Biometric security for mobile computing



original image

This paper provides an editorial statement for the special issue on biometric security in mobile computing environment.

Data and computing resource security has become an integral element in the fabric of information systems. Cryptography has formed a foundation for conventional security theoretical frameworks and applications. However, cryptography is based on either knowledge (i.e., what you know) or possession (i.e., what you have). This is a built-in weakness in traditional authentication approaches, as the true identity of an individual cannot be verified.

Biometric security is emerging as a promising solution to the above problems. Biometrics-based authentication schemes use biological traits such as fingerprints, face, iris, hand-geometry, and palm-prints, etc., which are unique for any individual. Biometric security technology has made great progress in both theory and applications. Biometric systems are commonly being used in many applications in our daily life including biometric passports, forensic analysis and other civilian applications. With the rapid development of mobile networks and mobile computing technology, more and more mobile devices such as mobile phones have evolved from simple voice communication devices to powerful digital handsets with multiple functions such as digital cameras, video recorders, radios, MP3 players, web browsers, gaming terminals, GPS navigators, and mobile TVs. Recently, more and more data-centric services are being provided over mobile networks. In the future, mobile devices will store far more information than earlier handsets, e.g., related to personal data and financial information. Mobile users could use services such as trading stocks, processing micro-payment and managing bank accounts and using online data storage services. The portability of mobile devices and the convenience of mobile services have made mobile computing increasingly attractive. However it also brings with it the risk of information leakage and illegitimate use. When mobile devices are lost or stolen, not only the devices themselves but also the stored information may fall into the wrong hands. Therefore, biometric security in the mobile computing environments has to deal with the additional challenges of constrained onboard computing resources and the high risk of template compromise.

The objective of this special issue, as its title suggests, is to present a collection of high quality research papers that report the latest developments in addressing the challenges of biometric security technology especially in the mobile computing environment.

The first paper is entitled ‘A Fingerprint based Bio-Cryptographic Security Protocol Designed for Client/Server Authentication in Mobile Computing Environment.’ This paper proposes a bio-cryptographic protocol that can combine the advantages of the public key infrastructure (PKI) and biometric security. The idea is to transfer the locally matched fuzzy vault index to the central server for biometric authentication using the PKI, which offloads the computation demand to the central server. Biometric cancelable keys are generated while minutiae details are never exposed externally. Establishment of symmetric session keys does not need a conventional key exchange process, which further reduces the vulnerability risk. A J2ME implementation has been provided on the mobile device emulator to validate the feasibility in the mobile computing environment 1.

The second paper is entitled ‘Fusion of Visual and Infrared Face Verification Systems.’ This paper presents a two-stage procedure to combine multiple face traits for identity authentication. At the first stage, a high dimensional random projection is applied to the raw visual and infrared face images to extract useful information relevant to each identity. This is followed by a dimension reduction using eigen feature regularization and extraction. At the second stage, the scores from two verification systems based on each face modality are fused by an error minimization algorithm. This error minimization algorithm directly optimizes the verification accuracy by adjusting the parameters of a polynomial classifier 2.

The third paper is entitled ‘A Chaos Based Encryption Technique to Protect ECG Packets for Time Critical Telecardiology Applications.’ Electrocardiography (ECG) signal is popularly used for diagnosing cardiovascular diseases (CVD). It can also be used for biometric identification. As ECG signals contain sensitive private health information along with details for person identification, they need to be encrypted before transmission through public media. This paper proposes the usage of multi-scroll chaos to encrypt ECG packets. ECG packets are being encrypted by the mobile phones using the chaos key. The proposed scheme attempts to satisfy multiple demands of limited onboard computing resource, fast and secure encryption 3.

The fourth paper's title is ‘Medical Biometrics in Mobile Health Monitoring.’ This work investigates the feasibility of ECG based identity management in mobile health monitoring applications. A body area network that operates in conjunction with ECG biometric recognition is explored for mobile monitoring of patients, rescuers, pilots, soldiers, or field agents in general. Among the major challenges of this technology is the stability of the signals over the monitoring duration. Time dependency is responsible for ECG destabilization, which becomes a significant issue for reliable monitoring. This paper proposes a framework that addresses this inadequacy, by updating a gallery template when feature matching is compromised. In addition, strategies for tackling privacy issues in medical data management are proposed. A protocol level solution is discussed, to deal with the ethical issues of this technology. An automatic way of aggregating and managing personal information is presented, designated to operate on the basis of anonymity 4.

The fifth paper is entitled ‘A Topological Interpretation of Fingerprint Reference Point.’ A critical issue in the development of an automated fingerprint identification system is to accurately and reliably detect the reference points. Most existing techniques are based on the singular points of the fingerprint which are sensitive to fingerprint artifacts and are not well defined for arch-type fingerprints. In this paper, the authors present a topological interpretation of fingerprint reference point, where the reference points are posed as topological features of fingerprint structure and can be detected seamlessly from either arch-type or non-arch type fingerprints 5.

The sixth paper's title is ‘Identification with Encrypted Biometric Data.’ In the mobile computing environment, biometric authentication/identification has been used for access control to the sensitive data stored in the mobile device. However, the biometric template stored in the mobile device also needs to be protected. Encryption of the biometric template can provide a strong protection. However, biometric authentication over the encrypted domain is very challenging. This is because conventional cryptography requires exactness while biometrics always presents uncertainty. This paper introduces a method for biometric identification over an encrypted domain. The proposed scheme combines Bloom Filters with Storage and Locality-Sensitive Hashing. It applies this error-tolerant scheme, in a Hamming space, to achieve biometric identification in an efficient way. This is the first non-trivial identification scheme dealing with fuzziness and encrypted data 6.

The seventh paper is entitled ‘Protection of Minutiae-based Templates using Biocryptographic constructs in the Set Difference Metric.’ In the mobile computing environment, the biometric template stored in the mobile device runs a high risk of being attacked due to the higher probability of mobile device being stolen or lost. As biometrics are unique and relatively unchanging during their life time, a compromised biometric means the loss of that particular biometric. In fingerprint applications, an individual has maximum ten fingers. This limited resource of biometric fingerprints will make the compromised fingerprints a serious issue. This paper investigates design issues involved in building authentication systems using minutiae-based fingerprint templates, where the template is protected during comparison as well as storage. Two popular bio-cryptographic schemes based on the set difference metric, the Fuzzy Vault and Pinsketch, are analyzed with regards to theoretical bounds on the template sizes and decision thresholds. The authors define six different minutiae-based templates and for each, determine the quantization parameters that yield the best matching performance at a threshold where the probability of false match is zero. It then determines which, if any of the representations satisfy the theoretical bounds proposed for each bio-cryptographic construct. The authors implement a PinSketch-based authentication system that uses a combination of a commonality and a set-difference measure to securely compare two fingerprint templates, with negligible deterioration in accuracy. Results indicate that to securely correct the degree of intra sample error observed in minutiae-based templates, efficient commonality-based error tolerant cryptographic constructs will be more suited than set-difference based constructs 7.

The eighth paper's title is ‘Palmprint Authentication Using Fusion of Wavelet and Contourlet Features.’ Low resolution palmprint images consist of discriminative multi-sized and multi-directional principal lines and wrinkles. Intuitively, discrete wavelet transform (DWT) is a good choice to extract such patterns due to its space-frequency localization, multi-resolution analysis (MRA) capability, and computational efficiency. However, most of the DWT based palmprint recognition systems fail to report low equal error rate (EER) due to inherent limitations of DWT and shift-rotational variations in the intraclass palmprint images. This paper proposes the techniques for shift and rotation invariant feature extraction using DWT extension. Further, limited directionality due to DWT is overcome by augmenting with features of contourlet transform. Contourlet transform can extract curve singularities effectively with multi-directional decomposition capability; wavelets are good in extracting point singularities. The different views of contourlet transform and DWT on palmprints motivate us to extract contourlet and wavelet features, and examine them for their individual and combined verification performances. The combined mode is found to perform well over their individual performances 8.

The ninth paper's title is ‘A Review On Fingerprint Orientation Estimation’. Fingerprint orientation plays a critical role on fingerprint feature retrieval and processing including fingerprint enhancement, fingerprint classification, and fingerprint recognition. This paper critically reviews the primary advances on fingerprint orientation estimation. Advantages and limitations of existing methods have been addressed. Issues on future development have been discussed 9.

The collection of the above papers in this special issue on Biometric Security for Mobile Computing presents the latest developments on the topic of using biometric security in the mobile computing environment. It offers contributions that are of value to both theory and applications.

Finally, we would like to express our gratitude to the Editor-in-Chief, Prof. Hsiao-Hwa Chen for his advice, patience, and encouragement throughout this process. The papers submitted to this special issue have undergone rigorous peer review process with each paper having received three reviews on average. Most of accepted papers have been through two or three rounds of review. We would like to thank all anonymous reviewers for their hard work and constructive comments, which has made a collection of quality papers in this issue possible. We would also like to thank all authors who have submitted their papers for consideration for this special issue.

Biographical Information

Jiankun Hu is an associate professor at the School of Computer Science and Information Technology, RMIT University, Australia. His major research interest is in computer networking and computer security, especially biometric security. He has been awarded five Australia Research Council Grants. He served as Security Symposium Co-Chair for IEEE GLOBECOM '08 and IEEE ICC '09. He was Program Co-Chair of the 2008 International Symposium on Computer Science and Its Applications. He served and is serving as an Associate Editor of the following journals: Journal of Network and Computer Applications, Elsevier; Journal of Security and Communication Networks, Wiley; and Journal of Wireless Communication and Mobile Computing, Wiley. He is the leading Guest Editor of a 2009 special issue on biometric security for mobile computing, Journal of Security and Communication Networks, Wiley. He received a Bachelor's degree in industrial automation in 1983 from Hunan University, P.R. China, a Ph.D. degree in engineering in 1993 from the Harbin Institute of Technology, P.R. China, and a Master's degree for research in computer science and software engineering from Monash University, Australia, in 2000. In 1995, he completed his postdoctoral fellow work in the Department of Electrical and Electronic Engineering, Harbin Shipbuilding College, P.R. China. He was a research fellow of the Alexander von Humboldt Foundation in the Department of Electrical and Electronic Engineering, Ruhr University, Germany, during 1995–1997. He worked as a research fellow in the Department of Electrical and Electronic Engineering, Delft University of Technology, the Netherlands, in 1997. Before he moved to RMIT University Australia, he was a research fellow in the Department of Electrical and Electronic Engineering, University of Melbourne, Australia.

original image

Biographical Information

Vijayakumar Bhagavatula (Prof. Kumar) received his B.Tech. and M.Tech. degrees in Electrical Engineering from Indian Institute of Technology, Kanpur and his Ph.D. in Electrical Engineering from Carnegie Mellon University, Pittsburgh. Since 1982, he has been a faculty member in the Department of Electrical and Computer Engineering (ECE) at Carnegie Mellon where he is now a Professor. Professor Kumar served as the Associate Department Head of the ECE Department from 1994 to 1996 and as the Acting Head of the Department during 2004–2005.

Professor Kumar's research interests include Automatic Target Recognition, Face Recognition, Iris Recognition, and Coding and Signal Processing for Data Storage Systems. His publications include the book entitled Correlation Pattern Recognition (co-authored with Dr Abhijit Mahalanobis and Dr Richard Juday, Cambridge University Press, November 2005), fifteen book chapters and about 500 technical papers. He served as a Pattern Recognition Topical Editor for the Information Processing division of Applied Optics. He was a co-guest editor of the September 2007 special issue of IEEE Transactions on Information Forensics and Security devoted to Human Detection and Recognition. He is currently serving as an Associate Editor for IEEE Transactions on Information Forensics and Security. Professor Kumar has served on many biometrics and data storage conference program committees and was a co-general chair of the 2004 Optical Data Storage conference, a co-general chair of the 2005 IEEE AutoID Workshop and has been a co-chair of the 2008, 2009, and 2010 SPIE conferences on Biometric Technology for Human Identification. Professor Kumar is a Fellow of IEEE, a Fellow of SPIE—The International Society of Optical Engineering, a Fellow of Optical Society of America (OSA) and a Fellow of the International Association of Pattern Recognition (IAPR). He serves on the IEEE Biometric Council and on IEEE Signal processing Society's Technical Committee on Information Forensics and Security. He is listed in various professional Who's Whos including Marquis' Who's Who in Science and Engineering and Who's Who in the World and in the American Men and Women of Sciences. In 2003, Prof. Kumar received the Eta Kappa Nu award for Excellence in Teaching in the ECE Department at CMU, the Carnegie Institute of Technology's Dowd Fellowship for educational contributions and the 2009 Carnegie Institute of Technology's Outstanding Faculty Research Award.

original image

Biographical Information

Mohammed Bennamoun received his M.Sc. from Queen's University, Kingston, Canada in the area of Control Theory, and his Ph.D. from Queen's /QUT in Brisbane, Australia in the area of Computer Vision. He lectured Robotics at Queen's, and then joined QUT as an Associate Lecturer. He then became a Lecturer in 1996 and a Senior Lecturer in 1998 at QUT. He was also the Director of a Research Center from 1998–2002. In 2003, he joined the School of Computer Science and Software Engineering at The University of Western Australia (UWA) as an Associate Professor and was promoted to full Professor in 2007. He is now Winthrop Professor and has been the Head of the School of Computer Science and Software Engineering at UWA since February 2007. He was an Erasmus Mundus Scholar and Visiting Professor in 2006 at the University of Edinburgh. He was also a Visiting Professor at CNRS (Centre National de la Recherche Scientifique) and Telecom Lille1, France in 2009, the Helsinki University of Technology in 2006, and the University of Bourgogne and Paris 13 in France in 2002–2003. He is the co-author of the book ‘Object Recognition: Fundamentals and Case Studies’, Springer-Verlag, 2001. He won the ‘Best Supervisor of the Year’ Award at QUT. He also received an award for research supervision at UWA in 2008. He published over 120 journals and conference publications. He served as a guest editor for a couple of special issues in International journals, such as the International Journal of Pattern Recognition and Artificial Intelligence (IJPRAI). He was selected to give conference tutorials at the European Conference on Computer Vision (ECCV) and the International Conference on Acoustics Speech and Signal Processing (IEEE ICASSP). He organized several special sessions for conferences; including a special session for the IEEE International Conference in Image Processing (IEEE ICIP). He was on the program committee of many conferences, e.g. 3D Digital Imaging and Modeling (3DIM) and the International Conference on Computer Vision. He also contributed in the organization of many local and international conferences. His areas of interest include control theory, robotics, obstacle avoidance, object recognition, artificial neural networks, signal/image processing and computer vision (particularly 3D).

original image

Biographical Information

Kar-Ann Toh is a full professor in the School of Electrical and Electronic Engineering at Yonsei University, South Korea. He received the Ph.D. degree from Nanyang Technological University (NTU), Singapore. He worked for 2 years in the aerospace industry prior to his post-doctoral appointments at research centers in NTU from 1998 to 2002. He was affiliated with Institute for Infocomm Research in Singapore from 2002 to 2005 prior to his current appointment in Korea. His research interests include biometrics, pattern classification, optimization, and neural networks. He is a co-inventor of a US patent and has made several PCT filings related to biometric applications. Besides being an active member in publications (PAMI, Machine Learning, Neural Computation etc), Dr Toh has served as a member of technical program committee for international conferences related to biometrics and artificial intelligence. He has also served as a reviewer for international journals including several IEEE Transactions. He is a senior member of the IEEE.

original image