Reinforced Palmprint Reconstruction Attacks in Biometric Systems

Biometric signals can be acquired with different sensors and recognized in secure identity management systems. However, it is vulnerable to various attacks that compromise the security management in many applications, such as industrial IoT. In a real-world scenario, the target template stored in the database of a biometric system can possibly be leaked, and then used to reconstruct a fake image to fool the biometric system. As such, many reconstruction attacks have been proposed, yet unsatisfactory naturalness, poor visual quality or incompleteness remains as major limitations. Thus, two reinforced palmprint reconstruction attacks are proposed. Any palmprint image, which can be easily obtained, is used as the initial image, and the region of interest is iteratively modified with deep reinforcement strategies to reduce the matching distance. In the first attack, Modification Constraint within Neighborhood (MCwN) limits the modification extent and suppresses the reckless modification. In the second attack, Batch Member Selection (BMS) selects the significant pixels (SPs) to compose the batch, which are simultaneously modified to a slighter extent to reduce the matching number and the visual-quality degradation. The two reinforced attacks can satisfy all the requirements, which cannot be simultaneously satisfied by the existing attacks. The thorough experiments demonstrate that the two attacks have a highly successful attack rate for palmprint systems based on the most state-of-the-art coding-based methods.

eID and Self-Sovereign Identity Usage: An Overview

The COVID-19 pandemic helped countries to increase the use of their mobile eID solutions. These are based on traditional identity management systems, which suffer from weaknesses, such as the reliance on a central entity to provide the identity data and the lack of control of the user over her or his data. The introduction of self-sovereign identity (SSI) for e-government systems can strengthen the privacy of the citizens while enabling identification also for the weakest. To successfully initiate SSI, different factors have to be taken into account. In order to have a clear understanding of the challenges, but also lessons learned, we provide an overview of existing solutions and projects and conducted an analysis of their experiences. Based on a taxonomy, we identified strong points, as well as encountered challenges. The contribution of this paper is threefold: First, we enhanced existing taxonomies based on the literature for further evaluations. Second, we analyzed eID solutions for lessons learned. Third, we evaluated more recently started SSI projects in different states of their lifecycle. This led to a comprehensive discussion of the lessons learned and challenges to address, as well as further findings.

A Survey on Federated Identity Management Systems Limitation and Solutions

An efficient identity management system has become one of the fundamental requirements for ensuring safe, secure, and transparent use of identifiable information and attributes. Federated Identity Management (FIdM) allows users to distribute their identity information across security domains which increases the portability of their digital identities, and it is considered a promising approach to facilitate secure resource sharing among collaborating participants in heterogeneous IT environments. However, it also raises new architectural challenges and significant security and privacy issues that need to be mitigated. In this paper, we provide a comparison between FIdM architectures, presented the limitations and risks in FIdM system, and discuss the results and proposed solutions.

ORCID education: a departmental approach

Purpose This paper aims to provide a case study of an ORCID promotion at the University of Waterloo School of Optometry and Vision Science, providing context for the importance of education in ORCID outreach. Design/methodology/approach The three-month ORCID promotion used workshops and individual appointments to educate faculty about ORCID, identity management systems and research impact and scholarly communications. Findings A targeted and personal approach to ORCID promotion focused on education about why you might use this author disambiguation system resulted in 80% of the faculty within the School of Optometry and Vision Science signing up for, or using ORCID. Scaling an ORCID implementation to a larger group would likely benefit from a dedicated project group, and integration with existing institutional systems such as a requirement of an ORCID for internal grant applications. Originality/value Although time consuming, this small-scale ORCID promotion with one department reveals that a departmental approach to ORCID education may lead to larger conversations about scholarly communications and a stronger relationship between faculty and the library.

Decentralized Identity Systems: Architecture, Challenges, Solutions and Future Directions

Due to the exponential rise of the Internet in the last two decades, the digital presence has seen an enormous increase. Today, billions of people, devices and objects are digitally connected making the interactions much easier than before. To securely establish this connectivity in the digital era, proving digital identities has become crucial. Due to this, a growing number of organizations are building solutions that establish, verify and manage digital identities. Yet, a solution whereby digital identities and their associated data are efficiently managed is still far from being achieved. To fully understand the reason behind this lack, this paper provides a detailed state of the art related to identity management systems. It overviews traditional systems, analyses their strengths and limitations. This work highly focuses on the novel decentralized identity systems based on blockchain; a complete study describing their architecture, components, lifecycle and workflow is detailed. Additionally, solutions enabling decentralized identity are discussed, analysed and compared according to the ten principles of self-sovereign identity. Lastly, the challenges hindering the shift toward the fully decentralized identity paradigm are discussed.

Sovereignty, privacy, and ethics in blockchain-based identity management systems

Self-sovereign identity (SSI) solutions implemented on the basis of blockchain technology are seen as alternatives to existing digital identification systems, or even as a foundation of standards for the new global infrastructures for identity management systems. It is argued that ‘self-sovereignty' in this context can be understood as the concept of individual control over identity relevant private data, capacity to choose where such data is stored, and the ability to provide it to those who need to validate it. It is also argued that while it might be appealing to operationalise the concept of ‘self-sovereignty’ in a narrow technical sense, depreciation of moral semantics obscures key challenges and long-term repercussions. Closer attention to the normative substance of the ‘sovereignty’ concept helps to highlight a range of ethical issues pertaining to the changing nature of human identity in the context of ubiquitous private data collection.