Abstract
We investigate in this paper the need to managing a user’s private credentials using privacy-preserving biometrics, define several private credential management work models under different trust models between a user and an external party. A general pipeline using privacy-preserving biometrics for private credential management is proposed to achieve the purpose of biometric template protection, biometric-secret binding, and biometric recognition accuracy performance improvement. The proposed scheme was implemented and tested in the European CIP project PIDaaS, and demonstrated advantages in privacy preservation and accuracy performance preservation.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Google Identity Platform. https://developers.google.com/identity/
Facebook Login. https://developers.facebook.com/docs/facebook-login/
Claim-Based Identity. https://en.wikipedia.org/wiki/Claims-based_identity
Alrodhan, W., Mitchell, C.: Enhancing user authentication in claim-based identity management. In: 2010 International Symposium on Collaborative Technologies and Systems, pp. 75–83 (2010)
Yang, B., Chu, H., Li, G., Petrovic, S., Busch, C.: Cloud password manager using privacy-preserved biometrics. In: Proceedings of 2014 IEEE International Conference on Cloud Engineering (2014)
ISO/IEC 24745: Biometric information protection (2011)
FIDO Alliance. https://fidoalliance.org/
Nandakumar, K., Jain, A.: Biometric template protection: bridging the performance gap between theory and practice. IEEE Sig. Process. Mag. 32(5), 88–100 (2015)
Bui, F., Martin, K., Lu, H., Plataniotis, K., Hatzinakos, D.: Fuzzy key binding strategies based on quantization index modulation (QIM) for biometric encryption (BE) applications. IEEE Trans. Inf. Forensics Secur. 5(1), 118–132 (2010)
Juels, A., Wattenberg, M.: A fuzzy commitment scheme. In: Proceedings of the 6th ACM Conference on Computer and Communications Security, pp. 28–36 (1999)
Juels, A., Sudan, M.: A fuzzy vault scheme. Des. Codes Crypto. 38(2), 237–257 (2006)
Buhan, I., Doumen, J., Hartel, P., Veldhuis, R.: Constructing practical fuzzy extractors using QIM centre for telematics and information technology. University of Twente, Enschede, Technical report. TR-CTIT-07-52, pp. 1381-3625 (2007)
Sutcu, Y., Li, Q., Memon, N.: Protecting biometric templates with sketch: theory and practice. IEEE Trans. Inf. Forensics Secur. 2(3), 503–512 (2007)
Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. SIAM J. Comp. 38(1), 97–139 (2008)
Teoh, A., Ngo, D., Goh, A.: Biohashing: two factor authentication featuring fingerprint data and tokenised random number. Pattern Recogn. 37(11), 2245–2255 (2004)
Yang, B., Busch, C., Gafurov, D., Bours, P.: Renewable minutiae templates with tunable size and security. In: ICPR, pp. 878–881 (2010)
Yang, B., Hartung, D., Simoens, K., Busch, C.: Dynamic random projection for biometric template protection. In: IEEE BTAS, pp. 1–7 (2010)
Simoens, K., et al.: Criteria towards metrics for benchmarking template protection algorithms. In: ICB (2012)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Yang, B., Li, G. (2018). Managing Private Credentials by Privacy-Preserving Biometrics. In: Saracino, A., Mori, P. (eds) Emerging Technologies for Authorization and Authentication. ETAA 2018. Lecture Notes in Computer Science(), vol 11263. Springer, Cham. https://doi.org/10.1007/978-3-030-04372-8_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-04372-8_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-04371-1
Online ISBN: 978-3-030-04372-8
eBook Packages: Computer ScienceComputer Science (R0)