scholarly journals Transmission of Secure Biometric Data for Network-based User Authentication

2020 ◽  
Author(s):  
M Khan
Keyword(s):  
Large Scale ◽  
User Authentication ◽  
Public Key Infrastructure ◽  
The Other ◽  
Security And Privacy ◽  
Public Key ◽  
Biometric Authentication ◽  
Biometric Data ◽  
Biometric Template ◽  
Secure Transmission

The large-scale utilization of biometric authentication systems creates a demand for effective and reliable security and privacy of its data. Biometric data is not secret and if compromised, it can have catastrophic effects on the integrity of the whole verification system. To address these issues, this paper presents a novel encryption and watermarking method by using public key infrastructure for the secure transmission of biometric data over network. Encryption is applied on the biometric template before embedding as a watermark to make it more secure and robust and then, it is hid into the cover image. Experimental results show that the security, performance, and accuracy of the presented method is encouraging comparable with the other methods found in the current literature.

scholarly journals Transmission of Secure Biometric Data for Network-based User Authentication

2020 ◽  
Author(s):  
M Khan
Keyword(s):  
Large Scale ◽  
User Authentication ◽  
Public Key Infrastructure ◽  
The Other ◽  
Security And Privacy ◽  
Public Key ◽  
Biometric Authentication ◽  
Biometric Data ◽  
Biometric Template ◽  
Secure Transmission

The large-scale utilization of biometric authentication systems creates a demand for effective and reliable security and privacy of its data. Biometric data is not secret and if compromised, it can have catastrophic effects on the integrity of the whole verification system. To address these issues, this paper presents a novel encryption and watermarking method by using public key infrastructure for the secure transmission of biometric data over network. Encryption is applied on the biometric template before embedding as a watermark to make it more secure and robust and then, it is hid into the cover image. Experimental results show that the security, performance, and accuracy of the presented method is encouraging comparable with the other methods found in the current literature.

scholarly journals A New Design for Alignment-Free Chaffed Cancelable Iris Key Binding Scheme

Symmetry ◽  
2019 ◽  
Vol 11 (2) ◽  
pp. 164
Author(s):  
Tong-Yuen Chai ◽  
Bok-Min Goi ◽  
Yong-Haur Tay ◽  
and Zhe Jin
Keyword(s):  
Data Privacy ◽  
Iris Recognition ◽  
Large Scale ◽  
Security Analysis ◽  
Security And Privacy ◽  
Biometric Data ◽  
Alignment Free ◽  
Biometric Template ◽  
Significant Performance ◽  
Template Protection

Iris has been found to be unique and consistent over time despite its random nature. Unprotected biometric (iris) template raises concerns in security and privacy, as numerous large-scale iris recognition projects have been deployed worldwide—for instance, susceptibility to attacks, cumbersome renewability, and cross-matching. Template protection schemes from biometric cryptosystems and cancelable biometrics are expected to restore the confidence in biometrics regarding data privacy, given the great advancement in recent years. However, a majority of the biometric template protection schemes have uncertainties in guaranteeing criteria such as unlinkability, irreversibility, and revocability, while maintaining significant performance. Fuzzy commitment, a theoretically secure biometric key binding scheme, is vulnerable due to the inherent dependency of the biometric features and its reliance on error correction code (ECC). In this paper, an alignment-free and cancelable iris key binding scheme without ECC is proposed. The proposed system protects the binary biometric data, i.e., IrisCodes, from security and privacy attacks through a strong and size varying non-invertible cancelable transform. The proposed scheme provides flexibility in system storage and authentication speed via controllable hashed code length. We also proposed a fast key regeneration without either re-enrollment or constant storage of seeds. The experimental results and security analysis show the validity of the proposed scheme.

Enhanced authentication and key exchange for end to end security in mobile commerce using wireless public key infrastructure

2019 ◽  
Vol 48 (1) ◽  
pp. 14-22
Author(s):  
Krishna Prakasha ◽  
Balachandra Muniyal ◽  
Vasundhara Acharya
Keyword(s):  
User Authentication ◽  
Research Work ◽  
Public Key Infrastructure ◽  
Internet Security ◽  
Public Key ◽  
Sensitive Information ◽  
Content Type ◽  
Authentication Mechanism ◽  
End To End ◽  
Wireless Public Key Infrastructure

Purpose The purpose of the study is to develop a secure, efficient, and enhanced user authentication mechanism to achieve reliable and authenticated connection. In online transactions, users and resources are located at different places, and the sensitive information is to be protected and transferred using the suitable, reliable mechanism. Design/methodology/approach One of the latest approach to handle the requirement is by a Public Key Infrastructure (PKI) or its variant Wireless Public Key Infrastructure (WPKI). Fundamental management techniques are required to be very secure and vital since they are one of the points of attack in public key cryptosystem. Entity authentication and key agreement (AKA) is a critical cryptographic problem in wireless communication, where a mutual entity authentication plays a vital role in the establishment of the secure and authentic connection. This paper proposes an efficient and enhanced AKA scheme (EAKA) with the end-to-end security and verifies the proposed system for protection using automated validation of internet security protocols and applications. An efficient way for the implementation of an enhanced version of the protocol is proposed using a lattice-based cryptographic algorithm. Findings The time consumed for the proposed research work shows that it is practical and acceptable. Originality/value The proposed research work is an efficient and enhanced user authentication mechanism.

scholarly journals LogPicker: Strengthening Certificate Transparency Against Covert Adversaries

2021 ◽  
Vol 2021 (4) ◽  
pp. 184-202
Author(s):  
Alexandra Dirksen ◽  
David Klein ◽  
Robert Michael ◽  
Tilman Stehr ◽  
Konrad Rieck ◽  
...  
Keyword(s):  
Distributed System ◽  
Large Scale ◽  
Public Key Infrastructure ◽  
Third Party ◽  
Public Key ◽  
Smooth Transition ◽  
Certificate Authority ◽  
Trusted Third Party ◽  
The Public

Abstract HTTPS is a cornerstone of privacy in the modern Web. The public key infrastructure underlying HTTPS, however, is a frequent target of attacks. In several cases, forged certificates have been issued by compromised Certificate Authorities (CA) and used to spy on users at large scale. While the concept of Certificate Transparency (CT) provides a means for detecting such forgeries, it builds on a distributed system of CT logs whose correctness is still insufficiently protected. By compromising a certificate authority and the corresponding log, a covert adversary can still issue rogue certificates unnoticed. We introduce LogPicker, a novel protocol for strengthening the public key infrastructure of HTTPS. LogPicker enables a pool of CT logs to collaborate, where a randomly selected log includes the certificate while the rest witness and testify the certificate issuance process. As a result, CT logs become capable of auditing the log in charge independently without the need for a trusted third party. This auditing forces an attacker to control each participating witness, which significantly raises the bar for issuing rogue certificates. LogPicker is efficient and designed to be deployed incrementally, allowing a smooth transition towards a more secure Web.

Applying Technical Standards to Biometric Systems

2016 ◽  
Vol 8 (2) ◽  
pp. 50-59
Author(s):  
Milorad Milinković ◽  
Miroslav Minović ◽  
Miloš Milovanović
Keyword(s):  
Data Security ◽  
Privacy Protection ◽  
Data Exchange ◽  
International Organization ◽  
The Other ◽  
Security And Privacy ◽  
Technical Standards ◽  
Biometric Data ◽  
Biometric Systems ◽  
Common Problems

Nowadays, the development and the application of biometric systems on one hand, and the large number of hardware and software manufacturers on the other, caused two the most common problems of biometric systems: a problem of interoperability between system's components as well as between different biometric systems and a problem of biometric data security and privacy protection, both in storage and exchange. Specifications and standards, such as BioAPI and CBEFF, registered and published as multiple standards by ISO (International Organization for Standardization), propose the establishment of single platform (BioAPI) to facilitate the functioning of the biometric systems regardless of hardware or software manufacturers, and unique format for data exchange (CBEFF) to secure biometric data. In this paper, these standards are analyzed in detail and considered as possible solutions to aforementioned problems.

scholarly journals Study on Strengthening Plan of Safety Network CCTV Monitoring by Steganography and User Authentication

2015 ◽  
Vol 2015 ◽  
pp. 1-9
Author(s):  
Jung-oh Park ◽  
Sanggeun Kim
Keyword(s):  
Random Number ◽  
User Authentication ◽  
Authentication Protocol ◽  
Public Key Infrastructure ◽  
Public Key ◽  
Closed Circuit ◽  
Information Protection ◽  
Malicious User ◽  
Web Environment ◽  
R Value

Recently, as the utilization of CCTV (closed circuit television) is emerging as an issue, the studies on CCTV are receiving much attention. Accordingly, due to the development of CCTV, CCTV has IP addresses and is connected to network; it is exposed to many threats on the existing web environment. In this paper, steganography is utilized to confirm the Data Masquerading and Data Modification and, in addition, to strengthen the security; the user information is protected based on PKI (public key infrastructure), SN (serial number), andR value(random number) attributed at the time of login and the user authentication protocol to block nonauthorized access of malicious user in network CCTV environment was proposed. This paper should be appropriate for utilization of user infringement-related CCTV where user information protection-related technology is not applied for CCTV in the future.

scholarly journals Public-key Infrastructure

2018 ◽  
Vol 1 (1) ◽  
pp. 9-12
Author(s):  
Md. Rezaul Karim Miajee
Keyword(s):  
Digital Signature ◽  
Large Scale ◽  
Public Key Infrastructure ◽  
Public Key ◽  
The Internet ◽  
Public Keys

This paper presents the profiles related to public-key Infrastructure (PKI) for the Internet. The PKI manages public keys automatically through the use of public-key certificates. It provides a basis for accommodating interoperation between PKI entities. A large-scale PKI issues, revokes and manages digital signature public-key certificates to allow distant parties to reliably authenticate each other. A sound digital signature PKI should provide the basic foundation needed for issuing any kind of public-key certificate.  

Sign in / Sign up

Export Citation Format

Share Document