A Framework of Remote Biometric Authentication on the Open Network

Slides:



Advertisements
Similar presentations
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Advertisements

Security of eGovernment, European Parliament, Brussels 2013 Max Snijder, Linda Kool, Geert Munnichs L Kool | 1 19 February 2013 Findings from the ePassport.
Dr. Sarbari Gupta Electrosoft Services Tel: (703) Security Characteristics of Cryptographic.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
FIT3105 Biometric based authentication and identity management
GUIDE TO BIOMETRICS CHAPTER I & II September 7 th 2005 Presentation by Tamer Uz.
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.
Biometrics and Authentication Shivani Kirubanandan.
Karthiknathan Srinivasan Sanchit Aggarwal
Chapter 10: Authentication Guide to Computer Network Security.
Towards A User-Centric Identity-Usage Monitoring System - ICIMP Daisuke Mashima and Mustaque Ahamad College of Computing Georgia Institute of Technology.
B IOMETRIC STANDARDS A N OVERVIEW OF BIOMETRICS AND IDENTITY MANAGEMENT Supervisor : Ahmed Abu Mosameh Prepared by samaher el nbahen UNIVERSITY.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.
Lecture 7 Page 1 CS 236, Spring 2008 Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know.
28 th International Traffic Records Forum Biometrics/SmartCard Workshop 28 th International Traffic Records Forum August 4, 2002 Orlando, Florida.
Biometrics Authentication Technology
By: Kirti Chawla. Definition Biometrics utilize ”something you are” to authenticate identification. This might include fingerprints, retina pattern, iris,
Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.
TECHNICAL SEMINAR PRESENTATION BIOMETRICS:THE MAGIC OF IDENTIFICATION.
Biometrics: A Tool for Information Security 1 Authors: Anil K. Jain, Arun Ross, Sharath Pankanti IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY,
Biometric for Network Security. Finger Biometrics.
Key Management. Authentication Using Public-Key Cryptography  K A +, K B + : public keys Alice Bob K B + (A, R A ) 1 2 K A + (R A, R B,K A,B ) 3 K A,B.
INTRODUCTION TO BIOMATRICS ACCESS CONTROL SYSTEM Prepared by: Jagruti Shrimali Guided by : Prof. Chirag Patel.
Biometric Devices Biometric devices use secure identification and authentication in order for someone to use the device. These devices use automated.
Networking Network Classification, by there: 3 Security And Communications software.
COEN 351 Authentication. Authentication is based on What you know Passwords, Pins, Answers to questions, … What you have (Physical) keys, tokens, smart-card.
What does it mean to us?.  History  Biometrics Defined  Modern Day Applications  Spoofing  Future of Biometrics.
Information Systems Design and Development Security Precautions Computing Science.
Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Public Key Infrastructure.
An Introduction to Biometrics
Shital ghule..  INTRODUCTION: This paper proposes an ATM security model that would combine a physical access card,a pin and electronic facial recognition.
Information Security and Privacy By: Mike Battestilli.
Understand User Authentication LESSON 2.1A Security Fundamentals.
TAG Presentation 18th May 2004 Paul Butler
Challenge/Response Authentication
Biometrics Security in Banking Systems Image processing in ATM
Key management issues in PGP
Presented by Edith Ngai MPhil Term 3 Presentation
Trust Profiling for Adaptive Trust Negotiation
Challenge/Response Authentication
TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES NAMED AFTER MUHAMMAD AL-KHWARIZMI THE SMART HOME IS A BASIC OF SMART CITIES: SECURITY AND METHODS OF.
Trust Anchor Management Problem Statement
Computer Communication & Networks
TAG Presentation 18th May 2004 Paul Butler
BLIND AUTHENTICATION: A SECURE CRYPTO-BIOMETRIC VERIFICATION PROTOCOL
Authentication.
Module 8: Securing Network Traffic by Using IPSec and Certificates
FACE RECOGNITION TECHNOLOGY
FACE DETECTION USING ARTIFICIAL INTELLIGENCE
Public Key Infrastructure (PKI)
Information and Network Security
Biometrics Reg: AMP/HNDIT/F/F/E/2013/067.
S/MIME T ANANDHAN.
Seminar Presentation on Biometrics
Recent Developments on Multimedia and Secure Networking Technologies
E-Authentication: What Technologies Are Effective?
Biometric technology.
O. Otenko PERMIS Project Salford University © 2002
Cryptography and Network Security
A SEMINAR REPORT ON BIOMETRICS
Module 8: Securing Network Traffic by Using IPSec and Certificates
Install AD Certificate Services
A maximum likelihood estimation and training on the fly approach
Authentication Chapter 2.
Erica Burch Jesse Forrest
Recent Developments on Multimedia and Secure Networking Technologies
Security in SDR & cognitive radio
COEN 351 Authentication.
Presentation transcript:

A Framework of Remote Biometric Authentication on the Open Network Yoshifumi Ueshige ISIT 2nd Laboratory Copyright © 2005,2006 Institute of System & Information Technologies/ KYUSHU All rights reserved.

Institute of Systems & Information Technologies/ KYUSHU Agenda Background Our Goal Certificate based framework of biometric authentication One-time Biometrics Conclusion 1/11/2019 Institute of Systems & Information Technologies/ KYUSHU

Institute of Systems & Information Technologies/ KYUSHU Background Biometric authentication is remarkable! Based on Physical and behavioral Characteristics Fingerprint, Iris, Facial image, Voice, Pattern of vein Etc 1/11/2019 Institute of Systems & Information Technologies/ KYUSHU

Institute of Systems & Information Technologies/ KYUSHU Background Biometric authentication is remarkable! Biometric systems are applied to many services. E-passports Bank Monitoring entrance Etc. 1/11/2019 Institute of Systems & Information Technologies/ KYUSHU

Background SERIOUS PRIVACY ISSUES On the other hands, We need secure and reliable authentication systems for many E-Services! Biometrics is one of the candidates. However, if we apply biometrics to E-services, Biometrics has some weak points! Easy to obtain Secondary information Sex, History of illness, etc. Irreplaceable When enrolled data is compromised, We are not able to re-enroll spare data. SERIOUS PRIVACY ISSUES 1/11/2019 Institute of Systems & Information Technologies/ KYUSHU

Institute of Systems & Information Technologies/ KYUSHU Our Goal Reliable authentication on the open networks by using Biometrics Viewpoints: Certificate based framework What do we require framework for reliable biometric authentication system? One-time biometrics How do we construct secure remote biometric authentication systems? even though biometric authentication data is compromised. 1/11/2019 Institute of Systems & Information Technologies/ KYUSHU

Certificate-based framework Public Key Infrastructure (PKI) with Biometrics Currently, this area aims to International Standardization Ikeda et al.’s (Toshiba Solution) proposal ISO/IEC JTC1/SC27/WG2 Verification of Biometric Authentication Environment Isobe et al.’s (Hitachi) proposal ITU-T SG17/Q8 Bio-PKI with Template Format The above proposals have privacy issues: It is easy for anyone to get relationship between the biometric data and its ownership…… 1/11/2019 Institute of Systems & Information Technologies/ KYUSHU 7

Certificate-based framework Assurance of anonymity in the Biometric Authentication by using Personal Repository Legitimate user or legitimate server can verify these relationships so that Adversaries obtain no information of above. Owner (User) Personal Repository Enrolled Templates RELATION RELATION Ownership Certificate Certificate Authority for User’s Personal Repository Template Certificate Certificate Authority for Template Data 1/11/2019 Institute of Systems & Information Technologies/ KYUSHU 8

Certificate-based framework A Framework of verification of ownership of PR by VA Assumption: CA issuing ownership certificate of PR, Trusted VA Certificate Authority for User’s Personal Repository Verification Authority for User’s Personal Repository Internet Personal Repository Client (User) Application Server Biometrics Device Certificate Authority for Public Key Certificate Authority for Template Data Certificate Authority for Authentication Environment 1/11/2019 Institute of Systems & Information Technologies/ KYUSHU 9

Certificate-based framework Argument of Security Abovementioned framework Biometric Authentication verifies personal repository is used by legitimate user. In application server, user is anonymity. Identity of User and holder ⇒ Only VA can verifies it. Application Server receives only information of the identity as verification result from VA. ⇒ If user colludes with VA, this framework will not be secure. Personal Repository requires following assumptions. Anti-tampered resistance Calculation power for generation and verification of digital signature 1/11/2019 Institute of Systems & Information Technologies/ KYUSHU 10

Institute of Systems & Information Technologies/ KYUSHU One-time Biometrics Now, I am investigating. But, I presented this topic at Symposium of Cryptography & Information Security 2006 in Japan Today, I will talk only basic idea. On the internet, communication data can be obtained! Whenever authentication data is compromised, the authentication system must react to the compromise. In order to achieve the above concept, the authentication system can generate data which has one-time characteristics like one-time password. 1/11/2019 Institute of Systems & Information Technologies/ KYUSHU

Institute of Systems & Information Technologies/ KYUSHU One-time Biometrics We propose One-Time Transform (OTT): OTT: Different transform every authentication session OTT is shared by a client and a storage of template OTT is applied to extracted features and corresponding enrolled templates Transformed data is used in matching process. 1/11/2019 Institute of Systems & Information Technologies/ KYUSHU 12

Institute of Systems & Information Technologies/ KYUSHU One-time Biometrics An illustration of One-Time Transform: Candidate of OTT: Recursive non-linear transform Chaos transforms, Iterated Function Systems : transformed points by OTT on time t1, and session number a1 : transformed points by OTT on time t2, and session number a2 (t1≠t2) Y axis ・私,かつてフラクタル画像処理の研究をやっていたもので,そこから着想を得たわけです. the feature or the template in matching process the feature or the template in matching process Coordinate of one of the features or the templates X axis 1/11/2019 O Institute of Systems & Information Technologies/ KYUSHU

Institute of Systems & Information Technologies/ KYUSHU One-time Biometrics We propose One-Time Transform (OTT): OTT: Different transform every authentication session OTT is shared by a client and a storage of template OTT is applied to extracted features and corresponding enrolled templates Transformed data is used in matching process. Requirements of the OTTs It is difficult for any adversaries to calculate the original features and templates from the transformed ones. There are optimal distance functions for evaluating matching score from the transformed data. No adversary extracts the original features & templates from OTTs used in past authentication. ・本当に出来たらいいなぁと思います. ・今回はこの点だけが言いたかったんですね. 1/11/2019 Institute of Systems & Information Technologies/ KYUSHU 14

Institute of Systems & Information Technologies/ KYUSHU One-time Biometrics Framework of biometrics with One-Time Transforms Including “Function Generator” which constructs OTTs Expectation: It is easy to implement One-Time Biometrics by UPDATING SOFTWARE from conventional systems. Storage of Templates Time Stamp Server Function Generator Construction of OTTs ・実現可能ならば,こういうフレームワークで運用可能だと思います. ・ファンクションジェネレータとテンプレートのDBを一つのエンティティとして実装する手もあるでしょう. Time Stamping Application of OTT Client Authentication Server Acquisition Matching Feature Extraction Decision Application of OTT 1/11/2019 Institute of Systems & Information Technologies/ KYUSHU

Institute of Systems & Information Technologies/ KYUSHU One-time Biometrics Argument of Security Assumption: assurance of security of OTT Hill-climbing attack: DIFFICULT According to OTT, distance function and threshold are varied. Replay attack: DIFFICULT Case 1: Adversaries listen communication between Client and Server Transformed data is changeable in every authentication. Case 2: Adversaries listen communication form Function Generator. When the adversaries use past OTT, Client and Storage can easily detect it. Collusion attack: FEASIBLE? Case 1: Client colludes with Function Generator. Case 2: Server colludes with Function Generator 1/11/2019 Institute of Systems & Information Technologies/ KYUSHU

Institute of Systems & Information Technologies/ KYUSHU Conclusion Certificate-based Framework: We propose the Framework of Biometric authentication on Open networks Establishment of Verification Authority Assurance of user’s anonymity against Application Server Reduce of possibility of compromising personal information One-Time Biometrics: We propose the One-Time Transform which is different every authentication session. Resistance against Hill-Climbing Attack, Replay Attack. Future Works In fact, there are too many points… 1/11/2019 Institute of Systems & Information Technologies/ KYUSHU

Thank you for your attention 1/11/2019 Institute of Systems & Information Technologies/ KYUSHU

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.