دانلود کتابچه راهنمای حفاظت از الگوهای بیومتریک – انگیزه، روش‌ها و معیارها

Biometric technology automates the recognition of individuals based on their biological traits, such as fingerprints, face, and iris. Since biometric systems store sensitive information about an individual’s biological trait, it is important to consider the protection of the employed biometric “templates” (features representing the underlying biometric characteristics). To address this need, the Biometric Template Protection (BTP) research field has developed steadily for over two decades, with many innovative solutions proposed in this time. Despite the relatively high level of sophistication attained in the literature, the topic has remained largely within limited academic circles, with little to no evidence of practical adoption. The latter may be due to many factors, among which, we postulate, there are three main reasons: 1. A lack of awareness among biometric system deployers of the importance of protecting biometric data, or no incentive for doing so due either to the limited capabilities to enforce existing data protection regulations such as the EU GDPR or, in some cases, the absence of appropriate regulations 2. A preference for relying solely on traditional (established) data protection mechanisms, such as encryption, in favor of exploring newer methods stemming from BTP research (perhaps despite known limitations of the former) 3. Uncertainty about how the robustness of BTP techniques should be properly evaluated in practice, and, thus, reluctance to adopt such methods without being able to guarantee that they satisfy the necessary security and privacy requirements Fortunately, as a result of rising concerns around the privacy and security of our biometric data (which is being increasingly demanded for identity management in practical applications), there appears to be renewed interest in BTP research. This may be attributed to emerging privacy regulations, which are pressuring practitioners to ensure that their biometric systems are legally compliant. There is thus a clear opportunity and an imperative need to explore the BTP research field further, to investigate its practical relevance, and to gauge the potential of BTP solutions for achieving more secure and privacy-preserving biometrics-based identity management. The Handbook of Biometric Template Protection: Motivation, Methods and Metrics aims to facilitate this exploration, by paving the way towards a comprehensive understanding of the field and providing the reader with insights into various open challenges. The remainder of this handbook is structured in three main parts, which collectively explain the current state of BTP research: Part I: Motivation—Why is BTP research important? Part II: Methods—What types of BTP methods have been proposed? Part III: Metrics—How to evaluate BTP methods? Part I opens the discussion by explaining the motivation behind BTP research. This part of the book consists of three chapters. Chapter 1 focuses on the need to protect biometric templates to defend against various attacks that can be launched against biometric systems and which threaten both the privacy of the subjects (system users) and the security of the systems themselves. This chapter also presents a brief introduction on how to approach the evaluation of BTP methods from the point of view of existing technical standards. Chapter 2 builds upon the motivation for BTP research, by explaining why methods that are used for generic data protection (including traditional techniques like hashing, conventional encryption, distributed databases, and smart cards, and the more recent Trusted Execution Environments) are usually unsuitable for protecting biometric templates. This is due, in large part, to factors such as the intrinsic noisiness of biometric measurements versus the exactness requirements of mechanisms like cryptographic hashing and encryption. Finally, Chap. 3 explores the motivation for BTP research from a legal perspective, by examining the need for BTP in the context of recent privacy frameworks that regulate the processing of biometric data. An important insight gained from this chapter is that the coming into force of these (and future) privacy regulations should be a catalyst for investigating whether BTP techniques ensure the compliancy of biometric systems. Part II ventures into more technical territory, describing in detail the various types of BTP methods that have been proposed as potential solutions. The first three chapters discuss handcrafted techniques, which are BTP algorithms designed by humans, and the last chapter explores BTP methods that are learned using neural networks. More specifically, Chaps. 4 and 5 focus on the two most traditional handcrafted BTP categories: Feature Transformations and Biometric Cryptosystems. The concepts behind these approaches are explained, examples of BTP methods that fall into these specific categories are provided, and advantages and disadvantages of the various techniques are discussed. Chapter 6 then explains how BTP could be achieved with the help of Homomorphic Encryption, which does not traditionally fall into the BTP domain, but which has been an important focus for BTPoriented research in recent years. Finally, following the Handcrafted BTP approaches discussed in the first three chapters of Part II, the last chapter explores BTP methods learned by neural networks. In particular, Chap. 7 tracks the development of Learned BTP methods over the past few years: from the earliest approaches that trained a neural network to learn the mapping between a biometric template and a predefined code, to the most recent approaches that train a neural network to learn its own representation of a (renewable) protected template. Overall, therefore, Part II of this handbook presents a comprehensive overview of the types of BTP methods that have been proposed so far. Part III complements the discussion on BTP methods from Part II, by delving into the techniques that have been used to evaluate BTP methods in the literature. This part of the handbook consists of three chapters, which correspond to the three main criteria that a BTP method is commonly expected to satisfy, in alignment with the ISO/IEC 24745 standard on biometric information protection and the ISO/IEC 30136 standard on performance testing of BTP schemes. Chapter 8 focuses on the methodologies and metrics that are used to evaluate the “recognition accuracy” criterion, including a discussion of additional factors that should be considered when evaluating a biometric system with a BTP component versus a biometric system without a BTP component. Chapter 9 is dedicated to the “irreversibility” criterion, presenting a detailed discussion on the different types of theoretical and empirical techniques that have been used to evaluate the irreversibility of BTP methods in the literature, including an analysis of the limitations of each approach. Finally, Chap. 10 explores the methods that have been proposed to evaluate the “unlinkability” criterion (related to the “renewability” criterion), with a particular focus on the two most recent empirical metrics based on likelihood ratios and maximal information leakage. As a whole, therefore, the Handbook of Biometric Template Protection: Motivation, Methods and Metrics aims to tell a complete story of the BTP field, presenting a clear picture of the progress made thus far and challenges that remain to be tackled. To solidify the reader’s understanding of the presented concepts, each chapter is supplemented with a set of study questions, which encourage reflection on what has been learned and inspire deeper thoughts on the underlying subjects. In this way, this book strives to serve as an introductory textbook on BTP, a go-to reference suitable for both academics interested in contributing to this burgeoning _ield of research and practitioners wishing to understand the opportunities and challenges around applying BTP to real-world biometrics-based applications. It is our hope, therefore, that the Handbook of Biometric Template Protection: Motivation, Methods and Metrics—the _irst book dedicated to exploring the important _ield of BTP research—will be instrumental in comprehensively disseminating this timely topic across diverse stakeholders.