Privacy in Biometric Systems

Biometrics are physiological and/or behavioral characteristics of a person that have been used to provide an automatic proof of identity in a growing list of applications including crime/terrorism fighting, forensics, access and border control, securing e-/m-commerce transactions and service entitlements. In recent years, a great deal of research into a variety of new and traditional biometrics has widened the scope of investigations beyond improving accuracy into mechanisms that deal with serious concerns raised about the potential misuse of collected biometric data. Despite the long list of biometrics’ benefits, privacy concerns have become widely shared due to the fact that every time the biometric of a person is checked, a trace is left that could reveal personal and confidential information. In fact, biometric-based recognition has an inherent privacy problem as it relies on capturing, analyzing, and storing personal data about us as individuals. For example, biometric systems deal with data related to the way we look (face, iris), the way we walk (gait), the way we talk (speaker recognition), the way we write (handwriting), the way we type on a keyboard (keystroke), the way we read (eye movement), and many more. Privacy has become a serious concern for the public as biometric systems are increasingly deployed in many applications ranging from accessing our account on a Smartphone or computer to border control and national biometric cards on a very large scale. For example, the Unique Identification Authority of India (UIDAI) has issued 56 million biometric cards as of January 2014 [1], where each biometric card holds templates of the 10 fingers, the two irises and the face. An essential factor behind the growing popularity of biometrics in recent years is the fact that biometric sensors have become a lot cheaper as well as easier to install and handle. CCTV cameras are installed nearly everywhere and almost all Smartphones are equipped with a camera, microphone, fingerprint scanner, and probably very soon, an iris scanner

Automated Biometric Authentication with Cloud Computing

The convenience provided by cloud computing has led to an increasing trend of many business organizations, government agencies and individual customers to migrate their services and data into cloud environments. However, once clients’ data is migrated, the overall security control will be immedicably shifted form data owners to the hand of cloud service providers. In fact, most cloud clients do not even know where their data is physically stored, and therefore the question of how to limit data access to authorized users has been one of the biggest challenges in cloud environments. Although security tokens and passwords are widely used form of remote user authentication, they can be lost or stolen as they are not linked with the identity of data owner. Therefore, biometric based authentication can potentially offer a practical and reliable option for remote access control. This chapter starts with a brief introduction that covers the fundamental concepts of cloud computing and biometric based authentication. It then provides and in-depth discussions on authentication challenges for the cloud computing environment and the limitation of traditional solutions. This leads to the key sections related to biometric solutions for cloud computing in which we present state-of-art approaches that offer convenient and privacy-preserving authentication needed for cloud environment. The chapter argues that addressing privacy concerns surrounding the use of biometrics in cloud computing is one of the key challenges that has to be an integral part of any viable solution for any biometric-based authentication. It also argues that assuring cloud clients that their biometric templates will not be used without their permission to, for example, track them is not enough. Such solutions should make it technically infeasible to do so even if a cloud service provider wants to. This chapter explains a number of interesting solutions that have been recently proposed to improve security and, at the same time, maintain user privacy. Finally, we identify some challenges that still need to be addressed and highlight relevant Research Directions

An enhanced fuzzy commitment scheme in biometric template protection

Biometric template protection consists of two approaches; Feature Transformation (FT) and Biometric Cryptography (BC). This research focuses on Key-Binding Technique based on Fuzzy Commitment Scheme (FCS) under BC approach. In FCS, the helper data should not disclose any information about the biometric data. However, literatures showed that it had dependency issue in its helper data which jeopardize security and privacy. Moreover, this also increases the probability of privacy leakage which lead to attacks such as brute-force and cross-matching attack. Thus, the aim of this research is to reduce the dependency of helper data that can caused privacy leakage. Three objectives have been set such as (1) to identify the factors that cause dependency on biometric features (2) to enhance FCS by proposing an approach that reduces this dependency, and (3) to evaluate the proposed approach based on parameters such as security, privacy, and biometric performance. This research involved four phases. Phase one, involved research review and analysis, followed by designing conceptual model and algorithm development in phase two and three respectively. Phase four, involved with the evaluation of the proposed approach. The security and privacy analysis shows that with the additional hash function, it is difficult for adversary to perform brute‐force attack on information stored in database. Furthermore, the proposed approach has enhanced the aspect of unlinkability and prevents cross-matching attack. The proposed approach has achieved high accuracy of 95.31% with Equal Error Rate (EER) of 1.54% which performs slightly better by 1.42% compared to the existing approach. This research has contributed towards the key-binding technique of biometric fingerprint template protection, based on FCS. In particular, this research was designed to create a secret binary feature that can be used in other state-of-the-art cryptographic systems by using an appropriate error-correcting approach that meets security standards

Selected Computing Research Papers Volume 2 June 2013

An Evaluation of Current Innovations for Solving Hard Disk Drive Vibration Problems (Isiaq Adeola) ........................................................................................................ 1 A Critical Evaluation of the Current User Interface Systems Used By the Blind and Visually Impaired (Amneet Ahluwalia) ................................................................................ 7 Current Research Aimed At Improving Bot Detection In Massive Multiplayer Online Games (Jamie Burnip) ........................................................................................................ 13 Evaluation Of Methods For Improving Network Security Against SIP Based DoS Attacks On VoIP Network Infrastructures (David Carney) ................................................ 21 An Evaluation of Current Database Encryption Security Research (Ohale Chidiebere) .... 29 A Critical Appreciation of Current SQL Injection Detection Methods (Lee David Glynn) .............................................................................................................. 37 An Analysis of Current Research into Music Piracy Prevention (Steven Hodgson) .......... 43 Real Time On-line Analytical Processing: Applicability Of Parallel Processing Techniques (Kushatha Kelebeng) ....................................................................................... 49 Evaluating Authentication And Authorisation Method Implementations To Create A More Secure System Within Cloud Computing Technologies (Josh Mallery) ................... 55 A Detailed Analysis Of Current Computing Research Aimed At Improving Facial Recognition Systems (Gary Adam Morrissey) ................................................................... 61 A Critical Analysis Of Current Research Into Stock Market Forecasting Using Artificial Neural Networks (Chris Olsen) ........................................................................... 69 Evaluation of User Authentication Schemes (Sukhdev Singh) .......................................... 77 An Evaluation of Biometric Security Methods for Use on Mobile Devices (Joe van de Bilt) .................................................................................................................. 8