Abstract
Biometric authentication is being vastly used in identity verification for several IoT applications, nowadays. The security and privacy of the biometrics templates used in the authentication process becomes mandatory as it contains rich personal information of the user. Cancelable Biometric System (CBS) is a template securing approach using repeated distortions/transformations at feature/signal level. It is an effective template securing approach which provides non-invertibility, revocability and diversity to the users enrolled with the cancelable template database. The cancelable template database containing cancelable biometric templates of the users is typically stored in a trusted standalone server. To meet the growing demand of IoT applications, cloud computing with provision to store and process even large database, is being largely deployed. However, the security and privacy of the data stored in the cloud is uncertain. In this paper, we have proposed a novel partial DCT-based CBS with privacy and security preservation for providing authentication services in various IoT applications. We have also devised techniques for session key agreement, data encryption and data integrity in the proposed framework to solve the issues of confidentiality, integrity, and availability (CIA) during cancelable template enrolment and authentication. The experimental results and analysis prove that proposed approach performs user authentication with high accuracy and minimal overhead while preserving security and privacy of sensitive cancelable biometric templates.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Amin R, Islam SH, Biswas GP, Khan MK, Li X (2015) Cryptanalysis and enhancement of anonymity preserving remote user mutual authentication and session key agreement scheme for e-health care systems. J Med Syst 39(11):140
Atzori L, Antonio I, Giacomo M (2010) The internet of things: a survey. Comput Netw 54(15):2787–2805
Bolle RM, Connell JH, Ratha NK (2002) Biometric perils and patches. Pattern Recogn 35(12):2727–2738
Bommagani AS, Valenti MC and A. Ross, (2014) A framework for secure cloud-empowered mobile biometrics. Military Communications Conference (MILCOM)
Bringer J, Morel C, Rathgeb C (2017) Security analysis and improvement of some biometric protected templates based on bloom filters. Image Vis Comput 58:239–253
Buchholz JJ (2001) Advanced encryption standard. International workshop on FAST software encryption
Burrows M, Abadi M, Needham RM (1989) A logic of authentication. Proc Royal Soc London A: Math Phys Eng Sci 426(1871):233–271
Chang YF, Tai WL, Chang HC (2014) Untraceable dynamic identity-based remote user authentication scheme with verifiable password update. Int J Commun Syst 27(11):3430–3440
Chiou S-Y, Ying Z, Liu J (2016) Improvement of a privacy authentication scheme based on cloud for medical environment. J Med Syst 40(4):101
Chou JS, Huang CH, Huang YS, Chen Y (2013) Efficient two-pass anonymous identity authentication using smart card. IACR Cryptology ePrint Arch 2013(1):402
Das AK, Goswami A (2013) A secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. J Med Syst 37(3):9948
Diffie W, Hellman M (1976) New directions in cryptography. IEEE Trans Inf Theory 22(6):644–654
E. Parliament (2016) EU Regulation 2016/679 [Online]. Available: http://ec.europa.eu/justice/data-protection/reform/index_en.htm
Eastlake D. 3rd, Jones P (2001) US secure hash algorithm 1 (SHA1). RFC 3174
FingerprintVerification Competition (2002) [Online]. Available: http://bias.csr.unibo.it/fvc2002/
FingerprintVerification Competition (2004) [Online]. Available: http://bias.csr.unibo.it/fvc2004/
Gomez-Barrero M, Maiorana E, Galbally J, Campisi P, Fierrez J (2017) Multi-biometric template protection based on homomorphic encryption. Pattern Recogn 67(1):149–163
Haghighat M, Zonouz S, Abdel-Mottaleb M (2015) CloudID: trustworthy cloud-based and cross-enterprise biometric identification. Expert Syst Appl 42(21):7905–7916
Hämmerle-Uhl J, Pschernig E, Uhl A (2009) Cancelable Iris biometrics using block re-mapping and image warping. International conference on information security, Pisa, Italy
Hu P, Ning H, Qiu T, Xu Y, Luo X, Sangaiah AK (2017) A unified face identification and resolution scheme using cloud computing in internet of things. Future Generation Computer Systems
Hu S, Li M, Wang Q, Chow SS, Du M (2018) Outsourced biometric identification with privacy. IEEE Trans Inform Forensics Sec 13(10):2448–2463
Huang X, Liu JK, Shaohua T, Yang X, Kaitai L, Li X, Jianying Z (2015) Cost-effective authentic and anonymous data sharing with forward security. IEEE Trans Comput 64(4):971–983
Jin Z, Lim M-H, Teoh ABJ, Goi B-M (2014) A non-invertible randomized graph-based hamming embedding for generating cancelable fingerprint template. Pattern Recogn Lett 42:137–147
Karabat C, Erdogan H (2009) A cancelable biometric hashing for secure biometric verification system. Fifth International Conference on Intelligent Information Hiding and Multimedia Signal Process
Kumar S, Singh SK, Singh AK, Tiwari S, Singh RS (2018) Privacy preserving security using biometrics in cloud computing. Multimed Tools Appl 77(9):11017–11039
Li C-T, Hwang M-S (2010) An efficient biometrics-based remote user authentication scheme using smart cards. J Netw Comput Appl 33(1):1–5
Liang K, Susilo W, Liu JK (2015) Privacy-preserving ciphertext multi-sharing control for big data storage. IEEE Trans Inform Forensics Sec 10(8):1578–1589
Lumini A, Nanni L (2007) An improved biohashing for human authentication. Pattern Recogn 40(3):1057–1065
Maiorana E, Campisi P, Neri A (2011) Bioconvolving: cancelable templates for a multi-biometrics signature recognition system. IEEE Int Syst Conf
Ouda O, Tsumura N, Nakaguchi T (2010) Tokenless cancelable biometrics scheme for protecting iris codes. 20th international conference pattern recognition (ICPR)
Peer P, Bule J, Gros JZ, Struc V (2013) Building cloud-based biometric services. Informatic-a 37(2):115
Proaski JG, Manolakis DG (1996) Digital signal processing, principles, algorithm, and applications, Prentice Hall
Punithavathi P, Geetha S (2017) Can cancellable biometrics preserve privacy? Biometric Technol Today 2017(7):8–11
Punithavathi P, Geetha S (2017) Random projection-based cancelable template generation for sparsely distributed biometric patterns. Indonesian J Electric Eng Comput Sci 7(3):877–886
Punithavathi P, Geetha S, Sasikala S (2017) Generation of cancelable Iris template using bi-level transformation. Proceedings of the 6th International Conference on Bioinformatics and Biomedical Science, Singapore
Rao K, Yip P (1990) Discrete cosine transform: algorithms, advantages, applications. Academic Press, Boston DISCRETE COSINE TRANSFORM
Ratha NK, Chen S, Jain AK (1995) Adaptive flow orientation-based feature extraction in fingerprint images. Pattern Recogn 28(11):1657–1672
Ratha NK, Chikkerur S, Connell JH, Bolle RM (2007) Generating cancelable fingerprint templates. IEEE Trans Pattern Anal Mach Intell 29(4):561–572
Rezaei M, Valipour M, Valipour M (2016) Modelling evapotranspiration to increase the accuracy of the estimations based on the climatic parameters. Water Conserv Sci Eng 1(3):197–207
Teoh ABJ, Yuang CT (2007) Cancelable biometrics realization with multispace random projections. IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics)
Wang S, Hu J (2016) A blind system identification approach to cancelable fingerprint templates. Pattern Recogn 54:14–22
Wang XM, Zhang WF, Zhang JS, Khan MK (2007) Cryptanalysis and improvement on two efficient remote user authentication scheme using smart cards. Comput Standards Interfaces 29(5):507–512
Wang Y, Liu JY, Xiao FX, Dan J (2009) A more efficient and secure dynamic id-based remote user authentication scheme. Comput Commun 32(4):583–585
Wang S, Yang W, Hu J (2017) Design of alignment-free cancelable fingerprint templates with zoned minutia pairs. Pattern Recogn 66(1):295–301
Wang S, Deng G, Hu J (2017) A partial Hadamard transform approach to the design of cancelable fingerprint templates containing binary biometric representations. Pattern Recogn 61(1):447–458
Wen F, Li X (2012) An improved dynamic ID-based remote user authentication with key agreement scheme. Comput Electric Eng 38(2):381–387
Wu Z, Tian L, Li P, Wu T, Jiang M, Wu C (2017) Generating stable biometric keys for flexible cloud computing authentication using finger vein. Inf Sci
Xhafa F, Wang J, Chen X, Liu JK, Li J, Krause P (2014) An efficient PHR service system supporting fuzzy keyword search and fine-grained access control. Soft Comput 18(9):1795–1802
Yuan J, Yu S (2013) Efficient privacy-preserving biometric identification in cloud computing. INFOCOM, 2013 Proceedings IEEE
Acknowledgements
The authors would like to thank the Management and Staff of Vellore Institute of Technology, Chennai Campus. The first author is supported by Visvesvaraya PHD scheme an initiative of Digital India Corporation under Ministry of Electronics and Information Technology, Government of India.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Punithavathi, P., Geetha, S. Partial DCT-based cancelable biometric authentication with security and privacy preservation for IoT applications. Multimed Tools Appl 78, 25487–25514 (2019). https://doi.org/10.1007/s11042-019-7617-1
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11042-019-7617-1