Abstract
With the exponential growth of smart devices and dependency on the internet and wireless networks, the security of information is a major challenge in the recent years. Biometrics have been widely used for information security. It plays a crucial role in minimizing the probability of inappropriate access. Human biometrics are characterized into physical and behavioral features. In this chapter, the authors propose to use fingerprint and online signature for information security. Though biometric provides more security and integrity, it is also threatened by various attacks. Digital watermarking is the answer to the above problems. Initially, the features of the human biometric images are extracted and act as watermarks for other biometric image. It is assumed that fingerprints act as a host and a signature as watermark. This chapter presents a survey of various biometric and watermarking techniques. The chapter also reviewed the work done by different researchers in the area, algorithms employed by them with their literature to utilize them for biometric protection.
TopIntroduction
The increasing usage of internet access and digital media has grown tremendously in the past few years. The advancement in technology and electronics media have put the protection of Information Security at risk due to the fact that digital data can be copied without any degradations to the quality of content. Information security can be defined as the process of preservation of confidentiality, integrity and availability of information that can be either in printed or in written form. It not only protects the information, but also its associated elements such as hardware and software that stores and transmits the information. Intellectual Property Rights (IPR), Copyright protection and authentication are the types of Information Security. IPR prevents others from using, dealing, or tampering with his/her product without prior permission. Copyright protection generally applies to a range of creative, artistic, or intellectual works such as novels, poetry, songs, movies, software, and architecture. It does not protect the information or ideas, but, it protects the original expression of ideas and information. The researchers in their work used a SHA-1 160 bits hash function rather than MD5 to prevent the tampering of web resources (He, 2016). The Authentication access of such systems is controlled by recognizing passwords or personal identification numbers. The problem with this system is that an unauthorized user can access the password and numbers quite easily. Thus, it is necessary to add a security check to the data to protect its true ownership.
There are many solutions to the prevention of IPR problem and among these, biometric methods seem to be the most promising ones. The growing demand for reducing the instances of fraud and data breaches as well as the need for physical access control and logical access control have made biometrics a very strong authentication technique. Token based and knowledge-based identification systems are easily associated to being stolen or damaged. In legacy systems such as passwords and PINs, weak passwords are raising security issues, even the strongest password cannot resist sophisticated hacker attacks. The advancement in digital transactions necessitates the utilization of reliable factors such as human biometric features which are an intrinsic part of each person and are impossible to lose or forget. The primary objective of biometric is to provide non- repudiation which ensures that the person who uses the resources can not deny later of practicing it.
Both governments and private organizations worldwide, choosing biometric technology to fight against fraudulent users, leak of confidential data, security breaches, reduce costs, flexibility and to improve the overall user experience. Hence, Biometrics technology is requisite for today’s personal identification and verification systems. Mostly, the requirement of imperceptibility is satisfied by using human physiological features such as Human Audible System, Human Visual System, and Biometric Authentication System. Even though the biometrics offer a reliable method for personal identification, security of the biometric authentication systems are a matter of concern. Passwords can be kept secret and stored in a safe location, however biometrics are public in nature and can be found easily by the hackers. All body characteristics that are used in biometrics are exposed to the public wherever the person goes. Fingerprints are left on anything a person touches, and eyes are given away when the person uses them to see things. A person’s voice can be recorded easily using a smartphone by a bystander. There is also no way for a user to simply reset their biometric marker like getting a new password. If a fingerprint or facial image is stolen, the user cannot be simply given a new one. Passwords can be changed, but biometric markers are basically fixed for an individual’s life span.
It should also be noted that biometric systems work with accuracy only when it is confirmed that the data is entered from some legitimate source and that data has not been changed or tampered. Gaata et al. in their paper reviewed that watermarking techniques have the potential to safeguard the authenticity of the biometric data (Gaata & Refah, 2016). Digital watermarking helps to embed the information into some multimedia file without presenting any visible deviation in the original file. The purpose of using this technique is to introduce a high level of protection. Inserting information at random locations without harming the actual features of biometric data helps in claiming the identity of an authorized user. As a result, a watermarking technique is imperceptible and robust to unauthorized persons.
Key Terms in this Chapter
Imperceptibility: It means that the watermark image should look similar as the original image.
Confidentiality: It is the practice of keeping private information as secret.
Integrity: It states that the watermark should be difficult to remove or modify without distorting the host signal.
Spoofing: This attack forces the system or application to copy the actions of other.
Minutiae: Minutiae are the local ridge features used for determining the uniqueness of the fingerprint.
Authentication: Authentication is the service of assuring the identity of a person or device. It assures the recipient that the message or data it receives is from the source it claims to be.
Robustness: It implies that the watermark should be identifiable after certain image processing operations such as cropping, compression, translation, transformations.
Intrinsic Failure: It is caused by degradation in system during fabrication or accumulation.
Traitor Tracing: It helps to trace the source of leaks when secret or proprietary data is sold to many customers.
Intellectual Property Right (IPR): It allow the owner to completely benefit from his/her product and prevent others from using, dealing, or tampering with the product without prior permission from the owner.
Copyright Protection: It prevents other from copying, performing, or using others work without their consent.
Administrative Loophole: It is a mistake where an unauthorized person can get enrolled as an authorized person.
Information Security: It is a practice to protect data from unauthorized access, disclosure, disruptions, or alterations during transmission of information from one device to other.
Masquerade: It is a form of active attack when one entity pretends to be another entity.