A review of biometric technology along with trends and prospects

Identity management through biometrics offer potential advantages over knowledge and possession based methods. A wide variety of biometric modalities have been tested so far but several factors paralyze the accuracy of mono-modal biometric systems. Usually, the analysis of multiple modalities offers better accuracy. An extensive review of biometric technology is presented here. Besides the mono-modal systems, the article also discusses multi-modal biometric systems along with their architecture and information fusion levels. The paper along with the exemplary evidences highlights the potential for biometric technology, market value and prospects.     

Biohashing: two factor authentication featuring fingerprint data and tokenised random number

Human authentication is the security task whose job is to limit access to physical locations or computer network only to those with authorisation. This is done by equipped authorised users with passwords, tokens or using their biometrics. Unfortunately, the first two suffer a lack of security as they are easy being forgotten and stolen; even biometrics also suffers from some inherent limitation and specific security threats. A more practical approach is to combine two or more factor authenticator to reap benefits in security or convenient or both. This paper proposed a novel two factor authenticator based on iterated inner products between tokenised pseudo-random number and the user specific fingerprint feature, which generated from the integrated wavelet and Fourier-Mellin transform, and hence produce a set of user specific compact code that coined as BioHashing. BioHashing highly tolerant of data capture offsets, with same user fingerprint data resulting in highly correlated bitstrings. Moreover, there is no deterministic way to get the user specific code without having both token with random data and user fingerprint feature. This would protect us for instance against biometric fabrication by changing the user specific credential, is as simple as changing the token containing the random data. The BioHashing has significant functional advantages over solely biometrics i.e. zero equal error rate point and clean separation of the genuine and imposter populations, thereby allowing elimination of false accept rates without suffering from increased occurrence of false reject rates.     

生物特征信息处理开发包BITK及其应用平台

由于人类固有的生物特征能用来进行可靠的身份认证和识别,近10年来生物特征识别已经成为研究热点.为了对生物特征识别研究提供软件支持,设计研发了生物特征信息处理开发包 (Biometric Information Processing Toolkit,BITK).BITK是一个C 软件开发包.它以非线性数据流模型来组织整体计算流程,提供了一个可扩展、可重用的框架来整合生物特征识别领域的算法和数据结构.BITK还设计了一个精干的可视化框架以及一个管理各种生物特征采集仪的一致性框架.此外,在BITK基础上研发了生物特征信息处理平台 (BITK-based Application Platform,BITKAPP).该平台通过灵活的plug-in架构和友好的用户界面,充分发挥BITK的功能,并降低了BITK的使用门槛.在实际应用中,BITK和BITKAPP向研究人员提供了一套高效率的研究、实验及开发手段,并且作为支撑平台完成了第一届生物特征识别竞赛(the 1st Biometric Verification Competition)的多模态数据采集任务.     

站点指纹模型训练系统FMTS的设计与实现

基于指纹识别的匿名攻击原型系统用于度量攻击的复杂程度,定量评估匿名Web浏览系统的匿名性,提供实验平台。作为其重要组成部分,站点指纹模型训练系统(FingerprintModelTrainingSystem,FMTS)用于遍历目标站点的网页,抽取页面指纹及链接关系构造形成站点指纹模型。文中介绍了指纹模型训练系统的总体设计方案以及关键实现技术。并针对系统的一个实际运行结果———中南大学网站(www.csu.edu.cn)的指纹模型,分析了其“指纹”分布情况。     

Modelling fingerprint ridge orientation using Legendre polynomials

The estimation of fingerprint ridge orientation is an essential step in every automatic fingerprint verification system. The importance of ridge orientation can be deflected from the fact that it is inevitably used for detecting, describing and matching fingerprint features such as minutiae and singular points. In this paper we propose a novel method for fingerprint ridge orientation modelling using Legendre polynomials. One of the main problems it addresses is smoothing orientation data while preserving details in high curvature areas, especially singular points. We show that singular points, which result in a discontinuous orientation field, can be modelled by the zero-poles of Legendre polynomials. The models parameters are obtained in a two staged optimization procedure. Another advantage of the proposed method is a very compact representation of the orientation field, using only 56 coefficients. We have carried out extensive experiments using a state-of-the-art fingerprint matcher and a singular point detector. Moreover, we compared the proposed method with other state-of-the-art fingerprint orientation estimation algorithms. We can report significant improvements in both singular point detection and matching rates.     

Comparison and combination of iris matchers for reliable personal authentication

The personal identification approaches using iris images are receiving increasing attention in the biometrics literature. Several methods have been presented in the literature and those based on the phase encoding of texture information are suggested to be the most promising. However, there has not been any attempt to combine these approaches to achieve further improvement in the performance. This paper presents a comparative study of the performance from the iris authentication using Log-Gabor, Haar wavelet, DCT and FFT based features. Our experimental results suggest that the performance from the Haar wavelet and Log-Gabor filter based phase encoding is the most promising among all the four approaches considered in this work. Therefore, the combination of these two matchers is most promising, both in terms of performance and the computational complexity. Our experimental results from the all 411 users (CASIA v3) and 224 users (IITD v1) database illustrate significant improvement in the performance which is not possible with either of these approaches individually.     

Reversible data hiding exploiting spatial correlation between sub-sampled images

Reversible data hiding enables host media to be restored from marked media without any loss of host information. Since this reversibility helps to make right decision during image analysis, it is highly desired in quality-sensitive imagery where even the minimal distortion introduced by embedding data is unacceptable. In this paper, we propose a reversible data hiding method that modifies the difference histogram between sub-sampled images. It exploits the high spatial correlation inherent in neighboring pixels to achieve high capacity and imperceptible embedding. On various test images including 16-bit images, we demonstrate the validity of our proposed method by comparing to other existing reversible data hiding algorithms. Experimental results support that our method provides high embedding capacity while keeping the distortions at a low level.     

Personal identity verification by serial fusion of fingerprint and face matchers

The use of personal identity verification systems with multi-modal biometrics has been proposed in order to increase the performance and robustness against environmental variations and fraudulent attacks. Usually multi-modal fusion of biometrics is performed in parallel at the score-level by combining the individual matching scores. This parallel strategy exhibits some drawbacks: (i) all available biometrics are necessary to perform fusion, thus the verification time depends on the slowest system; (ii) some users could be easily recognizable using a certain biometric instead of another one and (iii) the system invasiveness increases. A system characterized by the serial combination of multiple biometrics can be a good trade-off between verification time, performance and acceptability. However, these systems have been poorly investigated, and no support for designing the processing chain has been given so far. In this paper, we propose a novel serial scheme and a simple mathematical model able to predict the performance of two serially combined matchers as function of the selected processing chain. Our model helps the designer in finding the processing chain allowing a trade-off, in particular, between performance and matching time. Experiments carried out on well-known benchmark data sets made up of face and fingerprint images support the usefulness of the proposed methodology and compare it with standard parallel fusion.     

电力系统网络通信安全中的高载荷信息隐藏算法研究

随着电力网络通信系统的快速发展,大量数字化信息能够更加快捷有效地通过电力网络进行传输,但其在提高通信效率的同时,由于受网络攻击的风险日益增加因而也带来了隐私泄露、信息篡改等一系列安全性问题。在此背景下,特别是在无人巡检和设备远程监测等场景中,针对电力系统中相关缺陷信息的安全传输尤为重要。为确保信息传输的安全性,信息隐藏技术得到了广泛的研究与关注。针对目前信息隐藏技术普遍存在的低嵌入载荷、低安全性等问题,在综合考虑隐藏容量、隐写质量和安全性等因素后,提出了一种基于二阶数独矩阵的高载荷信息隐藏算法。该算法通过对原始数独进行扩展编码,旨在重构出新的二阶矩阵,其可引导每两位九进制数据以最小化失真的方式嵌入到原始图像的像素对中,从而实现高载荷信息隐藏的技术目标。其中,原始数独的选取由通信双方事先共享的密钥所决定,该密钥可通过量子密钥分发技术实现可靠传输,从而进一步提高算法的安全性。     

A novel DRM framework for peer-to-peer music content delivery

Due to rapid advances in the network communications field in recent years, the distribution of large-scale music contents has become easier and more efficient than ever before. However, the unauthorized distribution of copyright-protected content has emerged as a major concern. Accordingly, this paper presents a content distribution framework with a DRM capability for P2P networks. The robustness of the content distribution is ensured by using a network coding approach based on the Lagrange polynomial interpolation method. When the downloading peer within the network receives sufficient coded pieces, it not only reconstructs the associated blocks using a finite field Gaussian elimination method, but also creates its own copies of the coded pieces within these blocks and shares these copies amongst the other peers in the network. As a result, the distribution overhead imposed on the music provider is substantially reduced and the number of coded pieces within the network is significantly increased, thereby overcoming the “last piece problem” inherent in existing P2P schemes. In the DRM module of the framework, the RSA public-key cryptosystem is used to generate a unique digital fingerprint for every user within the network. The fingerprint is embedded within the music file in a protected form such that the music provider can establish the identification of any user performing an unauthorized distribution of the file. The experimental results confirm that the proposed framework provides an efficient and secure means of distributing large-scale copyright-protected music contents with no discernible degradation in the audio quality.     

A fingerprint-based user authentication protocol considering both the mobility and security in the telematics environment

With the advance of the Internet and mobile communication techniques, the telematics environment where users in vehicles can use the Internet service has been realized. For the safe driving, however, we propose that user authentication for the Internet service is performed by using the driver's fingerprint, instead of typing his/her password. Since the driver's fingerprint is private information to be protected and the size of the fingerprint information is much larger than that of a typical password, we need a different user authentication protocol for the telematics environment. That is, in addition to the compliance with the standard X9.84 protocol to protect the fingerprint information transmitted, we use the watermarking technique to lessen the privacy threat, and propose a secure and efficient protocol between Access Points (APs) considering the possible hand-off during the authentication in the mobile telematics environment. Based on the experimental measurement of the proposed protocol, we confirm that the fingerprint-based user authentication can be performed in real-time in the telematics environment.     

Biometric template selection and update: a case study in fingerprints

A biometric authentication system operates by acquiring biometric data from a user and comparing it against the template data stored in a database in order to identify a person or to verify a claimed identity. Most systems store multiple templates per user in order to account for variations observed in a person's biometric data. In this paper we propose two methods to perform automatic template selection where the goal is to select prototype fingerprint templates for a finger from a given set of fingerprint impressions. The first method, called DEND, employs a clustering strategy to choose a template set that best represents the intra-class variations, while the second method, called MDIST, selects templates that exhibit maximum similarity with the rest of the impressions. Matching results on a database of 50 different fingers, with 200 impressions per finger, indicate that a systematic template selection procedure as presented here results in better performance than random template selection. The proposed methods have also been utilized to perform automatic template update. Experimental results underscore the importance of these techniques.     

A semi-fragile watermarking algorithm for authenticating 2D CAD engineering graphics based on log-polar transformation

Copyright violation and illegal manipulation of digital data have been acute challenges for many sectors since the very same set of enabling techniques for generating and processing digital data started to emerge. Although traditional protective methods, such as encryption and digital signatures, have been in use for decades, their inability to provide protection after decryption and locating tampering has prompted the development of digital watermarking. In this paper, a semi-fragile watermarking algorithm for authenticating 2D CAD engineering graphics based on log-polar coordinate mapping is proposed. Firstly, the vertices are divided into groups, and for each group, the vertices for carrying a watermark are mapped to the log-polar coordinate system. Then the watermark is embedded in the mantissa of the real-valued log-polar coordinates via bit substitution. Theoretical analysis and experimental results show that the proposed algorithm is not only robust against incidental global operations such as rotation, translation and scaling, but can also detect and locate malicious attacks such as entity modification and entity addition/deletion.     

基于加密与消息认证的安全数字出版技术

为了满足安全数字出版技术的需求,提出了一种融合高级加密与消息认证算法的新型解决方案.系统通过HMAC算法做为消息认证机制,核心Hash函数采用引入私密密钥后的HMAC技术的SHA-1算法.数字出版文件的加密是系统算法的第二层,AES加密算法具有可选的密钥长度,提供优于DES及3DES算法的加密性能,通过AES算法加密的文件难于破解.同时系统中采用客户端无法更改的机器ID号作为AES算法的加密密钥,客户端密文使用时需读取ID号进行动态解密,并且解密后的文件不会存储在设备硬盘中,防止了解密文件的非法发布.     

Cancellability and diversity analysis of fingerprint template protection scheme based on compact minutiae pattern

ABSTRACT

As fingerprints continue toward ubiquity in human recognition applications, growing fingerprint databases will pose an increasingly greater risk of irreversible identity theft in the event of a database breach. Consequently, more focus is being placed on researching new and effective ways of securing fingerprint templates during database storage. Recently, a new fingerprint template protection scheme, based on representing a fingerprint by a sparse 3-, 4-, or 5-minutiae pattern, has been proposed. The most important advantage of this method over other fingerprint template protection schemes is that it employs only a small number of identifying features in the creation of the protected template, such that it is impossible to recover the original fingerprint even if the protected template is compromised. In this article, we present a thorough analysis to demonstrate that this new fingerprint construct also boasts impressive cancellability and diversity properties. Cancellability allows for the replacement of a compromised template with a new template from the same fingerprint, and diversity enables a person to enroll into multiple applications using the same fingerprint without the prospect of being tracked across the different applications.     

Database, protocols and tools for evaluating score-level fusion algorithms in biometric authentication

Fusing the scores of several biometric systems is a very promising approach to improve the overall system's accuracy. Despite many works in the literature, it is surprising that there is no coordinated effort in making a benchmark database available. It should be noted that fusion in this context consists not only of multimodal fusion, but also intramodal fusion, i.e., fusing systems using the same biometric modality but different features, or same features but using different classifiers. Building baseline systems from scratch often prevents researchers from putting more efforts in understanding the fusion problem. This paper describes a database of scores taken from experiments carried out on the XM2VTS face and speaker verification database. It then proposes several fusion protocols and provides some state-of-the-art tools to evaluate the fusion performance.     

Color image watermark extraction based on support vector machines

This work proposes a novel watermarking technique called SVM-based Color Image Watermarking (SCIW), based on support vector machines (SVMs) for the authentication of color images. To protect the copyright of a color image, a signature (a watermark), which is represented by a sequence of binary data, is embedded in the color image. The watermark-extraction issue can be treated as a classification problem involving binary classes. The SCIW method constructs a set of training patterns with the use of binary labels by employing three image features, which are the differences between a local image statistic and the luminance value of the center pixel in a sliding window with three distinct shapes. This set of training patterns is gathered from a pair of images, an original image and its corresponding watermarked image in the spatial domain. A quasi-optimal hyperplane (a binary classifier) can be realized by an SVM. The SCIW method utilizes this set of training patterns to train the SVM and then applies the trained SVM to classify a set of testing patterns. Following the results produced by the classifier (the trained SVM), the SCIW method retrieves the hidden signature without the original image during watermark extraction. Experimental results have demonstrated that the SCIW method is sufficiently robust against several color-image manipulations, and that it outperforms other proposed methods considered in this work.     

基于指纹识别与PKI的电子政务身份认证体系

通过分析传统PKI方式中一个弱因子(密码)和一个强因子(数字证书)的身份认证方式,提出了一种采用指纹识别和PKI的强双因子身份认证体系.该身份认证体系采用卡内比对的方式完成指纹模板的比对,创建电子政务平台中以人为源头的信任链.