Many tout biometrics as the key to reducing identify theft and providing significantly improved security. However, unlike passwords, if the database or biometric is ever compromised, the biometric data cannot be changed or revoked. We introduce the concept of BiotopesTM, revocable tokens that protect the privacy of the original user, provide for many simultaneous variations that cannot be linked, and that provide for revocation if compromised. Biotopes can be computed from almost any biometric signature that is a collection of multibit numeric fields. The approach transforms the original biometric signature into an alternative revocable form (the Biotope) that protects privacy while it supports a robust distance metric necessary for approximate matching. Biotopes provide cryptographic security of the identity; support approximate matching in encoded form; cannot be linked across different databases; and are revocable. The most private form of a Biotope can be used to verify identity, but cannot be used for search.We demonstrate Biotopes derived from different face-based recognition algorithms as well as a fingerprint-based Biotope and show that Biotopes improve performance, often significantly!
The robust “distance metric”, computed on the encoded form, is provably identical to application of the same robust metric on the original biometric signature for matching subjects and never smaller for nonmatching subjects. The technique provides cryptographic security of the identity, supports matching in encoded form, cannot be linked across different databases, and is revocable.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bolme, D.S., Beveridge, J.R., Teixeira, M., and Draper, B.A. (2003). The CSU face identification evaluation system: Its purpose, features, and structure. ICVS 2003: 304-313.
Boult, T.E. (2006) Robust distance measures for face recognition supporting revocable biometric tokens, IEEE Conf. on Face and Gesture.
Cambier, J.L., von Seelen, U.M., Glass, R., Moore, R., Scott, I., Braithwaite, M., and Daugman, J. (2002) Application-specific biometric templates.”IEEE Wksp. on Automatic Identification Advanced Technolo-gies, pp.167-171.
Huber, P.J. (1981), Robust Statistics, John Wiley & Sons, New York.
Krause, M. (2001). The expanding surveillance state: Why Colorado should scrap the plan to map every driver’s face and should ban facial recogni-tion in public places, Independence Institute, Issue Paper, Number 8-2001, 2001. Retrieved October 22, 2004 (available from http://i2i.org/articles/8-2001.PDF
Matsumoto, T., Matsumoto, H., Yamada, K., and Hoshino, S. (2002) Impact of artificial “gummy” fingers on fingerprint systems, Proceedings of SPIE Vol. # 4677, Optical Security and Counterfeit Deterrence Techniques IV. ORC International 2002. Public attitudes toward the uses of public attitudes toward the uses of biometric identification biometric identification technologies by government technologies by government and the private sector and the private sector.
Phillips, P.J., Moon, H., Rizvi, S.A., and Rauss P.J. (2000) The FERET evaluation methodology for face-recognition algorithms. IEEE Trans. on PAMI, 22 (10): 1090-1104.
Ratha, N., Connell, J., and Bolle R. (2001) Enhancing security and privacy in biometrics-based authentication systems, IBM Syst. J., 40(3): 614-634,
Ratha, N.K., Chikkerur, S., Connell, J.H., and Bolle R.M. (2007) Generating cancelable fingerprint templates, IEEE PAMI, Special issue on Biometrics Vol. 29, No. 4, pp. 561-572, April 2007.
Savvides, M., Kumar, B.V.K., and Khosla, P.K. (2004) Authentication-invariant cancellable biometric filters for illumination-tolerant face verification. Proc. SPIE Vol. 5404, pp. 156-163, Biometric Technology for Human Identification.
Teoh, A., Jin, B., Ngo, D., Ling, C., and Goh, A. (2004): Biohashing: Two factor authentication featuring fingerprint data and tokenised random number. Patt. Recogn. 37(11): 2245-2255.
Thieme, M. (2003), International Biometrics Group, Presentation at 13th Annual Conference on Computers, Freedom & Privacy, New York, April 2003.
Tuyls, P., Akkermans, A.H., Kevenaar, T.A., Schrijen, G.J., Bazen, A.M., and Veldhuis R.N. (2005) Practical biometric authentication with template protection. In AVBPA, pp. 436-446.
Uludag, U., Pankanti, S., Prabhakar, S., and Jain, A.K. (2004) Biometric cryptosystems: Issues and challenges, Proc. IEEE, 92(6).
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag London Limited
About this chapter
Cite this chapter
Boult, T.E., Woodworth, R. (2008). Privacy and Security Enhancements in Biometrics. In: Ratha, N.K., Govindaraju, V. (eds) Advances in Biometrics. Springer, London. https://doi.org/10.1007/978-1-84628-921-7_22
Download citation
DOI: https://doi.org/10.1007/978-1-84628-921-7_22
Publisher Name: Springer, London
Print ISBN: 978-1-84628-920-0
Online ISBN: 978-1-84628-921-7
eBook Packages: Computer ScienceComputer Science (R0)