Abstract
We design a consecution of protocols which allows organizations to have secure strong access control of their users to their desktop machines based on biometry. It provides both strong secure authentication and privacy. Moreover, our mechanism allows the system admins to grant a various level of access to their end-users by fine tuning access control policy. Our system implements privacy-by-design. It separates biometric data from identity information. It is practical: we fully implemented our protocols as a proof of concept for a hospital. We use a 3D fingervein scanner to capture the biometric data of the user on a Raspberry Pi. For the biometry part, we developed an optimal way to aggregate scores using sequential distinguishers. It trades desired \(\mathsf {FAR}\) and \(\mathsf {FRR}\) against an average number of biometric captures.
F. Betül Durak—The work was done when the author was in LASEC/EPFL.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
\(\mathsf {FAR}\) is the false acceptance rate, i.e. the probability that a wrong finger is accepted, \(\mathsf {FRR}\) is the false rejection rate, i.e. the probability that the right finger is rejected.
- 3.
A new version is currently under development.
References
Anjos, A., Günther, M., de Freitas Pereira, T., Korshunov, P., Mohammadi, A., Marcel, S.: Continuously reproducing toolchains in pattern recognition and machine learning experiments. In: International Conference on Machine Learning (ICML), August 2017
Anjos, A., El Shafey, L., Wallace, R., Günther, M., McCool, C., Marcel, S.: Bob: a free signal processing and machine learning toolbox for researchers. In: 20th ACM Conference on Multimedia Systems (ACMMM), Nara, Japan, October 2012
Balli, F., Durak, F.B., Vaudenay, S.: BioID: a privacy-friendly identity document. In: Mauw, S., Conti, M. (eds.) STM 2019. LNCS, vol. 11738, pp. 53–70. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-31511-5_4
Canvel, B., Hiltgen, A., Vaudenay, S., Vuagnoux, M.: Password interception in a SSL/TLS channel. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 583–599. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45146-4_34
Daas, S., Boughazi, M., Sedhane, M., Bouledjfane, B.: A review of finger vein biometrics authentication system. In: 2018 International Conference on Applied Smart Systems (ICASS), pp. 1–6, November 2018
Durak, F.B., Huguenin-Dumittan, L., Vaudenay, S.: BioLocker: a practical biometric authentication mechanism based on 3D fingervein. Cryptology ePrint Archive, Report 2020/453 (2020). https://eprint.iacr.org/2020/453
Fahmy, M.S., Atyia, A.F., Elfouly, R.S.: Biometric fusion using enhanced SVM classification. In: 2008 International Conference on Intelligent Information Hiding and Multimedia Signal Processing, pp. 1043–1048, August 2008
Junod, P.: On the optimality of linear, differential, and sequential Distinguishers. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 17–32. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-39200-9_2
Kabir, W., Ahmad, M.O., Swamy, M.N.S.: Normalization and weighting techniques based on genuine-impostor score fusion in multi-biometric systems. IEEE Trans. Inf. Forensics Secur. 13(8), 1989–2000 (2018)
Kang, W., Liu, H., Luo, W., Deng, F.: Study of a full-view 3D finger vein verification technique. IEEE Trans. Inf. Forensics Secur. 15, 1175–1189 (2020)
Lee, E.C., Lee, H.C., Park, K.R.: Finger vein recognition using minutia-based alignment and local binary pattern-based feature extraction. Int. J. Imag. Syst. Technol. 19(3), 179–186 (2009)
Lumini, A., Nanni, L.: Overview of the combination of biometric matchers. Inf. Fusion 33, 71–85 (2017)
Ma, Y., Cukic, B., Singh, H.: A classification approach to multi-biometric score fusion. In: Kanade, T., Jain, A., Ratha, N.K. (eds.) AVBPA 2005. LNCS, vol. 3546, pp. 484–493. Springer, Heidelberg (2005). https://doi.org/10.1007/11527923_50
Miura, N., Nagasaka, A., Miyatake, T.: Feature extraction of finger-vein patterns based on repeated line tracking and its application to personal identification. Mach. Vision Appl. 15(4), 194–203 (2004)
Miura, N., Nagasaka, A., Miyatake, T.: Extraction of finger-vein patterns using maximum curvature points in image profiles. IEICE Trans. 90-D(8), 1185–1194 (2007)
Nandakumar, K., Chen, Y., Dass, S.C., Jain, A.: Likelihood ratio-based biometric score fusion. IEEE Trans. Pattern Anal. Mach. Intell. 30(2), 342–347 (2008)
Ni, L., Zhang, Y., Liu, S., Huang, H., Li, W.: A decision reliability ratio based fusion scheme for biometric verification. In: Proceedings of the 9th International Conference on Bioinformatics and Biomedical Technology, ICBBT 2017, New York, NY, USA, pp. 16–21. ACM (2017)
Shaheed, K., Liu, H., Yang, G., Qureshi, I., Gou, J., Yin, Y.: A systematic review of finger vein recognition techniques. Information 9(9), 213 (2018)
Siegmund, D.: Sequential Analysis: Tests and Confidence Intervals. Springer Series in Statistics. Springer, New York (1985). https://doi.org/10.1007/978-1-4757-1862-1
Syazana-Itqan, K., Syafeeza, A.R., Saad, N.M., Hamid, N.A., Saad, W.H.B.M.: A review of finger-vein biometrics identification approaches. Indian J. Sci. Technol. 9(32), 1–9 (2016)
Tome, P., Vanoni, M., Marcel, S.: On the vulnerability of finger vein recognition to spoofing. In: Brömme, A., Busch, C. (eds.) Proceedings of the 13th International Conference of the Biometrics Special Interest Group, BIOSIG 2014, Volume 230 of Lecture Notes in Informatics, Darmstadt, Germany, 10–12 September 2014, pp. 111–120. Gesellschaft für Informatik (2014)
Ton, B.T., Veldhuis, R.N.J.: A high quality finger vascular pattern dataset collected using a custom designed capturing device. In: Fiérrez, J., Kumar, A., Vatsa, M., Veldhuis, R.N.J., Ortega-Garcia, J. (eds.) International Conference on Biometrics, ICB 2013, 4–7 June 2013, Madrid, Spain, pp. 1–5. IEEE (2013)
Ulery, B., Hicklin, A., Watson, C., Fellner, W., Hallinan, P.: Studies of biometric fusion. NIST Interagency Report, 7346 (2006)
Wang, Y., Xie, W., Xiaojie, Yu., Shark, L.-K.: An automatic physical access control system based on hand vein biometric identification. IEEE Trans. Consum. Electron. 61(3), 320–327 (2015)
Yang, W., et al.: Securing mobile healthcare data: a smart card based cancelable finger-vein bio-cryptosystem. IEEE Access 6, 36939–36947 (2018)
Acknowledgement
The authors are grateful to Lambert Sonna and the Global ID SA company for having sponsored this project. We also thank Dóra Neubrandt for her contribution in biometric acquisition and extraction.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Durak, F.B., Huguenin-Dumittan, L., Vaudenay, S. (2020). \(\mathsf {BioLocker}\): A Practical Biometric Authentication Mechanism Based on 3D Fingervein. In: Conti, M., Zhou, J., Casalicchio, E., Spognardi, A. (eds) Applied Cryptography and Network Security. ACNS 2020. Lecture Notes in Computer Science(), vol 12147. Springer, Cham. https://doi.org/10.1007/978-3-030-57878-7_4
Download citation
DOI: https://doi.org/10.1007/978-3-030-57878-7_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-57877-0
Online ISBN: 978-3-030-57878-7
eBook Packages: Computer ScienceComputer Science (R0)