Title: Biometric Security and Privacy Handout for classes: Class schedule: Contact information and office hours: Prof. Bon Sy, Queens College (NSB A104) Phone: 718-997-3477, or 718-997-3566 to leave a message. E-mail: bon@bunny.cs.qc.edu Office hrs: QC: Tue, 1:40pm - 2:40pm; GC: Thur: 11:15am-11:45am.or by appointment. Course description 1 / 7
Biometrics has emerged from relatively specialized use in the criminal forensics domain to more mainstream use for computer authentication, identification document security, and surveillance for public safety. This emergence has been accompanied by an expansion in biometric modality from mainly fingerprints to face, iris, hand, voice, and other novel biometrics. This course concentrates on the unique advantages that biometrics brings to computer security, but also addresses challenging issues such as security strength, recognition rates, and privacy, as well as alternatives of passwords and smart cards. Students will gain knowledge in the building blocks of this field: signal processing, pattern recognition, security and privacy, and secure computation techniques for privacy preserving biometric data retrieval. By the end of the course students will be able to evaluate and design security systems that include biometrics and their usability and privacy implications. Course Objectives In this course, students will learn to answer the following: What are the methods of biometrics? What are the devices of biometrics? How are these used for computer security? How do we design and build a biometric security system that also guarantees privacy? 2 / 7
Course Outline Module 1 Learning objective: Introduce students to biometric technologies and their applications Topic 1.1: Concept of patterns and pattern classifier Lecture: Concept of patterns for feature representation and recognition Topic 1.2: Biometric application for verification, identification, and surveillance Lecture: Introduction to Biometrics Topic 1.3: Biometric modalities and data set; user intra-variability issues Lecture: Biometric Modalities Lecture: Image and Signal Processing Topic 1.4: Biometric signal processing and performance measurement Lecture: Recognition Measurement, Errors, and Statistics 3 / 7
Lab: Verification and Identification System Errors and Performance Testing Module 2 Learning objective: Foster students to think critically about privacy & social implications Topic 2.1: Concept of privacy and definitions Topic 2.2: Review on the state-of-the-art biometric application Lecture: Concept of usable privacy and security Lecture: Design for privacy and security Lecture/discussion: Biometric Resources and Standards Lecture/discussion: Large Scale Biometrics& Systems Case Studies Topic 2.3: Arguments by the advocates of biometric application 4 / 7
Topic 2.4: Arguments by the opposition of biometric application Discussion resource: ACLU, EFF Case study and discussion Module 3 Learning objective: Introduce students to privacy preserving computation for biometric technologies Topic 3.1: Concept of Secure Multi-party Computation Lecture: Cancellable biometrics with privacy preserving computation Topic 3.2: Modeling privacy and security for biometric data retrieval Lecture: Specification and requirement for privacy and security; attacker capabilities Topic 3.3: Secure computation and communication Lecture: Concept of information-theoretic security, computational security 5 / 7
Lecture: RSA based 1-n oblivious transfer Topic 3.4: Secure Information Processing with Privacy Assurance (SIPPA) Lecture: Concept of privacy homomorphism Lab: SIPPA for multi-face matching Some references (optional) 1. http://bonnet19.cs.qc.edu:7778/pls/forum/ (Security control E-community) 2. http://w2.eff.org/privacy/surveillance/biometrics/ 3. http://www.aclu.org/ 4. http://www.boprivacy.org/ 5. Biometric Systems, Wayman, Jain, Maltoni and Maio (ed.s) 2004 6. Biometric Technologies and Verification Systems Vacca, John R. 2007, Approx. 656 p., Paperback ISBN-13: 978-0750679671. 6 / 7
7. Pattern Classification, Duda, Hart, Stork, 2000 Suggested Workload and Grading: 10% Biometric technology evaluation 20% (Take-home) quiz for modules 1,2 and 3. 30% One paper presentation 40% Project: Team based prototype implementation using SDK. 7 / 7