BASE: A proposed secure biometric authentication system

Colby G. Crossingham; Sebastian H. von Solms

doi:10.1007/978-0-387-77996-6_8

BASE: A proposed secure biometric authentication system

Colby G. Crossingham, Sebastian H. von Solms

Academy of Computer Science and Software Engineering

University of Johannesburg

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

The use of biometrics as a secure remote authentication mechanism is hindered by a series of issues. In the case of fingerprints, an attacker can make physical copies of fingerprints by 'lifting' latent fingerprints off a non-porous surface. These lifted fingerprints can be used to illegitimately gain access to an authentication system. Password authentication systems only accept passwords that match 100%, whereas biometric authentication systems match submitted tokens provided they fall within a specified threshold. Without making use of a sufficient encryption scheme, illegitimately replaying a biometric token that has been tweaked slightly could still cause the authentication system to accept the submitted biometric token as a fresh biometric. BASE (Biometric Authentication System Entity), the proposed system, provides a solution to these challenges. As an alternative to current remote authentication systems, the BASE system utilizes a communication protocol that does not make use of encryption, passwords or timestamps, whilst still maintaining the security of the remote authentication process.

Original language	English
Title of host publication	Policies and Research in Identity Management
Subtitle of host publication	First IFIP WG11.6 Working Conference on Policies and Research in Identity Management (IDMAN'07)
Editors	Elisabeth Leeuw, Simone Fischer-Hübner, Jimmy Tseng, John Borking
Pages	91-102
Number of pages	12
DOIs	https://doi.org/10.1007/978-0-387-77996-6_8
Publication status	Published - 2008

Publication series

Name	IFIP International Federation for Information Processing
Volume	261
ISSN (Print)	1571-5736

ASJC Scopus subject areas

Information Systems and Management

Access to Document

10.1007/978-0-387-77996-6_8

Cite this

Crossingham, C. G., & von Solms, S. H. (2008). BASE: A proposed secure biometric authentication system. In E. Leeuw, S. Fischer-Hübner, J. Tseng, & J. Borking (Eds.), Policies and Research in Identity Management: First IFIP WG11.6 Working Conference on Policies and Research in Identity Management (IDMAN'07) (pp. 91-102). (IFIP International Federation for Information Processing; Vol. 261). https://doi.org/10.1007/978-0-387-77996-6_8

Crossingham, Colby G. ; von Solms, Sebastian H. / BASE : A proposed secure biometric authentication system. Policies and Research in Identity Management: First IFIP WG11.6 Working Conference on Policies and Research in Identity Management (IDMAN'07). editor / Elisabeth Leeuw ; Simone Fischer-Hübner ; Jimmy Tseng ; John Borking. 2008. pp. 91-102 (IFIP International Federation for Information Processing).

@inproceedings{5325c70d067d483681a7c987f1a05800,

title = "BASE: A proposed secure biometric authentication system",

abstract = "The use of biometrics as a secure remote authentication mechanism is hindered by a series of issues. In the case of fingerprints, an attacker can make physical copies of fingerprints by 'lifting' latent fingerprints off a non-porous surface. These lifted fingerprints can be used to illegitimately gain access to an authentication system. Password authentication systems only accept passwords that match 100%, whereas biometric authentication systems match submitted tokens provided they fall within a specified threshold. Without making use of a sufficient encryption scheme, illegitimately replaying a biometric token that has been tweaked slightly could still cause the authentication system to accept the submitted biometric token as a fresh biometric. BASE (Biometric Authentication System Entity), the proposed system, provides a solution to these challenges. As an alternative to current remote authentication systems, the BASE system utilizes a communication protocol that does not make use of encryption, passwords or timestamps, whilst still maintaining the security of the remote authentication process.",

author = "Crossingham, {Colby G.} and {von Solms}, {Sebastian H.}",

year = "2008",

doi = "10.1007/978-0-387-77996-6_8",

language = "English",

isbn = "9780387779959",

series = "IFIP International Federation for Information Processing",

pages = "91--102",

editor = "Elisabeth Leeuw and Simone Fischer-H{\"u}bner and Jimmy Tseng and John Borking",

booktitle = "Policies and Research in Identity Management",

}

Crossingham, CG & von Solms, SH 2008, BASE: A proposed secure biometric authentication system. in E Leeuw, S Fischer-Hübner, J Tseng & J Borking (eds), Policies and Research in Identity Management: First IFIP WG11.6 Working Conference on Policies and Research in Identity Management (IDMAN'07). IFIP International Federation for Information Processing, vol. 261, pp. 91-102. https://doi.org/10.1007/978-0-387-77996-6_8

BASE: A proposed secure biometric authentication system. / Crossingham, Colby G.; von Solms, Sebastian H.
Policies and Research in Identity Management: First IFIP WG11.6 Working Conference on Policies and Research in Identity Management (IDMAN'07). ed. / Elisabeth Leeuw; Simone Fischer-Hübner; Jimmy Tseng; John Borking. 2008. p. 91-102 (IFIP International Federation for Information Processing; Vol. 261).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - BASE

T2 - A proposed secure biometric authentication system

AU - Crossingham, Colby G.

AU - von Solms, Sebastian H.

PY - 2008

Y1 - 2008

N2 - The use of biometrics as a secure remote authentication mechanism is hindered by a series of issues. In the case of fingerprints, an attacker can make physical copies of fingerprints by 'lifting' latent fingerprints off a non-porous surface. These lifted fingerprints can be used to illegitimately gain access to an authentication system. Password authentication systems only accept passwords that match 100%, whereas biometric authentication systems match submitted tokens provided they fall within a specified threshold. Without making use of a sufficient encryption scheme, illegitimately replaying a biometric token that has been tweaked slightly could still cause the authentication system to accept the submitted biometric token as a fresh biometric. BASE (Biometric Authentication System Entity), the proposed system, provides a solution to these challenges. As an alternative to current remote authentication systems, the BASE system utilizes a communication protocol that does not make use of encryption, passwords or timestamps, whilst still maintaining the security of the remote authentication process.

AB - The use of biometrics as a secure remote authentication mechanism is hindered by a series of issues. In the case of fingerprints, an attacker can make physical copies of fingerprints by 'lifting' latent fingerprints off a non-porous surface. These lifted fingerprints can be used to illegitimately gain access to an authentication system. Password authentication systems only accept passwords that match 100%, whereas biometric authentication systems match submitted tokens provided they fall within a specified threshold. Without making use of a sufficient encryption scheme, illegitimately replaying a biometric token that has been tweaked slightly could still cause the authentication system to accept the submitted biometric token as a fresh biometric. BASE (Biometric Authentication System Entity), the proposed system, provides a solution to these challenges. As an alternative to current remote authentication systems, the BASE system utilizes a communication protocol that does not make use of encryption, passwords or timestamps, whilst still maintaining the security of the remote authentication process.

UR - http://www.scopus.com/inward/record.url?scp=44649192964&partnerID=8YFLogxK

U2 - 10.1007/978-0-387-77996-6_8

DO - 10.1007/978-0-387-77996-6_8

M3 - Conference contribution

AN - SCOPUS:44649192964

SN - 9780387779959

T3 - IFIP International Federation for Information Processing

SP - 91

EP - 102

BT - Policies and Research in Identity Management

A2 - Leeuw, Elisabeth

A2 - Fischer-Hübner, Simone

A2 - Tseng, Jimmy

A2 - Borking, John

ER -

Crossingham CG, von Solms SH. BASE: A proposed secure biometric authentication system. In Leeuw E, Fischer-Hübner S, Tseng J, Borking J, editors, Policies and Research in Identity Management: First IFIP WG11.6 Working Conference on Policies and Research in Identity Management (IDMAN'07). 2008. p. 91-102. (IFIP International Federation for Information Processing). doi: 10.1007/978-0-387-77996-6_8

BASE: A proposed secure biometric authentication system

Abstract

Publication series

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this