Abstract
Compared with traditional techniques used to establish the identity of a person, biometric systems offer a greater confidence level that the authenticated individual is not impersonated by someone else. However, it is necessary to consider different privacy and security aspects in order to prevent possible thefts and misuses of biometric data. The effective protection of the privacy must encompass different aspects, such as the perceived and real risks pertaining to the users, the specificity of the application, the adoption of correct policies, and data protection methods as well. This chapter focuses on the most important privacy issues related to the use of biometrics, it presents actual guidelines for the implementation of privacy-protective biometric systems, and proposes a discussion of the methods for the protection of biometric data.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
International Biometrics Group, http://www.ibgweb.com
Cancellable biometrics and annotations on biohash. Pattern Recognition 41(6), 2034–2044 (2008)
Barni, M., Bianchi, T., Catalano, D., Raimondo, M.D., Donida Labati, R., Failla, P., Fiore, D., Lazzeretti, R., Piuri, V., Scotti, F., Piva, A.: A privacy-compliant fingerprint recognition system based on homomorphic encryption and fingercode templates. In: IEEE Fourth International Conference on Biometrics: Theory, Applications and Systems (BTAS) (September 2010)
Barni, M., Bianchi, T., Catalano, D., Raimondo, M.D., Labati, R.D., Failla, P., Fiore, D., Lazzeretti, R., Piuri, V., Scotti, F., Piva, A.: Privacy-preserving fingercode authentication. In: 12th ACM Multimedia and Security Workshop (2010)
Bianchi, T., Turchi, S., Piva, A., Donida Labati, R., Piuri, V., Scotti, F.: Implementing fingercode-based identity matching in the encrypted domain. In: IEEE Workshop on Biometric Measurements and Systems for Security and Medical Applications (BIOMS), pp. 15–21 (September 2010)
Boult, T.: Robust distance measures for face-recognition supporting revocable biometric tokens. In: International Conference on Automatic Face and Gesture Recognition, pp. 560–566 (April 2006)
Boult, T., Schdrer, W., Woodworth, R.: Revocable fingerprint biotokens: Accuracy and security analysis. In: IEEE Conference on Computer Vision and Pattern Recognition (CVPR), pp. 1–8 (June 2007)
Bringer, J., Chabanne, H.: An Authentication Protocol with Encrypted Biometric Data. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 109–124. Springer, Heidelberg (2008)
Bringer, J., Chabanne, H., Cohen, G., Kindarji, B., Zemor, G.: Theoretical and practical boundaries of binary secure sketches. IEEE Transactions on Information Forensics and Security 3(4), 673–683 (2008)
Bringer, J., Chabanne, H., Izabachène, M., Pointcheval, D., Tang, Q., Zimmer, S.: An Application of the Goldwasser-Micali Cryptosystem to Biometric Authentication. In: Pieprzyk, J., Ghodosi, H., Dawson, E. (eds.) ACISP 2007. LNCS, vol. 4586, pp. 96–106. Springer, Heidelberg (2007)
Cavoukian, A., Stoianov, A.: Biometric encryption. In: Encyclopedia of Cryptography and Security, 2nd edn., pp. 90–98 (2011)
Chin, C.S., Jin, A.T.B., Ling, D.N.C.: High security iris verification system based on random secret integration. Computer Vision and Image Understanding 102, 169–177 (2006)
Cimato, S., Gamassi, M., Piuri, V., Sassi, R., Cimato, F.S., Scotti, F.: A biometric verification system addressing privacy concerns. In: International Conference on Computational Intelligence and Security, pp. 594–598 (December 2007)
Daugman, J.: How iris recognition works. In: Proceedings of the International Conference on Image Processing, vol. 1, pp. 33–36 (2002)
Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A.: Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. SIAM Journal on Computing 38(1), 97–139 (2008)
Draper, S., Khisti, A., Martinian, E., Vetro, A., Yedidia, J.: Using distributed source coding to secure fingerprint biometrics. In: IEEE International Conference on Acoustics, Speech and Signal Processing, vol. 2, pp. 29–132 (April 2007)
El Gamal, T.: A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 10–18. Springer, Heidelberg (1985)
Erkin, Z., Franz, M., Guajardo, J., Katzenbeisser, S., Lagendijk, I., Toft, T.: Privacy-Preserving Face Recognition. In: Goldberg, I., Atallah, M.J. (eds.) PETS 2009. LNCS, vol. 5672, pp. 235–253. Springer, Heidelberg (2009)
Faundez-Zanuy, M.: On the vulnerability of biometric security systems. IEEE Aerospace and Electronic Systems Magazine 19(6), 3–8 (2004)
Fontaine, C., Galand, F.: A survey of homomorphic encryption for nonspecialists. EURASIP Journal on Information Security, 1–15 (2007)
Huixian, L., Man, W., Liaojun, P., Weidong, Z.: Key binding based on biometric shielding functions. In: International Conference on Information Assurance and Security, vol. 1, pp. 19–22 (August 2009)
Ignatenko, T., Willems, F.: Information leakage in fuzzy commitment schemes. IEEE Transactions on Information Forensics and Security 5(2), 337–348 (2010)
Ignatenko, T., Willems, F.: Information leakage in fuzzy commitment schemes. IEEE Transactions on Information Forensics and Security 5(2), 337–348 (2010)
Jain, A.K., Maltoni, D.: Handbook of Fingerprint Recognition. Springer-Verlag New York, Inc., Secaucus (2003)
Jain, A.K., Nandakumar, K., Nagar, A.: Biometric template security. EURASIP Journal on Advances in Signal Processing, 1–17 (2008)
Jain, A.K., Prabhakar, S., Hong, L., Pankanti, S.: Filterbank-based fingerprint matching. IEEE Transactions on Image Processing 9, 846–859 (2000)
Jin, A.T.B., Ling, D.N.C., Goh, A.: Biohashing: two factor authentication featuring fingerprint data and tokenised random number. Pattern Recognition 37(11), 2245–2255 (2004)
Jin, Z., Teoh, A., Ong, T.S., Tee, C.: Generating revocable fingerprint template using minutiae pair representation. In: International Conference on Education Technology and Computer, vol. 5 (June 2010)
Juels, A., Sudan, M.: A fuzzy vault scheme. In: IEEE International Symposium on Information Theory, p. 408 (2002)
Juels, A., Wattenberg, M.: A fuzzy commitment scheme. In: Sixth ACM Conference on Computer and Communications Security, pp. 28–36 (1999)
Lee, Y.J., Park, K.R., Lee, S.J., Bae, K., Kim, J.: A new method for generating an invariant iris private key based on the fuzzy vault system. IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics 38(5), 1302–1313 (2008)
LLC International Biometric Group: Bioprivacy initiative (2003), http://www.bioprivacy.org/
Maiorana, E., Campisi, P.: Fuzzy commitment for function based signature template protection. IEEE Signal Processing Letters 17(3), 249–252 (2010)
Maiorana, E., Campisi, P.: Fuzzy commitment for function based signature template protection. IEEE Signal Processing Letters 17(3), 249–252 (2010)
Maiorana, E., Campisi, P., Fierrez, J., Ortega-Garcia, J., Neri, A.: Cancelable templates for sequence-based biometrics with application to on-line signature recognition. IEEE Transaction on Systems, Man and Cybernetic, Part A: Systems and Humans 40(3), 525–538 (2010)
Makrushin, A., Scheidat, T., Vielhauer, C.: Towards robust biohash generation for dynamic handwriting using feature selection. In: International Conference on Digital Signal Processing, pp. 1–6 (July 2011)
Nagar, A., Jain, A.: On the security of non-invertible fingerprint template transforms. In: First IEEE International Workshop on Information Forensics and Security (WIFS), pp. 81–85 (2009)
Nandakumar, K., Jain, A., Pankanti, S.: Fingerprint-based fuzzy vault: Implementation and performance. IEEE Transactions on Information Forensics and Security 2(4), 744–757 (2007)
Nanni, L., Lumini, A.: Empirical tests on biohashing. Neurocomputing 69, 2390–2395 (2006)
Nichols, R.K.: Icsa Guide to Cryptography. McGraw-Hill Professional (1998)
Paillier, P.: Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999)
Ratha, N.K., Connell, J.H., Bolle, R.M.: Enhancing security and privacy in biometrics-based authentication systems. IBM Systems Journal 40(3), 614–634 (2001)
Ratha, N.K., Chikkerur, S., Connell, J.H., Bolle, R.M.: Generating cancelable fingerprint templates. IEEE Transaction on Pattern Analysis and Machine Intelligence 29(4), 561–572 (2007)
Ratha, N.K., Connell, J.H., Bolle, R.M.: An Analysis of Minutiae Matching Strength. In: Bigun, J., Smeraldi, F. (eds.) AVBPA 2001. LNCS, vol. 2091, pp. 223–228. Springer, Heidelberg (2001)
Rathgeb, C., Uhl, A.: A survey on biometric cryptosystems and cancelable biometrics. EURASIP Journal on Information Security (1) (2011)
RNCOS (ed.): Electronics Security: Global Biometric Forecast to 2012 (2010)
Sabena, F., Dehghantanha, A., Seddon, A.: A review of vulnerabilities in identity management using biometrics. In: Second International Conference on Future Networks (CFN), pp. 42–49 (January 2010)
Sadeghi, A., Schneider, T., Wehrenberg, I.: Efficient Privacy-Preserving Face Recognition. In: Lee, D., Hong, S. (eds.) ICISC 2009. LNCS, vol. 5984, pp. 229–244. Springer, Heidelberg (2010)
Savvides, M., Vijaya Kumar, B., Khosla, P.: Cancelable biometric filters for face recognition. In: International Conference on Pattern Recognition, vol. 3, pp. 922–925 (August 2004)
Schoenmakers, B., Tuyls, P.: Computationally Secure Authentication with Noisy Data, pp. 141–149. Springer, Heidelberg (2007)
Stoianov, A.: Cryptographically secure biometrics. In: Kumar, B.V.K.V., Prabhakar, S., Ross, A.A. (eds.) Biometric Technology for Human Identification VII, vol. 7667, p. 76670C. SPIE (2010)
Sutcu, Y., Li, Q., Memon, N.: Protecting biometric templates with sketch: Theory and practice. IEEE Transactions on Information Forensics and Security 2(3), 503–512 (2007)
Teoh, A., Goh, A., Ngo, D.: Random multispace quantization as an analytic mechanism for biohashing of biometric and random identity inputs. IEEE Transactions on Pattern Analysis and Machine Intelligence 28(12), 1892–1901 (2006)
Teoh, A., Jin, B., Connie, T., Ngo, D., Ling, C.: Remarks on biohash and its mathematical foundation. Information Processing Letters 100, 145–150 (2006)
Wang, Y., Hatzinakos, D.: On random transformations for changeable face verification. IEEE Transaction on Systems, Man and Cybernetic, Part B: Cybernetics 41(3), 840–854 (2011)
Wang, Y., Plataniotis, K.N.: An analysis of random projection for changeable and privacy-preserving biometric verification. IEEE Transaction on Systems, Man and Cybernetic, Part B: Cybernetics 40, 1280–1293 (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Labati, R.D., Piuri, V., Scotti, F. (2012). Biometric Privacy Protection: Guidelines and Technologies. In: Obaidat, M.S., Sevillano, J.L., Filipe, J. (eds) E-Business and Telecommunications. ICETE 2011. Communications in Computer and Information Science, vol 314. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35755-8_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-35755-8_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35754-1
Online ISBN: 978-3-642-35755-8
eBook Packages: Computer ScienceComputer Science (R0)