International Information Security Conference

ISC 2015: Information Security pp 493-510

Reasoning about Privacy Properties of Biometric Systems Architectures in the Presence of Information Leakage

  • Julien Bringer
  • Hervé Chabanne
  • Daniel Le Métayer
  • Roch Lescuyer
Conference paper

DOI: 10.1007/978-3-319-23318-5_27

Part of the Lecture Notes in Computer Science book series (LNCS, volume 9290)
Cite this paper as:
Bringer J., Chabanne H., Le Métayer D., Lescuyer R. (2015) Reasoning about Privacy Properties of Biometric Systems Architectures in the Presence of Information Leakage. In: Lopez J., Mitchell C. (eds) Information Security. ISC 2015. Lecture Notes in Computer Science, vol 9290. Springer, Cham

Abstract

Motivated by the need for precise definitions of privacy requirements, foundations for formal reasoning, and tools for justifying privacy-preserving design choices, a recent work introduces a formal model for the description of system architectures and the formal verification of their privacy properties. A subsequent work uses this framework to reason about privacy properties of biometric system architectures. In these studies, the description of an architecture specifies each component, their computations and the communications between them. This static approach makes it possible to reason about design choices at the very architectural level, leaving aside the implementation details. Although it is important to express privacy properties at this level, this approach fails to catch some leakage which may result from the system runtime. In particular, in the case of biometric systems, known attacks allow to recover some biometric information following a black-box approach, without breaking any part of the system. In this paper, we extend the existing formal model in order to deal with such side-channel attacks and we apply the extended model to analyse biometric information leakage in several variants of a biometric system architecture.

Keywords

Formal methods Biometric systems Privacy by design 

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Julien Bringer
    • 1
  • Hervé Chabanne
    • 1
    • 2
  • Daniel Le Métayer
    • 3
  • Roch Lescuyer
    • 1
  1. 1.MorphoIssy-Les-MoulineauxFrance
  2. 2.Télécom ParisTechParisFrance
  3. 3.InriaUniversité de LyonLyonFrance

Personalised recommendations