A cancelable iris- and steganography-based user authentication system for the Internet of Things

Remote user authentication for Internet of Things (IoT) devices is critical to IoT security, as it helps prevent unauthorized access to IoT networks. Biometrics is an appealing authentication technique due to its advantages over traditional password-based authentication. However, the protection of biometric data itself is also important, as original biometric data cannot be replaced or reissued if compromised. In this paper, we propose a cancelable iris- and steganography-based user authentication system to provide user authentication and secure the original iris data. Most of the existing cancelable iris biometric systems need a user-specific key to guide feature transformation, e.g., permutation or random projection, which is also known as key-dependent transformation. One issue associated with key-dependent transformations is that if the user-specific key is compromised, some useful information can be leaked and exploited by adversaries to restore the original iris feature data. To mitigate this risk, the proposed scheme enhances system security by integrating an effective information-hiding technique-steganography. By concealing the user-specific key, the threat of key exposure-related attacks, e.g., attacks via record multiplicity, can be defused, thus heightening the overall system security and complementing the protection offered by cancelable biometric techniques

A Systematic Review on Image Data Protection Methods

Securing data is the main goal of any data security system (DSS). Valuable data must be protected all the time and stored in a very highly secure data storage device. This need has become more critical due to the continuous growth of data size.  Furthermore, non-text data in the form of images, audio, and videos can now be transferred and processed easily and thus become part of sensitive data that needs to be protected. Since there is a need to secure and protect data in any form in order to keep them private and valid, it is expected that there would be many attempts already that have been proposed in the literature for this purpose. This paper reviews a group of these proposed strategies and methods that have been applied to different kinds of DSSs. Challenges and future trends of DSSs are also discussed. A number of main findings are grouped and organized as follows: (1) there are many different kinds of security techniques, each of which offers varying degrees of performance in terms of the amount of data and information that can be managed securely, (2) depending on the architecture of the proposed method, the tactics or strategies of the security system, the kinds of DSSs, as well as a few other factors, some methods are more appropriate for the storage of certain categories of data than others