生物特征识别系统安全加固方法

设为首页

收藏本站

网站地图 | English | 公务邮箱

About the library

Background
History
Leadership
Organization

Readers' Guide

Opening Hours
Collections
Help Via Email

Publications

Electronic Information Resources

生物特征识别系统安全加固方法

详细信息查看全文 | 推荐本文 |

英文篇名：Reinforce safety method of biometric identification system
作者：王金海 ; 陈泓宇 ; 崔军 ; 戴华林
英文作者：WANG Jin-hai;CHEN Hong-yu;CUI Jun;DAI Hua-lin;School of Electronic and Information Engineering,Tianjin Polytechnic University;School of Computer and Information Engineering,Tianjin Chengjian University;
关键词：生物特征识别 ; BioAPI接口 ; 数字信封 ; 数字签名 ; 安全传输
英文关键词：biometric identification;;BioAPI interface;;digital envelope;;digital signature;;secure transmission
中文刊名：SJSJ
英文刊名：Computer Engineering and Design
机构：天津工业大学电子与信息工程学院;天津城建大学计算机与信息工程学院;
出版日期：2018-12-16
出版单位：计算机工程与设计
年：2018
期：v.39;No.384
基金：天津市高等学校科技发展基金计划基金项目(20140805);; 天津市自然科学基金项目(17JCQNJC47400)
语种：中文;
页：SJSJ201812012
页数：6
CN：12
ISSN：11-1775/TP
分类号：69-74

摘要

针对生物特征识别系统存在的隐私泄露和数据篡改等安全隐患,提出一种基于签名数字信封技术的系统安全传输加固方法。通过对客户端和服务器侧增加安全模块,采用含签名的增强数字信封技术实现生物特征模板的安全传输,确保模板参数加密和处理结果签名不可篡改。在分析BioAPI函数及数据结构基础上,给出兼容BioAPI标准的安全应用加固框架及其实现细节。安全性对比分析结果表明,加固后系统提升了保密性和完整性,具有一定的实用价值。
In view of the biometric identification system privacy leakage and data tampering and other security risks,a secure transmission and reinforcement method based on signature digital envelope technology and its security application framework were proposed.Security module was added to client and server side,with the enhancement of digital envelope signature encryption,biometric templates were protected while ensuring that the template parameters were encrypted and the signature of the processing results could not be tampered.Based on the analysis of BioAPI function and data structure,the details of security reinforcement implementation compatible with BioAPI were given.The security analysis shows that the reinforced system is improved in terms of confidentiality and integrity,and it has good practical value.

引文

[1]Haghighat M, Zonouz S, Abdel-Mottaleb M. CloouID:Trustworthy clould-based and cross-enterprise biometric identification[J].Expert Systems with Aoolications,2015,42(21):7905-7916.
    [2]Yuan J,Yu S.Efficient privacy-preserving biometric identification in cloud computing[C]//INFOCOM,Proceedings IEEE,2013:2652-2660.
    [3]Lu Cheng,Wang Jisong,Qi Miao.Multimodal biometric identification approach based on face and palmprint[J].Science Translational Medicine,2014,6(218):218ra4.
    [4]China National Standardization Management Committee.GB/T29268.1-2012,information technology, biometrics, performance testing and reporting first parts:Principles and framework[S].Beijing:China Standard Press,2012:5(in Chinese).[中国国家标准化管理委员会.GB/T 29268.1-2012,信息技术生物特征识别性能测试和报告第1部分:原则与框架[S].北京:中国标准出版社,2012:5.]
    [5]QIAN Honglei.The status and analysis of the security of computer information system[J].Electronic Technology and Software Engineering,2015(17):216(in Chinese).[钱红雷.计算机信息系统安全现状及分析[J].电子技术与软件工程,2015(17):216.]
    [6]WANG Huan.Research and implementation of security and confidentiality management system based on RFID technology[D].Beijing:Beijing JiaoTong University,2013(in Chinese).[王欢.基于RFID技术的涉密载体安全保密管控系统的研究与实现[D].北京:北京交通大学,2013.]
    [7]ZHANG Ning,ZANG Yali,TIAN Jie.Fusion of biometrics and cryptography—A new secure identity authentication scheme[J].Journal of Cryptologic Research,2015,2(2):159-176(in Chinese).[张宁,臧亚丽,田捷.生物特征与密码技术的融合—一种新的安全身份认证方案[J].密码学报,2015,2(2):159-176.]
    [8]LI Xueyan.Open protection of biometric template and study of template parameters[D].Tianjin:Tianjin Polytechnic University,2016(in Chinese).[李雪妍.生物特征模板公开保护及模板参数研究[D].天津:天津工业大学,2016.]
    [9]Elisardo Gonzalez-Agulla,Enrique Otero Muras,Jose Luis Alba Castro,et al.A multiplatform Java wrpper for the BioAPIFramework[J].Computer Stangards&Interfaces,2009,31(1):186-191.
    [10]Elisardo Gonzalez-Agulla,Enrique Otero Muras,Jose Luis Alba Castro,et al.An open source Java framework for biometric web authentication based on BioAPI[J].Computer Stangards&Interfaces,2008,18:208-211.
    [11]XIAO Zhenjiu,HU Chi,CHEN Hong.Research and implementation of four prime RSA digital signature algorithm[J].Journal of Computer Applications,2013,33(5):1374-1377(in Chinese).[肖振久,胡驰,陈虹.四素数RSA数字签名算法的研究与实现[J].计算机应用,2013,33(5):1374-1377.]
    [12]TIAN Miaomiao.Research on lattice based digital signature scheme[D].Beijing:University of Science and Technology of China,2014(in Chinese).[田苗苗.基于格的数字签名方案研究[D].北京:中国科学技术大学,2014.]
    [13]LING Yongxing,LEI Ying.Research on the application of digital envelopes in Web services[J].Computer Security,2013(5):60-65(in Chinese).[凌永兴,雷英.数字信封在Web服务中的应用研究[J].计算机安全,2013(5):60-65.]
    [14]China National Standardization Management Committee.GB/T33844-2017,information technology biometrics for biometric ten finger fingerprint acquisition application programming interface(BioAPI)[S].Beijing.China Standard Press,2017:5(in Chinese).[中国国家标准化管理委员会.GB/T33844-2017,信息技术生物特征识别用于生物特征十指指纹采集应用编程接口(BioAPI)[S].北京:中国标准出版社2017:5.]
    [15]CHEN Hongyu.Design and implementation of JAVACARD application based on fingerprintk key[D].Tianjin:Tianjin Polytechinic University,2018(in Chinese).[陈泓宇.一种基于志文密钥的JAVACARD应用设计与实现[D].天津:天津工业大学,2018.]