Document Type

Journal Article

Publication Title

Sensors

ISSN

1424-8220

Volume

19

Issue

13

PubMed ID

31284592

Publisher

MDPI

School

Security Research Institute

RAS ID

29033

Comments

Yang, W., Wang, S., Hu, J., Ibrahim, A., Zheng, G., Macedo, M. J., ... Valli, C. (2019). A cancelable iris- and steganography-based user authentication system for the Internet of Things. Sensors, 19(13), Article 2985. Available here

Abstract

Remote user authentication for Internet of Things (IoT) devices is critical to IoT security, as it helps prevent unauthorized access to IoT networks. Biometrics is an appealing authentication technique due to its advantages over traditional password-based authentication. However, the protection of biometric data itself is also important, as original biometric data cannot be replaced or reissued if compromised. In this paper, we propose a cancelable iris- and steganography-based user authentication system to provide user authentication and secure the original iris data. Most of the existing cancelable iris biometric systems need a user-specific key to guide feature transformation, e.g., permutation or random projection, which is also known as key-dependent transformation. One issue associated with key-dependent transformations is that if the user-specific key is compromised, some useful information can be leaked and exploited by adversaries to restore the original iris feature data. To mitigate this risk, the proposed scheme enhances system security by integrating an effective information-hiding technique-steganography. By concealing the user-specific key, the threat of key exposure-related attacks, e.g., attacks via record multiplicity, can be defused, thus heightening the overall system security and complementing the protection offered by cancelable biometric techniques.

DOI

10.3390/s19132985

Creative Commons License

Creative Commons Attribution 4.0 License
This work is licensed under a Creative Commons Attribution 4.0 License.

Share

 
COinS