WO2009082199A1 - Distributed biometric database and authentication system - Google Patents
Distributed biometric database and authentication system Download PDFInfo
- Publication number
- WO2009082199A1 WO2009082199A1 PCT/NL2008/000277 NL2008000277W WO2009082199A1 WO 2009082199 A1 WO2009082199 A1 WO 2009082199A1 NL 2008000277 W NL2008000277 W NL 2008000277W WO 2009082199 A1 WO2009082199 A1 WO 2009082199A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- biometric
- master database
- database
- unencrypted
- data
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/30—Individual registration on entry or exit not involving the use of a pass
- G07C9/32—Individual registration on entry or exit not involving the use of a pass in combination with an identity check
- G07C9/37—Individual registration on entry or exit not involving the use of a pass in combination with an identity check using biometric data, e.g. fingerprints, iris scans or voice recognition
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
- G06V10/00—Arrangements for image or video recognition or understanding
- G06V10/94—Hardware or software architectures specially adapted for image or video understanding
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
- G06V40/00—Recognition of biometric, human-related or animal-related patterns in image or video data
- G06V40/10—Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
Definitions
- This invention relates generally to a biometric system and, more specifically, to a distributed biometric database and authentication system using biometric encryption.
- Authentication of physical objects may be used in many applications, such as conditional access to secure buildings or conditional access to digital data (e.g. stored in a computer or removable storage media), or for identification purposes (e.g. for charging an identified individual for a particular activity).
- Every human being has a unique set of biometric data, such as voice, fingerprints, iris, retina, face, etc.
- biometrics is, to an ever-increasing extent, considered to be a better alternative to traditional identification means, such as passwords and PIN-codes and, indeed, biometric information is increasingly used to verify and authenticate a person's identity in an ever-growing number of applications and situations.
- biometric information is governed by a trust model, whereby a user receives assurances that the information as provided will only be used for specific purposes and that abuse will be prevented by a security regime for the data.
- a trust model whereby a user receives assurances that the information as provided will only be used for specific purposes and that abuse will be prevented by a security regime for the data.
- biometric applications are a plausible target for identity thieves, so traditional biometric systems have protected biometric templates by storing them in encrypted form.
- the template in order to check the identity of an individual, the template must be decrypted using a key before it can be compared with a live scan. This gives potential identity thieves two opportunities to access the template: intercepting the unencrypted template or stealing the encrypted template and key.
- the concept of providing intrinsic security by means of biometric encryption whereby rather than using the original biometrics, a derived dataset is used that has been created via a one-way transformation.
- the one-way properties of the transformation guarantee that the original biometrics can never be reconstructed from the stored data, while the transformations are unambiguous enough to be able to perform matches in the encrypted domain.
- FIG. 1 of the drawings there is provided a schematic diagram illustrative of the basic operation of an exemplary solution in this class of approaches to secure biometrics.
- the biometric 10 is first scanned and transformed into a regular biometric feature vector.
- the signal-to-noise ratio is estimated and used (at 12) to reduce the noise levels and template size without losing useful information.
- error-correction codes are used (at 14) to eliminate and remaining noise effects and minimize error rates, thereby ensuring, to the greatest extent possible, exact matching between templates and corresponding, subsequently-acquired biometric data.
- Auxiliary data is then combined (at 16) with the feature vector, thereby enabling different templates to be created from the same biometric.
- auxiliary data is essentially a random number but, importantly, that number can be different for each person and application.
- the or each biometric template (feature vector and auxiliary data) is hashed (at 18) for secure storage.
- each biometric can give rise to many different templates, so any compromised template can simply be revoked and replaced with a new one using the same biometric 10 but different auxiliary information.
- an identity thief who gains access to one template will not be able to use that template to access other applications.
- biometric encryption uses biometric encryption to solve many of the intrinsic problems associated with traditional biometric authentication and identification systems
- the matching performance of biometric encryption can differ slightly in error rates.
- biometry is embedded in law and case law where, for example, fingerprint matches are accepted as legal evidence if a certain number of minutiae correspond.
- Biometric encryption has no direct equivalent supported by years of case law.
- biometric encryption is a relatively young discipline, such that improvements in algorithms and ciphers can be expected over coming years, and any systems put in place now should ideally be modifiable accordingly, in order to maintain a required level of security.
- biometric information system comprising a master database in which unencrypted biometric data is stored, and at least one encrypted operational database in which is stored biometric templates derived from biometric data stored in said master database which has been subjected to biometric encryption.
- the master database is preferably located in a secure, non-networked environment.
- the system comprises a plurality of operational databases, each containing biometric templates generated from said unencrypted biometric data stored in said master database, preferably by a certified authority.
- a centralized operational database is provided containing biometric templates generated from said unencrypted data stored in said master database, and a centralized authority is permitted access to the contents of said centralized operational database.
- said centralized authority is configured to provide an authentication service, preferably on-line, to a plurality of applications in the form of organizations or otherwise.
- the biometric data stored in said master database may be single or multi-modal.
- said biometric encryption comprises the application of a one-way transformation, such as a one-way hash function, to a feature vector representative of said unencrypted biometric data.
- a method of providing a biometric information system comprising the steps of storing unencrypted biometric data in a master database, placing said master database in a secure, non-networked environment, generating a plurality of encrypted biometric templates by subjecting a plurality of respective pieces of unencrypted biometric data storing in said master database to biometric encryption, and stating said biometric templates in one or more operational databases.
- Fig. 1 is a schematic diagram illustrating the principal steps of a biometric encryption method suitable for use in an exemplary embodiment of the present invention
- Fig. 2 is a schematic diagram illustrating some of the principal components of a biometric system according to a first exemplary embodiment of the present invention
- Fig. 3 is a schematic diagram illustrating a method of biometric encryption suitable for use in the system of Fig. 2;
- Fig. 4 is a schematic diagram illustrating some of the principal components of a biometric system according to a second exemplary embodiment of the present invention
- Fig. 5 is a schematic diagram illustrating a method of authentication of biometric data suitable for use in the system of Fig. 4.
- a dual system is proposed that is characterized by a master database 20 comprising biometric data in its unencrypted form, and a plurality of operational databases 26a, b, c, protected by biometric encryption, intended for broad and daily use.
- the biometric data may be single or multi-modal, wherein modes of biometric data may comprise, for example, voice, iris, face, retina, fingerprint, etc.
- the master database 20 is preferably located in a highly secure, protected and non-networked environment 24 and the encrypted operational databases 26a, b, c are then generated from the unencrypted biometric data in the master database 20 by a certified authority (CA) 22.
- CA certified authority
- biometric encryption techniques available for use in generation of the encrypted operational databases 26a, b, c.
- One exemplary method of biometric encryption will be described in detail.
- the present invention is not intended to be limited in relation to the type of biometric encryption employed and, indeed, it is an advantage of the present invention that, as new and improved biometric encryption algorithms are developed, the master database 20 can be used by the certified authority 22 to generate a new set of encrypted operational databases by means of the new algorithm(s).
- a biometric feature vector X is retrieved from the master database, and the signal-to-noise ratio is estimated (at 30) and used to reduce the noise levels and data size without losing useful information, following which error-correction codes are applied to eliminate any remaining noise effects.
- Auxiliary data W is generated or otherwise retrieved and added to the resultant biometric signal X'.
- the auxiliary data may be in the form of, for example, a random number and, importantly, can be different for each person or template, thus enabling several different encrypted operational databases to be generated from the same set of biometric data.
- a one-way hash function F is finally applied to the biometric template comprised of the feature vector X' and the auxiliary data W to generate F(X', W).
- this encryption process is performed by the certified authority CA, so if a different algorithm or function is required to be applied to the raw data in order to generate a new set of encrypted operational databases, this too can be performed by the certified authority. Furthermore, the certified authority can thus also provide an audit trail if one of the biometric matches is ever challenged, for example, in a court of law.
- the raw biometric data is once again stored in a secure environment within a master database 20.
- a centralized encrypted operational database 40 is provided which is filled with different protected biometric templates derived from the raw biometric data in the master database using, for example, the encryption technique described above in relation to Figure 3.
- applications 42 e.g. border control, social services, local authorities, banks and other private organizations
- the centralized authority 44 thus provides an on-line authentication service to the applications 42, whereby a biometric sensor 46 local to the application collects biometric data from an individual and transmits it to the centralized authority 44.
- the signal-to-noise ratio is estimated (at 50) and used to reduce the noise levels and data size, as in the enrolment phase, following which error- correction codes are applied to eliminate any remaining noise effects.
- Auxiliary data W associated with the individual to which the biometric data is supposed to belong is retrieved and added to the resultant biometric signal Y'.
- the resultant data (Y') is transmitted to the centralized authority 44, auxiliary data W associated with the individual supposed to be represented by the biometric data Y is added, and the one-way hash function F is applied to the combination of the biometric data Y' and the auxiliary data W. If the result of F(Y', W) corresponds to the result of F(X', W), then a signal indicating a match is returned to the requesting application 42. Otherwise, data indicating that there is a mismatch is returned.
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Human Computer Interaction (AREA)
- Multimedia (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Collating Specific Patterns (AREA)
Abstract
A biometric information system comprising a master database (20), located in a secure, non-networked environment, in which unencrypted biometric data (F1, F2,..., FN) is stored. The system further comprises at least one encrypted operational database (26, 40) in which is stored biometric templates derived from biometric data stored in the master database (20) which has been subjected to biometric encryption such as the application of a one-way transformation of a feature vector representative of the unencrypted biometric data. The master database (20) provides an audit trail should a biometric match be questioned, while the operational database(s) (26, 40) provide the required security for general, day-to-day use.
Description
Distributed biometric database and authentication system.
FIELD OF THE INVENTION
This invention relates generally to a biometric system and, more specifically, to a distributed biometric database and authentication system using biometric encryption.
BACKGROUND OF THE INVENTION
Authentication of physical objects may be used in many applications, such as conditional access to secure buildings or conditional access to digital data (e.g. stored in a computer or removable storage media), or for identification purposes (e.g. for charging an identified individual for a particular activity). Every human being has a unique set of biometric data, such as voice, fingerprints, iris, retina, face, etc. The use of biometrics is, to an ever-increasing extent, considered to be a better alternative to traditional identification means, such as passwords and PIN-codes and, indeed, biometric information is increasingly used to verify and authenticate a person's identity in an ever-growing number of applications and situations.
Typically, the use of biometric information is governed by a trust model, whereby a user receives assurances that the information as provided will only be used for specific purposes and that abuse will be prevented by a security regime for the data. Unfortunately, while in theory this should provide a complete solution that addresses all concerns from citizens and the privacy community, in practice every security regime becomes vulnerable when deployed on a large scale, and widespread use inevitably leads to insider abuse and outside attacks, e.g. by hackers. It will be apparent that biometric applications are a tempting target for identity thieves, so traditional biometric systems have protected biometric templates by storing them in encrypted form. Thus, in order to check the identity of an individual, the template must be decrypted using a key before it can be compared with a live scan. This gives potential identity thieves two opportunities to access the template: intercepting the unencrypted template or stealing the encrypted template and key.
Therefore, the concept of providing intrinsic security by means of biometric encryption, whereby rather than using the original biometrics, a derived dataset is used that has been created via a one-way transformation. The one-way
properties of the transformation guarantee that the original biometrics can never be reconstructed from the stored data, while the transformations are unambiguous enough to be able to perform matches in the encrypted domain.
Referring to Figure 1 of the drawings, there is provided a schematic diagram illustrative of the basic operation of an exemplary solution in this class of approaches to secure biometrics. As shown, the biometric 10 is first scanned and transformed into a regular biometric feature vector. The signal-to-noise ratio is estimated and used (at 12) to reduce the noise levels and template size without losing useful information. Next, error-correction codes are used (at 14) to eliminate and remaining noise effects and minimize error rates, thereby ensuring, to the greatest extent possible, exact matching between templates and corresponding, subsequently-acquired biometric data. Auxiliary data is then combined (at 16) with the feature vector, thereby enabling different templates to be created from the same biometric. This auxiliary data is essentially a random number but, importantly, that number can be different for each person and application. Finally, the or each biometric template (feature vector and auxiliary data) is hashed (at 18) for secure storage. With auxiliary information, each biometric can give rise to many different templates, so any compromised template can simply be revoked and replaced with a new one using the same biometric 10 but different auxiliary information. Furthermore, as each resultant template is radically different, an identity thief who gains access to one template will not be able to use that template to access other applications.
While the system described above uses biometric encryption to solve many of the intrinsic problems associated with traditional biometric authentication and identification systems, there are still some drawbacks. For example, the matching performance of biometric encryption, while similar to that of traditional biometrics, can differ slightly in error rates. More importantly, biometry is embedded in law and case law where, for example, fingerprint matches are accepted as legal evidence if a certain number of minutiae correspond. Biometric encryption has no direct equivalent supported by years of case law. Furthermore, there are a large number of existing databases filled with biometric data within traditional biometric systems, which need to be dealt with. Finally, biometric encryption is a relatively young discipline, such that improvements in algorithms and ciphers can be expected over coming years, and any systems put in place now
should ideally be modifiable accordingly, in order to maintain a required level of security.
It is therefore an object of the present invention to provide a biometric system, using biometric encryption, in which the above-mentioned issues are addressed so as to provide a biometric system in which the required level of security is attained and can be maintained, whilst ensuring that a legally-acceptable audit trail (back to the original biometric data) can be provided, if a biometric match should be challenged, for example, in a court of law. SUMMARY OF THE INVENTION In accordance with the present invention, there is provided a biometric information system comprising a master database in which unencrypted biometric data is stored, and at least one encrypted operational database in which is stored biometric templates derived from biometric data stored in said master database which has been subjected to biometric encryption. Beneficially, the master database is preferably located in a secure, non-networked environment. In one exemplary embodiment, the system comprises a plurality of operational databases, each containing biometric templates generated from said unencrypted biometric data stored in said master database, preferably by a certified authority. In an alternative exemplary embodiment, a centralized operational database is provided containing biometric templates generated from said unencrypted data stored in said master database, and a centralized authority is permitted access to the contents of said centralized operational database. Beneficially, said centralized authority is configured to provide an authentication service, preferably on-line, to a plurality of applications in the form of organizations or otherwise.
The biometric data stored in said master database may be single or multi-modal. In one exemplary embodiment, said biometric encryption comprises the application of a one-way transformation, such as a one-way hash function, to a feature vector representative of said unencrypted biometric data.
Also, in accordance with the present invention, there is provided a method of providing a biometric information system, comprising the steps of storing unencrypted biometric data in a master database, placing said master database in a secure, non-networked environment, generating a plurality of encrypted biometric
templates by subjecting a plurality of respective pieces of unencrypted biometric data storing in said master database to biometric encryption, and stating said biometric templates in one or more operational databases.
These and other aspects of the present invention will be apparent from, and elucidated with reference to, the embodiments described herein.
BRIEF DESCRIPTION OF THE DRAWINGS
Embodiments of the present invention will now be described by way of examples only and with reference to the accompanying drawings, in which:
Fig. 1 is a schematic diagram illustrating the principal steps of a biometric encryption method suitable for use in an exemplary embodiment of the present invention;
Fig. 2 is a schematic diagram illustrating some of the principal components of a biometric system according to a first exemplary embodiment of the present invention; Fig. 3 is a schematic diagram illustrating a method of biometric encryption suitable for use in the system of Fig. 2;
Fig. 4 is a schematic diagram illustrating some of the principal components of a biometric system according to a second exemplary embodiment of the present invention; and Fig. 5 is a schematic diagram illustrating a method of authentication of biometric data suitable for use in the system of Fig. 4.
DETAILED DESCRIPTION
Thus, the object of the present invention is met by means of a hybrid solution that is characterized by a "separation of purpose". Referring to Figure 2 of the drawings, in accordance with a first exemplary embodiment of the present invention, a dual system is proposed that is characterized by a master database 20 comprising biometric data in its unencrypted form, and a plurality of operational databases 26a, b, c, protected by biometric encryption, intended for broad and daily use. The biometric data may be single or multi-modal, wherein modes of biometric data may comprise, for example, voice, iris, face, retina, fingerprint, etc. The master database 20 is preferably located in a highly secure, protected and non-networked environment 24 and the encrypted operational databases 26a, b, c are then generated from the unencrypted biometric data in the master database 20 by a certified authority (CA) 22.
There are several types of suitable biometric encryption techniques available for use in generation of the encrypted operational databases 26a, b, c. One exemplary method of biometric encryption will be described in detail. However, it will be appreciated by a person skilled in the art that the present invention is not intended to be limited in relation to the type of biometric encryption employed and, indeed, it is an advantage of the present invention that, as new and improved biometric encryption algorithms are developed, the master database 20 can be used by the certified authority 22 to generate a new set of encrypted operational databases by means of the new algorithm(s). Referring to Figure 3 of the drawings, a biometric feature vector X is retrieved from the master database, and the signal-to-noise ratio is estimated (at 30) and used to reduce the noise levels and data size without losing useful information, following which error-correction codes are applied to eliminate any remaining noise effects. Auxiliary data W is generated or otherwise retrieved and added to the resultant biometric signal X'. The auxiliary data may be in the form of, for example, a random number and, importantly, can be different for each person or template, thus enabling several different encrypted operational databases to be generated from the same set of biometric data.
A one-way hash function F is finally applied to the biometric template comprised of the feature vector X' and the auxiliary data W to generate F(X', W).
As explained above, this encryption process is performed by the certified authority CA, so if a different algorithm or function is required to be applied to the raw data in order to generate a new set of encrypted operational databases, this too can be performed by the certified authority. Furthermore, the certified authority can thus also provide an audit trail if one of the biometric matches is ever challenged, for example, in a court of law.
Referring to Figure 4 of the drawings, in an alternative exemplary embodiment, the raw biometric data is once again stored in a secure environment within a master database 20. However, in this case, a centralized encrypted operational database 40 is provided which is filled with different protected biometric templates derived from the raw biometric data in the master database using, for example, the encryption technique described above in relation to Figure 3. In this case, several applications 42 (e.g. border control, social services, local authorities,
banks and other private organizations) can be served by a centralized authority 44 having access to the encrypted operational database 40. The centralized authority 44 thus provides an on-line authentication service to the applications 42, whereby a biometric sensor 46 local to the application collects biometric data from an individual and transmits it to the centralized authority 44.
Referring to Figure 5 of the drawings, upon receipt of the collected biometric data Y, the signal-to-noise ratio is estimated (at 50) and used to reduce the noise levels and data size, as in the enrolment phase, following which error- correction codes are applied to eliminate any remaining noise effects. Auxiliary data W associated with the individual to which the biometric data is supposed to belong is retrieved and added to the resultant biometric signal Y'.
The resultant data (Y') is transmitted to the centralized authority 44, auxiliary data W associated with the individual supposed to be represented by the biometric data Y is added, and the one-way hash function F is applied to the combination of the biometric data Y' and the auxiliary data W. If the result of F(Y', W) corresponds to the result of F(X', W), then a signal indicating a match is returned to the requesting application 42. Otherwise, data indicating that there is a mismatch is returned.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be capable of designing many alternative embodiments without departing from the scope of the invention as defined by the appended claims. In the claims, any reference signs placed in parentheses shall not be construed as limiting the claims. The word "comprising" and "comprises", and the like, does not exclude the presence of elements or steps other than those listed in any claim or the specification as a whole. The singular reference of an element does not exclude the plural reference of such elements and vice-versa. The invention may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In a device claim enumerating several means, several of these means may be embodied by one and the same item of hardware. The mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage.
Claims
1. A biometric information system comprising a master database (20) in which unencrypted biometric data (F1 , F2, ... , FN) is stored, and at least one encrypted operational database (26,40) in which is stored biometric templates derived from biometric data stored in said master database (20) which has been subjected to biometric encryption.
2. A system according to claim 1 , wherein said master database (20) is located in a secure, non-networked environment.
3. A system according to claim 1 , comprising a plurality of operational databases (26), each containing biometric templates generated from said unencrypted biometric data stored in said master database (20).
4. A system according to claim 3, wherein said biometric templates are generated by a certified authority.
5. A system according to claim 1 , comprising a centralized operational database (40) containing biometric templates generated from said unencrypted data stored in said master database (20), and a centralized authority (44) is permitted access to the contents of said centralized operational database (40).
6. A system according to claim 5, wherein said centralized authority is configured to provide an authentication service to a plurality of applications (42).
7. A system according to claim 6, wherein said authentication service is made available to said applications on-line.
8. A system according to claim 1 , wherein said biometric encryption comprises the application of a one-way transformation, to a feature vector representative of said unencrypted biometric data.
9. A method of providing a biometric information system, comprising the steps of storing unencrypted biometric data (F1 , F2, ... , FN) in a master database (20), placing said master database (20) in a secure, non-networked environment, generating a plurality of encrypted biometric templates by subjecting a plurality of respective pieces of unencrypted biometric data storing in said master database (20) to biometric encryption, and storing said biometric templates in one or more operational databases (26,40).
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP07123798 | 2007-12-20 | ||
EP07123798.6 | 2007-12-20 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2009082199A1 true WO2009082199A1 (en) | 2009-07-02 |
Family
ID=40394551
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/NL2008/000277 WO2009082199A1 (en) | 2007-12-20 | 2008-12-17 | Distributed biometric database and authentication system |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2009082199A1 (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2013513151A (en) * | 2009-12-04 | 2013-04-18 | テールズ | System for distributed secure storage of personal data, especially biometric features, and systems, local devices and methods for monitoring identity |
US10432622B2 (en) | 2016-05-05 | 2019-10-01 | International Business Machines Corporation | Securing biometric data through template distribution |
US10621584B2 (en) | 2016-03-16 | 2020-04-14 | Clover Network, Inc. | Network of biometrically secure devices with enhanced privacy protection |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2002095657A2 (en) * | 2001-05-18 | 2002-11-28 | Iridian Technologies, Inc. | Authentication using application-specific biometric templates |
US20040019570A1 (en) * | 2000-06-16 | 2004-01-29 | International Business Machines Corporation | Business system and method using a distorted biometrics |
US20070253608A1 (en) * | 2006-03-03 | 2007-11-01 | The Research Foundation Of State University Of New York Stor Intellectual Property Division | Secure fingerprint matching by hashing localized information |
-
2008
- 2008-12-17 WO PCT/NL2008/000277 patent/WO2009082199A1/en active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040019570A1 (en) * | 2000-06-16 | 2004-01-29 | International Business Machines Corporation | Business system and method using a distorted biometrics |
WO2002095657A2 (en) * | 2001-05-18 | 2002-11-28 | Iridian Technologies, Inc. | Authentication using application-specific biometric templates |
US20070253608A1 (en) * | 2006-03-03 | 2007-11-01 | The Research Foundation Of State University Of New York Stor Intellectual Property Division | Secure fingerprint matching by hashing localized information |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2013513151A (en) * | 2009-12-04 | 2013-04-18 | テールズ | System for distributed secure storage of personal data, especially biometric features, and systems, local devices and methods for monitoring identity |
US10621584B2 (en) | 2016-03-16 | 2020-04-14 | Clover Network, Inc. | Network of biometrically secure devices with enhanced privacy protection |
US10432622B2 (en) | 2016-05-05 | 2019-10-01 | International Business Machines Corporation | Securing biometric data through template distribution |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6185316B1 (en) | Self-authentication apparatus and method | |
US6317834B1 (en) | Biometric authentication system with encrypted models | |
US7131009B2 (en) | Multiple factor-based user identification and authentication | |
US8607056B2 (en) | Data processing apparatus and method | |
Joshi et al. | Security vulnerabilities against fingerprint biometric system | |
US20090310779A1 (en) | Method for generating cryptographic key from biometric data | |
US20060235729A1 (en) | Application-specific biometric templates | |
EP2513834B1 (en) | System and method for verifying the identity of an individual by employing biometric data features associated with the individual as well as a computer program product for performing said method | |
Cavoukian et al. | Biometric encryption: The new breed of untraceable biometrics | |
WO2006054208A1 (en) | Securely computing a similarity measure | |
JP7458661B2 (en) | Biometric digital signature generation for identity verification | |
Chiou | Secure Method for Biometric‐Based Recognition with Integrated Cryptographic Functions | |
Karimovich et al. | Biometric cryptosystems: Open issues and challenges | |
Bathen et al. | Selfis: Self-sovereign biometric ids | |
Failla et al. | Esketch: a privacy-preserving fuzzy commitment scheme for authentication using encrypted biometrics | |
Wang et al. | A novel template protection scheme for multibiometrics based on fuzzy commitment and chaotic system | |
Uludag | Secure biometric systems | |
Velciu et al. | Bio-cryptographic authentication in cloud storage sharing | |
WO2009082199A1 (en) | Distributed biometric database and authentication system | |
KR101010218B1 (en) | Biometric authentication method | |
Cavoukian et al. | Keynote paper: Biometric encryption: Technology for strong authentication, security and privacy | |
Sapkal et al. | Biometric template protection with fuzzy vault and fuzzy commitment | |
Kaur et al. | Remote multimodal biometric authentication using visual cryptography | |
Yang et al. | Review of recent patents on cancelable biometrics | |
Moataz et al. | ELITE: zero links identity management system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 08864242 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 08864242 Country of ref document: EP Kind code of ref document: A1 |