ArticlePDF Available

Framework for Secured Biometric System

Authors:
Omotosho Folorunsho Segun at Kwara State University
Omotosho Folorunsho Segun
Ronke Seyi Babatunde at Kwara State University
Ronke Seyi Babatunde
Kazeem Gbolagade at Kwara State University
Kazeem Gbolagade
Download full-text PDF
Read full-text
Download citation

Abstract

Biometrics provides higher accuracy of personal recognition in real identity management system than traditional methods because of its properties. However, the security of biometric systems can be undermined, if the template derived from the biometrics traits such as fingerprint is compromised. If a biometric template is compromised, it leads to serious security and privacy threats. Unlike passwords, it is impossible for a legitimate user to revoke his/her biometric traits and switch to another set of uncompromised identifiers. One methodology for biometric template protection is the template transformation approach, where the template, consisting of the features extracted from the biometric trait, is transformed using parameters derived from a user specific password or key, through transformation algorithm and only the transformed template is stored in the database. This study develops a framework that uses a generated random key without user specific password or key during enrollment / verification and it will be used to secure medical records that uses biometric authentication. Collection of fingerprint images will be carried-out through Fingerprint Live Scan Device (SecuGen 7.1). The outcomes of this study will incorporate the property of revocability or cancelability with Biometric system without degrading the performance and efficiency of the system.
Content uploaded by Ronke Seyi Babatunde
Author content
All content in this area was uploaded by Ronke Seyi Babatunde on Jan 10, 2020
Content may be subject to copyright.
International Journal of Scientific & Engineering Research, Volume 8, Issue 7, July-2017
ISSN 2229-5518
IJSER © 2017
http://www.ijser.org
Framework for Secured Biometric System
F.S. Omotosho, R.S. Babatunde, K. A. Gbolagade
Abstract— Biometrics provides higher accuracy of personal recognition in real identity management system than traditional methods be-
cause of its properties. However, the security of biometric systems can be undermined, if the template derived from the biometrics traits such
as fingerprint is compromised. If a biometric template is compromised, it leads to serious security and privacy threats. Unlike passwords, it is
impossible for a legitimate user to revoke his/her biometric traits and switch to another set of uncompromised identifiers.
One methodology for biometric template protection is the template transformation approach, where the template, consisting of the features
extracted from the biometric trait, is transformed using parameters derived from a user specific password or key, through transformation
algorithm and only the transformed template is stored in the database.
This study develops a framework that uses a generated random key without user specific password or key during enrollment / verification
and it will be used to secure medical records that uses biometric authentication. Collection of fingerprint images will be carried-out through
Fingerprint Live Scan Device (SecuGen 7.1).
The outcomes of this study will incorporate the property of revocability or cancelability with Biometric system without degrading the perfor-
mance and efficiency of the system.
Index Terms: Biometrics, Security, Template, Traits, Revocability, Cancelability, Transformation, Authentication.
.—————————— u——————————
1 INTRODUCTION
Biometrics are our most unique physiological traits such as
fingerprint, face, iris, hand geometry, voice that can be prac-
tically sensed by devices and interpreted by computers so that
they may be used as proxies of our physical selves in the digi-
tal realm [1]. In this way we can bond digital data to our iden-
tity with permanency, consistency, and unambiguity, and re-
trieve that data using computers in a rapid and automated
ways [2].
1.1 Fingerprint Recognition
Fingerprint identification is one of the most well-known and
publicized biometrics [4]. Fingerprint identification is popular
because of the ease in acquisition, the numerous sources ten
fingers available for collection per individual [5].
————————————————
Segun F. Omotosho obtained B.Sc., M.Sc. in Computer Science. He is currently
pursuing Ph.D. degree program in Computer Science at the Department of Com-
puter Science, College of Information and Communication Technology, Kwara
State University, Malete. Nigeria. His research interests includes Biometric au-
thentication, Pattern recognition, E-health and Residue Number System. fun-
shosegun@yahoo.com
•Ronke S. Babatunde has a Ph.D in Computer Science, currently a Lecturer in
the Department of Computer Science, College of Information and Communication
Technology, Kwara State University, Malete. Nigeria. Her research interest in-
cludes: Soft Computing, Machine Learning, Deep Learning, Big Data and Com-
putational Intelligence. ronke.babatunde@kwasu.edu.ng
•Kazeem A. Gbolagade is a Professor of Computer Science, in the Department of
Computer Science, College of Information and Communication Technology, Kwa-
ra State University, Malete. Nigeria. His research interest includes: Residue
Number System, VHDL, Parallel Processing, and building High Speed Micro-
processor. kazeem.gbolagade@kwasu.edu.ng
1.2 What is a Template?
A template is a set of features extracted from the biometric
trait. A template is stored in the biometric system database
and is used for matching with the input biometric during an
authentication attempt [3].
1.3 Biometric systems modes
Biometric systems can be used in two different modes enroll-
ment and identification modes [6].
With the widespread deployment of biometric systems in var-
ious applications, the focus now is on biometric template secu-
rity which is an important issue because, unlike passwords
and tokens, compromised biometric templates cannot be re-
voked and reissued [7]. Protecting the template post a great
challenge [2], [13]. Therefore, storing biometric templates,
which is unique to individual user, entails significant security
risks [8].
One of the most potentially damaging attacks on a biometric
system is against the biometric templates stored in the system
database. Attacks on the template can lead to the following
three vulnerabilities:
(i) A template can be replaced by an impostor’s template
to gain unauthorized access.
(ii) A physical spoof can be created from the template to
gain unauthorized access to the system, also to other systems
which use the same biometric trait.
(iii) The stolen template can be replayed to the matcher to
gain unauthorized access [2].
This work addresses this problem by proposing a framework
for securing biometric system through fingerprint template
2318
IJSER
International Journal of Scientific & Engineering Research, Volume 8, Issue 7, July-2017
ISSN 2229-5518
IJSER © 2017
http://www.ijser.org
transformation approach that uses a generated random key as
parameter for the transformation rather than user supply
password or key. This work focuses on achieving a secure bi-
ometric system and flexibility of use by the user without the
needs to remember special password or key. It does not ad-
dress the security of the system database itself but securing the
fingerprint template from being compromised.
Section II provides a critical analysis of related work while
Section III gives detailed explanation of our proposed frame-
work. Evaluation of the framework is discussed in Section IV
with Section V concludes the paper by summarizing our con-
tribution.
2 RELATEDWORK
2.1 Securing Biometric System
Passwords and PIN have the property that if they are com-
promised, the system administrator can issue a new one to the
user. It is desirable to have the same property embedded in
biometric system [10].
The following section provides a detailed description of the
approaches that have been proposed for securing biometric
templates:
The template protection schemes proposed in the literature
can be broadly classified into two categories, namely, (i) fea-
ture transformation approach and (ii) biometric cryptosystem
[2]. As seen in figure 1.
2.2 Feature transformation approaches
In the feature transform approach, a transformation function
(F) is applied to the biometric template (T) and only the trans-
formed template (F (T; K)) is stored in the database. The pa-
rameters of the transformation function are typically derived
from user specific key (K) or password. The same transfor-
mation function is applied to query features (Q) and the trans-
formed query (F (Q; K)) is directly matched against the trans-
formed template (F (T; K)). The feature transform schemes can
be further categorized as (i) Invertible and (ii) Non-invertible
transforms [9], [11].
2.2.1 Invertible (Salting) transform
This is a template protection approach in which the biometric
features are transformed using a function defined by a user-
specific key or password. Since the transformation is invertible
to a large extent, the key needs to be securely stored or re-
membered by the user and presented during authentication.
The limitation in this approach is that there is need for addi-
tional information in the form of special password or key
which increases user’s inconveniences [11, 9]. Also, if the user-
specific key is compromised, the template is no longer secure.
2.2.2 Non-invertible transforms
In this approach, the biometric template is secured by apply-
ing a noninvertible transformation function to it. Noninverti-
ble transform refers to a one-way function, F, that is “easy to
compute” (in polynomial time) but “hard to invert” (given F
(x), the probability of finding x in polynomial time is small)
[9], [8]. The parameters of the transformation function are de-
fined by a key which must be available at the time of authenti-
cation to transform the query feature set. The main drawback
of this approach is the trade of between discriminability and
noninvertibility of the transformation function. The transfor-
mation function does not preserve the discriminability (simi-
larity structure) of the feature set, that is, features from the
same user should have high similarity in the transformed
space, and features from diferent users should be quite dissim-
ilar after transformation [2]. Also, given a transformed feature
set, an adversary can still obtain a close approximation of the
original feature set of it. The user must remember the special
key which increases the user inconveniences [6}, [7].
This paper proposes a fingerprint transformation method that
does not require user to supply a secrete key during enroll-
ment or verification, yet secure the template and preserve the
similarity structure of the feature set.
3 ARCHITECTURAL FRAMEWORK
Our framework consists mainly of two phases:
The Enrollment Phase
The Verification Phase
The model works towards the design of fingerprint transfor-
mation approach which employs some existing algorithms for
feature extraction see figure 2.
Template Protection
Biometric
Cryptosystem
Feature
Transformation
Invertible
Transform Non-invertible
Transform
Figure 1: Categorization of template protection schemes
2319
IJSER
International Journal of Scientific & Engineering Research, Volume 8, Issue 7, July-2017
ISSN 2229-5518
IJSER © 2017
http://www.ijser.org
3.1 The enrollment Phase
The sensor which represents a fingerprint scanner attached toa
system on which the application runs will accept the
fingerprint of the user. The quality assessment module
determines whether the scanned biometric trait (fingerprint) is
of sufficient quality for further processing. Feature extraction
module processes the scanned biometric data to extract the
salient information (feature set) that is useful in distinguishing
between different users. Two image samples will be captured
per fingerprint for a higher degree of accuracy. The minutiae
data from each image sample will then be compared against
each other (i.e. matched) to confirm the quality of the
registered fingerprints. This comparison is analogous to a
password confirmation routine that is commonly required for
entering a new password. Then the feature data (minutiae) is
extracted from the image into a template. The template
transformation algorithm which is the main work of this
research takes the extracted feature (template (t), random
generated key (k), fixed indexed and computed indexed to
generate a new transform template (tr) which will be stored in
the database, indexed by the user’s identity see figure 3 & 4.
.
Radom generated
Key (k)
K = rnd (127)
Fingerprint
System
Database
Raw
Template
Biometric
Query (Q)
Match/
Non-match Ac-
tion
Enrollment
Authentication
Figure 2: Framework of the proposed Fingerprint template transformation
Validity
Check
Quality
As-
sess-
ment
Module
Raw
tem-
plate Transfor-
mation mod-
Trans-
formed
Tem-
plate
Transformation
Module
Fingerprint
FeatureExtraction
System
Database
Figure 3: Fearture transformation Module
Sensor
2320
IJSER
International Journal of Scientific & Engineering Research, Volume 8, Issue 7, July-2017
ISSN 2229-5518
IJSER © 2017
http://www.ijser.org
3.2 The verification phase
Here, unlike the enrollment phase the sensor accept input of a
single fingerprint from an individual who had previously
enrolled, extract its features and then present the template to
the validity module. The validity module performed validity
check on the presented template by comparing it with stored
transformed template in the system database. If the template is
found it will perform a match action, if not it will performed a
non-match action.
3.3 Application of Our Proposed Scheme to Medical
Record:
The framework will be applied by implementing an
application based on the proposed framework using Medical
Record Biometric System [14] as shuwn in figure 5.
4. PERFORMANCE EVALUATION
The prototype of the framework will be evaluated based on
users' assessment in terms of system reliability and
effectiveness, system ease of usage and efficiency of the
system. We intend to carry out an initial pilot study where the
experimental procedure and guideline will be properly
mapped out through hardware performances, software
management and how easy and productive user find it
through user testing [13].
4.1 Evaluation indexes for fingerprint recognition.
Two indexes are well accepted to determine the performance
of a fingerprint authentication system: One is FRR (false
rejection rate) and the other is FAR (false acceptance rate) [12].
FAR- describes the number of times, someone is inaccurately
K = Random Key
Raw
F fingerprint
Template
Feature in
byte of 400
indexes
Trans-
formed
feature in
Integer Ar-
ray of 401
indexes
Integer
Array is
converted to
string by
Concate-
naion
System
Database
Figure 4: Flowchart of Template transformation
module
K
Yes
No
Figure 5: Prototype Program Flowchart
Medical Form
Validity Check
Start
Get finge rprint Template
IF Match
Perform enrollment
process
Grant access to
Database record
Stop
Select Verification menu
2321
IJSER
International Journal of Scientific & Engineering Research, Volume 8, Issue 7, July-2017
ISSN 2229-5518
IJSER © 2017
http://www.ijser.org
positively matched.
FRR- describes the number of times someone who should be
identified positively is instead rejected [11].
Table 1: EVALUATION INDEXES
FAR FRR
(%) FAR = (FA/N) * 100
FA = number of incidents of
false acceptance
N = total number of samples
(%) FRR = ( FR/N) * 100
FR = number of incidents of
false rejections.
N = total number of samples.
5. CONCLUSION
The success of biometric system cannot be affirmed without a
critical examination of security of template stored in the
system database. The main idea of this approach is to store the
transformed template instead of storing the original template
in its raw form. In case the stored template is stolen or lost, it
is computationally hard to reconstruct the original raw
biometric data from this template.
In this research work, we proposed a fingerprint
transformation method that does not require user to supply a
secrete key during enrollment.
Security breaches have been usually traced to the in-house
people like developers, administrators, users and so on due to
having some constant values in the encrypting algorithms, this
research takes an extra effort to having fixed and computed
indexes. Computed indexes are determined internally by the
algorithm at runtime which makes it impossible for these
people to predetermine or guess indexes that will be
encrypted.
Passwords and PIN have the property that if they are
compromised, the user can change it; it is desirable to have the
same property of revocability or cancelability with biometric
templates.
The outcomes of this study will incorporate the property of
revocability or cancelability with Biometric system without
degrading the performance and efficiency of the system.
ACKNOWLEDGMENT
The authors wish to thanks all the researchers that have done
great work in this research area.
REFERENCES
[1] J. Wayman, et al, (2005), “Biometric Systems Technology, Design and Perfor-
mance Evaluation” (London: Springer). W.-K. Chen, Linear Networks and
Systems. Belmont, Calif.: Wadsworth, pp. 123-135, 1993. (Book style)
[2] A. K. Jain, N.Nandakumar, and A.Nagar, (2008), “Biometric template securi-
ty,” EURASIP Journal on Advances in Signal Processing 2008, 1–17 K. Elissa,
“An Overview of Decision Theory," unpublished. (Unplublished manuscript)
[3] Maltoni, Davide, Maio, Jain, and Prabhakar, (2005), “Handbook of Fingerprint
Recognition” (Springer: New York).
[4] A. K. Jain, A. Ross, and S. Pankanti, (2006), “Biometrics: a tool for information
security,” IEEE Transactions on Information Forensics and Security, vol. 1, no.
2, pp. 125–143, D.S. Coming and O.G. Staadt, "Velocity-Aligned Discrete Ori-
ented Polytopes for Dynamic Collision Detection," IEEE Trans. Visualization
and Computer Graphics, vol. 14, no. 1, pp. 1-12, Jan/Feb 2008,
doi:10.1109/TVCG.2007.70405. (IEEE Transactions )
[5] F. Farooq, R. Bolle,T. Jea, and N. Ratha,, (2007), “Anonymous and revocable
fingerprint recognition,in [Proc. IEEE Computer Vision and Pattern
Recognition ]. H. Goto, Y. Hasegawa, and M. Tanaka, “Efficient Scheduling
Focusing on the Duality of MPL Representation,” Proc. IEEE Symp. Compu-
tational Intelligence in Scheduling (SCIS ’07), pp. 57-64, Apr. 2007,
doi:10.1109/SCIS.2007.367670. (Conference proceedings)
[6] A. Vetro and N. Memon, (2007), “Biometric system security,” in Proceedings
of the 2nd International Conference on Biometrics, Seoul, South Korea.
[7] N. K. Ratha, J. H. Connell, and R. M. Bolle, (2001), “Enhancing security and
privacy in biometrics-based authentication systems,” IBM Systems Journal,
vol. 40.
[8] A. K. Jain, A. Ross, and U. Uludag, (2005), “Biometric template security: chal-
lenges and solutions,” in Proceedings of the Europea n Signal Processing Con-
ference (EUSIPCO ’05), Antalya, Turkey.R.J. Vidmar, “On the Use of Atmos-
pheric Plasmas as Electromagnetic Reflectors,” IEEE Trans. Plasma Science,
vol. 21, no. 3, pp. 876-880, available at
http://www.halcyon.com/pub/journals/21ps03-vidmar, Aug. 1992. (URL
for Transaction, journal, or magzine)
[9] K. Kamal, A.Ghany, A.Hesham. A. E.Hassanien, I. Ghali., (2012), “A Hybrid
approach for biometric template security”. IEEE/ACM International Confer-
ence on Advances in Social Networks Analysis and Mining.
[10] P. Campisi, (2013), "Security and privacy in biometrics: towards a holistic
approach”, Security and Privacy in Biometrics, pp. 1–23: London, Springer.
[11] A. Ross, J. Shah, and A. K. Jain, (2007), “From template to image: reconstruct-
ing fi ngerprint s from mi nutiae p oints,” I EEE Tran sactions o n Patter n Analysi s
and Mac hine Intel ligence, vol. 29.
[12] N.Radha and S.Karthikeyan, (2011), “ An evaluation of fingerprint security
using Noninverti ble Biohash” I nternationa l Journal of Network Security & its
Applications (INSA).
[13] A. Adler, (2005), “Vulnerabilities in biometric encryption systems,” in Pro-
ceedings of the 5th International Conference on Audio- and Video-Based Bi-
ometric Person Authentication (AVBPA, 05), Hilton Rye Town, NY, USA.
[14] S. Krawczyk and A. k. Jain, (2007),”Securing Electronic Medical Records
using Biometric Authentication “.
2322
IJSER
... Sensor scans the biometric trait of the user both at enrollment and verification stages. Quality assessment module examines the scanned image if it is satisfactory to be used for processing [22]. Feature extraction module extract salient information (feature set) from scan image which is called template. ...
View
... Despite the advantages of biometrics-based authentication systems compared to traditional authentication schemes, there are still unresolved problems associated with biometric technology [13]. These problems generally emerge from the security characteristics of biometrics-based systems. ...
View
An Evaluation Of Fingerprint Security Using Noninvertible Biohash
Article
Full-text available
  • Jul 2011
Biometric analysis for identifying verification is becoming a widespread reality. It is a very challenging and tedious task to develop a biometric template protection scheme which is anonymous, revocable and noninvertible while maintaining decent performance. Cancellable biometrics is one of the best methods used to resolve this problem. In this paper, a new method called as BioHashing which follows the technique of cancellable biometrics in the fingerprint domain is proposed. This proposed method does not require the re-alignment of fingerprints as all the minutiae are translated into a pre-defined two dimensional space based on a reference minutia. After that, the proposed Biohashing method is used to enforce the one-way property (non-invertibility) of the biometric template. The proposed approach is very much resistant to minor translation error and rotation distortion. An Equal Error Rates (EER) of less than 1% is achieved in this approach and performance of the approach is also significant.
View
Enhancing Security and Privacy in Biometrics-Based Authentication Systems
Article
Full-text available
  • Jan 2001
  • IBM SYST J
Because biometrics-based authentication offers several advantages over other authentication methods, there has been a significant surge in the use of biometrics for user authentication in recent years. It is important that such biometrics-based authentication systems be designed to withstand attacks when employed in security-critical applications, especially in unattended remote applications such as e-commerce. In this paper we outline the inherent strengths of biometrics-based authentication, identify the weak links in systems employing biometrics-based authentication, and present new solutions for eliminating some of these weak links. Although, for illustration purposes, fingerprint authentication is used throughout, our analysis extends to other biometrics-based methods.
View
From Template to Image: Reconstructing Fingerprints from Minutiae Points
Article
Full-text available
  • May 2007
Most fingerprint-based biometric systems store the minutiae template of a user in the database. It has been traditionally assumed that the minutiae template of a user does not reveal any information about the original fingerprint. In this paper, we challenge this notion and show that three levels of information about the parent fingerprint can be elicited from the minutiae template alone, viz., 1) the orientation field information, 2) the class or type information, and 3) the friction ridge structure. The orientation estimation algorithm determines the direction of local ridges using the evidence of minutiae triplets. The estimated orientation field, along with the given minutiae distribution, is then used to predict the class of the fingerprint. Finally, the ridge structure of the parent fingerprint is generated using streamlines that are based on the estimated orientation field. Line Integral Convolution is used to impart texture to the ensuing ridges, resulting in a ridge map resembling the parent fingerprint. The salient feature of this noniterative method to generate ridges is its ability to preserve the minutiae at specified locations in the reconstructed ridge map. Experiments using a commercial fingerprint matcher suggest that the reconstructed ridge structure bears close resemblance to the parent fingerprint.
View
Security and Privacy in Biometrics: Towards a Holistic Approach
Chapter
  • Jan 2013
Security and privacy in biometric systems have been traditionally seen as two requirements hindering each other. Only in the recent past researchers have started investigating it as a joint optimization problem which needs to be tackled from both a legal, procedural, and a technological point of view. Therefore in this chapter we take a holistic approach and we introduce some basics about the privacy and the security issues which can affect a biometric system and some possible mitigation approaches, both procedural and technological, that can help in designing secure and privacy compliant biometric based recognition systems.
View
View
Biometric Systems: Technology, Design and Performance Evaluation
Article
  • Jan 2005
Biometric Systems provides practitioners with an overview of the principles and methods needed to build reliable biometric systems. It covers three main topics: key biometric technologies, design and management issues, and the performance evaluation of biometric systems for personal verification/identification. The four most widely used technologies are focused on - speech, fingerprint, iris and face recognition. Key features include: in-depth coverage of the technical and practical obstacles which are often neglected by application developers and system integrators and which result in shortfalls between expected and actual performance; and protocols and benchmarks which will allow developers to compare performance and track system improvements.
View
Securing Electronic Medical Records Using Biometric Authentication
Conference Paper
  • Jul 2005
Ensuring the security of medical records is becoming an in- creasingly important problem as modern technology is integrated into existing medical services. As a consequence of the adoption of electronic medical records in the health care sector, it is becoming more and more common for a health professional to edit and view a patient's record us- ing a tablet PC. In order to protect the patient's privacy, as required by governmental regulations in the United States, a secure authentication system to access patient records must be used. Biometric-based access is capable of providing the necessary security. On-line signature and voice modalities seem to be the most convenient for the users in such authenti- cation systems because a tablet PC comes equipped with the associated sensors/hardware. This paper analyzes the performance of combining the use of on-line signature and voice biometrics in order to perform robust user authentication. Signatures are verified using the dynamic program- ming technique of string matching. Voice is verified using a commercial, off the shelf, software development kit. In order to improve the authenti- cation performance, we combine information from both on-line signature and voice biometrics. After suitable normalization of scores, fusion is per- formed at the matching score level. A prototype bimodal authentication system for accessing medical records has been designed and evaluated on a small truly multimodal database of 50 users, resulting in an average equal error rate (EER) of 0.86%.
View
Vulnerabilities in Biometric Encryption Systems
Conference Paper
  • Jul 2005
Biometric encryption systems embed a secret code within a biometric image in a way that it can be decrypted with an image from the enrolled individual. We describe a potential vulnerability in biometric encryption systems that allows a less than brute force regeneration of both the secret code and an estimate of the enrolled image. This vulnerability requires the biometric comparison to "leak" some information from which an analogue for a match score may be calculated. Using this match score value, a "hill-climbing" attack is performed against the algorithm to calculate an estimate of the enrolled image, which is then used to decrypt the code. Results are shown against a simplified implementation of the algorithm of Soutar et al. (1998). Possible extensions of this attack to other biometric encryption algorithms are discussed.
View
Anonymous and revocable fing erprint recogn ition
  • Jan 2007
  • F Farooq
  • R Bolle
  • T Jea
  • N Ratha
F. Farooq, R. Bolle,T. Jea, and N. Ratha,, (2007), "Anonymous and revocable fing erprint recogn ition, " in [Proc. IEE E C om puter Vision and Pattern Recognition ].
Efficient Scheduling Focusing on the Duality of MPL Representation
  • Apr 2007
  • 57-64
  • H Goto
  • Y Hasegawa
  • M Tanaka
H. Goto, Y. Hasegawa, and M. Tanaka, "Efficient Scheduling Focusing on the Duality of MPL Representation," Proc. IEEE Symp. Computational Intelligence in Scheduling (SCIS '07), pp. 57-64, Apr. 2007, doi:10.1109/SCIS.2007.367670. (Conference proceedings)