A Secure Online Fingerprint Authentication System for Industrial IoT Devices over 5G Networks
Abstract
:1. Introduction
- The proposed online fingerprint authentication system is equipped with template protection. If a stored template is compromised, raw fingerprint data cannot be retrieved and the compromised template can be revoked and replaced with a new one. Thus, data security is heightened in the access control of IIoT devices.
- The proposed authentication system is highly efficient, evidenced by reduced template size, low computational costs and fast online matching, making it suitable for IIoT-related applications.
- Not only does the recognition accuracy of the proposed system with template protection level with the baseline unprotected system, but it also outperforms state-of-the-art fingerprint authentication systems with template protection. The strong performance of the proposed system ensures that critical and/or sensitive data in the IIoT environment are only accessed by genuine (i.e., authorized) users.
2. Related Work
2.1. Biometric Authentication in the IoT
2.2. Cancelable Fingerprint Templates
3. Proposed System
3.1. Fingerprint Feature Extraction and Fixed-Length Representation
3.2. Cancelable Template Generation
3.3. Online Fingerprint Matching in the Cloud Server
4. Experiment Results and Analysis
4.1. Performance Evaluation
4.2. Analysis of Computational Cost and Template Size
4.3. Revocability and Diversity
4.4. Unlinkability
4.5. Security Analysis
4.5.1. Non-Invertibility Analysis
4.5.2. Revoked Template Attacks
- Type-I Attack: A revoked template is employed to attack a system containing a renewed template produced from the same impression.
- Type-II Attack: A revoked template is employed to attack a system containing a renewed template produced from another impression of the same finger.
- Medium security: the matching threshold is set to 0.1% FAR.
- High security: the matching threshold is set to 0% FAR.
4.5.3. Masquerade Attacks
5. Conclusions and Future Work
Author Contributions
Funding
Data Availability Statement
Conflicts of Interest
References
- Liu, X.; Wang, P.; Lan, Z.; Shao, B. Biological characteristic online identification technique over 5G network. IEEE Wirel. Commun. 2015, 22, 84–90. [Google Scholar] [CrossRef]
- Natesha, B.V.; Guddeti, R.M.R. Fog-Based Intelligent Machine Malfunction Monitoring System for Industry 4.0. IEEE Trans. Ind. Inform. 2021, 17, 7923–7932. [Google Scholar] [CrossRef]
- Lu, Y.; Huang, X.; Dai, Y.; Maharjan, S.; Zhang, Y. Blockchain and Federated Learning for Privacy-Preserved Data Sharing in Industrial IoT. IEEE Trans. Ind. Inform. 2020, 16, 4177–4186. [Google Scholar] [CrossRef]
- Wilkins, J. Can biometrics secure manufacturing? Biom. Technol. Today 2019, 2019, 9–11. [Google Scholar] [CrossRef]
- Cappelli, R.; Ferrara, M.; Maltoni, D. Minutia Cylinder-Code: A New Representation and Matching Technique for Fingerprint Recognition. IEEE Trans. Pattern Anal. Mach. Intell. 2010, 32, 2128–2141. [Google Scholar] [CrossRef] [PubMed]
- Yang, W.; Wang, S.; Sahri, N.M.; Karie, N.M.; Ahmed, M.; Valli, C. Biometrics for Internet-of-Things Security: A Review. Sensors 2021, 21, 6163. [Google Scholar] [CrossRef] [PubMed]
- Yang, W.; Wang, S.; Zheng, G.; Yang, J.; Valli, C. A Privacy-Preserving Lightweight Biometric System for Internet of Things Security. IEEE Commun. Mag. 2019, 57, 84–89. [Google Scholar] [CrossRef]
- Minahil; Ayub, M.F.; Mahmood, K.; Kumari, S.; Sangaiah, A.K. Lightweight authentication protocol for e-health clouds in IoT-based applications through 5G technology. Digit. Commun. Netw. 2021, 7, 235–244. [Google Scholar] [CrossRef]
- Tanveer, M.; Khan, A.U.; Shah, H.; Chaudhry, S.A.; Naushad, A. PASKE-IoD: Privacy-Protecting Authenticated Key Establishment for Internet of Drones. IEEE Access 2021, 9, 145683–145698. [Google Scholar] [CrossRef]
- Sedik, A.; Tawalbeh, L.; Hammad, M.; El-Latif, A.A.A.; El-Banby, G.M.; Khalaf, A.A.M.; El-Samie, F.E.A.; Iliyasu, A.M. Deep Learning Modalities for Biometric Alteration Detection in 5G Networks-Based Secure Smart Cities. IEEE Access 2021, 9, 94780–94788. [Google Scholar] [CrossRef]
- Bedari, A.; Wang, S.; Yang, J. A Two-Stage Feature Transformation-Based Fingerprint Authentication System for Privacy Protection in IoT. IEEE Trans. Ind. Inform. 2022, 18, 2745–2752. [Google Scholar] [CrossRef]
- Yang, W.; Wang, S.; Shahzad, M.; Zhou, W. A cancelable biometric authentication system based on feature-adaptive random projection. J. Inf. Secur. Appl. 2021, 58, 102704. [Google Scholar] [CrossRef]
- Shahzad, M.; Wang, S.; Deng, G.; Yang, W. Alignment-free cancelable fingerprint templates with dual protection. Pattern Recognit. 2021, 111, 107735. [Google Scholar] [CrossRef]
- Bedari, A.; Wang, S.; Yang, W. Design of Cancelable MCC-Based Fingerprint Templates Using Dyno-Key Model. Pattern Recognit. 2021, 119, 108074. [Google Scholar] [CrossRef]
- Jin, Z.; Hwang, J.Y.; Lai, Y.L.; Kim, S.; Teoh, A.B.J. Ranking-Based Locality Sensitive Hashing-Enabled Cancelable Biometrics: Index-of-Max Hashing. IEEE Trans. Inf. Forensics Secur. 2018, 13, 393–407. [Google Scholar] [CrossRef] [Green Version]
- Jin, Z.; Lim, M.H.; Teoh, A.B.J.; Goi, B.M.; Tay, Y.H. Generating Fixed-Length Representation From Minutiae Using Kernel Methods for Fingerprint Authentication. IEEE Trans. Syst. Man Cybern. Syst. 2016, 46, 1415–1428. [Google Scholar] [CrossRef]
- Kim, J.; Jin Teoh, A.B. Sparse Combined Index-of-Max Hashing for Fingerprint Template Protection. In Proceedings of the 2019 12th International Congress on Image and Signal Processing, BioMedical Engineering and Informatics (CISP-BMEI), Suzhou, China, 19–21 October 2019; pp. 1–6. [Google Scholar] [CrossRef]
- Abdullahi, S.M.; Wang, H.; Li, T. Fractal Coding-Based Robust and Alignment-Free Fingerprint Image Hashing. IEEE Trans. Inf. Forensics Secur. 2020, 15, 2587–2601. [Google Scholar] [CrossRef]
- Li, Y.; Pang, L.; Zhao, H.; Cao, Z.; Liu, E.; Tian, J. Indexing-Min–Max Hashing: Relaxing the Security–Performance Tradeoff for Cancelable Fingerprint Templates. IEEE Trans. Syst. Man Cybern. Syst. 2022, 52, 6314–6325. [Google Scholar] [CrossRef]
- Li, H.; Wang, X. One factor cancellable fingerprint scheme based on novel minimum hash signature and secure extended feature vector. Multimed. Tools Appl. 2022, 81, 13087–13113. [Google Scholar] [CrossRef]
- Li, Y.; Zhao, H.; Cao, Z.; Liu, E.; Pang, L. Compact and Cancelable Fingerprint Binary Codes Generation via One Permutation Hashing. IEEE Signal Process. Lett. 2021, 28, 738–742. [Google Scholar] [CrossRef]
- Lee, M.J.; Jin, Z.; Teoh, A.B.J. One-factor Cancellable Scheme for Fingerprint Template Protection: Extended Feature Vector (EFV) Hashing. In Proceedings of the 2018 IEEE International Workshop on Information Forensics and Security (WIFS), Hong Kong, China, 11–13 December 2018; pp. 1–7. [Google Scholar] [CrossRef]
- Yang, W.; Wang, S.; Kang, J.J.; Johnstone, M.N.; Bedari, A. A linear convolution-based cancelable fingerprint biometric authentication system. Comput. Secur. 2022, 114, 102583. [Google Scholar] [CrossRef]
- Fingerprint Verification Competition. 2002. Available online: http://bias.csr.unibo.it/fvc2002/ (accessed on 19 August 2022).
- Fingerprint Verification Competition. 2004. Available online: http://bias.csr.unibo.it/fvc2004/ (accessed on 19 August 2022).
- Neurotechnology, VeriFinger SDK. Available online: http://www.neurotechnology.com/megamatcher.html (accessed on 19 August 2022).
- Ferrara, M.; Maltoni, D.; Cappelli, R. Noninvertible Minutia Cylinder-Code Representation. IEEE Trans. Inf. Forensics Secur. 2012, 7, 1727–1737. [Google Scholar] [CrossRef]
- Gomez-Barrero, M.; Galbally, J.; Rathgeb, C.; Busch, C. General Framework to Evaluate Unlinkability in Biometric Template Protection Systems. IEEE Trans. Inf. Forensics Secur. 2018, 13, 1406–1420. [Google Scholar] [CrossRef]
- Ferrara, M.; Maltoni, D.; Cappelli, R. A two-factor protection scheme for MCC fingerprint templates. In Proceedings of the 2014 International Conference of the Biometrics Special Interest Group (BIOSIG), Darmstadt, Germany, 10–12 September 2014; pp. 1–8. [Google Scholar]
Method | Feature Transformation | Advantage | Disadvantage |
---|---|---|---|
[12] | Random projection | Good authentication performance on high-quality datasets | Unsatisfactory authentication performance on low-quality datasets |
[13] | Window-shift-XOR and partial discrete wavelet transform | Strong security | Large template size |
[14] | Dyno-key model | Strong security | Limited recognition accuracy over low-quality datasets |
[15] | Index-of-Max (IoM) hashing | Able to overcome intra-class variations | (1) Expensive computations due to considerable amounts of hash functions. (2) Similarity-based attacks can partially break the irreversibility of the method. |
[17] | Sparse IoM (SC-IoM) | Meets revocability and unlinkability requirements | Expensive computations due to considerable amounts of hash functions. |
[18] | Fourier-Mellin transform | Strong security | (1) Unsatisfactory performance on low-quality datasets. (2) Slow computational time. |
[19] | Indexing-Min-Max (IMM) hashing | Good authentication performance | Slow processing time |
[20] | Minimum hash signature and extended feature vector | Good privacy for the storage of user information | Inadequate security analysis |
[21] | One permutation hashing | (1) Good authentication performance. (2) High efficiency. | Slow computational time |
[22] | Extended feature vector (EFV) | Meets revocability and unlinkability requirements | (1) Limited performance evaluation on low-quality datasets. (2) Large template size. |
[23] | Linear convolution | Meets revocability and linkability requirements | Limited performance evaluation on low-quality datasets |
Key Length n | FVC2002 | FVC2004 | ||||
---|---|---|---|---|---|---|
DB1 | DB2 | DB3 | DB1 | DB2 | DB3 | |
Unprotected real-valued MCC-based features of fixed-length 299 | 0 | 0.41 | 0.69 | 2.30 | 3.09 | 1.69 |
0.04 | 0.50 | 0.99 | 2.77 | 3.28 | 1.75 | |
0.14 | 0.60 | 1.03 | 2.96 | 3.51 | 2.02 | |
0.24 | 0.81 | 1.22 | 3.07 | 4.01 | 2.32 | |
0.48 | 1.07 | 2.02 | 3.50 | 4.24 | 3.29 |
Cancelable Fingerprint Template Design | FVC2002 | FVC2004 | ||||
---|---|---|---|---|---|---|
DB1 | DB2 | DB3 | DB1 | DB2 | DB3 | |
Shahzad et al. [13] | 1.57 | 1.50 | 4.93 | 10.49 | 8.62 | - |
Bedari et al. [14] | 1.38 | 1.35 | 4.21 | 8.89 | 7.63 | - |
Jin et al. [15] | 0.22 | 0.47 | 3.07 | 4.74 | 6.85 | - |
Kim et al. [17] | 0.55 | 0.93 | - | 5.81 | 4.10 | 3.99 |
Abdullahi et al. [18] | 0.36 | 0.54 | 2.40 | 2.35 | 5.93 | 2.37 |
Li et al. [21] | 0.19 | 0.51 | 3.44 | 1.49 | 3.80 | 4.15 |
Lee et al. [22] | 0.30 | 0.56 | - | 2.42 | 6.27 | - |
Yang et al. [23] | 1.75 | 1.39 | 4.11 | - | 7.75 | - |
Proposed method (n = 149) | 0.04 | 0.50 | 0.99 | 2.77 | 3.28 | 1.75 |
Average Time | FVC2002 | FVC2004 | ||||
---|---|---|---|---|---|---|
DB1 | DB2 | DB3 | DB1 | DB2 | DB3 | |
Cancelable template generation (n = 149) | 5.2303 | 5.1454 | 5.4253 | 5.1722 | 5.2168 | 5.3609 |
Matching using the designed cancelable template | 0.5562 | 0.5037 | 0.5593 | 0.5194 | 0.5112 | 0.5328 |
Matching using the original feature vector (m = 299) | 1.4840 | 1.4276 | 1.4880 | 1.8768 | 2.0215 | 1.5022 |
Average Time | FVC2002 | FVC2004 | ||||
---|---|---|---|---|---|---|
DB1 | DB2 | DB3 | DB1 | DB2 | DB3 | |
Bedari et al. [14] | 0.0398 | 0.0491 | 0.0267 | 0.0444 | 0.0387 | - |
Jin et al. [15] | 0.0072 | 0.0075 | 0.0072 | 0.0072 | 0.0074 | 0.0070 |
Abdullahi et al. [18] | 0.0763 | 0.0362 | 0.0925 | 0.0291 | 0.4651 | 0.1240 |
Lee et al. [22] | 0.01545 | 0.01539 | - | 0.01592 | 0.01481 | - |
Proposed method (n = 149) | 0.000052 | 0.000051 | 0.000054 | 0.000052 | 0.000052 | 0.000053 |
Cancelable Template Methods | Cancelable Template Size (Bits) |
---|---|
Shahzad et al. [13] | |
Bedari et al. [14] | |
Abdullahi et al. [18] | |
Jin et al. [15] | 19,200 |
Proposed method | 9536 |
Security Level | Type-I Attack | Type-II Attack |
---|---|---|
Medium security | 0.2% | 0.1% |
High security | 0% | 0% |
Number of Elements Changed in T | Medium Security | High Security | ||
---|---|---|---|---|
Type-I Attack | Type-II Attack | Type-I Attack | Type-II Attack | |
10 | 0.2% | 0.1% | 0% | 0% |
20 | 0.2% | 0.1% | 0% | 0% |
30 | 0.2% | 0.2% | 0% | 0% |
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |
© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Bedari, A.; Wang, S.; Yang, W. A Secure Online Fingerprint Authentication System for Industrial IoT Devices over 5G Networks. Sensors 2022, 22, 7609. https://doi.org/10.3390/s22197609
Bedari A, Wang S, Yang W. A Secure Online Fingerprint Authentication System for Industrial IoT Devices over 5G Networks. Sensors. 2022; 22(19):7609. https://doi.org/10.3390/s22197609
Chicago/Turabian StyleBedari, Aseel, Song Wang, and Wencheng Yang. 2022. "A Secure Online Fingerprint Authentication System for Industrial IoT Devices over 5G Networks" Sensors 22, no. 19: 7609. https://doi.org/10.3390/s22197609
APA StyleBedari, A., Wang, S., & Yang, W. (2022). A Secure Online Fingerprint Authentication System for Industrial IoT Devices over 5G Networks. Sensors, 22(19), 7609. https://doi.org/10.3390/s22197609