A Framework for Secure Cloud- Empowered Mobile Biometrics A. Bommagani 1, M. C. ValenA 1, and A. Ross 2 1 West Virginia University, Morgantown, WV, USA 2 Michigan State University, East Lansing, MI, USA This research was funded by the Center for IdenBficaBon Technology Research (CITeR), a NaBonal Science FoundaBon (NSF) Industry/University CooperaBve Research Center (I/UCRC). Oct. 7 th, 2014 1
Outline 1. IntroducBon 2. Homomorphic LBP- based face recognibon 3. A framework for secure cloud biometrics 4. System analysis 5. Conclusion 2
Outline 1. IntroducAon 2. Homomorphic LBP- based face recognibon 3. A framework for secure cloud biometrics 4. System analysis 5. Conclusion 3
IntroducAon The cloud provides unbounded, cost- effecbve, and elasbc compubng resources. Biometrics can leverage the efficiency of the cloud. The cloud provides an opportunity to offload compute- intensive operabons from the mobile device. Conversely, biometrics can help to make the cloud more secure. 4
Mobile + Cloud + Biometrics Cloud- empowered Apps The Cloud Cloud- based biometric authenbcabon Mobile Biometrics Device Security 5
The Cloud leveraging Biometrics Biometric authenbcabon for cloud clients. e.g., Cloud Iris VerificaBon System (CIVS), Kesava, 2010, CorrelaBon keystroke verificabon, Xi et al., 2011. Securing cloud data storage with biometrics. Biocryptographic systems Using biometrics for key generabon: Fuzzy extractor. Using biometrics for key binding: Fuzzy vault, Fuzzy commitment, BiparBte token. AuthenBcaBon as a service (AaaS) Outsource system authenbcabon to the cloud. Confederates access to a single sign- on. 6
Security threats Biometric dilemma threat Acacker compromises a less secure system to obtain biometric data. Then uses the biometric data to gain access to a secure, high- value system. Doppleganger threat Acacker presents a large amount of biometric data, in the hopes of achieving a match. Exploits non- zero False Accept Rates (FAR) Analogous to a dicbonary acack. Trust Issues Who is allowed to enroll the users? 7
Biometrics leveraging the Cloud Using the cloud to store biometric data. The cloud is a cost effecbve and elasbc way to store and share data. Need to preserve privacy of biometric data while in the cloud, and during transfer to/from the cloud. PotenBal to support access from different enbbes under different policies. Laws may dictate where the data is stored. PotenBal to share biometric data among research organizabons. Using the cloud to perform biometric computabons Rapid analybcs: e.g., idenbficabon through parallelizabon. Big data biometrics using Hadoop, ZooKeeper, and Accumulo. Biometrics as a service Allow access to different algorithms provided by different service providers and/ or developers. Upload the algorithm, not the biometric. 8
Literature review A Hadoop- based prototype for using the cloud for biometric idenbficabon is proposed in [3], but it does not describe biometric database security. Fingerprint authenbcabon and storage of cancelable biometrics in the cloud is proposed in [7]. However, in this work matching is performed locally. A privacy- preserving biometric idenbficabon scheme is proposed in [10]. However, it does not offer a solubon to minimize the damage resulbng from a compromised biometric database. Secure authenbcabon of mobile cloud users using a fingerprint image (using a mobile device camera) is proposed in [12], but data security is not addressed in this work. 9
Outline 1. IntroducBon 2. Homomorphic LBP- based face recogniaon 3. A framework for secure cloud biometrics 4. System analysis 5. Conclusion 10
MoAvaAon and Goals There is a need to know when and how to best leverage cloud compubng for biometric applicabons. There is also a need to characterize the risks and benefits of using cloud compubng for biometric systems. Goal: To demonstrate the ability to leverage CC services for mobile biometrics, while sbll maintaining the privacy of the underlying biometric database. Developed a proof of concept demo featuring: Facial recognibon based on the LBP algorithm. Homomorphic templates to protect privacy of individual s biometrics. 11
Enrollment Secure model generaaon Feature extracbon Image database Face detecbon Image preprocessing Template generabon LBP Histogram Template (h) Cancelable template database (Model) Cancelable template ((A*P) * h) + b Orthonormal matrix (A) Random permutabon matrix (P) Blinding vector (b) Random projecbon Key (K) 12
Local Binary PaPerns (LBP)- based template generaaon Face%image% Face%image%% regions% LBP%Histogram% for%each%region% LBP%Histogram% 83 55 48 23-5 - 12 1 0 0 98 60 72 38 12 1 1 86 26 1 87 27 1 58-2 0 3 x 3 pixel neighborhood Difference Threshold 236 = (2 7 *1 + 2 6 *1 + 2 5 *1 + 2 4 *0 + 2 3 *1 + 2 2 *1 + 2 1 *0 + 2 0 *0) (11101100) 2 13
Template generaaon contd., Uniform LBP e.g. 01110000, 11001111 è at most 2 bitwise transibons Each uniform pacern a separate label. All non uniform pacerns have a single label. Total labels: P (P 1) + 3; P = # neighbors 14
Template generaaon contd., Cancelable template generaaon: cancelable template for template, h is generated using, an l x l orthonormal matrix, A. (for addibonal security, an l x l secret permuta+on matrix, P and a length l blinding vector, b). y = ( AP)h+b = Qh+b!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 15
Face recogniaon Probe image Feature extracbon Apply Random ProjecBon and Blinding Vector Decision: Pick closest matches or verify idenbty Compute distance to each template Cancelable template database (Model) 16
Transformed template matching For a transformed probe template, z = Qx+b, and a transformed gallery template y j, Euclidean distance is d j 2 = z y j """"""""""""""""""""""""""""""""""""""""""" Distance between templates before and aver transformabon is preserved because of orthogonal nature of matrix Q. The closest image Î j j = arg$min{ }$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ j d j IdenBficaBon The subject corresponding to the closest template. A ranked list of matches can be provided to the user. 17
Outline 1. IntroducBon 2. Homomorphic LBP- based face recognibon 3. A framework for secure cloud biometrics 4. System analysis 5. Conclusion 18
Parallel biometric template generation 1. Face images database 2. Task division Task 2.. Task η Task 1 {y11, y12, y1λ}.. {y1, y2, y3, yt} {yη1, yη2, yηλ} 3. Generate cancelable templates 4. Cancelable template data model 19
Parallel distance matching Cancelable template, z 1. Preprocessing Probe image (z, {y 1, y 2, y 3, y T }) Model (z, {y 11, y 12, y 1λ }).. (z, {y η1, y η2, y ηλ }) 2. Task division Task 1 Task η {d 11, d 12, d 1λ }) {d η1, d η2, d ηλ }.. 3. Calculate distance 4. Establish idenbty 20
System framework 14 1 server web server <User home directory> Gallery files: Cancelable templates 2 Projects PLBP Tasks TaskIn 6 TaskRunning TaskOut 7 13 JobIn 3 JobRunning JobOut 12 5 Task Manager 10 4 Job Manager 8 11 9 Figure: System architecture and data flow. node 1 node 2 node 3 node 4 node 5 node 6 cluster 21
Outline 1. IntroducBon 2. Homomorphic LBP- based face recognibon 3. A framework for secure cloud biometrics 4. System analysis 5. Conclusion 22
System analysis Security IdenBficaBon 23
Identification Rate True Positive Rate 0.8 0.7 0.6 0.5 0.4 0.3 0.2 0.1 1 0.9 0.8 0.7 0.6 0.5 0.4 0.3 0.2 0.1 IdenAficaAon system analysis - XM2VTS database and uniform LBP algorithm IR vs F u2 LBP 4,3 u2 LBP 4,2 ROC R=1 R=2 R=3 0 0 50 100 150 200 250 # of features 0 0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 False Positive Rate Identification Rate 1 0.9 0.8 0.7 0.6 0.5 0.4 0.3 0.2 0.1 CMC u2 LBP 4,2, w/o cancelable templates u2 LBP 4,2, w/ cancelable templates u2 LBP 4,3, w/o cancelable templates u2 LBP 4,3, w/ cancelable templates 0 0 5 10 15 20 25 30 35 40 45 50 Rank - - Best LBP parameters (P,R) are found through experimentabon. - - Use of cancelable templates does not nobceably degrade the matching performance CumulaBve match characterisbc (CMC) 24
ComputaAonal performance Number of Comparisons 14 x 105 12 10 8 6 4 ComputaAon enaty type Full cluster Node type 1 Node type 2 Node type 3 # comparisons per second 1348.4 127.49 80.74 44.75 Full Cluster Node Type 1 Node Type 2 Node Type 3 2 0 0 100 200 300 400 500 600 700 800 900 1000 Time (Seconds) 25
Security assessment A single key is used to create the cancelable templates. The key is kept secure by generabng a hash value using bcrypt. The key cannot be derived from the templates. VulnerabiliBes if key is compromised If the key is known, the nabve template could be derived. However, original picture gallery is not compromised. The key should be periodically changed to prevent its compromise. Steps to take if templates are compromised. Just need to change the key and generate new templates. Matched images stored in user s cache. Should be periodically cleared and/or encrypted. 26
Outline 1. IntroducBon 2. Homomorphic LBP- based face recognibon 3. A framework for secure cloud biometrics 4. System analysis 5. Conclusion 27
Conclusion and ObservaAons By leveraging cloud services, biometric operabons can be parallelized to improve the system performance computabonally. Secure storage of massive biometric data on the cloud is possible using biometric template protecbon techniques. An approach for generabng cancelable templates allows templates to be fully revocable with negligible loss on matching accuracy. MulBple mobile devices can be supported by interfacing through a mobile- friendly web applicabon 28
Future work Address scalability issues. Formulate key- management and access policies. Reduce latency through improved implementabon. Integrate improved idenbficabon algorithms. Extend to other modes and other applicabons. 29
Thank you for your apenaon. QuesAons? 30
References [3] E.Kohlwey, A.Sussman, J.Trost, and A.Maurer, Leveraging the cloud for big data biometrics: MeeBng the performance requirements of the next generabon biometric systems, in Proc. IEEE World Congress on Services, (Los Alamitos, CA, USA), pp. 597 601, Jul. 2011. [7] J. Yang, N. Xiong, A. V. Vasilakos, Z. Fang, D. Park, X. Xu, S. Yoon, S. Xie, and Y. Yang, A fingerprint recognibon scheme based on assembling invariant moments for cloud compubng communicabons, IEEE Systems Journal, vol. 5, pp. 574 583, Dec. 2011. [10] J. Yuan and S. Yu, Efficient privacy- preserving biometric idenbficabon in cloud compubng, in Proc. IEEE INFOCOM, pp. 2652 2660, Apr. 2013. [12] I. A. Rassan and H. AlShaher, Securing mobile cloud using finger print authenbcabon, Interna+onal Journal of Network Security & Its Applica+ons, vol. 5, Nov. 2013. 31