due to the template transformations (in cancelable biometrics), information leakage (in fuzzy commitment schemes), or non real-time verification response, due to the expensive computations (in homomorphic encryption)

Deep Learning for Vein Biometric Recognition on a Smartphone

The ongoing COVID-19 pandemic has pointed out, even more, the important need for hygiene contactless biometric recognition systems. Vein-based devices are great non-contact options although they have not been entirely well-integrated in daily life. In this work, in an attempt to contribute to the research and development of these devices, a contactless wrist vein recognition system with a real-life application is revealed. A Transfer Learning (TL) method, based on different Deep Convolutional Neural Networks architectures, for Vascular Biometric Recognition (VBR), has been designed and tested, for the first time in a research approach, on a smartphone. TL is a Deep Learning (DL) technique that could be divided into networks as feature extractor, i.e., using a pre-trained (different large-scale dataset) Convolutional Neural Network (CNN) to obtain unique features that then, are classified with a traditional Machine Learning algorithm, and fine-tuning, i.e., training a CNN that has been initialized with weights of a pre-trained (different large-scale dataset) CNN. In this study, a feature extractor base method has been employed. Several architecture networks have been tested on different wrist vein datasets: UC3M-CV1, UC3M-CV2, and PUT. The DL model has been integrated on the Xiaomi© Pocophone F1 and the Xiaomi© Mi 8 smartphones obtaining high biometric performance, up to 98% of accuracy and less than 0.4% of EER with a 50–50% train-test on UC3M-CV2, and fast identification/verification time, less than 300 milliseconds. The results infer, high DL performance and integration reachable in VBR without direct user-device contact, for real-life applications nowadays

Multiple classifiers in biometrics. part 1: Fundamentals and review

We provide an introduction to Multiple Classifier Systems (MCS) including basic nomenclature and describing key elements: classifier dependencies, type of classifier outputs, aggregation procedures, architecture, and types of methods. This introduction complements other existing overviews of MCS, as here we also review the most prevalent theoretical framework for MCS and discuss theoretical developments related to MCS The introduction to MCS is then followed by a review of the application of MCS to the particular field of multimodal biometric person authentication in the last 25 years, as a prototypical area in which MCS has resulted in important achievements. This review includes general descriptions of successful MCS methods and architectures in order to facilitate the export of them to other information fusion problems. Based on the theory and framework introduced here, in the companion paper we then develop in more technical detail recent trends and developments in MCS from multimodal biometrics that incorporate context information in an adaptive way. These new MCS architectures exploit input quality measures and pattern-specific particularities that move apart from general population statistics, resulting in robust multimodal biometric systems. Similarly as in the present paper, methods in the companion paper are introduced in a general way so they can be applied to other information fusion problems as well. Finally, also in the companion paper, we discuss open challenges in biometrics and the role of MCS to advance themThis work was funded by projects CogniMetrics (TEC2015-70627-R) from MINECO/FEDER and RiskTrakc (JUST-2015-JCOO-AG-1). Part of thisthis work was conducted during a research visit of J.F. to Prof. Ludmila Kuncheva at Bangor University (UK) with STSM funding from COST CA16101 (MULTI-FORESEE

Federated Authentication using the Cloud (Cloud Aura)

Individuals, businesses and governments undertake an ever-growing range of activities online and via various Internet-enabled digital devices. Unfortunately, these activities, services, information and devices are the targets of cybercrimes. Verifying the user legitimacy to use/access a digital device or service has become of the utmost importance. Authentication is the frontline countermeasure of ensuring only the authorised user is granted access; however, it has historically suffered from a range of issues related to the security and usability of the approaches. Traditionally deployed in a point-of-entry mode (although a number of implementations also provide for re-authentication), the intrusive nature of the control is a significant inhibitor. Thus, it is apparent that a more innovative, convenient and secure user authentication solution is vital. This thesis reviews the authentication methods along with the current use of authentication technologies, aiming at developing a current state-of-the-art and identifying the open problems to be tackled and available solutions to be adopted. It also investigates whether these authentication technologies have the capability to fill the gap between the need for high security whilst maximising user satisfaction. This is followed by a comprehensive literature survey and critical analysis of the existing research domain on continuous and transparent multibiometric authentication. It is evident that most of the undertaken studies and proposed solutions thus far endure one or more shortcomings; for instance, an inability to balance the trade-off between security and usability, confinement to specific devices, lack or negligence of evaluating users’ acceptance and privacy measures, and insufficiency or absence of real tested datasets. It concludes that providing users with adequate protection and convenience requires innovative robust authentication mechanisms to be utilised in a universal manner. Accordingly, it is paramount to have a high level of performance, scalability, and interoperability amongst existing and future systems, services and devices. A survey of 302 digital device users was undertaken and reveals that despite the widespread interest in more security, there is a quite low number of respondents using or maintaining the available security measures. However, it is apparent that users do not avoid applying the concept of authentication security but avoid the inconvenience of its current common techniques (biometrics are having growing practical interest). The respondents’ perceptions towards Trusted Third-Party (TTP) enable utilising biometrics for a novel authentication solution managed by a TTP working on multiple devices to access multiple services. However, it must be developed and implemented considerately. A series of experimental feasibility analysis studies disclose that even though prior Transparent Authentication Systems (TAS) models performed relatively well in practice on real live user data, an enhanced model utilising multibiometric fusion outweighs them in terms of the security and transparency of the system within a device. It is also empirically established that a centralised federated authentication approach using the Cloud would help towards constructing a better user profile encompassing multibiometrics and soft biometric information from their multiple devices and thus improving the security and convenience of the technique beyond those of unimodal, the Non-Intrusive and Continuous Authentication (NICA), and the Weighted Majority Voting Fusion (WMVF) and what a single device can do by itself. Furthermore, it reduces the intrusive authentication requests by 62%-74% (of the total assumed intrusive requests without operating this model) in the worst cases. As such, the thesis proposes a novel authentication architecture, which is capable of operating in a transparent, continuous and convenient manner whilst functioning across a range of digital devices – bearing in mind it is desirable to work on differing hardware configurations, operating systems, processing capabilities and network connectivity but they are yet to be validated. The approach, entitled Cloud Aura, can achieve high levels of transparency thereby being less dependent on secret-knowledge or any other intrusive login and leveraging the available devices capabilities without requiring any external sensors. Cloud Aura incorporates a variety of biometrics from different types, i.e. physiological, behavioural, and soft biometrics and deploys an on-going identity confidence level based upon them, which is subsequently reflected on the user privileges and mapped to the risk level associated to them, resulting in relevant reaction(s). While in use, it functions with minimal processing overhead thereby reducing the time required for the authentication decision. Ultimately, a functional proof of concept prototype is developed showing that Cloud Aura is feasible and would have the provisions of effective security and user convenience.Royal Commission for Jubail and Yanbu, Kingdom of Saudi Arabi

Privacy-Preserving Biometric Authentication

Biometric-based authentication provides a highly accurate means of authentication without requiring the user to memorize or possess anything. However, there are three disadvantages to the use of biometrics in authentication; any compromise is permanent as it is impossible to revoke biometrics; there are significant privacy concerns with the loss of biometric data; and humans possess only a limited number of biometrics, which limits how many services can use or reuse the same form of authentication. As such, enhancing biometric template security is of significant research interest. One of the methodologies is called cancellable biometric template which applies an irreversible transformation on the features of the biometric sample and performs the matching in the transformed domain. Yet, this is itself susceptible to specific classes of attacks, including hill-climb, pre-image, and attacks via records multiplicity. This work has several outcomes and contributions to the knowledge of privacy-preserving biometric authentication. The first of these is a taxonomy structuring the current state-of-the-art and provisions for future research. The next of these is a multi-filter framework for developing a robust and secure cancellable biometric template, designed specifically for fingerprint biometrics. This framework is comprised of two modules, each of which is a separate cancellable fingerprint template that has its own matching and measures. The matching for this is based on multiple thresholds. Importantly, these methods show strong resistance to the above-mentioned attacks. Another of these outcomes is a method that achieves a stable performance and can be used to be embedded into a Zero-Knowledge-Proof protocol. In this novel method, a new strategy was proposed to improve the recognition error rates which is privacy-preserving in the untrusted environment. The results show promising performance when evaluated on current datasets

Handbook of Vascular Biometrics

This open access handbook provides the first comprehensive overview of biometrics exploiting the shape of human blood vessels for biometric recognition, i.e. vascular biometrics, including finger vein recognition, hand/palm vein recognition, retina recognition, and sclera recognition. After an introductory chapter summarizing the state of the art in and availability of commercial systems and open datasets/open source software, individual chapters focus on specific aspects of one of the biometric modalities, including questions of usability, security, and privacy. The book features contributions from both academia and major industrial manufacturers

A Dynamic Behavioral Biometric Approach to Authenticate Users Employing Their Fingers to Interact with Touchscreen Devices

The use of mobile devices has extended to all areas of human life and has changed the way people work and socialize. Mobile devices are susceptible to getting lost, stolen, or compromised. Several approaches have been adopted to protect the information stored on these devices. One of these approaches is user authentication. The two most popular methods of user authentication are knowledge based and token based methods but they present different kinds of problems. Biometric authentication methods have emerged in recent years as a way to deal with these problems. They use an individual’s unique characteristics for identification and have proven to be somewhat effective in authenticating users. Biometric authentication methods also present several problems. For example, they aren’t 100% effective in identifying users, some of them are not well perceived by users, others require too much computational effort, and others require special equipment or special postures by the user. Ultimately their implementation can result in unauthorized use of the devices or the user being annoyed by the implementation. New ways of interacting with mobile devices have emerged in recent years. This makes it necessary for authentication methods to adapt to these changes and take advantage of them. For example, the use of touchscreens has become prevalent in mobile devices, which means that biometric authentication methods need to adapt to it. One important aspect to consider when adopting these new methods is their acceptance of these methods by users. The Technology Acceptance Model (TAM) states that system use is a response that can be predicted by user motivation. This work presents an authentication method that can constantly verify the user’s identity which can help prevent unauthorized use of a device or access to sensitive information. The goal was to authenticate people while they used their fingers to interact with their touchscreen mobile devices doing ordinary tasks like vertical and horizontal scrolling. The approach used six biometric traits to do the authentication. The combination of those traits allowed for authentication at the beginning and at the end of a finger stroke. Support Vector Machines were employed and the best results obtained show Equal Error Rate values around 35%. Those results demonstrate the potential of the approach to verify a person’s identity. Additionally, this works tested the acceptance of the approach among participants, which can influence its eventual adoption. An acceptance level of 80% was obtained which compares favorably against other behavioral biometric approaches