Biometrics + Cryptography

Keeping your passwords safely in the palm of your hand (electropages)

...[C]ontactless palm vein recognition technology is nothing new and was first demonstrated back in 2002 and is widely used. It works by extracting feature data from biometric data. With previous technologies, confidential data was encrypted with this feature data, but when decrypting, the feature data extracted from biometric data would usually be matched with the encrypted data. This does not present a problem when used in a personal device, such as a laptop or smartphone, but when used via an open network such as in the cloud, a more secure decryption technology is necessary to prevent leaks of biometric data.

The article discusses encryption within biometric templates using Fujitsu's palm vein technology, but the idea would seem to be applicable across biometric modalities.

ID management in the cloud

Biometric Cloud-Based Offers Attractive Deployment (Engadget)

Cloud-based biometric technology offers attractive deployment possibilities, such as smart spaces, ambient intelligence environments, access control applications, mobile application, and alike. While traditional (locally deployed) technology has been around for some time now, cloud-based biometric recognition technology is relatively new. There are, however, a number of existing solutions already on the market...

Bigger, Faster, Cheaper

As databases get bigger, they take longer to search. For a while, and in many applications, nobody really cares. Does it really matter if a criminal database fingerprint search takes one second or 1.5 seconds? A city of 1.5 million people may arrest 40 people on a busy day. In cases like this, the limiting factor to how many times a process can be repeated isn't in the technology.

But if the world is headed the way many expect, biometric searches of large databases will be moving from applications where fractions of a second don't matter much, as in the case above, to something that looks a lot more like what banks or large web sites do: handle thousands of transactions per hour among thousands of users with both the quantity of transactions and users fluctuating wildly over the course of a day, and generally increasing over time. Now, how the search happens starts to matter a lot and technique starts to affect cost.

In the biometrics world, sensor and algorithm innovation get a lot of attention. Database architecture and search techniques don't. This press release from BIO-key is a refreshing change highlighting one technique programmers can use to cope with ever-larger biometric databases.

Accelerated Biometric Indexing Search: New Fingerprint Matcher Design Yields Higher Accuracy at Higher Speeds per Dollar Invested (Press Release via pr-inside.com)

"Using Commercial-Off-The-Shelf (COTS) products, BIO-key is expanding the way a biometric search can be performed which dramatically improves speed over conventional approaches. This revolution comes from the use of a highly parallel search architecture, allowing our solutions to perform faster and look deeper while improving speed and accuracy," stated Renat Zhdanov, PhD, Vice President, Chief Scientist, BIO-key International.

Initial tests of the new accelerated architecture show speed results of several millions matches per second, on a typical PC. This provides biometric search acceleration of several orders of magnitude on that PC alone. "These performance gains mean the required hardware and support costs for larger systems, or those heavily used in the Cloud from mobile devices or other sources, can now be greatly reduced, providing for thousands of times more throughput per dollar spent," stated Mira LaCous, Senior VP of Technology and Development, BIO-key International.

The US Army's big data cloud app suite

Army demonstrates disputed intelligence system (Army Times)

“It is globally deployed, this is not a system that is in the lab, this is a system that is supporting and has supported nine corps, 38 divisions, 138 brigades,” said Lt. Gen. Mary Legere, the the Army’s deputy chief of staff for intelligence. “It supports today our operations in Afghanistan and the greater Middle East, Africa, the Pacific, Korea and anywhere you have soldiers who are deployed.”
...
The Army’s cloud-based system — called the Distributed Common Ground System-Army — collects raw intelligence, surveillance and reconnaissance data from 600 sources, including battlefield reports, biometrics databases, unmanned aerial systems and manned reconnaissance aircraft, as well as joint, national and strategic sources. From there, analysts can connect the dots using a variety of software tools, putting actionable intelligence in the hands of battlefield commanders.

Forty apps using data from 600 sources.

Biometric authentication for cloud storage

Intel's McAfee brings biometric authentication to cloud storage (Computer World UK)

Intel is introducing new ideas to secure the public cloud, offering a service in which online files can be accessed after users are verified by an authentication scheme including face and voice recognition.

McAfee, a unit of Intel, is adding a product called LiveSafe that will offer 1GB of online storage that can be accessed through biometric authentication. LiveSafe has a Web-based management dashboard, and users can be authenticated through face recognition, voice or by punching in a PIN. LiveSafe also includes antivirus and other security features.

In a Cloud-Connected IT World, are Biometrics the Answer?

For your eyes only: New twist on Digital ID could keep you from getting hacked (ZDNet)

With so many individuals with multiple accounts on so many linked cloud services, it is inevitable that this sort of cybercrime is going to become more commonplace unless new mechanisms are put into place to prevent this form of compromise that Honan experienced.

One way of dealing with this would be to employ biometrics on all computing devices. I wrote about this at length in February 2011, which eventually led to an appearance on CBC Radio alongside prominent independent security researcher Dr. Markus Jakobsson.

POSTPONED: Biometric Chat on Biometrics & Cloud Computing; Rescheduled for March 15

When: March 15, 2012 (was March 1)

11:00 am EST, 8:00 am PST, 16:00 pm BST, 17:00 pm (CEST), 23:00 pm (SGT), 0:00 (JST)

Where: tweetchat.com/room/biometricchat (or Twitter hashtag #biometricchat)

What: Tweet chat on biometrics and cloud computing

Topics: The exponential growth of biometric data, leveraging the cloud for big data biometrics, applications that can benefit from biometric cloud computing, the burdens of new biometric modalities, the future of biometrics and the cloud.

More information at the M2SYS blog.

I always enjoy these.

Tune in, dial up, surf over (or do whatever it is you do to navigate the interwebs) and join in the conversation.

Biometric Chat on Biometrics & Cloud Computing

When: March 1, 2012 [UPDATE: Postponed to March 15]

11:00 am EST, 8:00 am PST, 16:00 pm BST, 17:00 pm (CEST), 23:00 pm (SGT), 0:00 (JST)

Where: tweetchat.com/room/biometricchat (or Twitter hashtag #biometricchat)

What: Tweet chat on biometrics and cloud computing

Topics: The exponential growth of biometric data, leveraging the cloud for big data biometrics, applications that can benefit from biometric cloud computing, the burdens of new biometric modalities, the future of biometrics and the cloud.

More information at the M2SYS blog.

I always enjoy these.

Tune in, dial up, surf over (or do whatever it is you do to navigate the interwebs) and join in the conversation.

Analysis predicts growth of biometric security products and services on mobile devices

Market will grow to over $161 million in revenue by 2015. (Security Park)

A lot of the information provided at the link tracks thoughts expressed in Monday's post, Mobile Devices and Biometric Modalities.

If you missed it, please consider giving it a read. There's a synergy in reading the two pieces together.

The Cloud & Biometric ID Management

Cloud-Based Application Development for Biometrics Data (M2SYS Blog)

More and more international governments and security-intensive companies are using biometric-enabled identity cards for their employees and professionals. As this technology becomes more widespread, the need to make this technology more mobile, and more accessible is becoming clear. Experts all over the globe are pushing for cloud-based biometrics for greater efficiency and mobility.

More at the link.