Biometric-Based Physical and Cybersecurity Systems

Fingerprint technology has evolved immensely since its initial use in the 1800s when it was used solely to assist with crime investigations. It is now used as a convenience replacing passwords and PIN numbers from logging into bank accounts, mobile devices, gaining access into rooms and various other processes where time plays a key factor. This chapter focuses on how fingerprint technology can be used to improve speed and accuracy of certain processes, i.e. exams as the society accepts this as part of everyday life. In particular, we look at a use case in an educational setting where youngsters are much used to digital technologies as part of their daily life.

The chapter describes biometric identification based on inner eye organs – iris and retina. These methods are very precise and are used in areas with highest security requirements. Eye attributes that are being scanned and used for identification are unique for each individual, and the probability of two same identifiers is many times lower, for example, in comparison with fingerprints recognition.

Using 3D hand geometry biometrics solves the problem of low entropy presented by simple hand geometry biometrics. For it to become widespread, however, there are challenges that need to be overcome. The approaches to capture the three-dimensional model of a hand at sufficient speed and quality costs are still being developed, as are the methods of identification based on the acquired data.

In these chapters, the current static acquisition approaches will be described, such as the active triangulation via the structured light and the passive triangulation using multiple cameras and time-of-flight devices. Novel dynamic acquisition method utilizing line scan cameras will also be presented. With 3D hand geometry, we also can gain freedom regarding the hand position and orientation during acquisition. A depicture of feature extraction of 3D hand profile and their utilization will be presented.

In this chapter, we focus on the fundamentals and advances in the research and commercial aspects of 3D face recognition systems. We consider security applications that have accelerated the growth of biometrics leading to both commercial and research-based system developments. A review of such systems and the factors influencing the choice of biometrics are considered. Advanced techniques in 3D face recognition are touched up on with emphasis on case studies based on different sensor-based databases. These sensors include the FRVT, Microsoft KINECT and stereo vision-based systems. The development of biometric systems needs to consider standards for interoperability, basis for evaluation through a benchmarking process as well as legal and privacy consideration which are covered in this chapter.

Securing access to computer and network systems has become an important issue in recent days because most of the people stockpile their important information on their cell phones, tablets, laptops, desktop computers, etc. Hence, it is highly essential to secure the human interaction with such systems and strengthen the presently being used authentication methods. Traditional authentication systems of using passwords provide a great deal of security, but these traditional systems do not provide enough security in the case of extensive use of computer networks and systems. Biometric-based security systems are proven to be successful in adding another layer of security to the traditional schemes that rely on passwords. Keystroke dynamics scheme provides a very feasible solution to identify/authenticate individuals over the computer network in a very effective manner. In addition, more advanced features of the smart phones provide much advantage to the keystroke dynamics as the authentication can be based on schemes like the finger print, its pressure, the area covered, etc. This chapter gives a review of all the underlying technologies behind the keystroke dynamics and their applications in different fields.

The purpose of this chapter is to describe a new approach to recognize the identity of a person through analyzing the behavioral biometrics in Wi-Fi signals and their potential application prospects. A solid understanding of processing Wi-Fi signals helps to interpret solid information and problem statement on identity recognition through Wi-Fi signals. The ubiquitous and temporal features of Wi-Fi signals are the basis of recognition and localization. We introduce a new paradigm on how to use Wi-Fi signals to identify the human in the open environment. We proposed Wide, a Wi-Fi signal-based human identity recognition system. First, we describe the components of Wide and how it works in detail. Through collecting CSI (channel state information) profiles, Wide is able to recognize the human identity through sampling and extracting features of the received Wi-Fi signals. Then, to reduce the storage overhead while guaranteeing high recognizing accuracy, principal component analysis (PCA) technique is used. Finally, test-bed experiments are conducted to show the performance of Wide, indicating that Wide can quickly recognize people in a high accuracy.

The chapter starts with the definition of Wi-Fi signals and CSI (channel state information) and behavioral biometrics-related applications. Particular emphasis is placed on the characteristic of the CSI, which indicates that CSI can be used for recognizing the identity of people. Then we highlight our objective and demonstrate our design in detail. At last, experiments are conducted through collecting, analyzing, and processing Wi-Fi signals to recognize the identity of people, revealing that the proposed scheme can recognize people with promising accuracy in a short time.

This chapter is structured as follows. Section 1 focuses on research background in behavioral biometrics and illustrations on characteristics of key technologies. Section 2 gives a brief overview on related achievement in this research field. Section 3 looks at the essence of related theory and behavioral biometric recognition methods. Section 4 deals with experimental installations and configurations. Section 5 analyzes the experimental results and discusses the potential features of our scheme. Section 6 concludes this chapter and outlines future research trends in Wi-Fi signal topics.

The reinforcement of traditional static authentication by performing continuous authentication (CA) while the system is being used ensures that the user is legitimate throughout the computer usage. Stylometry can be a good candidate for CA since writing style can be acquired in a nonintrusive way and also is a good indicator of authorship. In using stylometry, the authentication process consists of comparing sample writing of an individual against the model or profile associated with the identity claimed by that individual at login time (i.e., one-to-one identity matching). Effective CA requires reauthenticating the user over a short period of time, which equates using a short text. Analyzing short texts is challenging since decision-making occurs on a limited amount of available information. High accuracy and resilience to forgery are other key challenges faced by CA. In this chapter, we discuss the key research challenges faced in using stylometry for CA, and we introduce an approach to tackle some of those challenges. Different classification techniques are investigated and evaluated using different public datasets, yielding encouraging performance results.

The emerging field of behavior biometrics has prompted a re-examination of many previously overlooked human characteristics. One such characteristic that has traditionally undergone analysis in the medical realm is the gait biometric. Gait biometrics refer to the unique aspects of human locomotion that can be captured and used for recognition purposes. These biometrics offer a number of potential advantages over other traditional biometrics in their abilities to be detected at a distance and with little-to-no obtrusion to the subject of the analysis. The gait biometric also offers another potential advantage over many traditional biometrics because it is inherently difficult to spoof the complicated set of actions that compose the human gait. This chapter discusses the various approaches that have been used to perform recognition via the gait biometric and examines the performance and implications that might be expected when applying the gait biometric to a real-world scenario.

This chapter covers the online signature-based biometric recognition system, which includes fingerprint scanning, facial geometry, footprint scanning, retina and iris patterns, DNA, and heartbeat scans. It covers the background knowledge of signature verification system along with its classification. A systematic comparison between online and offline signature verification system is also included. Basics of biometric recognition in terms of security, exploring definitions of the various parameters that can be used in the security perspective, are also covered (Obaidat and Boudriga, Security of e-Systems and Computer Networks. Cambridge University Press, 2007; Obaidat and Sadoun, IEEE Trans Syst Man Cybernetics Part B, 27(2):261–269, 1997). An in-depth discussion about the online signature-based authentication methods is also presented. Finally, some case studies have been discussed to demonstrate the concept.

We analyze the current state of research on EEG-based biometrics, giving an overview of the equipment available, together with practical guidance on the design of EEG-based authentication systems, of the authentication paradigms proposed, and of the empirical evaluations reported in the research literature. We conclude that EEG-based biometrics is still far from becoming a practical proposition. In particular, the time it takes to perform EEG-based user authentication is far above the time for competing biometric authentication schemes, and the number of subjects used in empirical evaluations tends to be too small to generalize results to larger populations.

The hand geometry, features in face, iris scan, and fingerprint vary from person to person, which provide unique features to be used in biometrics field for providing security to various systems. Most of the mono-biometric authentication systems give high error rate as they use only one feature. Hence, multimodal biometric systems are introduced, which can help in reducing the error rate at the cost of maintaining more data related to the features. Hence, it is said to be that the multimodal biometric systems are more reliable and secure. Image-based approaches offer much higher computation efficiency with minimum preprocessing. This approach is proved to be effective as the reliable feature extraction is possible even when the quality of image is low. However, this approach is weak if there are distortions in the shape of the image and variation in the positions or the orientation angle. Hence, this chapter presents a multimodal biometric invariant fusion authentication system based on fusion of Zφ invariant moment of fingerprint and face features. It reduces the storage of more features for authentication and reduces the error rate. The Morlet wavelet transform is used to make the system less sensitive to shape distortion by smoothening and preserving the local edges. The Zφ moment is the combination of Zernike and invariant moments, which are used to produce an affine transformation that is extracted from the fingerprint and the face. Authentication is successful if the similarity is 90% in the case of fingerprint and 70% in the case of face. False acceptance rate (FAR) and false reject rate (FRR) are optimal with these threshold values.

Data inaccuracy hampers the performance of a healthcare system in terms of throughput, end-to-end delay, and energy consumption. Runtime secret key generation is highly required during communication between a controller and healthcare sensors in order to protect and maintain accuracy of sensitive data of a human. Runtime secret key generation is possible after getting the physiological and behavioral information from a human. Therefore, the healthcare sensors with different sensing capabilities collect biometrics like heartbeat rate, blood pressure, and iris and generate runtime secret key by extracting features from these biometrics to communicate with the controller. On the other hand, the controller maintains a secure biometric template so that the generated key by a healthcare sensor can be verified. Thus biometric-based communication helps to protect sensitive data as well as helps to authenticate the communicators in real-time environment.

Wearable technology has seen a substantial growth over the last decade, largely due to the improvements in technology and the realization of its potential applications. Wearable technology includes devices such as smartwatches, smart eyewear, smart bands, smart fabrics, and smart jewelry. These devices are having a significant impact in the fields of healthcare, fitness and sports, education, entertainment, corporate enterprise, military, and law enforcement. One of the most important features of this technology is the communication capability it has with the wearer as well as other devices. Wearable devices are now equipped with sensors such as touch screen, 3-axis accelerometer, gyroscope, and electrocardiogram (ECG) and electroencephalogram (EEG) monitors.

We present an overview of the current state of the art in biometric authentication for wearable technologies. We explore the use of wearables to capture data from both traditional and new biometric modalities. We present several application scenarios that could exploit biometric authentication techniques using wearables. We review system architectures, including the use of cloud computing to off-load the processing and data storage. Finally, we discuss user privacy and security issues associated with biometric authentication for wearables.

In this chapter we study the cognitive dimension of behavioral biometrics and how the inclusion of such dimension adds to the accuracy and effectiveness of authentication systems. The chapter starts by introducing the concept of using cognitive biometrics in authentication. It illustrates the mechanics of the authentication process and how such biometrics can be incorporated to complement the security of the process. Three cognitive biometrics are presented in this chapter, eye tracking, mouse dynamics, and keystroke dynamics. We discuss the different aspects of these biometrics including the nature of acquisition, their feature space, distinctiveness, and accuracy. The chapter presents a hybrid model for integrating and synchronizing the features collected from each of these biometrics with the authentication scenario presented to the user. The model can be tuned to fit different authentication journeys taking in consideration the accuracy and the effectiveness of the authentication process.

In the current, digitally revolutionized world, human authentication can be seen as a very important social necessity. All the traditional token or knowledge-based methods alone cannot provide the required level of security. Hence, they are started to be used in conjunction with various biometrics. There are several biometric traits explored till now, such as face, palm, iris, fingerprint, etc., but it has been shown that all of them have several challenges and issues. Recently, hand-based biometric traits such as palm, fingerprint, knuckle, and vein patterns have started to get huge amount of attention due to their easy and inexpensive acquisition and better performance.

In this chapter, several state-of-the-art finger knuckle print-based authentication systems have been discussed. Many recently proposed algorithms, for extracting region of interest (ROI) with the help of curvature Gabor filters or convex coding, have been discussed. Since image quality plays a significant role, several finger knuckle trait-based image quality parameters have been described. Various finger knuckle ROI enhancement procedures have been highlighted along with multiple feature extraction and matching algorithms. All systems have been tested on few publicly available finger knuckle print/image databases such as PolyU and IITD datasets and are compared using the standard performance parameters such as equal error rate (EER) and correct recognition rate (CRR).

The rapid rise of cloud computing technology marks the next wave of enterprise information technology, catering up a market demand of a digitized economy to deliver traditional utilities such as electricity, gas, water, to name a few. The tremendous benefits of cloud computing technologies are being leveraged by companies of all sizes, leading lots of novel concepts and implementations, such as Software as a Service, Platform as a Service, Storage as a Service, and Infrastructure as a Service. In this chapter we give a survey on leveraging cloud-based resources for automated biometric identification, i.e., Biometrics as a Service (BAAS). In particular we present a comprehensive state-of-the-art cloud-based biometrics technologies for identification and authentication and then investigate on new systems, frameworks, and technologies developed by the community from the perspective of BAAS.

The convenience provided by cloud computing has led to an increasing trend of many business organizations, government agencies, and individual customers to migrate their services and data into cloud environments. However, once clients’ data is migrated, the overall security control will be immedicably shifted form data owners to the hand of cloud service providers. In fact, most cloud clients do not even know where their data is physically stored, and therefore the question of how to limit data access to authorized users has been one of the biggest challenges in cloud environments. Although security tokens and passwords are widely used form of remote user authentication, they can be lost or stolen as they are not linked with the identity of data owner. Therefore, biometric-based authentication can potentially offer a practical and reliable option for remote access control. This chapter starts with a brief introduction that covers the fundamental concepts of cloud computing and biometric-based authentication. It then provides an in-depth discussion on authentication challenges for the cloud computing environment and the limitation of traditional solutions. This leads to the key sections related to biometric solutions for cloud computing in which we present state-of-art approaches that offer convenient and privacy-preserving authentication needed for cloud environment. The chapter argues that addressing privacy concerns surrounding the use of biometrics in cloud computing is one of the key challenges that has to be an integral part of any viable solution for any biometric-based authentication. It also argues that assuring cloud clients that their biometric templates will not be used without their permission to, for example, track them is not enough. Such solutions should make it technically infeasible to do so even if a cloud service provider wants to. This chapter explains a number of interesting solutions that have been recently proposed to improve security and, at the same time, maintain user privacy. Finally, we identify some challenges that still need to be addressed and highlight relevant research directions.

The human-to-machine and human-to-human communications are transforming to machine-to-machine communications by which several decision-making systems can be built. When different Internet-enabled smart devices interact with each other to achieve a goal (application depended), then a network is formed in which different sophisticated technologies will integrate to each other to form Internet of Things (IoT). It encompasses the vast amount of diverse smart devices, which collaborate with each other to achieve different smart applications like smart cities, connected cars, automated agriculture, and so on. Through radio-frequency identification (RFID), wireless, mobile, and sensor technologies make IoT feasible, but it suffers from many challenges like scalability, security, and heterogeneity problems. Out of many challenges, security is one of the primary concerns in IoT. Without proper security and privacy, the business model of IoT will not succeed. This chapter discusses the secure solutions for IoT using biometric features of users as well as end users. The chapter will demonstrate that biometric security is most feasible, reliable, and efficient with respect to other existing security arrangements.

From the past to today, the growth of information technology in the world is huge, and its resolutions are becoming significant in almost all arenas of life. The e-government system is one of the great resolutions of information technology. The implementation of election process by electronic voting (e-voting) becomes more useful with the rapid growth of e-government evolution. An e-voting system provides facility by which the voters can submit their votes over the computer network via the Internet. Thus, the voters can join in elections without going physically to the polling places, which is more efficient and economical. The recent growth in communications and cryptographic techniques facilitates the implementation of e-voting. However, a practical and accurate e-voting scheme is highly required, which can ensure the e-voting requirements in terms of uniqueness, fairness, privacy, uncoercibility, eligibility, accuracy, individual verifiability, robustness, and universal verifiability (Obaidat MS, Boudriga N (2007) Security of e-systems and computer networks. Cambridge University Press, Cambridge/New York). However, incorporating biometric features like hand geometry, fingerprint, iris, retina, and handwriting can basically make digital photo ID card for each voter. During the election process, voters can submit their votes by punching their photo ID card into their electronic device like mobile, laptop, and computer (terminal) from remote places. In this chapter, we first describe the requirement of e-voting system and their security issues. Then we discuss some biometric-based e-voting schemes along with all possible attacks which need to be protected during the design of biometric-based e-voting system.

This chapter covers the ethical, legal, and social implications of biometric technologies, which include fingerprint scanning, facial geometry, footprint scanning, retina and iris patterns, DNA, and heart beat scanning, among others. The introduction part of the chapter will address the process of how to do the enrollment in biometric technology as well as the matching process. At the end of introduction, different biometric techniques and stacks have been given. The next section describes the legal implications of biometric technology to the society. Social issues and uses of biometric technology in government agencies are included in two distinct sections. Different standards formed by the European government were also summarized. The general perception about the biometric technology has been covered in this chapter. Lastly business ethics, biometric security, and a couple of case studies like megaproject UIDAI of India and the utilization of biometric-based security system for banking systems have been covered. By the end of this chapter, readers will get the information about ethical, legal, and social implications on the biometric technologies along with the detailed knowledge of megaproject UIDAI of India and the utilization of biometric-based security system for banking systems.