Biometric identification in electronic voting systems

An extension of previous developments of electronic voting and e-government systems carried out at the School of Computer Science of the UNLP is presented, where a digital fingerprint recognition feature is added to the existing system used for faculty elections at this School.\nThe characteristics and performance of the biometric recognition system are analyzed, as well as the modification of the on-site electronic voting system used in La Plata (hardware and software) and the adaptation to an Internet voting system that can be used at Regional Centers.\nFinally, the generalizations of the use of the technology developed for e-government are discussed and current research and development lines are mentioned.Eje: I Workshop Innovación en Sistemas de Software (WISS

Biometric identification in electronic voting systems

An extension of previous developments of electronic voting and e-government systems carried out at the School of Computer Science of the UNLP is presented, where a digital fingerprint recognition feature is added to the existing system used for faculty elections at this School. The characteristics and performance of the biometric recognition system are analyzed, as well as the modification of the on-site electronic voting system used in La Plata (hardware and software) and the adaptation to an Internet voting system that can be used at Regional Centers. Finally, the generalizations of the use of the technology developed for e-government are discussed and current research and development lines are mentioned.I Workshop Innovación en Sistemas de Software (WISS)Red de Universidades con Carreras en Informática (RedUNCI

Quantum surveillance and 'shared secrets'. A biometric step too far? CEPS Liberty and Security in Europe, July 2010

It is no longer sensible to regard biometrics as having neutral socio-economic, legal and political impacts. Newer generation biometrics are fluid and include behavioural and emotional data that can be combined with other data. Therefore, a range of issues needs to be reviewed in light of the increasing privatisation of ‘security’ that escapes effective, democratic parliamentary and regulatory control and oversight at national, international and EU levels, argues Juliet Lodge, Professor and co-Director of the Jean Monnet European Centre of Excellence at the University of Leeds, U

Designing and generating prototype for E-Governance based election strategy using biometric authentication and smart card device

Not availabl

ATTESTATION-BASED REMOTE BIOMETRIC AUTHENTICATION

Migration from password and token-based authentication in distributed systems requires fundamental changes to the authentication process. A person\u27s biometric data is not a secret, which presents a fundamental difference with other authentication methods. Matching a sample with a database template is secondary to establishing trust in the integrity of the sample. The process is similar to establishing a chain of custody for judicial evidence. In computer systems this is accomplished using attestation architectures. In this paper, a design for a secure remote biometric login system based on an attestation architecture is analyzed. The system uses a commercially available Trusted Platform Module (TPM) to authenticate the platform during the boot process and perform trusted private-key functions to participate in a challenge/response between the client and a remote biometric matcher. The result is a system that can provide higher assurance than current systems in an economically and administratively feasible system

A Novel Hybrid Biometric Electronic Voting System: Integrating Finger Print and Face Recognition

A novel hybrid design based electronic voting system is proposed, implemented and analyzed. The proposed system uses two voter verification techniques to give better results in comparison to single identification based systems. Finger print and facial recognition based methods are used for voter identification. Cross verification of a voter during an election process provides better accuracy than single parameter identification method. The facial recognition system uses Viola-Jones algorithm along with rectangular Haar feature selection method for detection and extraction of features to develop a biometric template and for feature extraction during the voting process. Cascaded machine learning based classifiers are used for comparing the features for identity verification using GPCA (Generalized Principle Component Analysis) and K-NN (K-Nearest Neighbor). It is accomplished through comparing the Eigen-vectors of the extracted features with the biometric template pre-stored in the election regulatory body database. The results of the proposed system show that the proposed cascaded design based system performs better than the systems using other classifiers or separate schemes i.e. facial or finger print based schemes. The proposed system will be highly useful for real time applications due to the reason that it has 91% accuracy under nominal light in terms of facial recognition. with bags of paper votes. The central station compiles and publishes the names of winners and losers through television and radio stations. This method is useful only if the whole process is completed in a transparent way. However, there are some drawbacks to this system. These include higher expenses, longer time to complete the voting process, fraudulent practices by the authorities administering elections as well as malpractices by the voters [1]. These challenges result in manipulated election results

Biometric Systems and Their Applications

Nowadays, we are talking more and more about insecurity in various sectors as well as the computer techniques to be implemented to counter this trend: access control to computers, e-commerce, banking, etc. There are two traditional ways of identifying an individual. The first method is a knowledge-based method. It is based on the knowledge of an individual’s information such as the PIN code to allow him/her to activate a mobile phone. The second method is based on the possession of token. It can be a piece of identification, a key, a badge, etc. These two methods of identification can be used in a complementary way to obtain increased security like in bank cards. However, they each have their weaknesses. In the first case, the password can be forgotten or guessed by a third party. In the second case, the badge (or ID or key) may be lost or stolen. Biometric features are an alternative solution to the two previous identification modes. The advantage of using the biometric features is that they are all universal, measurable, unique, and permanent. The interest of applications using biometrics can be summed up in two classes: to facilitate the way of life and to avoid fraud

Secure entity authentication

According to Wikipedia, authentication is the act of confirming the truth of an attribute of a single piece of a datum claimed true by an entity. Specifically, entity authentication is the process by which an agent in a distributed system gains confidence in the identity of a communicating partner (Bellare et al.). Legacy password authentication is still the most popular one, however, it suffers from many limitations, such as hacking through social engineering techniques, dictionary attack or database leak. To address the security concerns in legacy password-based authentication, many new authentication factors are introduced, such as PINs (Personal Identification Numbers) delivered through out-of-band channels, human biometrics and hardware tokens. However, each of these authentication factors has its own inherent weaknesses and security limitations. For example, phishing is still effective even when using out-of-band-channels to deliver PINs (Personal Identification Numbers). In this dissertation, three types of secure entity authentication schemes are developed to alleviate the weaknesses and limitations of existing authentication mechanisms: (1) End user authentication scheme based on Network Round-Trip Time (NRTT) to complement location based authentication mechanisms; (2) Apache Hadoop authentication mechanism based on Trusted Platform Module (TPM) technology; and (3) Web server authentication mechanism for phishing detection with a new detection factor NRTT. In the first work, a new authentication factor based on NRTT is presented. Two research challenges (i.e., the secure measurement of NRTT and the network instabilities) are addressed to show that NRTT can be used to uniquely and securely identify login locations and hence can support location-based web authentication mechanisms. The experiments and analysis show that NRTT has superior usability, deploy-ability, security, and performance properties compared to the state-of-the-art web authentication factors. In the second work, departing from the Kerb eros-centric approach, an authentication framework for Hadoop that utilizes Trusted Platform Module (TPM) technology is proposed. It is proven that pushing the security down to the hardware level in conjunction with software techniques provides better protection over software only solutions. The proposed approach provides significant security guarantees against insider threats, which manipulate the execution environment without the consent of legitimate clients. Extensive experiments are conducted to validate the performance and the security properties of the proposed approach. Moreover, the correctness and the security guarantees are formally proved via Burrows-Abadi-Needham (BAN) logic. In the third work, together with a phishing victim identification algorithm, NRTT is used as a new phishing detection feature to improve the detection accuracy of existing phishing detection approaches. The state-of-art phishing detection methods fall into two categories: heuristics and blacklist. The experiments show that the combination of NRTT with existing heuristics can improve the overall detection accuracy while maintaining a low false positive rate. In the future, to develop a more robust and efficient phishing detection scheme, it is paramount for phishing detection approaches to carefully select the features that strike the right balance between detection accuracy and robustness in the face of potential manipulations. In addition, leveraging Deep Learning (DL) algorithms to improve the performance of phishing detection schemes could be a viable alternative to traditional machine learning algorithms (e.g., SVM, LR), especially when handling complex and large scale datasets

Biometric identification in electronic voting systems

An extension of previous developments of electronic voting and e-government systems carried out at the School of Computer Science of the UNLP is presented, where a digital fingerprint recognition feature is added to the existing system used for faculty elections at this School. The characteristics and performance of the biometric recognition system are analyzed, as well as the modification of the on-site electronic voting system used in La Plata (hardware and software) and the adaptation to an Internet voting system that can be used at Regional Centers. Finally, the generalizations of the use of the technology developed for e-government are discussed and current research and development lines are mentioned.I Workshop Innovación en Sistemas de Software (WISS)Red de Universidades con Carreras en Informática (RedUNCI