改进证据理论的多生物特征融合方法

多生物特征融合考虑了个体的多种生理或行为特征,因而能显著地改善系统的识别性能,成为生物特征识别技术未来发展趋势之一。利用训练样本的识别率和误识率,提出了基于证据理论的多生物特征融合识别方法;对各识别专家的识别率和误识率进行分析,提出了一种基于累积频率和证据理论（Cumulative Frequency based D-S,CFDS）的多生物特征融合方法;通过几个实验证明了改进的D-S算法的有效性,提高了合成结果的可靠性。     

Group-specific face verification using soft biometrics

Soft biometrics have been recently proposed for improving the verification performance of biometric recognition systems. Examples of soft biometrics are skin, eyes, hair colour, height, and ethnicity. Some of them are often cheaper than “hard”, standard biometrics (e.g., face and fingerprints) to extract. They exhibit a low discriminant power for recognizing persons, but can add some evidences about the personal identity, and can be useful for a particular set of users. In particular, it is possible to argue that users with a certain high discriminant soft biometric can be better recognized. Identifying such users could be useful in exploiting soft biometrics at the best, as deriving an appropriate methodology for embedding soft-biometric information into the score computed by the main biometric.In this paper, we propose a group-specific algorithm to exploit soft-biometric information in a biometric verification system. Our proposal is exemplified using hair colour and ethnicity as soft biometrics and face as biometric. Hair colour and information about ethnicity can be easily extracted from face images, and used only for a small number of users with highly discriminant hair colour or ethnicity. We show by experiments that for those users, hair colour or ethnicity strongly contributes to reduce the false rejection rate without a significant impact on the false acceptance rate, whilst the performance does not change for other users.     

Investigating fusion approaches in multi-biometric cancellable recognition

Cancellable biometrics has recently been introduced in order to overcome some privacy issues about the management of biometric data, aiming to transform a biometric trait into a new but revocable representation for enrolment and identification (verification). Therefore, a new representation of original biometric data can be generated in case of being compromised. Additionally, the use multi-biometric systems are increasingly being deployed in various biometric-based applications since the limitations imposed by a single biometric model can be overcome by these multi-biometric recognition systems. In this paper, we specifically investigate the performance of different fusion approaches in the context of multi-biometrics cancellable recognition. In this investigation, we adjust the ensemble structure to be used for a biometric system and we use as examples two different biometric modalities (voice and iris data) in a multi-biometrics context, adapting three cancellable transformations for each biometric modality.     

Online risk-based authentication using behavioral biometrics

In digital home networks, it is expected that independent smart devices communicate and cooperate with each other, without the knowledge of the fundamental communication technology, on the basis of a distributed operating system paradigm. In such context, securing the access rights to some objects such as data, apparatus, and contents, is still a challenge. This paper introduces a risk-based authentication technique based on behavioral biometrics as solution approach to tackle this challenge. Risk-based authentication is an increasingly popular component in the security architecture deployed by many organizations to mitigate online identity fraud. Risk-based authentication uses contextual and historical information extracted from online communications to build a risk profile for the user that can be used accordingly to make authentication and authorization decisions. Existing risk-based authentication systems rely on basic web communication information such as the source IP address or the velocity of transactions performed by a specific account, or originating from a certain IP address. Such information can easily be spoofed, and as such, put in question the robustness and reliability of the proposed systems. In this paper, we propose a new online risk-based authentication system that provides more robust user identity information by combining mouse dynamics and keystroke dynamics biometrics in a multimodal framework. We propose a Bayesian network model for analyzing free keystrokes and free mouse movements involved in web sessions. Experimental evaluation of our proposed model with 24 participants yields an Equal Error Rate of 8.21 %. This is very encouraging considering that we are dealing with free text and free mouse movements, and the fact that many web sessions tend to be very short.     

A 3D face and hand biometric system for robust user-friendly authentication

A complete authentication system based on fusion of 3D face and hand biometrics is presented and evaluated in this paper. The system relies on a low cost real-time sensor, which can simultaneously acquire a pair of depth and color images of the scene. By combining 2D and 3D facial and hand geometry features, we are able to provide highly reliable user authentication robust to appearance and environmental variations. The design of the proposed system addresses two basic requirements of biometric technologies: dependable performance under real-world conditions along with user convenience. Experimental evaluation on an extensive database recorded in a real working environment demonstrates the superiority of the proposed multimodal scheme against unimodal classifiers in the presence of numerous appearance and environmental variations, thus making the proposed system an ideal solution for a wide range of real-world applications, from high-security to personalization of services and attendance control.     

Intelligent agents for the management of complexity in multimodal biometrics

Current approaches to personal identity authentication using a single biometric technology are limited, principally because no single biometric is generally considered both sufficiently accurate and user-acceptable for universal application. Multimodal biometrics can provide a more adaptable solution to the security and convenience requirements of many applications. However, such an approach can also lead to additional complexity in the design and management of authentication systems. Additionally, complex hierarchies of security levels and interacting user/provider requirements demand that authentication systems are adaptive and flexible in configuration. In this paper we consider the integration of multimodal biometrics using intelligent agents to address issues of complexity management. The work reported here is part of a major project designated IAMBIC (Intelligent Agents for Multimodal Biometric Identification and Control), aimed at exploring the application of the intelligent agent metaphor to the field of biometric authentication. The paper provides an introduction to a first-level architecture for such a system, and demonstrates how this architecture can provide a framework for the effective control and management of access to data and systems where issues of privacy, confidentiality and trust are of primary concern. Novel approaches to software agent design and agent implementation strategies required for this architecture are also highlighted. The paper further shows how such a structure can define a fundamental paradigm to support the realisation of universal access in situations where data integrity and confidentiality must be robustly and reliably protected .     

基于RSA的数字认证技术

数字认证是各类网络环境下的控制系统、嵌入式系统中的关键技术，是保证系统安全和可靠的基石。文章介绍了用RSA公开密钥体制实现的数字认证技术，可以有效地实现入网设备的数字认证功能。     

A review on performance,security and various biometric template protection schemes for biometric authentication systems

Identifying a person based on their behavioral and biological qualities in an automated manner is called biometrics. The authentication system substituting traditional password and token for authentication and relies gradually on biometric authentication methods for verification of the identity of an individual. This proves the fact that society has started depending on biometric-based authentication systems. Security of biometric authentication needs to be reviewed and discussed as there are multiple points related to integrity and public reception of biometric-based authentication systems. Security and recognition accuracy are the two most important aspects which must be considered while designing biometric authentication systems. During enrollment phase scanning of biometric data is done to determine a set of distinct biometric feature set known as biometric template. Protection of biometric templates from various hacking efforts is a topic of vital importance as unlike passwords or tokens, compromised biometric templates cannot be reissued. Therefore, giving powerful protection techniques for biometric templates and still at that very moment preparing great identification accuracy is a good research problem nowadays, as well as in the future. Furthermore, efficiency under non-ideal conditions is also supposed to be inadequate and thus needs special attention in the design of a biometric authentication system. Disclosure of various biometric traits in miscellaneous applications creates a severe compromise on the privacy of the user. Biometric authentication can be utilized for remote user authentication. In this case, the biometric data of users typically called templates are stored in a server. The uniqueness and stability of biometrics ended it useful over traditional authentication systems. But, a similar thing made the enduring harm of a user’s identity in biometric systems. The architecture of the biometric system leads to several hazards that lead to numerous security concerns and privacy threats. To address this issue, biometric templates are secured using several schemes that are categorized as biometric cryptosystems, cancelable biometrics, hybrid methods, Homomorphic Encryption, visual cryptography based methods. Biometric cryptosystems and cancelable biometrics techniques provide reliable biometric security at a great level. However, there persist numerous concerns and encounters that are being faced during the deployment of these protection technologies. This paper reviews and analyses various biometric template protection methods. This review paper also reflects the limitations of various biometric template protection methods being used in present times and highlights the scope of future work.

     

Dynamic tongueprint: A novel biometric identifier

Biometrics, which use human physiological or behavioral features for personal identification, currently face the challenge of designing a secure biometric system that will accept only the legitimate presentation of the biometric identifiers without being fooled by the doctored or spoofed measurements that are input into the system. More biometric traits are required for improving the performance of authentication systems. In this paper, we present a new number for the biometrics family, i.e. tongueprint, which uses particularly interesting properties of the human tongue to base a technology for noninvasive biometric assessment. The tongue is a unique organ which can be stuck out of the mouth for inspection, whose appearance is amenable to examination with the aid of a machine vision system. Yet it is otherwise well protected in the mouth and difficult to be forged. Furthermore, the involuntary squirm of the tongue is not only a convincing proof that the subject is alive, but also a feature for recognition. That is to say, the tongue can present both static features and dynamic features for authentication. However, little work has hitherto been done on the tongue as a biometric identifier. In this work, we make use of a database of tongue images obtained over a long period to examine the performance of the tongueprint as a biometric identifier. Our research shows that tongueprint is a promising candidate for biometric identification and worthy of further research.     

结合生物特征识别技术的网络安全认证系统设计

随着信息技术的飞速发展,生物特征识别技术正在被越来越广泛地应用到数据库和商业系统的访问控制中。这些应用需要采用一定的措施来抵御对安全的威胁。在涉及到一个开放的网络环境下的认证问题时,例如非面对面的交易中,加密技术(公钥加密术和数字签名技术)被采用来防止对生物认证信息的无授权的使用,同时保证数据的完整性。该文提出了一种包含可信任的第三方的网络认证结构,其结合了手形认证技术和加密技术。并开发了一种应用于基于网络环境的原型系统。对此模型的初步评估结果是令人满意的。类似的技术可以被应用到更加灵活的应用中。     

Behavioral biometrics & continuous user authentication on mobile devices: A survey

This paper offers an up-to-date, comprehensive, extensive and targeted survey on Behavioral Biometrics and Continuous Authentication technologies for mobile devices. Our aim is to help interested researchers to effectively grasp the background in this field and to avoid pitfalls in their work. In our survey, we first present a classification of behavioral biometrics technologies and continuous authentication for mobile devices and an analysis for behavioral biometrics collection methodologies and feature extraction techniques. Then, we provide a state-of-the-art literature review focusing on the machine learning models performance in seven types of behavioral biometrics for continuous authentication. Further, we conduct another review that showed the vulnerability of machine learning models against well-designed adversarial attack vectors and we highlight relevant countermeasures. Finally, our discussions extend to lessons learned, current challenges and future trends.     

Fusing multimodal biometrics with quality estimates via a Bayesian belief network

Biometric systems for today's high security applications must meet stringent performance requirements; fusing multiple biometrics can help lower system error rates. Fusion methods include processing biometric modalities sequentially until an acceptable match is obtained, using logical (AND/OR) operations, or summing similarity scores. More sophisticated methods combine scores from separate classifiers for each modality. This paper develops a novel fusion architecture based on Bayesian belief networks. Although Bayesian update methods have been used before, our approach more fully exploits the graphical structure of Bayes nets to define and explicitly model statistical dependencies between relevant variables: per sample measurements, such as match scores and corresponding quality estimates, and global decision variables. These statistical dependencies are in the form of conditional distributions which we model as Gaussian, gamma, log-normal or beta, each of which is determined by its mean and variance, thus significantly reducing training data requirements. Moreover, by conditioning decision variables on quality as well as match score, we can extract information from lower quality measurements rather than rejecting them out of hand. Another feature of our method is a global quality measure designed to be used as a confidence estimate supporting decision making. Preliminary studies using the architecture to fuse fingerprints and voice are reported.     

基于多生物特征识别的网络身份认证研究

针对单项生物特征在网络身份认证过程中,可能由于用户身体受到伤病或污渍的影响而导致系统无法正常识别、合法用户无法登录的问题。提出了将多种生物特征用于网络身份认证的方法,并对相关技术进行了探讨。     

基于生物特征和口令放大的远程认证协议

基于口令的认证协议具有简单、方便、强适应性及移动性等优点,它广泛应用于网上银行、ATM等远程登录环境中。但是一般用户的口令具有低熵、安全性低、口令数据难以保护等缺点,从而使系统存在许多安全隐患。口令放大是这样的一种算法,它输入用户的低熵的口令和一个高熵的随机数,然后输出一个高熵的新口令,从而提高了系统的安全性,也不增加用户的负担。人体生物特征是人体所固有的生理和行为特征,而模糊提取器可以从人体的生物特征中提取出高熵的随机串。生物特征和口令放大的结合,恰好可以克服基于口令的认证协议的缺点,提高其安全性。提出了一种结合人体生物特征和口令放大的单向认证协议,充分发挥了基于口令的认证协议所具有的简单易用和生物特征高熵、安全性高等优点,并且具有一定的容错能力。     

Evaluation of a template protection approach to integrate fingerprint biometrics in a PIN-based payment infrastructure

Biometric authentication has a great potential to improve the security, reduce cost, and enhance the customer convenience of payment systems. Despite these benefits, biometric authentication has not yet been adopted by large-scale point-of-sale and automated teller machine systems. This paper aims at providing a better understanding of the benefits and limitations associated with the integration of biometrics in a PIN-based payment authentication system. Based on a review of the market drivers and deployment hurdles, a method is proposed in which biometrics can be seamlessly integrated in a PIN-based authentication infrastructure. By binding a fixed binary, renewable string to a noisy biometric sample, the data privacy and interoperability between issuing and acquiring banks can improve considerably compared to conventional biometric approaches. The biometric system security, cost aspects, and customer convenience are subsequently compared to PIN by means of simulations using fingerprints. The results indicate that the biometric authentication performance is not negatively influenced by the incorporation of key binding and release processes, and that the security expressed as guessing entropy of the biometric key is virtually identical to the current PIN. The data also suggest that for the fingerprint database under test, the claimed benefits for cost reduction, improved security and customer convenience do not convincingly materialize when compared to PIN. This result can in part explain why large-scale biometric payment systems are virtually non-existent in Europe and the United States, and suggests that other biometric modalities than fingerprints may be more appropriate for payment systems.     

Combine crossing matching scores with conventional matching scores for bimodal biometrics and face and palmprint recognition experiments

In this paper, we define for the first time the crossing matching score of two biometrics traits and combine it with the conventional matching scores to perform personal authentication. The proposed method is very suitable for the bimodal biometrics systems with two similar biometrics traits such as the system with visible light and infrared face images and the system with palm images captured at two bands. The proposed method first runs for the first and biometrics traits, respectively. For each of these two biometrics traits, the proposed method calculates the matching scores between the testing sample and each training sample. The matching scores generated from the first and second traits are referred to as the first and second matching scores, respectively. Second, the proposed method calculates the crossing matching scores, i.e. the matching scores between the testing sample of the second biometrics trait and the training samples of the first biometrics trait. Finally, we use a weighted fusion scheme to combine the first, second and crossing matching scores for personal authentication.     

Object analysis patterns for embedded systems

Some of the most challenging tasks in building a software system are capturing, refining, and analyzing requirements. How well these tasks are performed significantly impacts the quality of the developed software system. The difficulty of these tasks is greatly exacerbated for the software of embedded systems as these systems are commonly used for critical applications, have to operate reliably for long periods of time, and usually have a high degree of complexity. Current embedded systems software development practice, however, often deals with the (requirements) analysis phase in a superficial manner, instead emphasizing design and implementation. This research investigates how an approach similar to the well-known design patterns, termed object analysis patterns, can be applied in the analysis phase of embedded systems development, prior to design and coding. Specifically, our research explores how object-oriented modeling notations, such as the Unified Modeling Language (UML), can be used to represent structural and behavioral information as part of commonly occurring object analysis patterns. This work also investigates how UML-based conceptual models of embedded systems, based on the diagram templates in the object analysis patterns, can be automatically analyzed using the Spin model checker for adherence to properties specified in linear-time temporal logic (LTL) using a previously developed UML formalization framework. We have applied these patterns to several embedded systems applications obtained from the automotive industry. This paper describes one of our case studies and illustrates how our approach facilitates the construction of UML-based conceptual models of embedded systems and the analysis of these models for adherence to functional requirements.     

NeuroBiometric: An Eye Blink Based Biometric Authentication System Using an Event-Based Neuromorphic Vision Sensor

The rise of the Internet and identity authentication systems has brought convenience to people's lives but has also introduced the potential risk of privacy leaks.Existing biometric authentication systems based on explicit and static features bear the risk of being attacked by mimicked data.This work proposes a highly efficient biometric authentication system based on transient eye blink signals that are precisely captured by a neuromorphic vision sensor with microsecond-level temporal resolution.The neuromorphic vision sensor only transmits the local pixel-level changes induced by the eye blinks when they occur,which leads to advantageous characteristics such as an ultra-low latency response.We first propose a set of effective biometric features describing the motion,speed,energy and frequency signal of eye blinks based on the microsecond temporal resolution of event densities.We then train the ensemble model and non-ensemble model with our Neuro Biometric dataset for biometrics authentication.The experiments show that our system is able to identify and verify the subjects with the ensemble model at an accuracy of 0.948 and with the non-ensemble model at an accuracy of 0.925.The low false positive rates(about 0.002)and the highly dynamic features are not only hard to reproduce but also avoid recording visible characteristics of a user's appearance.The proposed system sheds light on a new path towards safer authentication using neuromorphic vision sensors.     

Biometrics: a tool for information security

Establishing identity is becoming critical in our vastly interconnected society. Questions such as "Is she really who she claims to be?," "Is this person authorized to use this facility?," or "Is he in the watchlist posted by the government?" are routinely being posed in a variety of scenarios ranging from issuing a driver's license to gaining entry into a country. The need for reliable user authentication techniques has increased in the wake of heightened concerns about security and rapid advancements in networking, communication, and mobility. Biometrics, described as the science of recognizing an individual based on his or her physical or behavioral traits, is beginning to gain acceptance as a legitimate method for determining an individual's identity. Biometric systems have now been deployed in various commercial, civilian, and forensic applications as a means of establishing identity. In this paper, we provide an overview of biometrics and discuss some of the salient research issues that need to be addressed for making biometric technology an effective tool for providing information security. The primary contribution of this overview includes: 1) examining applications where biometric scan solve issues pertaining to information security; 2) enumerating the fundamental challenges encountered by biometric systems in real-world applications; and 3) discussing solutions to address the problems of scalability and security in large-scale authentication systems.