220 likes | 385 Views
A Risk Analysis Approach for Biometric Authentication Technology. Author: Arslan Br ö mme Submission: International Journal of Network Security Speaker: Chun-Ta Li. Outline. Introduction Fundamentals
E N D
A Risk Analysis Approach for Biometric Authentication Technology Author: Arslan Brömme Submission: International Journal of Network Security Speaker: Chun-Ta Li
Outline • Introduction • Fundamentals • A High-Level Component & Process Model for Integrated Security Risk Analysis of Biometric Authentication Technology • A Holistic Security Risk Analysis Approach for Biometric Authentication Technology • Conclusions • Comments
Introduction • Biometric technology • Standardize data formats for biometric data interchange • Communication protocols • Unified programming interface for enabling the interoperability of different biometric systems • Person authentication, identification and surveillance • Risk analysis (core processes and components)
Fundamentals • Risk analysis for biometric authentication technology • IT security biometrics • Privacy • Safety • Performance • Security risk analysis for biometric authentication technology • Biometric authentication systems
Fundamentals (cont.) • IT security biometrics • Studying on person recognition methods • Sensing of a person’s biological characteristics • Measuring of the captured or scanned biometrics • Computing of biometric signatures and biometric templates • Verifying and identifying against biometric templates • Privacy • Privacy is everyone’s fundamental human right • The principle of necessity of data collection means to avoid or at least to minimize personal data within an ICT system
Fundamentals (cont.) • Safety/Performance risks • Risk • Failure and Fault • Safety • Risk degradation • Reliability and Availability ↑ • Performance • Throughput ↑ • Latency ↓
Fundamentals (cont.) • Security risk of biometric authentication technology • The probability that a specific threat to biometric authentication technology • Security & Application Risk Traffic Light Model [Brunnstein 2003] • Green: low probability • Yellow : medium probability • Red : high probability • A specific vulnerability of biometric authentication technology
Fundamentals (cont.) • Biometric Authentication Systems • General authentication process [Brömme 2003] • Enrollment • Biometric authentication • Authroization • Access control • Derollment • Basic elements • Persons, hardware components, biometric communication channel, biometric process, biometric algorithms, biometric signature and biometric databases
A High-Level Component & Process Model for Integrated Security Risk Analysis of Biometric Authentication Technology • High-level Component & Process Model for integrated Security Risk Analysis ofBiometric Authentication Technology (ComProMiSe.Risk.of.BiT) Biometric authentication technology high-level methods transmission computation storage capture sensing high-level processes/functions send receive (en|de)crypt query update write (en|de)rollment authentication high-level process components/ Function modules High-level process components/function modules for high-level processes/function of high-level methods capture, transmission and storage scope of high-level component & process model (N) normalization (D) decision (P) preprocessing (Q) quality check and enhancement (C) (cluster|classifi)cation (S) biometric signal processing (B) computation of Biometric signature sub-level processes/functions sub-level processes components/functions modules lines of code
A High-Level Component & Process Model for Integrated Security Risk Analysis of Biometric Authentication Technology (cont.) • Processes • Enrollment, Authentication, Derollment • Components • P, Q, N, S, B, C, D • Risk aspect (1) • security, privacy, safety, performance • Risk aspect (2) • attack, misuse, fault, failure
A Holistic Security Risk Analysis Approach for Biometric Authentication Technology • Four potential risk interrelations • : has potential risk effect • : has risk effect • : has no risk effect • : has no potential risk effect • Two placeholders • ★: empty or Risk aspect (1) • ◇: empty or Risk aspect (2)
A Holistic Security Risk Analysis Approach for Biometric Authentication Technology (cont.) • Examples • e◇★a (efaulsafea) • d ◇ ★a (dattcsecua) A less reliable enrollment process which has a potential safety risk effect on the authentication process resulting in the false recognition and/or acceptance of persons An attack for a derollment process which has a potential security risk effect on a subsequent authentication process can arise resulting for example in the non-derollment of the selected person or derollment of a third not selected person with the intention to later on false recognize and/or accept the person which should be derolled
A Holistic Security Risk Analysis Approach for Biometric Authentication Technology (cont.) • Example • eBattcsecuaD • More than seven thousand1 single possible risk effect classes given here • Flexibility of the ◇★ relation in combination with a risk matrix enables the systematic exploration and discussion of holistic security risks A possible risk attacks describes the manipulation of enrollment computations of biometric signatures for intended false acceptance of imposters and/or false rejection genuines in subsequent authentication attempts 1
Conclusions • Author presents a systematic approach for a holistic security risk analysis of biometric authentication technology • Processes & Components • Four risk interrelations • Biometric authentication risk matrices
Comments • Evaluation of Paper • Confirmatory • Recommendation • Accept after minor revision • Details: • In the proposed approach, there are eight risk aspects, three processes and eighteen components in the risk matrix, please briefly showed all of these process & components in the paper. • In addition, there are four relations between elements. Are they enough to describe all of the risk effect for biometric authentication methods? Furthermore, how to define the condition of “potential” there should be described more clearly. • In the risk matrix, how to define the interrelations between these elements. Are these relations are defined by users or the system? The author must briefly describe it.
An Online Biometrics-based Secret Sharing Scheme for Multiparty Cryptosystem Using Smart Cards Advisor: Min-Shiang Hwang Speaker: Chun-Ta Li
The Proposed Scheme • Registration phase G Ri 1. IDi, Bi, PWi 2. Generates the Lagrange interpolating polynomial with degree t-1 (yi = K+a1xi+a2xi2+…+ at-1xit-1 mod P) Secret channel 3. Computes Xi = IDifi mod P Computes ei = (yiS mod P) ⊕ Xi Computes gi = XiSQi mod P // fi = H(H(Bi)) // 4. Smart card (IDi, P, H(.), fi, ei, gi) Secret channel
? 2. Verifies H(H(Bi)) = fi The Proposed Scheme (cont.) • Reconstruction phase … U1 U2 Ut Si 1. Every participant, Ui (i = 1 to t), inserts his/her smart card and inputs Bi into specific biometric device 3. If it holds, Ui computes following messages Xi` = IDifi mod P ei` = ei ⊕ Xi` = yiS mod P Mi1 = giQi-1 mod P = XiS mod P Mi2 = (Xi`)Qi mod P 4. Ui sends his/her Mi3 = EPKs{IDi||Mi1||Mi2||Rci} to Si
? 7. Then, Si verifies (Mi4)S= Mi1 9. Ui decrypts Mi5 and verifies Mi4= Xi` ? The Proposed Scheme (cont.) • Reconstruction phase (cont.) … U1 U2 Ut Si 5. Si decrypts Mi3 and checks the format of Ui’s IDi 6. If it holds, Si computes Mi4 = (Mi2)Qi-1 mod P = Xi` mod P 8. If Step 7 holds, Si sends Mi5 = ERc[IDi||Rs||Mi4] to Ui 10. If Step 9 holds, Ui sends Mi6 = ERs[IDi||ei`] to Si