Skip to main content Accessibility help

We use cookies to distinguish you from other users and to provide you with a better experience on our websites. Close this message to accept cookies or find out how to manage your cookie settings.

Close cookie message
×
Hostname: page-component-848d4c4894-v5vhk Total loading time: 0 Render date: 2024-06-16T12:25:34.607Z Has data issue: false hasContentIssue false

16 - Joint Privacy and Security of Multiple Biometric Systems

from Part IV - Data Systems and Related Applications

Published online by Cambridge University Press:  28 June 2017

By
A. Goldberg  and
S. C. Draper
Edited by
Rafael F. Schaefer ,
Holger Boche ,
Ashish Khisti  and
H. Vincent Poor
A. Goldberg
Affiliation:
Department of Electrical and Computer Engineering, University of Toronto
S. C. Draper
Affiliation:
Department of Electrical and Computer Engineering, University of Toronto
Rafael F. Schaefer
Affiliation:
Technische Universität Berlin
Holger Boche
Affiliation:
Technische Universität München
Ashish Khisti
Affiliation:
University of Toronto
H. Vincent Poor
Affiliation:
Princeton University, New Jersey
Get access

Summary

This paper explores the design of biometric authentication in the context of a single user that has enrolled in multiple (distinct) authentication systems. The compromise of some subset of these systems will generally impact both the privacy of the user's biometric information and the security of the balance of the systems. In this work we consider how to design the systems jointly to minimize losses in privacy and security in the case of such compromise. It turns out that there is a tension between the two objectives, resulting in a privacy/security tradeoff.We introduce worst-case privacy and security measures, and consider the tradeoff between them, in the context of the “secure sketch” architecture. Secure sketch systems are based on error correction codes, and the considerations of joint design that we pose result in a novel code design problem. We first study the design problem algebraically and identify an equivalence with a type of subspace packing problem. While the packing problem fully characterizes the design space, it does not yield an explicit characterization. We then turn to a “fixed-basis” subspace of the general design space. We map a relaxed version of the fixed-basis design problem to a linear program which, after exploiting much symmetry, leads to an explicit tradeoff between security and privacy. While we show that fixed-basis designs are restrictive in terms of the achievable privacy/security tradeoffs, they have the advantage of being easily mapped to existing codes (e.g., low-density parity check codes), and thence to immediate deployment. Finally, we conjecture that the achievable privacy/security tradeoff of fixed-basis designs is characterized by an extremely simple analytic expression, one that matches our numerical results.

Introduction

The goal of an authentication system is to ensure that only legitimate individuals gain access to a secured resource or area. Increasingly popular are methods of authentication that use biometric data – unique information present in a person's physical attributes. An example of such a biometric system is a laptop-mounted fingerprint scanner, or an iris scanner at an airport.

Type
Chapter
Information
Information Theoretic Security and Privacy of Information Systems , pp. 445 - 472
Publisher: Cambridge University Press
Print publication year: 2017

Access options

Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

References

[1] A., Jain, P., Flynn, and A., Ross, Handbook of Biometrics. New York: Springer, 2008.
[2] P., Reid, Biometrics and Network Security. Upper Saddle River, NJ: Prentice Hall, 2003.
[3] N., Ratha, J., Connell, and R., Bolle, “Enhancing security and privacy in biometrics-based authentication systems,” IBM Syst. J., vol. 40, no. 3, pp. 614–634, 2001.Google Scholar
[4] P., Campisi, Security and Privacy in Biometrics. New York: Springer, 2013.
[5] T., Ignatenko and F. M. J., Willems, Privacy Leakage in Binary Biometric Systems: From Gaussian to Binary Data. London: Springer, 2013, pp. 105–122.
[6] Y., Wang, S., Rane, S. C., Draper, and P., Ishwar, “A theoretical analysis of authentication, privacy and reusability across secure biometric systems,” IEEE Trans. Inf. Forensics Security, vol. 7, no. 6, pp. 1825–1840, Dec. 2012.Google Scholar
[7] L., Lai, S.-W., Ho, and H. V., Poor, “Privacy–security trade-offs in biometric security systems – Part II: Multiple use case,” IEEE Trans. Inf. Forensics Security, vol. 6, no. 1, pp. 140–151, Mar. 2011.Google Scholar
[8] R., Koetter and F., Kschischang, “Coding for errors and erasures in random network coding,” IEEE Trans. Inf. Theory, vol. 54, no. 8, pp. 3579–3591, Aug. 2008.Google Scholar
[9] A., Khaleghi, D., Silva, and F., Kschischang, Subspace Codes, ser. Lecture Notes in Computer Science, vol. 5921, pp. 1–21. Berlin, Heidelberg: Springer, 2009.
[10] A., Dimakis, P., Godfrey, Y., Wu, M., Wainwright, and K., Ramchandran, “Network coding for distributed storage systems,” IEEE Trans. Inf. Theory, vol. 56, no. 9, pp. 4539–4551, Sep. 2010.Google Scholar
[11] P., Sobe and K., Peter, “Comparison of redundancy schemes for distributed storage systems,” in IEEE Int. Symp. Network Computing and Apps., Cambridge, MA, USA, Jul. 2006, pp. 196–203.
[12] A., Shamir, “How to share a secret,” Commun. ACM, vol. 22, no. 11, pp. 612–613, Nov. 1979.Google Scholar
[13] Y., Sutcu, S., Rane, J. S., Yedidia, S., Draper, and A., Vetro, “Feature extraction for a Slepian–Wolf biometric system using LDPC codes,” in Proc. IEEE Int. Symp. Inf. Theory, Toronto, ON, Canada, Jul. 2008, pp. 2297–2301.
[14] D., Silva and F., Kschischang, “On metrics for error correction in network coding,” IEEE Trans. Inf. Theory, vol. 55, no. 12, pp. 5479–5490, Dec. 2009.Google Scholar
[15] E., Erkut, “The discrete p-dispersion problem,” European J. Operational Research, vol. 46, no. 1, pp. 48–60, May 1990.Google Scholar
[16] A., Goldberg and S. C., Draper, “The privacy/security tradeoff across jointly designed linear authentication systems,” in Proc. 52nd Annual Allerton Conf. Commun., Control, Computing, Monticello, IL, USA, Sep. 2014, pp. 1279–1286.
[17] K., Metsch, “A characterization of Grassmann graphs,” Eur. J. Combinatorics, vol. 16, no. 6, pp. 639–644, Nov. 1995.Google Scholar
[18] J., Kosiorek, A., Matras, and M., Pankov, “Distance preserving mappings of Grassmann graphs,” Beitr. Algebra Geom., vol. 49, no. 1, pp. 233–242, Jan. 2008.Google Scholar
[19] R., Bailey and K., Meagher, “On the metric dimension of Grassmann graphs,” Discrete Math. & Theoretical Computer Science, no. 4, pp. 97–104, Jan. 2011.Google Scholar
[20] D., Djokovic, “Distance-preserving subgraphs of hypercubes,” J. Comb. Theory B, vol. 14, no. 3, pp. 263–267, Jun. 1973.Google Scholar
[21] H., Cheung, T., Kwok, and L., Lau, “Fast matrix rank algorithms and applications,” in ACM Symp. Theory Computing, New York, NY, USA, May 2012, pp. 549–562.
[22] A., Goldberg, “The privacy/security tradeoff for multiple secure sketch biometric authentication systems,” Master's thesis, Univ. of Toronto, 2015.

Save book to Kindle

To save this book to your Kindle, first ensure coreplatform@cambridge.org is added to your Approved Personal Document E-mail List under your Personal Document Settings on the Manage Your Content and Devices page of your Amazon account. Then enter the ‘name’ part of your Kindle email address below. Find out more about saving to your Kindle.

Note you can select to save to either the @free.kindle.com or @kindle.com variations. ‘@free.kindle.com’ emails are free but can only be saved to your device when it is connected to wi-fi. ‘@kindle.com’ emails can be delivered even when you are not connected to wi-fi, but note that service fees apply.

Find out more about the Kindle Personal Document Service.

Available formats
×

Save book to Dropbox

To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Dropbox.

Available formats
×

Save book to Google Drive

To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Google Drive.

Available formats
×