Analysis of Biometric Authentication Protocols in the Blackbox Model

In this paper we analyze different biometric authentication protocols considering an internal adversary. Our contribution takes place at two levels. On the one hand, we introduce a new comprehensive framework that encompasses the various schemes we want to look at. On the other hand, we exhibit actual attacks on recent schemes such as those introduced at ACISP 2007, ACISP 2008, and SPIE 2010, and some others. We follow a blackbox approach in which we consider components that perform operations on the biometric data they contain and where only the input/output behavior of these components is analyzed.Comment: 10 pages, 1 figures, submitted to IEEE Transactions on Information Forensics and Securit

Pseudo Identities Based on Fingerprint Characteristics

This paper presents the integrated project TURBINE which is funded under the EU 7th research framework programme. This research is a multi-disciplinary effort on privacy enhancing technology, combining innovative developments in cryptography and fingerprint recognition. The objective of this project is to provide a breakthrough in electronic authentication for various applications in the physical world and on the Internet. On the one hand it will provide secure identity verification thanks to fingerprint recognition. On the other hand it will reliably protect the biometric data through advanced cryptography technology. In concrete terms, it will provide the assurance that (i) the data used for the authentication, generated from the fingerprint, cannot be used to restore the original fingerprint sample, (ii) the individual will be able to create different "pseudo-identities" for different applications with the same fingerprint, whilst ensuring that these different identities (and hence the related personal data) cannot be linked to each other, and (iii) the individual is enabled to revoke an biometric identifier (pseudo-identity) for a given application in case it should not be used anymore

Nurse forecasting in Europe (RN4CAST): Rationale, design and methodology

Contains fulltext : 97171.pdf (postprint version ) (Open Access)BACKGROUND: Current human resources planning models in nursing are unreliable and ineffective as they consider volumes, but ignore effects on quality in patient care. The project RN4CAST aims innovative forecasting methods by addressing not only volumes, but quality of nursing staff as well as quality of patient care. METHODS/DESIGN: A multi-country, multilevel cross-sectional design is used to obtain important unmeasured factors in forecasting models including how features of hospital work environments impact on nurse recruitment, retention and patient outcomes. In each of the 12 participating European countries, at least 30 general acute hospitals were sampled. Data are gathered via four data sources (nurse, patient and organizational surveys and via routinely collected hospital discharge data). All staff nurses of a random selection of medical and surgical units (at least 2 per hospital) were surveyed. The nurse survey has the purpose to measure the experiences of nurses on their job (e.g. job satisfaction, burnout) as well as to allow the creation of aggregated hospital level measures of staffing and working conditions. The patient survey is organized in a sub-sample of countries and hospitals using a one-day census approach to measure the patient experiences with medical and nursing care. In addition to conducting a patient survey, hospital discharge abstract datasets will be used to calculate additional patient outcomes like in-hospital mortality and failure-to-rescue. Via the organizational survey, information about the organizational profile (e.g. bed size, types of technology available, teaching status) is collected to control the analyses for institutional differences.This information will be linked via common identifiers and the relationships between different aspects of the nursing work environment and patient and nurse outcomes will be studied by using multilevel regression type analyses. These results will be used to simulate the impact of changing different aspects of the nursing work environment on quality of care and satisfaction of the nursing workforce. DISCUSSION: RN4CAST is one of the largest nurse workforce studies ever conducted in Europe, will add to accuracy of forecasting models and generate new approaches to more effective management of nursing resources in Europe

Analysis of Fuzzy Encryption Schemes for the Protection of Biometric Data (Analyse van fuzzy encryptieschema's voor het afschermen van biometrische gegevens)

This thesis focuses on the analysis of techniques for the protection of biometric data. The increasing use of biometrics for the identification and authentication of individuals has raised many concerns because of the large-scale collection and automated processing of biometric data associated with it. These data can be abused, e.g., to gain unauthorized access to certain systems or to violate someone's privacy, and must therefore be protected. The techniques that have been proposed use widely varying approaches that often depend on the type of the underlying biometric characteristic, e.g., a fingerprint or the image of a face. This makes it a challenging task to evaluate their effectiveness.We analyze the irreversibility and unlinkability of techniques that are based on noise-tolerant transformations. Irreversibility is the property that a piece of biometric data, called a template, is hidden by transforming it in a way that cannot easily be undone. Unlinkability implies that it is infeasible to derive from two protected templates whether they originate from the same charateristic, e.g., two prints from the same finger. To evaluate these properties we develop different strategies based on, amongst others, heuristic inference and regression. Several successful attacks are demonstrated and some fundamental limitations are derived.More recent approaches rely on secure hardware elements or distributed protocols that use cryptographic primitives. To analyze these we use a blackbox attack model and we exploit the information that is revealed through the interaction with these blackboxes. We present a framework with generic attacks to facilitate the systematic evaluation of biometric authentication protocols in the malicious adversary model. This model is more realistic than the honest-but-curious adversary model in which most existing protocols have been designed.The diversity in approaches and the absence of universal metrics make it difficult to compare different techniques. Therefore, we analyze the criteria that are relevant for the holistic evaluation of different methods. With this consolidation we take a first step towards the independent benchmarking and ranking of biometric template protection methods.status: publishe

Drug information for psychiatric patients: state-of-the-art of a Flemish project

status: publishe

A Framework for Analyzing Template Security and Privacy in Biometric Authentication Systems

In this correspondence, we analyze the vulnerabilities of biometric authentication protocols with respect to user and data privacy. The goal of an adversary in such context is not to bypass the authentication but to learn information either on biometric data or on users that are in the system. We elaborate our analysis on a general system model involving four logical entities (sensor, server, database, and matcher), and we focus on internal adversaries to encompass the situation where one or a combination of these entities would be malicious. Our goal is to emphasize that when going beyond the usual honest-but-curious assumption much more complex attacks can affect the privacy of data and users. On the one hand, we introduce a new comprehensive framework that encompasses the various schemes we want to look at. It presents a system model in which each internal entity or combination of entities is a potential attacker. Different attack goals are considered and resulting requirements on data flows are discussed. On the other hand, we develop different generic attacks. We follow a blackbox approach in which we consider components that perform operations on biometric data but where only the input/output behavior is analyzed. These attack strategies are exhibited on recent schemes such as the distributed protocol of Bringer et al. (ACISP 2007), which is based on the Goldwasser-Micali cryptosystem, the related protocol of Barbosa et al. (ACISP 2008), which uses the Paillier cryptosystem, and the scheme of Stoianov (SPIE 2010), that features the Blum-Goldwasser cryptosystem. All these schemes have been developed in the honest-but-curious adversary model and show potential weaknesses when considered in our malicious insider attack model.status: publishe