基于认证的远程生物识别认证

2006 Biometrics Symposium: Special Session on Research at the Biometric Consortium Conference Pub Date : 2006-09-01 DOI:10.1109/BCC.2006.4341619

T. Polon, S. Sander

{"title":"基于认证的远程生物识别认证","authors":"T. Polon, S. Sander","doi":"10.1109/BCC.2006.4341619","DOIUrl":null,"url":null,"abstract":"Migration from password and token-based authentication in distributed systems requires fundamental changes to the authentication process. A person's biometric data is not a secret, which presents a fundamental difference with other authentication methods. Matching a sample with a database template is secondary to establishing trust in the integrity of the sample. The process is similar to establishing a chain of custody for judicial evidence. In computer systems this is accomplished using attestation architectures. In this paper, a design for a secure remote biometric login system based on an attestation architecture is analyzed. The system uses a commercially available Trusted Platform Module (TPM) to authenticate the platform during the boot process and perform trusted private-key functions to participate in a challenge/response between the client and a remote biometric matcher. The result is a system that can provide higher assurance than current systems in an economically and administratively feasible system.","PeriodicalId":226152,"journal":{"name":"2006 Biometrics Symposium: Special Session on Research at the Biometric Consortium Conference","volume":"45 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Attestation-Based Remote Biometric Authentication\",\"authors\":\"T. Polon, S. Sander\",\"doi\":\"10.1109/BCC.2006.4341619\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Migration from password and token-based authentication in distributed systems requires fundamental changes to the authentication process. A person's biometric data is not a secret, which presents a fundamental difference with other authentication methods. Matching a sample with a database template is secondary to establishing trust in the integrity of the sample. The process is similar to establishing a chain of custody for judicial evidence. In computer systems this is accomplished using attestation architectures. In this paper, a design for a secure remote biometric login system based on an attestation architecture is analyzed. The system uses a commercially available Trusted Platform Module (TPM) to authenticate the platform during the boot process and perform trusted private-key functions to participate in a challenge/response between the client and a remote biometric matcher. The result is a system that can provide higher assurance than current systems in an economically and administratively feasible system.\",\"PeriodicalId\":226152,\"journal\":{\"name\":\"2006 Biometrics Symposium: Special Session on Research at the Biometric Consortium Conference\",\"volume\":\"45 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2006 Biometrics Symposium: Special Session on Research at the Biometric Consortium Conference\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/BCC.2006.4341619\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2006 Biometrics Symposium: Special Session on Research at the Biometric Consortium Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/BCC.2006.4341619","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

摘要

在分布式系统中，从基于密码和令牌的身份验证迁移需要对身份验证过程进行根本性的更改。一个人的生物特征数据并不是一个秘密，这与其他身份验证方法有着根本的区别。将样本与数据库模板匹配是次要的，而不是建立对样本完整性的信任。这一过程类似于建立司法证据的监管链。在计算机系统中，这是通过认证体系结构实现的。本文分析了一种基于认证体系结构的安全远程生物识别登录系统的设计。该系统使用商用可信平台模块(TPM)在启动过程中对平台进行身份验证，并执行可信私钥功能，参与客户端与远程生物识别匹配器之间的挑战/响应。其结果是，该系统在经济和管理上都是可行的，可以提供比现有系统更高的保证。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Attestation-Based Remote Biometric Authentication

Migration from password and token-based authentication in distributed systems requires fundamental changes to the authentication process. A person's biometric data is not a secret, which presents a fundamental difference with other authentication methods. Matching a sample with a database template is secondary to establishing trust in the integrity of the sample. The process is similar to establishing a chain of custody for judicial evidence. In computer systems this is accomplished using attestation architectures. In this paper, a design for a secure remote biometric login system based on an attestation architecture is analyzed. The system uses a commercially available Trusted Platform Module (TPM) to authenticate the platform during the boot process and perform trusted private-key functions to participate in a challenge/response between the client and a remote biometric matcher. The result is a system that can provide higher assurance than current systems in an economically and administratively feasible system.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2006 Biometrics Symposium: Special Session on Research at the Biometric Consortium Conference

自引率

0.00%

发文量