Research Problem
Discuss abotu the Biometrics for authentication: security and privacy implications.
Biometrics is an emerging technology, which is becoming wide spread in business organizations. It is the technology of automatic personal recognition based on the physiological and behavioral characteristics of a person. In contrast to previous technologies, biometrics is based on the facial and physiological features rather than passwords or ID cards. There are several benefits of biometrics, in comparison to previous technologies. With the implementation of biometrics system, the companies have created an infrastructure to store the personal information including crucial information for associating the identity with the personal behavior of a person. However, different organizations are concerned whether this information might be abused and used to breach the individual right to anonymity.
There are several biological characteristics, which can be used as a measurement for biometrics. However, in order to develop a practical biometrics system, it is important to include those factors which can meet the requirements of performance, acceptability and circumvention. It must be harmless to the users and have a robust system to combat fraudulent methods. The information stored in biometrics system cannot be lost or stolen. Further, it is difficult for the attackers to forge or repudiate the information, which provides inbuilt security to the system (Jain, Ross, & Prabhakar, 2004). However, the scholars are worried about different types of security or privacy concern in the biometrics system. The privacy refers to the social phenomenon, in which a person can lead his life without intrusions. An individual can control the access to his private or personal information. However, there are a large number of privacy concerns surrounding the implementation of biometrics system. Other than that, there are several issues such as automatic methods of individual recognition can be culturally undignified to the humans.
The privacy issues in the biometric systems can be categorized under unintended functional scope, unintended application scope and covert recognition. In the functional scope, it can be stated that the identification parameters in the biometric identifiers are biological in nature; the collectors might provide personal information from the scanned measurements. There is possibility that certain malformation in fingers might be associated with different genetic disorders. This information can be misused for discrimination against different parts of society. The information collected by the biometric sensors can be misused for other malicious purposes. The biometric sensors can be used to link the bits and pieces of information to track the identity of a person legally living in alias. The biometric information is vulnerable to skimming, which is surreptitious reading of the contents. In this regard, the research problem of the present research can be developed as:
Research Justification
Research Justification
In the present, most of the business organizations are replacing older security systems with novel technologies to increase the robustness of the system. However, with the extent of digitization, the protection of confidential information has become quite challenging. Previously, passwords and security keys were considered enough in providing security to the data; however, now the hackers are using sophisticated techniques, which can easily crack these security systems. As a result, the companies are increasingly using biometric security. The benefits of biometric technology are that it is highly accurate and guarantees protection of accurate information. However, there are certain issues regarding the privacy and the security of the data in the biometrics infrastructure. There is also significant controversy regarding the privacy requirements of the data across borders. There is security issue in storing the biometric data in the cloud; therefore, the organization should be considerate regarding the transfer of biometric data across the borders (Fan & Lin, 2009). It is important that the organizations establish technical and organizational measures to protect biometric data from unlawful processing.
The primary challenge in the biometric data storage is that it stores personal data; therefore, it requires additional safety requirements. It is important to develop biometric authentication and verification to control access to the restricted system and information. It is important to research in the area as the biometric data is highly sensitive and intrinsic to a specific individual (Yanikoglu & Kholmatov, 2004, August). The company makes additional efforts in establishing a compliance system and infrastructure. The training staff should also learn to protect the system infrastructure from unauthorized access or disclosure.
In the views of Bhargav-Spantzel, Squicciarini, Modi, S., Young, Bertino & Elliott, 2007), although there are several benefits of biometrics system, it creates several ethical challenges for the society. There are several challenges in using the personal characteristics as the means of verification. These methods can breach the individual’s right to privacy. The biometrics data in its raw or template form is the personal data. There are certain privacy threats of the biometric system. The biometric information can be used to expose sensitive information which can include information about the health, racial characteristics or ethnic origin of an individual. This information will form a basis for discrimination against an employee. It can be critiqued that the information stored in the biometrics comprises of secret identifiers such as fingerprints, faces and voices, which cannot be secretly recorded (Carpenter, McLeod, Hicks & Maasberg, 2018). However, the storage of this data without the knowledge of the owner increases the sensitivity of the information.
Literature Review
The biometrics systems are those systems, which is dependent on obtaining the human input, which cannot be reproduced or replicated by another human being. Previously, passwords were used for the security purpose. However, the security passwords can easily be guessed or replicated by the malicious intent. There are also certain issues between memorability of the passwords, which has contributed to the move towards biometrics applications. Certain challenges with the previous security systems has resulted the move towards biometrics system (Normalini & Ramayah, 2017). Currently, biometrics is commonly used in various security applications such as authentication and cryptographic key generation.
In the views of (Ratha, Connell, & Bolle, 2001) the biometrics security system can be differentiated in two main categories, namely, physiological barriers and behavioral biometrics. The physiological biometrics encompasses different biological traits such as fingerprint, iris and face scan. The behavioral biometrics includes measure certain actions of the users such as voice pitch or handwriting. The detection of physiological characteristics have enjoyed more attention and integrated more in the commercial products. However, there are certain characteristics of behavioral biometrics, which makes it attractive for the security of the organization. Furthermore, a malicious attacker can easily extract the physiological biometrics, such a fingerprints, the extraction of behavioral biometrics is not easy as it requires a user to perform a certain action. The physiological characteristics of a person do not change; however, behavioral characteristics changes with time. It increases the robustness of the security system (Ballard & Lopresti, 2007).
The human beings have certain characteristics like face, voice and gait, which are used to distinguish one individual from another. In the past, biometrics characteristics have vast application in the detection of criminals and law enforcements. There are several biological measurements, which can qualify as biometric characteristics (Jain, Ross & Prabhakar, 2004). The biometric refers to the characteristics, which can be used to distinguish one person from another. However, any biological characteristics should satisfy some requirements, to qualify as biometric, which are universality, distinctiveness, permanence and collectability.
The universality means that each person should have that biological characteristics, distinctiveness refers to the phenomenon according to which the biological characteristics of two different people are different enough to be distinguished. The permanence means that the characteristic should be different for a prolong period of time (Tuyls, Akkermans, Kevenaar, Schrijen, Bazen, & Veldhuis, 2005, July). The collectability means that the biological characteristic can be measured quantitatively.
According Jain, Nandakumar & Ross (2016), it can be stated that a biometric system can be developed by keeping in consideration several other requirements. There are certain criteria such as performance, acceptability and circumvention. The performance refers to the accuracy and speed of the system with the particular biological characteristic. If the system is not able to achieve particular standard in the performance, then it is doomed to fail. The acceptability of the system refers to the extent to which the particular system is accepted by the society. The circumvention reflects the robustness of the system.
The biometric system is a pattern recognition system, which acquires data from an individual, extract features, which distinguish the feature from other humans and compare the feature with other people and compare this feature with different templates in the system. A biometric system operates on two modes, namely, verification mode and identification mode. In the verification mode, the system validates the identity of a person with the previously captured biometric data in the database (Bringer & Chabanne, 2008, June). The identity verification is used for positively recognizing an individual and preventing other people from using the same identity. The identification mode is the second mode of biometrics machine. In this mode, the system recognizes a person by matching his biometrics feature with the previously stored templates in the database. The system compares the data with the previously stored data, without the user claiming, whose identity it is.
There are several biometrics characteristics, which can be used in different applications. Each biometric feature has its strength or weakness; therefore, the choice of biometric feature depends on the application of feature. DNA is an effective technique to identify the identity of an individual. However, identical twins have the same DNA patterns (Xiang, Tang, Cai & Xu, 2016)
However, there are certain issues with the use of DNA in biometrics identification. Firstly, DNA can be easily stolen from an unsuspecting subject and used for a negative intent. Secondly, there are real-time recognition issues, which require cumbersome chemical methods for the identification of expert’s skills. There are certain privacy issues, such as private information about the disease susceptibility of a person can be gained though differences in DNA pattern. The ear can also be used to give a unique identity to an individual. The shape of the ear and the structure of cartilaginous tissue of the ear are distinctive for each individual. Another biometric for distinguishing an individual is face (Linnartz & Tuyls, 2003, June). It is a non-intrusive method of biometric detection. Currently, the facial images are most commonly used by the humans to differentiate different people. The facial recognition ranges from static and controlled verification to dynamic and uncontrolled face identification. The fingerprints are commonly used as a common verification medium for the personal identification of different individuals (Prabhakar, Pankanti, & Jain, 2003). The fingerprints of identical twins are different. Further, the prints of each finger are also different.
The biometrics security and privacy is a major concern for the customers and the business organizations. There are several solutions, which can be used to handle and protect the biometrics template. These solutions can guarantee privacy and easy revoke to unauthorized access (Jiang, Ma & Wei, 2016). There are two approaches, which can be used for biometrics protection, solutions concerning with the storage of biometric templates (biometric cryptosystem) and approach dealing with the privacy of the biometric techniques (BioHashing). There are different methods of storing of biometric information, such as local token or in a central database. These methods have different level of risks regarding administration, access and misuse of the database. It is a significant issue in large biometric database such as biometric passport or national electronic identity card. The use of biometrics in the security system breaches the privacy law as it links the information to the tracing of individuals which violates the liberty of an individual (Belguechi, Alimi, Cherrier, Lacharme & Rosenberger, 2011).
In the present, the research design of survey method will be used. The survey is a valuable research method, which can be used to assess opinion or trends at a geographical location. The surveys are the simplest and the most common method to gather data to address the research questions. In the survey, the biggest challenge is developing reliable and valid measures for the sample data (Marczyk, DeMatteo & Festinger, 2010). The design of survey is significant in determining the quality of the research. The survey research is an interdisciplinary process (Creswell & Creswell, 2017). The survey includes sampling and estimation process, which requires knowledge of probability and statistics. The data collection requires interaction and persuasion of the survey respondents. The efficacy of the questionnaire depends on the persuasion with the respondents, language comprehension and discourse. In the present, survey will be used as it is the appropriate method for the research. It is a cost-effective and easy method. Survey is categorized as a quantitative method for primary data collection (Gorard, 2013). It is categorized as quantitative method as the information collected can be analyzed through statistical means. Along with it, the researcher will also use literature review method for the data collection. The sample size of the survey will be 100. The survey will be conducted with the project managers of the security system manufacturing firms. They can provide deep and practical insight regarding the security and the privacy challenges in the business organizations (Myers, Well, & Lorch, 2013). The random sampling will be used for the selection of the research participants. It is a convenient sampling method (Leavy, 2017). The respondents who consent to the research will be emailed the survey questionnaire. It means that the researcher will analyzes the information from the current literature resourced. For this, the researcher will select scholarly articles on the research subject and synthesize information from them (Maxwell, 2012).
Conclusion
It can be concluded that the biometrics is a novel technology, which has a high scope in the field of security system. Biometrics is the use of human imprints and characteristics for the security purposes. It is the process of identifying or authenticating the identity of an individual by identifying the physical or behavioural characteristic of a person. The goal of the biometric machine is to control the access at sensitive locations. There are certain characteristics of an individual such as voice, fingerprint and iris, which are unique and can be used for personal recognition. It is an effective method to provide security, especially when the past methods such as passwords can be easily stolen. However, there is a major concern for the privacy of the data. The biometrics uses the data, which is personal to each individual. Therefore, if the database of this data is stolen, it can be used maliciously against that person. The data stored in the database is not private in nature; however, when this data is stored, it becomes private in nature.
In the research paper, the work and research of several authors has been cited. The author is thankful to all the researchers, whose valuable work is included in the research.
References
Ballard, L., & Lopresti, D. (2007). Forgery Quality and Its Implications for Behavioral Biometric Security. IEEE TRANSACTIONS ON SYSTEMS, MAN, AND CYBERNETIC 37(5), pp. 1107-1120.
Belguechi, R., Alimi, V., Cherrier, E., Lacharme, P., & Rosenberger, C. (2011). An overview on privacy preserving biometrics.
Bhargav-Spantzel, A., Squicciarini, A. C., Modi, S., Young, M., Bertino, E., & Elliott, S. J. (2007). Privacy preserving multi-factor authentication with biometrics. Journal of Computer Security, 15(5), 529-560.
Bringer, J., & Chabanne, H. (2008, June). An authentication protocol with encrypted biometric data. In International Conference on Cryptology in Africa (pp. 109-124). Springer, Berlin, Heidelberg.
Carpenter, D., McLeod, A., Hicks, C., & Maasberg, M. (2018). Privacy and biometrics: An empirical examination of employee concerns. Information Systems Frontiers, 20(1), 91-110.
Creswell, J.W., & Creswell, J.D. (2017). Research Design: Qualitative, Quantitative, and Mixed Methods Approaches. SAGE Publications.
Fan, C. I., & Lin, Y. H. (2009). Provably secure remote truly three-factor authentication scheme with privacy protection on biometrics. IEEE Transactions on Information Forensics and Security, 4(4), 933-945.
Gorard, S. (2013). Research Design: Creating Robust Approaches for the Social Sciences. SAGE.
Jain, A. K., Nandakumar, K., & Ross, A. (2016). 50 years of biometric research: Accomplishments, challenges, and opportunities. Pattern Recognition Letters, 79, 80-105.
Jain, A. K., Ross, A., & Prabhakar, S. (2004). An introduction to biometric recognition. IEEE Transactions on circuits and systems for video technology, 14(1), 4-20.
Jiang, Q., Ma, J., & Wei, F. (2016). On the security of a privacy-aware authentication scheme for distributed mobile cloud computing services. IEEE Systems Journal.
Leavy, P. (2017). Research Design: Quantitative, Qualitative, Mixed Methods, Arts-Based, and Community-Based Participatory Research Approaches. Guilford Publications.
Linnartz, J. P., & Tuyls, P. (2003, June). New shielding functions to enhance privacy and prevent misuse of biometric templates. In International Conference on Audio-and Video-Based Biometric Person Authentication (pp. 393-402). Springer, Berlin, Heidelberg.
Marczyk, G.R., DeMatteo, D., & Festinger, D. (2010). Essentials of Research Design and Methodology. John Wiley & Sons.
Maxwell, J.A. (2012). Qualitative Research Design: An Interactive Approach. SAGE Publications.
Myers, J.L., Well, A.D., & Lorch, R.F. (2013). Research Design and Statistical Analysis: Third Edition. Routledge.
Normalini, M. K., & Ramayah, T. (2017). Trust in internet banking in Malaysia and the moderating influence of perceived effectiveness of biometrics technology on perceived privacy and security. Journal of Management Sciences, 4(1), 3-26.
Prabhakar, S., Pankanti, S., & Jain, A. K. (2003). Biometric recognition: Security and privacy concerns. IEEE security & privacy, 99(2), 33-42.
Ratha, N. K., Connell, J. H., & Bolle, R. M. (2001). Enhancing security and privacy in biometrics-based authentication systems. IBM systems Journal, 40(3), 614-634.
Tuyls, P., Akkermans, A. H., Kevenaar, T. A., Schrijen, G. J., Bazen, A. M., & Veldhuis, R. N. (2005, July). Practical biometric authentication with template protection. In International Conference on Audio-and Video-Based Biometric Person Authentication (pp. 436-446). Springer, Berlin, Heidelberg.
Xiang, C., Tang, C., Cai, Y., & Xu, Q. (2016). Privacy-preserving face recognition with outsourced computation. Soft Computing, 20(9), 3735-3744.
Yanikoglu, B., & Kholmatov, A. (2004, August). Combining multiple biometrics to protect privacy. In Proc. ICPR-BCTP Workshop (pp. 43-46).
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
