GB2551051A - Method of associating a person with a digital object - Google Patents

Method of associating a person with a digital object Download PDF

Info

Publication number
GB2551051A
GB2551051A GB1708728.9A GB201708728A GB2551051A GB 2551051 A GB2551051 A GB 2551051A GB 201708728 A GB201708728 A GB 201708728A GB 2551051 A GB2551051 A GB 2551051A
Authority
GB
United Kingdom
Prior art keywords
file
feature vector
digital
data
biometric feature
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB1708728.9A
Other versions
GB201708728D0 (en
Inventor
Clarke Nathan
Alruban Abdulrahman
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Plymouth University
Original Assignee
Plymouth University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from GB1609673.7A external-priority patent/GB2546567B/en
Application filed by Plymouth University filed Critical Plymouth University
Priority to GB1708728.9A priority Critical patent/GB2551051A/en
Publication of GB201708728D0 publication Critical patent/GB201708728D0/en
Publication of GB2551051A publication Critical patent/GB2551051A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/16Program or content traceability, e.g. by watermarking
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Collating Specific Patterns (AREA)

Abstract

Associating a person with an electronic file comprises embedding, within the electronic file, portions of data at locations within the electronic file according to a key and key data representing the key. Each portion of data corresponds to a respective part of a digital biometric feature vector file generated from biometric information of the person. At least part of the electronic file is processed using the portions of data and the key data to generate a reconstructed digital biometric feature vector file which may be compared with example digital biometric feature vector files, each of which corresponds to biometric data of an individual. The portions of data may collectively correspond to the whole digital biometric feature vector file. The electronic file may contain image data 56 and header data contained in portions 52 and 54 of the file header. Biometric feature vectors may be generated from facial features, behavior profile, keystroke behavior, mouse use, handwriting, voice pattern, fingerprint characteristics and iris characteristics. May be used in digital forensics to identify a person that creates, handles or leaks data or documents.

Description

METHOD OF ASSOCIATING A PERSON WITH A DIGITAL OBJECT
The invention relates to the field of computer security and computer forensic technology.
Electronic threats to enterprises have become widespread in the last decade. A major source of such threats originates from insiders who have legitimate access to an organisation’s internal systems and databases. Preventing or responding to such incidents has therefore become a challenging task. Digital forensics has grown into a de-facto standard in the examination of electronic evidence, however a key barrier often encountered is the problem of associating an individual with stolen data. Stolen credentials and the Trojan defence are two commonly-used arguments by individuals in their defence.
Insider threats are considered to be a significant security issue. The recent decade has witnessed countless instances of data loss and exposure in which data has become publicly available and easily accessible. The impact of losing or disclosing sensitive data or confidential information may cause substantial financial and reputational damage to a company. When exposure is originated by an authorised individual (e.g. an employee, a contractor, etc.) who misuses their legitimate access, the potential for adverse impacts is typically greater. Since insiders are more likely to bypass certain security controls compared to outsiders who typically have limited knowledge about internal infrastructure in a given case, insiders pose significantly greater threats to organisations than do outsiders.
One of the aims of the digital forensics process is to produce and test a hypothesis about who did what, where and how in relation to an incident under investigation. Existing methods and tools used by investigators to conduct examinations of digital crime significantly help in collecting, analysing and presenting digital evidence. However, the question of who may have committed a crime is crucial, especially if the digital forensics process leads to the presentation of findings in legal proceedings. Digital forensics investigators therefore have to link the identity of a digital object to a human as opposed to just using an electronic record or a log that indicates that a user interacted with the object in question (evidence). This is a challenging task because it is currently difficult for digital forensics professionals and investigators to prove, to the appropriate standard in a court of law, that a specific human being has used a particular digital object at a certain time. A variety of studies has examined the possibility of identifying a person responsible for leaking data. One approach is the insertion of fake objects into data of interest for the purpose of distributing the data to third party agents whereby a unique object is inserted into the data prior to handing it out to such agents. However, the addition of fake objects is not always possible. For example, in the case of medical records, manipulating the data or injecting invalid information could lead to unacceptable risks to patients. However an examination of the feasibility of this method found that it is better in identifying the source of data leakage compared to simple data allocation algorithms. Moreover, 95% confidence has been obtained in experiments using this method.
Practical implementations of the guilt model have resulted in the development of several prototype models. All of these models use the concept of inserting unique fake objects or digital watermarks into data prior to distribution. In general, the data creator (in this case the distributor) is responsible for generating and embedding the fake objects. However, in many cases the data can be created by an insider who leaks the sensitive data by himself. In additional, the creation of fake objects can involve a complicated process.
Another proposed technique involves proactively and continuously collecting evidence by creating and storing file signatures that are deleted, edited, or copied within computers on a local network. In this technique, a system uses a centralised database to store a generated object’s signatures which provide significant information, such as a user identifier, object time stamp, event type (e.g. file creations or deletions), file name, file path, a time stamp for an event and a machine identifier. This is helpful especially when conducting forensic activity. Such generated fingerprints are equal to only ~1.06 % of the original file size. Furthermore, such a system can support several file types, such as Microsoft® Word documents and Portable Document Format files (PDFs). For deployment, such a system requires patching the system’s kernel in order to intercept system calls. Unfortunately, such low-level kernel hardcoding is limited to open source operating systems.
According to a first aspect of the present invention, there is provided a method of associating a person with a digital object in the form of a given electronic file, the method comprising the steps of: (i) processing a digital biometric feature vector file with an original electronic file to generate a digital imprint file representing locations within the original electronic file each of which corresponds to a respective portion of the digital biometric feature vector file, the digital biometric feature vector file corresponding to biometric information of the person and the given electronic file being either identical to the original electronic file or a modified version of the original electronic file; and (ii) processing the given electronic file with the digital imprint file to extract portions of the given electronic file at locations therein specified by the digital imprint file and to generate a reconstmcted biometric feature vector file from the extracted portions.
For example, upon the detection of data leakage, a digital object in the form of a given electronic file (whether it be posted on a public website or captured by a network) can be analysed by processing the digital imprint file with the given electronic file to extract portions of the given electronic file at locations therein specified by the digital imprint file, and reconstructing a digital biometric feature vector file from the extracted portions. The reconstructed digital biometric feature vector file then associates the person with the given electronic file.
Compared to prior art techniques, the method of the invention allows a more reliable link to be established between a digital object (e.g. an email, an image file or a document) and an individual person. Execution of the method requires no patching of a machine’s kernel. Moreover, the method is operable even where the given electronic file has been derived from the original electronic file by significant modification, damage or loss of a part or parts of the original electronic file subsequent to generation of the digital imprint file.
Reconstruction of a digital biometric feature vector file from a given electronic file may be achieved with up to 100% accuracy in some scenarios. Another advantage of a method of the invention is that the original digital object (i.e. the original electronic file) is not modified by generation of the imprint file so that it is not possible to detect that a digital object has been subjected to a method of the invention by examination of the object, and in addition there is nothing added to the original electronic file which can be overcome, hacked or otherwise defeated or corrupted.
In order to allow more reliable establishment of an associative link between the person and the digital object, the locations in the original electronic file represented by the digital imprint file preferably collectively correspond to the whole of the digital biometric feature vector file. More preferably, the locations in the original electronic file represented by the digital imprint file collectively correspond to a single instance of the digital biometric feature vector file, with no two locations in the original electronic file represented by the digital imprint file corresponding to the same portion of the digital biometric feature vector file. This tends to minimise the size of the digital imprint file.
Preferably, two or more unique digital imprint files are generated by processing the digital biometric feature vector file with the original electronic file, and each digital imprint file is processed with the given electronic file to generate a respective reconstructed digital biometric feature vector file. This further improves the probability of being able to associate an individual with the given electronic file.
Preferably the digital biometric feature vector file is processed with the original electronic file to generate all possible unique digital imprint files wherein locations in the original electronic file represented by a given unique digital imprint file collectively correspond to single instance of the digital biometric feature vector file, with no two locations in the original electronic file represented by the unique digital imprint file corresponding to the same portion of the digital biometric feature vector file. This maximises the probability of associating an individual with the given electronic file whilst minimising the total file size of the unique digital imprint files. A typical given electronic file may in fact allow on the order of 1000 such unique digital imprint files to be generated. In other words a given electronic file may have on the order of 1000 regions each corresponding to a biometric feature vector file of an individual.
The digital imprint files may held in a store of such files, so that the store holds digital imprint files generated by processing many original electronic files with biometric feature vector files corresponding to many different individuals. In this case the one or more digital imprint files are added to the store after they are generated.
The or each reconstructed digital biometric feature vector file can lead to the association of the person with the given electronic file. However, the process of association may be made more efficient by comparing the or each reconstructed biometric feature vector file with each of a store of one or more example, or candidate, digital biometric features vector files each of which is generated directly from biometric information of a respective individual. A free-standing database of biometric feature vectors files may be used for this purpose, however the probability of associating the person with the given electronic file is improved if the digital biometric feature vector file corresponding to the person is added to the store after generation of the one or more digital imprint files.
The person could be the creator of the original electronic file, in which case preferably the or each digital imprint file is generated immediately after creation of the original electronic file, so that the digital object may be linked to a person from the time of its creation. In order to ensure that the adverse impact of changes over time to the person’s biometric characteristics on the probability of their being associated with the given electronic file is minimised, preferably the digital biometric feature vector file is generated from biometric information of the person captured substantially at the time the original electronic file is created. The one or more digital imprint files are thus generated using the latest possible biometric information from the creator, further improving the probability of associating the creator with the given electronic file at any time after the original electronic file is created.
The person could alternatively be a person who has handled the original electronic file, for example by opening, closing, saving, receiving or transmitting the original electronic file, in which case preferably the or each digital imprint file is created substantially at the time the person handles the original electronic file. This allows the person to be identified from the time of handling the original electronic file. To mitigate any impact that changes to the person’s biometric characteristics over time may have on the association process, preferably the digital biometric feature vector file is generated from biometric information of the person captured substantially at the time the original electronic file is handled by the person. The one or more digital imprint files are then generated using the latest possible biometric information from the person, further improving the probability of associating an individual with the given electronic file.
The person’s biometric information may be captured covertly, or non-intrusively. This may reduce attempts to prevent implementation of the method or to hack systems carrying out the method. In other circumstances it may be desirable to capture the person’s biometric information intrusively in order to discourage certain types of behaviour, for example the leaking of documents.
The given electronic file and the original electronic file may both be text files, or may both be image files, for example.
The digital biometric feature vector file and the example digital biometric feature vector files may each be generated from a respective set of biometric information including one or more or facial features, behaviour profile, keystroke behaviour, handwriting, voice pattern, fingerprint characteristics and iris characteristics.
According to a second aspect of the invention, there is provided a method of associating a person with a digital object in the form of an electronic file, the method comprising the steps of: (i) embedding portions of data at locations within the electronic file according to a key, each portion of data corresponding to a respective part of a digital biometric feature vector file generated from biometric information of the person, and embedding key data representing the key within the electronic file; and (ii) processing at least a part of the electronic file to generate a reconstructed digital biometric feature vector file using the portions of data and the key data.
Preferably the portions of data collectively correspond to the whole of the digital biometric feature vector file in order to more closely associate the person with the electronic file.
Optionally or preferably the portions of data and the key data are embedded within a header portion of the electronic file, the header portion being processed in order to generate the reconstructed digital biometric feature vector file.
To expedite identification of the person, the reconstructed digital biometric feature vector file may be compared with each of a set of example or candidate digital biometric feature vector files each of which corresponds to biometric data of a respective individual. The digital biometric feature vector of the person may be added to the set substantially at the time it is generated and processed or embedded into the electronic file, thereby dynamically updating the set. A third aspect of the invention provides method of associating a person with a digital object in the form of an electronic file, the method comprising the step processing a digital biometric feature vector file with the electronic file to generate a digital imprint file representing locations within the electronic file each of which corresponds to a respective portion of the digital biometric feature vector file, wherein the digital biometric feature vector file corresponds to biometric information of the person. A fourth aspect of the invention provides a method of associating a person with a digital object in the form of an electronic fde, the method comprising the steps of embedding portions of data at locations within the electronic fde according to a key, each portion of data corresponding to a respective part of a digital biometric feature vector fde generated from biometric information of the person, and embedding key data representing the key within the electronic fde. Optionally the data portions and the key data may be embedded within a header or header portion of the electronic fde.
Further aspects of the invention provide a computer program comprising computer program code adapted to cause computing apparatus to carry out a method of the invention when executed therein, a computer program product or carrier embodying such a computer program, and computing apparatus programmed with such a computer program. The phrase “computing apparatus” includes devices such as smartphones and tablet computers, as well as PCs and more conventional computing apparatus.
Embodiments of the invention are described below by way of example only and with reference to the accompanying drawings in which:
Figure 1 schematically illustrates an example system for carrying out a method of the invention;
Figure 2 illustrates steps in the reconstruction of biometric feature vector files from a given electronic file using a store of digital imprint files;
Figures 3 & 4 show the results of tests in which an original electronic fde was processed with a biometric feature vector file to generate a set of digital imprint files and subsequently modified in various ways to generate a plurality of given test files, from each of which it was attempted to reconstruct the biometric feature vector file;
Figure 5 schematically illustrates an example of the application of the invention; and
Figure 6 schematically illustrates an electronic file generated in a method according to a second aspect of the invention.
In Figure 1, a computer system 10 comprises a computer 12 programmed to provide an imprinting engine 14 and a biometric engine 16 and having non-volatile storage 18. The computer 12 is linked to additional non-volatile storage 20. The biometric engine 16 is arranged to receive biometric information 24 of a user, the biometric information comprising keystroke behaviour, mouse use and facial features , the latter being input by means of a digital camera (not shown), and to generate in response a digital biometric feature vector file corresponding to that user which is then stored in the storage 18. The biometric engine 16 may also retrieve one or more digital biometric feature vector files from the storage 18. Overtime the storage 18 builds up a library of digital biometric feature vector files corresponding to a number of different users of the computer 12.
When a user creates an original electronic file 22, or handles a file which may then be regarded as an original electronic file, a biometric feature vector file corresponding to the user is processed together with the original electronic file by the imprinting engine 14 to produce a set of digital imprint files which are then stored in the storage 20. A digital biometric feature vector file for the user may be generated substantially simultaneously with the creation (or first handling) of the original electronic file 22, or alternatively an existing digital feature vector file for that user may be retrieved from the storage 18 by the biometric engine 16 for processing with the original electronic file. Over time the system 10 therefore builds up numerous digital biometric feature vector files in the storage 18, each corresponding to a respective user, and numerous sets of digital imprint files in the storage 20, each such set being characterised by a particular user and a particular original electronic file.
The biometric engine 16 may be arranged to capture biometric information in any one of a number of different modes, for example every time a user logs on, or with a certain frequency in respect of any given user, e.g. monthly or annually, or every time a user generates a new digital object in the form of an original electronic file (e.g. an image file, a word processing file, an email file etc).
To generate the digital imprint files, the imprinting engine 14 operates to identify locations within the original electronic file 22 corresponding to the biometric feature vector file of a user. Typically there are hundreds or thousands of groups of locations within the original electronic file 22 which correspond to the user’s biometric feature vector file, and each such group results in the creation of a corresponding digital imprint file which is stored in the storage 20. The time taken to generate a typical imprint file is of the order of a few milliseconds; atypical digital imprint file has atypical size of less than -500 bytes.
The following is an example of how digital imprint files are generated in practice using a biometric feature vector file and a digital object in the form of an original electronic file. Consider a biometric feature vector file FV and an original object electronic file 0 as follows:
Regardless of the file type of the object, any file type can be transformed to and treated in Hex representation. The first step in the generation of the digital imprint files is to convert both the biometric feature vector file FV and the object file 0 into corresponding Hex representations. The decimal and Hex values within the files FV, 0 and their Hex indices, i.e. their respective positions within the files, are as follows:
FV
Hex(FV)
Hex{FV)index
In this example, each value of the biometric feature vector file FV exists in more than one location within the object file 0. For example, “30” (the Hex representation of “0”) is located in positions 0, 6, and 12 within the object file 0. The locations of all the values in the biometric feature vector file FV within the object file 0 are as follows:
Individual values within the biometric feature vector file FV are therefore each found at three different locations within the object file 0. Three digital imprint files are generated as follows, each recording locations within the object file 0 at which a respective value within the biometric feature vector file FV is found:
In this case, three digital imprint files are generated and stored in the (imprint database) storage 20.
Figure 2 illustrates how a given electronic file 30 is associated with a particular person. The given electronic file 30 could be identical to an original electronic file 22, or it could be modified version of one such file.
The given electronic file 30 is processed (32) using some or all of the digital imprint files stored in the imprint database 18. In each case, the values of the given file 30 at locations therein specified by a particular digital imprint file are read out and used to provide a reconstmcted digital biometric feature vector file (36). Each reconstructed digital biometric feature vector file is then compared to existing digital biometric feature vector files stored in the storage 18 in order to identify (38) an individual who has either created or handled the original electronic file 22 corresponding to the given electronic file 30. If none of the reconstructed digital biometric feature vector files match a particular digital biometric feature vector file held in the storage 18, then it is concluded (34) that either the given electronic file 30 was not subject to the imprinting process, or alternatively it has been modified or damaged to such an extent that it is not possible to associate it with an individual.
An important feature of the method of the present invention is its robustness to the situation where an original electronic file is modified and/or damaged, subsequent to generation of the digital imprint files, thus producing a given electronic file which does not closely resemble the original electronic file.
Figure 3 shows the result of a test in which an original object file (an image file in this case) was subjected to varying levels of modification in a single rectangular area of the file, subsequent to the generation of digital imprint files, to produce a set of modified object files. Figure 3 shows that even in cases where 80% of the original image file was modified, a digital biometric feature vector file was able to be reconstructed from each of approximately 100% of the modified object files, using the digital imprint files generated using the original, unmodified file.
Figure 4 shows the result of test in which an original image file was modified to produce a set of unique modified image files, each of which was generated by modifying multiple random rectangular areas of the original image, subsequent to the generation of digital imprint files. This type of modification typically has a greater adverse effect on the reconstruction of a biometric feature vector file than modification in a single area, however even where a total of 90% of the image was modified, a biometric feature vector file was able to be reconstructed from each of around 5% of the modified image files.
In another test, a series of modified image files were generated from an original image file by cropping the original image file by varying degrees ranging from 5% to 100% of the original image, after generation of digital imprint files using the original, unmodified image file. In this test, a biometric feature vector file was reconstructed from each of 100% of the modified files by use of digital imprint files generated using the original, unmodified file.
Figure 5 schematically shows an example application of the invention. A first person 40A has a smartphone (not shown) which stores biometric information of the first person 40A and updates it over time, for example daily, weekly or monthly. The biometric information includes one or more of fingerprint characteristics captured during logging-in, voice characteristics captured during phone calls and/or operation of speech recognition functionality of the smartphone and facial characteristics (possibly including iris characteristics) captured with a rear-facing built-in digital camera of the smartphone. A biometric feature vector file (BFVF) 42A for the first person 40A is generated and updated overtime using the biometric information of the first person captured by the first person's smartphone and the biometric feature vector file 42A is stored on the first person’s smartphone.
The first person 40A creates an image file 41 using a built-in forward-facing digital camera of the smartphone. Immediately after the image file 41 is created, the biometric feature vector file 42A is processed together with the image file 41 as described above to generate a set 44A of digital imprint files which is stored in a central database 46. The digital imprint files 44A are transmitted over a wireless network to the central database 46 which is maintained at a remote location. The person 40A then transmits (50) the image file 41 by email or MMS to the smartphone of a second person 40B. The second person’s smartphone (not shown) captures biometric information of the second person and maintains a regularly-updated biometric feature vector file 42B on the second person’s smartphone using that biometric data. The second person 40B opens the file 41 but does not modify the image data of the image file 41. On opening the image file 41, the second person’s smartphone operates to process the second person’s biometric feature vector file 42B with the image file 41 to produce a second set 44B of digital imprint files which is added to the central database 46. The second person 40B then uses her smartphone to send (52) the image file 41 to the smartphone of a third person 40C.
The third person’s smartphone (not shown) operates to maintain a biometric feature vector file 42C using biometric information of the third person, captured by the third person’s smartphone. The third person 40C opens the file 41 and modifies the image data of the image file 41 to produce a modified image file 45. The modified image file 45 may for example be produced by cropping the image data, pixelating one or more parts of it, combining it with other image data, or by a combination of two or more such operations.
The third person’s smartphone operates to process the biometric feature vector file 42C with the modified image file 45 to generate a third set 44C of digital imprint files which is added to the central database 46. The modified image file 45 is then subsequently transmitted (54) by the third person 40C to further recipients in turn who each handle the modified image file 45 (e g. opening, closing, saving or transmitting the file), either with or without further modifying the image data of the file 45.
These steps result in an image file 47 comprising image data related to that of the file 41.
The identities of individuals such as 40A, 40B, 40C who have handled and/or modified earlier versions of the image file 47, such as files 41, 43 and 45, are identified by processing (48) the image file 47 with each of the digital imprint files held on the central database 46 to generate a set 49 of reconstructed biometric feature vector files from which the individuals 40A, 40B, 40C may be identified.
Starting from a given electronic file, which could be any of 41, 43, 45 or 47, the identity of a person who has handled the file (either with or without modifying the file’s image data) may be recovered by processing the given electronic file with digital imprint files held on the central database 46 to generate a set 49 of reconstructed biometric feature vector files.
The reconstructed biometric feature vector files 49 may be processed with each of a set of example or candidate biometric features vector files held on a separate database in order to identify individuals such as 40A, 40B, 40C. That database may be complied by adding digital biometric feature vectors files such as 44A, 44B, 44C to the database by transmitting them over the wireless network after they are generated by the users’ smartphones.
Figure 6 schematically represents an image file having image data 56 and header data contained in two header portions 52, 54 which together form a file header. On creation or handling of the file 56, biometric information corresponding to the creator or handler of the file 56 is processed by the computer on which the file 56 is created or handled to generate a digital biometric feature vector file. Data portions corresponding to parts of the digital biometric feature vector file are then distributed amongst and embedded within other data within the header portion 52 according to a key, and key data corresponding to the key is stored or embedded within header portion 54. The key corresponds to locations within the header portion 52 where the data portions are embedded. In order to associate the file 56 with the creator or handler of the file 56, the header portions 52, 54 are processed to reconstruct the digital biometric feature vector file. The reconstructed digital biometric feature vector file may then be compared to each of set of example digital biometric feature vector files held in a database in order to identify the creator or handler of the file 56. When the digital biometric feature vector file of the creator or handler of the file 56 is processed into the header portion 52, it may at the same time be added to the database so that the database is dynamically updated.

Claims (8)

1. A method of associating a person with a digital object in the form of an electronic file, the method comprising the steps of (i) embedding portions of data at locations within the electronic file according to a key, each portion of data corresponding to a respective part of a digital biometric feature vector file generated from biometric information of the person, and embedding key data representing the key within the electronic file; and (ii) processing at least a part of the electronic file to generate a reconstructed digital biometric feature vector file using the portions of data and the key data.
2. A method according to claim 1 wherein the portions of data collectively correspond to the whole of the digital biometric feature vector file.
3. A method according to claim 1 or claim 2 wherein in step (i) the portions of data and the key data are embedded within a header portion of the electronic file and wherein in step (ii) the header portion of the electronic file is processed to generate the reconstructed digital biometric feature vector file.
4. A method according to any preceding claim further the comprising the step of comparing the reconstructed digital biometric feature vector file with each of set of example digital biometric feature vector files each of which corresponds to biometric data of a respective individual.
5. A method according to claim 4 wherein, subsequently to step (i), the digital biometric feature vector file is added to the set of example digital biometric feature vector files.
6. A computer program comprising computer program code adapted to cause computing apparatus to carry out a method according to any preceding claim when executed therein.
7. A computer program product embodying a computer program according to claim 6.
8. Computing apparatus programmed with a computer program according to claim 6.
GB1708728.9A 2016-06-02 2017-06-01 Method of associating a person with a digital object Withdrawn GB2551051A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB1708728.9A GB2551051A (en) 2016-06-02 2017-06-01 Method of associating a person with a digital object

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB1609673.7A GB2546567B (en) 2016-06-02 2016-06-02 Method of associating a person with a digital object
GB1708728.9A GB2551051A (en) 2016-06-02 2017-06-01 Method of associating a person with a digital object

Publications (2)

Publication Number Publication Date
GB201708728D0 GB201708728D0 (en) 2017-07-19
GB2551051A true GB2551051A (en) 2017-12-06

Family

ID=59349978

Family Applications (1)

Application Number Title Priority Date Filing Date
GB1708728.9A Withdrawn GB2551051A (en) 2016-06-02 2017-06-01 Method of associating a person with a digital object

Country Status (1)

Country Link
GB (1) GB2551051A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6085322A (en) * 1997-02-18 2000-07-04 Arcanvs Method and apparatus for establishing the authenticity of an electronic document
US20010042206A1 (en) * 2000-05-12 2001-11-15 International Business Machines Corporation Of Armonk System and method of uniquely authenticating each replication of a group of soft-copy documents
US20040073803A1 (en) * 2002-10-09 2004-04-15 Sony Ericsson Mobile Communications Ab Digital rights management apparatus , methods and multimedia products using biometric data
GB2459662A (en) * 2008-04-29 2009-11-04 Cryptomathic Ltd Securely caching electronic passport data for verification purposes
US20100106973A1 (en) * 2007-01-15 2010-04-29 Andreas Guenther Method and Device for Safeguarding of a Document with Inserted Signature image and Biometric Data in a Computer System

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6085322A (en) * 1997-02-18 2000-07-04 Arcanvs Method and apparatus for establishing the authenticity of an electronic document
US20010042206A1 (en) * 2000-05-12 2001-11-15 International Business Machines Corporation Of Armonk System and method of uniquely authenticating each replication of a group of soft-copy documents
US20040073803A1 (en) * 2002-10-09 2004-04-15 Sony Ericsson Mobile Communications Ab Digital rights management apparatus , methods and multimedia products using biometric data
US20100106973A1 (en) * 2007-01-15 2010-04-29 Andreas Guenther Method and Device for Safeguarding of a Document with Inserted Signature image and Biometric Data in a Computer System
GB2459662A (en) * 2008-04-29 2009-11-04 Cryptomathic Ltd Securely caching electronic passport data for verification purposes

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
The Scientific Society for Saudi Students in the UK, "Saudi Students Conference UK Abstracts of Accepted Papers and Posters" [online], February 2016, pp 513, A Alruban et al., "Proactive biometrically-enabled forensic imprinting". *

Also Published As

Publication number Publication date
GB201708728D0 (en) 2017-07-19

Similar Documents

Publication Publication Date Title
JP7369500B2 (en) Remote user identity verification with threshold-based matching
CN103679031B (en) A kind of immune method and apparatus of file virus
US20120317421A1 (en) Fingerprinting Executable Code
CN106650799B (en) A kind of electronic evidence classification extracting method and system
Damshenas et al. A survey on digital forensics trends
CN109800304A (en) Processing method, device, equipment and the medium of case notes
Alzahrani et al. A review on android ransomware detection using deep learning techniques
CN108256329B (en) Fine-grained RAT program detection method and system based on dynamic behavior and corresponding APT attack detection method
Khan et al. Digital forensics and cyber forensics investigation: security challenges, limitations, open issues, and future direction
Guo et al. Research and review on computer forensics
GB2546567A (en) Method of associating a person with a digital object
EP3591561A1 (en) An anonymized data processing method and computer programs thereof
Salih et al. Digital forensic tools: A literature review
Anobah et al. Testing framework for mobile device forensics tools
CN111222181B (en) AI model supervision method, system, server and storage medium
Alruban et al. Biometrically linking document leakage to the individuals responsible
Al-Faaruuq et al. IOS digital evidence comparison of instant messaging apps
GB2551051A (en) Method of associating a person with a digital object
Rahman et al. Digital forensics through application behavior analysis
Dubey et al. Digital forensics techniques and trends: a review.
El Majdoub et al. Mobile Forensics Data Acquisition
US11722324B2 (en) Secure and accountable execution of robotic process automation
US20200364321A1 (en) Method and apparatus for providing authentication using voice and facial data
Singh et al. Digital Forensics and Cybersecurity Tools
Kambire et al. An improved framework for tamper detection in databases

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)