SAFEGAURDING BIOMETRIC TEMPLATE DATA: RISKS AND PROTECTION SCHEMES

#achna5 %r. + - #ai8 'hetan -anchanda9

5

!sstt. Professor, ('( %epartment, 'handigarh (ngineering 'ollege, :andran 1-ohali2, ruchimz;gmail.com 8 Professor, ('( %epartment, 0eeta Institute of -anagement and Technology, <anipla 1<urukshetra2 9 (ngineer, 'entre for %evelopment of !dvanced 'omputing, -ohali +uman-'omputer ystem interaction. o, authentication of the person happens if the read data of fingerprint device matches with that of stored in the database. The security and authenticity of the huge volume of biometric data is the main focus area for research and development these days. )ith the help of imaging techni,ues such watermarking, the features such as security, tampering detection, content authentication and integrity, invisibility, data hiding, etc can be implemented. II. BI$-(T#I' Biometrics is the science and technology of computing and statistically evaluating biological data of humans for the purpose of identity management. The biological data and feature can be generally a physiological characteristic such as fingerprints, palm geometry, facial features, iris, retina, vein patterns, or a behavioral characteristic such as voice, signature, ear, gait, and keystrokes. +owever, the biometric trait related to fingerprint is very popular amongst the above and is widely used in the large scale identity management systems. The term .Biometrics/ is derived from the 0reek words bio 1life2 and metric 1to measure2. Biometric Traits 3ingerprint Palm 0eometry 3acial 3eatures I#I 4oice +andwritten ignature 4ein pattern 0ait

Abstract - Biometrics is the science and technology of computing and statistically evaluating biological data of humans for the purpose of identity management. The biological data and feature can be generally a physiological characteristic such as fingerprints, palm geometry, facial features, iris, retina, vein patterns, or a behavioral characteristic such as voice, signature, ear, gait, and keystrokes. The biometric traits of wide variety have been deployed in the security systems. The biometric enabled applications are also focus of many imposters and attackers due to some of security and privacy vulnerabilities. In order to prevent the system or the data from unauthorized use, digital content authentication, privacy protection and reliability features needs to be implemented. There is a greater need to implement image authentication schemes so that this brings assurance to the system owner. In this paper, we present the survey of various Biometric Template Protection chemes that are being deployed and researched these days. !lso, an implementation outline model for Biometric Template Protection implementation is presented.

Keywords: Biometrics, Template Protection I. I"T#$%&'TI$" In the recent years, there have been remarkable advances in the field of (lectronics and Information and communication technologies. )ith the rise in various eenabled services, the need of information security has become far greater. The digital signals including the digital images are being used in almost every application that involves human computer interaction. In the field of biometrics, the technology is used to identify the human based on physiological and behavioral signs. The characteristics of different parts of human body like fingerprints, thumb impression, I#I scan, face recognition, palm scan, etc are used in Biometrics with the help of technology. The ma*or implementation of Biometrics is seen in identity management, authentication, access control, surveillance, etc. The large scale implementation of Biometrics in the security sector is because of the ease and convenience of operation it offers. There is abundance of Biometric devices around us such as fingerprint scanners, hand geometry readers, I#I scanners, etc. These devices basically perform the task of

3igure 5, 3ingerprint, ource6 http677www.east-shore.com7data.html

3igure8, I#I Image, ource6 http677www.neurotechnology.com

The e=tracted information or data derived from the biometric sample and employed either to build a reference biometric template or to compare against a previously created reference biometric template is referred to as Biometric data. III. BI$-(T#I' > T(- $4(#4I() -ainly, any Biometric ystem involves two modules enrollment and authentication. In the first phase i.e the enrollment phase, the electronic system with the help of electronic sensors, ac,uires biometric data samples such as fingerprints, face, from an individual, e=tracts significant features from this biometric data, creates a mathematical version of the data and stores it as a biometric template in the database. %uring the authentication phase, the system compares this recorded7enrolled template with the features e=tracted from the newly ac,uired biometric data7samples of the individual user to accept or re*ect the user from the system. This is done with the help of template matching module of the biometric system. The biometric data of one person is uni,ue and it is very difficult to match the biometric data amongst a group of person. ! Biometric based system is mainly an image Pattern #ecognition ystem. The template matcher is the heart of this system, which makes the decisions. The system has a storage entity, a biometric sensor device, comparison process module and a decision making function. The communication channels between various parts of the biometric are also important. The communication medium can be wired, wireless and data transmission can happen over the network or the internet. The matcher actually yields a matching score based on the authentication. There can be some errors in the biometric system. The following figure depicts the various modules in the biometric system ?5@A

3eature (=traction -odule 3eature #epresentation -odule Template -atcher

without compromising of signal integrity To e=tract the critical parameters that correspond to personBs biometric identity and generate template To make the mathematical representation from the e=tracted features for a particular individual !ctive during the authentication process and incorporates a matching algorithm to match the biometric impression with the stored template

Table 5, Biometric ystem $verview

3igure 9, Biometric ystem $verview

(lectronic ensor Pre-Processor -odule

!c,uire Biometric Trait in digitized format To pre-process the ac,uired digital signal for the following operations7computations

It is also important to note that in case we ac,uire multiple samples of biometric trait of an individual, there would be variations in the feature set. The reason for these variations is primarily due to the varied sensing conditions. The variations are also due to degradation because of an in*ury and background interferences such as noise etc. o, the biometric system needs to construct the statistical model so as produce an improved biometric template. The errors in the biometric system are described as followsA - 3alse !cceptance #ate73!#6 The probability that biometric system inaccurately identifies a person or will unsuccessful to re*ect a fraud identity. - 3alse -atch #ate73-#6 This is alternative to C3alse !cceptance #ateC. It is the chance of false matching. - 3alse #e*ection #ate73##6 The probability that a biometric system fails to identify a person, or validate the genuine claimed identity of a person. - 3alse "on--atch #ate73"-#6 This is alternative to C3alse #e*ection #ateC. It yields the rate of valid inputs being discarded. - 3ailure to !c,uire6 3ailure of a biometric system to capture and e=tract biometric data. - 3ailure to !c,uire #ate6 The rate of occurrence of a failure to ac,uire. - 3alse !cceptance6 a biometric system incorrectly identifies a user or incorrectly verifies an attacker against a claimed identity. - 3alse #e*ection6 a biometric system fails to identify an enrollee or fails to verify the legitimate claimed identity of an enrollee. - 3ailure to !c,uire73T!6 This represents the rate that the personBs biometric characteristic is either damage, inconsistent, and7or presented in the incorrect manner. - 3ailure to (nroll73T(6 This represents the probability that a person failed to enroll into the biometric system. I4. BI$-(T#I' %!T! P#$T('TI$"

%uring the last decade, biometrics based authentication and identification systems has attained a high level of interest by the researchers. The biometric traits of wide variety have been deployed in these security systems. The biometric enabled applications are also focus of many imposters and attackers due to some of security and privacy vulnerabilities. The maturity level of biometrics has been motivating factor for large scale deployment in many government initiatives also. ome of the applications are biometric passport, (&-4I !, & !-4I IT and &ni,ue I% Pro*ect of India. There is a need for trusted biometric system that protects against the security and privacy vulnerabilities ?9D@. The security is the difficulty level to obtain the false accepts in biometric system. The privacy is the protection level of the system against an unintentional use of biometric data other than the verification work. !s per ?9D@, the privacy threat is ability to get the data and cross match it with other systems for benefits. !lso, another privacy threat can be to steal sensitive information from the biometric trait of an individual. The security threats are elaborated by the likely attacks on the biometric system and subsystem ?9D@. The attacks can happen atA i. %ata capture subsystem level This attack includes the fabrication and presentation of a fake physical biometric 1sensor spoofing attack2. ii. ignal Processing ubsystem level 'onsists of attacks during the processing level by the intrusion of attackers. iii. -atcher subsystem level !ttacks to change the matching scores. iv. torage subsystem level Transmission v. %ecision making level o, from the above description, there are certain re,uirements that emerge to protect the biometric system from attacks related to privacy and security ?9D@A Privacy related protection demands that the identity of the individual is preserved. The irreversibility is another re,uirement so that the biometric data cannot be retrieved for using it in other applications using other transformations. This should not affect the biometric verification performance. !nother important characteristic is unlinkability that protects against tracking and tracing. ecurity related re,uirements are primarily confidentiality, integrity, renewability and revocability. The biometric system should maintain the confidentiality of the biometric data by not allowing unauthorized access to template information. The biometric data assetBs integrity needs to be maintained so that the data remains accurate and complete. The renewability and revocability is a strong security re,uirement for the current biometric systems as every individual has limited biometric traits.

4. BI$-(T#I' T(-P:!T( P#$T('TI$" '+(-( The implementation of techni,ues for safeguarding the biometric system and template protection is a comple= task. The procedures, mathematical transforms, signal processing, data security concepts, etc needs elaborated research so that biometric systems can be secure. There are many template protection schemes in the published literature. I $ has formulated I $7I(' 8DEDF standard for biometric template protection. The standard is prepared to address the aspects of renewable templates meeting the re,uirements of irreversibility as well as unlinkability. This standard also entails the means for encryption of biometric data so as to ensure the confidentiality and integrity ?9D@. The properties of a good template protection scheme are described in ?98@ and these areA - %iversity - #evocability ecurity and - Performance The characteristics of biometrics as presented below also outlines the need of security and protection mechanismA - Biometrics is not secret6 !n attacker can make7duplicate a biometric image such as fingerprint, face, iris, etc without the knowledge of the actual owner of the biometric. - Biometric cannot be revoked6 !ny individualBs biometrics is permanently associated with him7her. It is difficult to revoke it in the event of any fraud. - Biometrics can be utilized in the multiple applications as they are same for an individual. !s per ?5G@, the template protection schemes published in the literature and those meets the revocability condition, can be classified into feature transformation approach and biometric cryptosystem based. &nder the feature transformation based approaches, salting, random pro*ection scheme and non-invertible transforms are present while in biometric cryptosystem based approach, the key binding and key generation techni,ues are employed. ome of the most popular schemes in feature transformation based approach are Bio-hashing, 0aussian functions, etc while in biometric cryptosystem, fuzzy vault approach, ,uantization inde= modulation as well as fuzzy commitment approaches, etc are present. The feature transformation uses a function 3 to transform the original biometric template into a secure domain. !t the biometric matching stage, the same transformation is applied to the input biometric data and the matching process is done in the secured domain. The feature transforms can be invertible 1salting or biohasing2 or non-

invertible with respect to the function 3. In the Biometric cryptosystem ?8H@, cryptography techni,ues are used. +owever, the biometric template protection schemes as described above have their own benefits and limitations ?9H@. These are mainly due to terms of accuracy, speed, insecure e=posure of biometric data, computational cost, storage re,uirements, and their applicability to variety of biometric representations. 'ancelable biometrics, teganography and watermarking schemes are also e=tensively employed in the recent researches. The feature transformation approaches can be applied both at feature level and sample level. The Biometric cryptosystem area normally applied at feature level. 3eature transformation based algorithms are advantageous in protection of biometric template data as in this case even if the transformation function or parameters are compromised, biometric template data can not be retrieved accurately. In the biometric cryptosystems, inversion of secure parameters and functions in the algorithm can depict essential information about biometric template data. !lso, the international standard I $7I(' 8DEDF defines a high-level architecture of biometric template protection, which can model various types of protection scheme algorithms. 4I. BI$-(T#I' T(-P:!T( P#$T('TI$" -$%(: Based on the above survey and need of a potentially stable, secure and tolerant biometric protection scheme, following -odel is presented that can be generalized to any Biometric based authentication systemA

In this implementaiton outline model, we can validate the protection scheme with respect to the e=ternal threats use cases and the biometric security system ob*ectives and targets against set criterions for evaluation. !'<"$):(%0-("T The authors would like to thank the '(', :andran and 0IT-, <urukshetra for all support. #(3(#("'( ?5@ http677en.wikipedia.org7wiki7Biometrics, !ccessed eptember, 8I55 ?8@ Jain, !nil <.A 3lynn, PatrickA #oss, !run !. 1(ds.2, .+andbook of Biometrics/, pringer ?9@ !. <. Jain and &. &ludag, .+iding biometric data,/ I((( Trans. Pattern !nal. -achine Intell., vol. 8F, no. 55, pp. 5DGDK5DGL, "ov. 8II9. ?D@ B. chneier, .The uses and abuses of biometrics,/ 'omm. !'-, vol. D8, no. L, p. 59H, !ug. 5GGG. ?F@ B. 0unsel, &. &ludag, and !. -. Tekalp, .#obust watermarking of fingerprint images,/ Pattern #ecognition, vol. 9F, no. 58, pp. 8E9GK8EDE, %ec. 8II8. ?H@ ". <. #atha, J. +. 'onnell, and #. -. Bolle, . ecure data hiding in wavelet compressed fingerprint images,/ in Proc. !'- -ultimedia, pp. 58EK59I, $ct. 8III. ?E@ ".<. #atha, J.+. 'onnell, and #.-. Bolle, .!n analysis of minutiae matching strength/, Proc. !4BP! 8II5, Third International 'onference on !udio- and 4ideo-Based Biometric Person !uthentication, pp. 88988L, 8II5. ?L@ !nil <. Jain, .Biometric ystem ecurity/, -ichigan tate &niversity, http677biometrics.cse.msu.edu ?G@ . Jain, .%igital watermarking techni,ues6 ! case study in fingerprints M faces/ in Proc. Indian 'onference on 'omputer 4ision, 0raphics and Image Processing I'40IP 8III, pp. 59G-5DD, 8III. ?5I@ :ow, '.>., Teoh, !.B. and Tee, '.18IIG2, .3usion of : B and %)T Biometric )atermarking &sing $ffline +andwritten ignature for 'opyright Protection/, Proceedings of the Third International 'onference on !dvances in Biometrics, :ecture "otes In 'omputer cience, 4ol. FFFL, Pp. ELH K EGF. ?55@ -aiorana, (., 'ampisi, P., "eri, !. 18IIE2 , . Biometric ignature !uthentication &sing #adon Transform-Based )atermarking Techni,ues/, I((( Biometrics ymposium,8IIE, Pp. 5-H.

3igure D, Biometric Template Protection -odel

?58@ "oore, !., ingh, #., 4atsa, -. and +ouck, -.-. 18IIG2 , . (nhancing security of fingerprints through conte=tual biometric watermarking/, 3orensic cience International, 4ol. 5HG, Issue 8, Pp. 5LL-5GD ?59@ Pankanti, . and >eung, -.-. 15GGG2 , .4erification watermarks on fingerprint recognition and retrieval/, Proc. PI( (I 5GGG, an Jose, '!, 4ol. 9HFE, Pp. HH-EL. ?5D@ #a*la=mi 'houhan, !gya -ishra, and Pritee <hanna, .)avelet-based #obust %igital )atermarking cheme for 3ingerprint !uthentication/ ?5F@ %. -athivadhani, '. -eena, .! 'omparative tudy on 3ingerprint Protection &sing )atermarking Techni,ues,/ 0lobal Journal of 'omputer cience and Technology, vol. G, no. F, pp. GL-5I8, 8I5I. ?5H@ -. 4atsa, #. ingh, !. "oore, -. +. +ouck, <. -orris, .#obust biometric image watermarking for fingerprint and face template protection/, I(I'( (lectronic (=press vol. 9, no. 8, pp. 89-8L, 8IIH. ?5E@ <. Nebbiche, 3. <helifi, .#egion-Based )atermarking of Biometric Images6 'ase tudy in 3ingerprint Images/, International Journal of %igital -ultimedia Broadcasting DG8GD8, 8IIL. ?5L@ !hmed, 3. and -oskowitz, I. . 18IIF2 , .'omposite ignature Based )atermarking for 3ingerprint !uthentication/, !'- -ultimedia and ecurity )orkshop, "ew >ork, Pp. 5-L. ?5G@ Jain, !.<., "andakumar, <. and "agar, !. 18IIL2 , . Biometric Template ecurity/, (&#! IP Journal on !dvances in ignal Processing, 4ol. 8IIL, !rticle I% FEGD5H. ?8I@ :ee, >., <ang, +.J. and <i, >.+. 18IIF2 , . 'opyright !uthentication (nhancement of %igital )atermarking Based on Intelligent +uman 4isual ystem cheme/, <nowledge-Based Intelligent Information and (ngineering ystems, Intelligent )atermarking !lgorithms and !pplications, 4olume 9HL878IIF, Pp. FHE-FE8 ?85@ Tzouveli, P. "talianis, <. <ollias, . 18IIF2, .+uman face watermarking based on Nernike moments/, Proceedings of the 3ifth I((( International ymposium on ignal Processing and Information Technology, 8IIF, Pp. 9GG-DID. ?88@ &ludag, &., 0unsel, B. and Ballan, -. 18II52, .! spatial method for watermarking of fingerprint images/, Proceedings of. 3irst International )orkshop on Pattern #ecognition in Information ystems, etObal, Portugal, Pp. 8H-99.

?89@ Nebbiche, <. and 0houti, :. et al. 18IIH2, .Protecting fingerprint data using watermarking/, 3irst "! !7( ! 'onf. on !daptive +ardware and ystems 1!+ IH2, Pp.DF5KDFH. ?8D@ Nebbiche, <. and <helifi, 3. 18IIG2, .#egion-Based )atermarking of Biometric Images6'ase tudy in 3ingerprint Images/, International Journal of %igital -ultimedia Broadcasting, 4ol. 8IIL, !rticle I% DG8GD8, Pp. 5-59. ?8F@ Parvathi !mbalakat, . ecurity of Biometric !uthentication ystems/, 85st 'omputer cience eminar ?8H@ &ludag. &, Pankanti. , Prabhakar. and Jain. !.<, .Biometric 'ryptosystems6 issues and challenges,/ Proceedings of the I(((, 4olume6 G8, Issue6 H, June 8IID. ?8E@ Pueyi >e , Nhiwei +e , and Nhi*ing Nhao, .! data hiding approach for the self-security of iris recognition/, July 5I, 8IIL 7 4ol. H, "o. E 7 '+I"( ( $PTI' :(TT(# ?8L@ "ick Bartlow, "athan <alka, Bo*an 'ukic, and !run #oss, QProtecting Iris Images through !symmetric %igital )atermarkingQ !ppeared in Proc. of Fth I((( )orkshop on !utomatic Identification !dvanced Technologies 1!utoI%2, 1!lghero, Italy2, pp. 5G5-5GE, June 8IIE ?8G@ %r. Jasni -ohamad Nain, !zma !bdullah, Q3ingerprint )atermarking with Tamper %etectionQ. ?9I@ <. Nebbiche, 3. <helifi, and !. Bouridane, Q!n (fficient )atermarking Techni,ue for the Protection of 3ingerprint ImagesQ, +indawi Publishing 'orporation, (&#! IP Journal on Information ecurity, 4olume 8IIL, !rticle I% G5LHI5, 8I pages, doi65I.55FF78IIL7G5LHI5 ?95@ . -allat, ! )avelet Tour of ignal Processing. !cademic Press, econd (dition, 5GGG. ?98@ %. -altoni, %. -aio, !.<. Jain, and . Prabhakar, +andbook of 3ingerprint #ecognition, pringer, 8II9. ?99@ &mut &ludag, !nil <. Jain,Q !ttacks on Biometric ystems6 ! 'ase tudy in 3ingerprintsQ, %epartment of 'omputer cience and (ngineering, -ichigan tate &niversity, & ! ?9D@ .Biometric Template Protection K The need of open standards/, Breebaart, >ang, Busch, 8IIG ?9F@ .! :ightweight approach for biometric template protection/, +isham !l-!ssam, +arin ellahewa, M abah Jassim, -arch 8IIG

?9H@ .-ultibiometric ystems6 3usion trategies and Template ecurity/, <. "andakumar, Ph% thesis. -ichigan tate&niversity, 18IIL2.