Biometrics in Information Assurance

Funded Projects

Participants

Keywords

encryption, authentication protocols, availability, reliability, maintainability, SERC

Area Description

Information assurance, consists of “operations that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality and non-repudiation”. This includes providing for the restoration of information systems by incorporating protection, detection and reaction capabilities.” Biometric technologies can improve the overall assurance of an information system by incorporating the uniqueness of personal biometric signatures into the security and safety management. The downside of using biometric signature is the problem of the scalability. While, in principle, the problems associated with the widespread use of biometrics are not technical in nature, the possibility that digital identifiers of a person could be acquired from multiple sites and pooled to build a profile of that person’s activity is worrisome. Therefore, it is the responsibility of system designers to assure that the downsides of biometrics technologies cannot be exploited. In the near future, this system design imperative may become the matter of compliance with the law, if the statutes similar to the Consumer Biometric Privacy Protection Act, introduced into the California Assembly in 1998, become common.

The topics of this research thrust relate to the system level design and assessment considerations for applications that utilize biometrics technology. In an application, biometric signature is typically used to enhance user authentication capability or to improve the confidence in preserving the integrity of communication. The ensuing research areas are (i) Biometric encryption, (ii) Secure biometrics based distributed authentication protocols, and (iii) Methods for system level availability, reliability and maintainability assessment of biometric based systems.

Biometric Encryption
The ability to encrypt a biometric signature is vital for establishing the trust that a computer application will not violate the confidentiality of the users. The encryption is needed to prevent the access of an unauthorized individual to the signatures stored in an appropriate repository, as well as to prevent snooping attacks in cases when signatures are transported over unsecured (public) communication lines. Human biometric signatures are, essentially, signals. In most cases these are two dimensional signals, such as images (face, fingerprint scans, retina scans, etc) and their compressed representations (eigen-faces, minutia points). Traditional encryption research addresses information assurance concerns in the exchange of textual information (one dimensional stream of bits). While these techniques can be used for biometric signals, encryption techniques addressing the specific features of two dimensional signals in general, and biometric signatures in particular, have not received due research attention.

Secure Biometrics Based Authentication Protocols
Research efforts in biometric encryption are expected to provide a base knowledge for information assurance of biometric based systems. However, as with any encryption algorithms, they have to be incorporated into protocols that assure that the context in which they are used does not provide a back door for security breach. As in the case of password based security, designing biometrics based authentication protocols in a distributed environment requires extra effort [17]. To ensure integrity and confidentiality of communications in a distributed system, a secure encryption key (session key) must be associated with a biometric signature. One possible scenario assumes that a biometric image and/or the corresponding template is sent (from the client computer) to a secure location (secure server) for template comparison. If the user is verified, then the key is released from the secure location. If the security of the computer performing template comparison cannot be ensured, this solution is not appropriate. Alternatively, the key may be released at the client’s side if it is chosen to be a part of the biometric template. This solution calls for the static choice of template features used to derive keys, which is inappropriate in cases when an attack can be launched based on the long term observation of the key patterns. These approaches are just samples of the research topics to be investigated by the members of CITeR.

Methods for System Level Availability, Reliability and Maintainability Assessment
Biometric based systems can range from moderately complex to highly complex. As with any software based complex system, the assessment methodologies need to be developed so that they can address the nonfunctional requirements, such as availability, reliability, integrity and confidentiality, maintainability, etc. Even if a biometric based system provides “perfect” assurance of integrity and confidentiality, if rarely available, it becomes useless. If improperly engineered, such that its maintenance and modification are difficult, the biometric system may prove to be a bad investment. In case of reliability assessment, false positives (verifying the signature of a wrong person) can have more serious consequences than false negatives. Nevertheless, the later ones should occur excessively, because that would have a negative effect on system availability. These and similar problems have been addressed in the area of dependable computing, without focusing on the biometrics specifics. The research potential and the experience base available in another NSF IUCRC center, the Software Engineering Research Center (SERC), will play an important role in the formulation of this research trust. Several faculty members in the CSEE department at West Virginia University have been actively involved as principal investigators in SERC sponsored projects related to the system and software assessment. Furthermore, potential coupling of the industrial members of CITeR with the industrial members of SERC (several telecom industry giants, for example), could become a fertile ground for multidisciplinary, inter IUCRC research collaboration.