Research on Privacy in Biometrics

Abstract

Abstract: Biometric has been the important method for identity authentication due to the uniqueness, permanence and identifiability of the biological characteristic, but also pose challenges for privacy. Biometrics system should meet six protection goals: confidentiality, integrity, availability, unlinkability, transparency, and intevenability. In this paper, the requirements and implications of these goals are analyzed, and the relevant techniques and implementation methods are proposed including biometric encryption, cancelable biometric, homomorphic encryption, anonymization, de-identification, diversification, renewable biometric reference, data isolation, as well as management principles and criterion of conduct besides technical measures.

Key words: biometric, privacy, confidentiality, integrity, availability, unlinkability, transparency, intevenability

摘要： 生物特征的唯一性、持久性和可识别性推动生物特征识别成为身份认证的重要鉴别手段，但同时也对隐私保护提出了挑战。生物特征识别系统应满足隐私保护的六大保护目标：保密性、完整性、可用性、不可链接性、透明性和可干预性。本文首先分析了上述保护目标的需求，然后针对上述目标分别提出了相应的隐私保护技术手段和实现方法，包括：生物特征加密技术、可撤销生物特征、同态加密技术、匿名化和去标识化技术、多样化技术、可更新生物特征参考、数据隔离等等，并讨论了技术手段之外的管理原则和行为准则。

关键词: 生物特征识别, 隐私保护, 保密性, 完整性, 可用性, 不可链接性, 透明性, 可干预性

李俊柴海新. 生物特征识别隐私保护研究[J]. 信息安全研究, 2020, 6(7): 589-601.

References

[1] 洪延青,何彦哲,杨建军,等. GB/T 35273-2020 信息安全技术个人信息安全规范[S]. 北京:中国标准出版社, 2020 [2] General Data Protection Regulation [EB/OL]. [2016-05-04]. http://data.europa.eu/eli/reg/2016/679/2016-05-04 [3] Hansen M, Jensen M, Rost M. Protection Goals for Privacy Engineering[C] //2015 IEEE Security and Privacy Workshops (IWPE 2015), San Jose, CA: IEEE 2015: 159-166 [4] Tomko G J, Soutar C, Schmidt G J. Fingerprint controlled public key cryptographic system[P]. U.S. Patent 55441994, July 30, 1996 (Priority date: Sept. 7, 1994) [5] Uludag U, Pankanti S, Prabhakar S, Jain A K. Biometric Cryptosystems: Issues and Challenges[J]. Proceedings of the IEEE, 2004, 92(6): 948-960 [6] Jain A K, Ross A, and Pankanti S. Biometrics: A Tool for Information Security[J]. IEEE transaction on information forensics and security, 2006, 1(2): 125-143 [7] Lindemann R, Tiffany E, et al. FIDO UAF Protocol Specification[S]. 2017. https://fidoalliance.org/specs/fido-uaf-v1.1-id-20170202/fido-uaf-protocol-v1.1-id-20170202.html [8] 荆继武,刘丽敏,回春野,等. GB/T 36651-2018 信息安全技术基于可信环境的生物特征识别身份鉴别协议框架[S]. 北京:中国标准出版社, 2018 [9] Juels A, Sudan M. A Fuzzy Vault Scheme[J]. Designs Codes and Cryptography, 2006, 38(2): 237-257 [10] Dodis Y, Ostrovsky R, Reyzin L, Smith A. Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data. SIAM Journal on Computing, 2008, 38(1): 97-139 [11] 申飞,黄承杰,吴仲城. 生物特征加密技术现状与发展趋势[C]. //全国计算机安全学术交流会.合肥:中国科学技术大学出版社, 2008: 292-297. [12] Ratha N K, Connel J H, Bolle R M．Enhancing security and privacy in biometrics-based authentication systems[J]．IBM Systems Journal, 2001, 40(3):614-634 [13] Goh A, Ngo D C L. Computation of cryptographic keys from face biometrics[C]. //Proc of 7th IFIP-TC6 TC11 International Conference, Torino, Italy: CMS 2003: 1-13 [14] 周玲丽,赖剑煌. 生物特征数据安全保护技术的发展[J]. 计算机科学, 2008, 35(10): 33-38 [15] Ratha N K, Chikkerur S, Connell J H, Bolle R M, Generating cancelable fingerprint templates, IEEE Trans on Pattern Analysis and Machine Intelligence, 2007, 29(4): 561-572 [16] Rivest R L, Adleman L, Dertouzos M L．On data banks and privacy homomorphisms[J]． Foundations of Secure Computation, 1978, 4(11): 169-180 [17] Gentry C．Fully homomorphic encryption using ideal lattices[C] //Proc of the STOC 2009．New York: ACM, 2009: 169-178 [18] ISO/IEC 15408-2:2008 Information technology - Security techniques - Evaluation criteria for IT security - Part 2: Security functional components[S] Geneva: ISO/IEC, 2008 [19] Arapinis M, Chothia T, Ritter E, Ryan M. Analysing unlinkability and anonymity using the applied pi calculus[C]. //Proc of 23rd IEEE Computer Security Foundations Symp (CSF 2010), Piscataway, NJ: IEEE, 2010: 107-121 [20] ISO/TS 25237:2008 Health informatics - Pseudonymization[S]. Geneva: ISO/IEC, 2008. [21] ISO/TS 25237:2017 Health informatics - Pseudonymization[S]. Geneva: ISO/IEC, 2017. [22] ISO/IEC 29100:2011 Information Technology - Security Techniques – Privacy Framework[S]. Geneva: ISO/IEC, 2011. [23] 金涛,谢安明,等. GB/T 37964-2019信息安全技术个人信息去标识化指南[S]. 北京:中国标准出版社, 2019 [24] ISO/IEC 24745:2011 Information Technology - Security Techniques - Biometric Information Protection[S]. Geneva: ISO/IEC, 2011. [25] Breebaart J, Busch C, Grave J, Kindt E. A reference architecture for biometric template protection based on pseudo identities. //Proc of the Special Interest Group on Biometrics and Electronic Signatures, 2008: 11-12 [26] ISO/IEC 24787:2010 Information technology - Identification cards - On-card biometric comparison[S]. Geneva: ISO/IEC, 2010. [27] Pulls T, Privacy-preserving transparency-enhancing tools[D], Karlstad, Karlstad University, 2012. [28] Yang B, Martiri E．Using honey templates to augment hash based biometric template protection[C] //Proc of the 39th IEEE Annual Computer Software and Applications Conf． Piscataway, NJ: IEEE, 2015: 312-316