SURVEY ON BIOMETRIC APPLICATIONS FOR IMPLEMENTATION OF AUTHENTICATION IN SMART GOVERNANCE
Keywords:
Biometrics, authentication, non-repudiation, smart cardAbstract
With large scale proliferation of internet and network, more and more people tend to communicate through the insecure network channels. So, to avoid illegal access of confidential and private resources, user authentication is the primary requirement of this age. Nowadays, smart card based authentication schemes have been deployed widely to ensure the legitimacy of a user’s access request. Smart cards can be associated with the other traditional authentication schemes like password or PIN, to enhance the security level of the system. In recent years, numerous researchers have focused on the field of user authentication schemes and figured out a new advanced and secure mechanism by employing biometrics as an authentication tool in smart card systems. In this paper, the authors have made a detailed survey on some eminent existing biometric technique based smart card authentication schemes. Since the existing schemes have several security pitfalls and are susceptible to dangerous attacks, this study will pave a way towards the evolution of an ideal authentication scheme that can attain every possible goals.
Downloads
References
Sur, C., Roy, A., Banik, S. (2010). A Study of the State of E-Governance in India. Proceedings of National Conference on Computing and Systems, pp: (a)-(h), ISBN: 8190-77417-4.
Man-in-the-middle. Retrieved June 18, 2013, from https://en.wikipedia.org/wiki/Man-in-the-middle.
Roy, A., Sarkar, S., Mukherjee, J., Mukherjee, A. (2012). Biometrics as an authentication technique in E-Governance security. Proceedings of UGC sponsored National Conference on Research and Higher Education in Computer Science and Information Technology, Vol: 1, pp: 153-160, ISBN: 978-81-923820-0-5.
Sarkar, S., Roy, A. (2012). A Study on Biometric based Authentication. Proceedings of Second National Conference on Computing and Systems, 1st Edition - 2012, pp: 263-268, ISBN: 978-93-80813-18-9.
Hoda, A., Roy, A., Karforma, S. (2012). Application of ECDSA for security of transaction in E-Governance. Proceedings of Second National Conference on Computing and Systems, 1st Edition - 2012, pp: 281-286, ISBN: 978-93-80813-18-9.
Roy, A., Karforma, S. (2013). UML based modeling of ECDSA for secured and smart E-Governance system. Computer Science & Information Technology: Proceedings of National Conference on Advancement of Computing in Engineering Research, pp: 207 - 222, ISSN 2231 - 5403, ISBN: 978-1-921987-11-3.
Roy, A., Banik, S., Karforma, S., Pattanayak, J. (2010). Object Oriented Modeling of IDEA for E-Governance Security. Proceedings of International Conference on Computing and Systems, pp: 263-269, ISBN: 93-80813-01-5.
Man-in-the-browser. Retrieved June 20, 2013, from https://en.wikipedia.org/wiki/Man-in-the-browser.
Roy, A., Karforma, S. (2012). Object Oriented approach of Digital certificate based E-Governance mechanism. Computational Intelligence and Communication Engineering: International Joint Conference on CIIT, CENT, CSPE and CIITCom Proceedings, LNICST Springer Chennai, INDIA, pp: 360 - 366, ISSN: 1867-8211.
Roy, A., Karforma, S. (2011). A Survey on E-Governance Security. International Journal of Computer Engineering and Computer Applications (IJCECA). Fall Edition, Vol. 08, Issue No. 01, pp: 50-62, ISSN: 0974-4983.
Roy, A., Banik, S., Karforma, S. (2011). Object Oriented Modelling of RSA Digital Signature in E-Governance Security. International Journal of Computer Engineering and Information Technology (IJCEIT), Summer Edition, Vol. 26, Issue No. 01, pp: 24-33, ISSN: 0974-2034.
Roy, A., Karforma, S. (2011). Risk and Remedies of E-Governance Systems. Oriental Journal of Computer Science & Technology (OJCST), Vol. 04 No: 02, pp: 329-339, ISSN: 0974-6471.
Roy, A., Karforma, S. (2012). A Survey on digital signatures and its applications, Journal of Computer and Information Technology, Vol. 03 No: 1 & 2, pp: 45-69, ISSN: 2229-3531.
Roy, A., Karforma, S., Banik, S. (2013). Implementation of authentication in e-governance- an UML based approach. Lap Lambert Academic Publishing, Germany, ISBN 978-3-659-41310-0.
Lee, J.K., Ryu, S.R., Yoo, K.Y. (2002). Fingerprint-based remote user authentication scheme using smart cards. Electronics Letters (Vol. 38, Issue: 12), pp: 554 – 555, ISSN: 0013-5194.
Ku, W.C., Chang, S.T., Chiang, M.H. (2005). Further cryptanalysis of fingerprint-based remote user authentication scheme using smartcards. Electronics Letters (Vol. 41, Issue: 5), pp: 240 – 241, ISSN: 0013-5194.
Yoon, E.J., Yoo, K.Y. (2005). Secure Fingerprint-Based Remote User Authentication Scheme Using Smartcards. Internet and Network Economics, Lecture Notes in Computer Science Vol. 3828, pp: 405-413, Print ISBN: 978-3-540-30900-0.
Lin, C.H., Lai, Y.Y., A flexible biometrics remote user authentication scheme. Retrieved June 15, 2013, from http://www.csie.thu.edu.tw/csiethu/files/paper/ISLab/islab_92_18.pdf.
Mitchell, C.J., Tang, Q., Security of the Lin-Lai smart card based user authentication scheme. Retrieved June 16, 2013, from http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.62.3957&rep=rep1&type=pdf.
Fan, C-I., Lin, Y-H., Hsu, R-H. (2006). Remote Password Authentication Scheme with Smart Cards and Biometrics. Global Telecommunications Conference, GLOBECOM '06. IEEE, pp: 1 – 5, ISSN: 1930-529X, E-ISBN: 1-4244-0357-X, Print ISBN: 1-4244-0356-1.
Ziauddin, S., A Two-Factor Mutual Authentication Scheme Using Biometrics and Smart Card. Retrieved June 16, 2013, from http://link.springer.com/chapter/10.1007%2F978-3-642-10847-1_26.
Yoon, E.J., Yoo, K.Y. (2005). A New Efficient Fingerprint-Based Remote User Authentication Scheme for Multimedia Systems. 9th International Conference on Knowledge-Based & Intelligent Information & Engineering Systems, LNAI 3683, pp: 332-338, Print ISBN- 978-3-540-28896-1.
Lee, Y., Kwon, T., An Improved Fingerprint-Based Remote User Authentication Scheme Using Smart Cards. Retrieved June 17, 2013, from http://link.springer.com/chapter/10.1007%2F11751588_95.
Fan, C-I., Lin, Y-H., Provably Secure Remote Truly Three-Factor Authentication Scheme with Privacy Protection on Biometrics. Retrieved June 17, 2013, from http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=5238635.
Mathew, H.M., Gundapu, P. S. J., Raj, S. B. E., Angeline, S. J. F. (2011). An Improved Three-Factor Authentication Scheme Using Smart Card with Biometric Privacy Protection. Proceedings of 3rd International Conference on Electronics Computer Technology, Vol. 3, pp- 220-223, Print ISBN- 978-1-4244-8678-6.
Wang, X., Zhang, W. (2008). An efficient and secure biometric remote user authentication scheme using smart cards. Proceedings of Pacific-Asia Workshop on Computational Intelligence and Industrial Application, Vol. 2, pp: 913 – 917, Print ISBN: 978-0-7695-3490-9.
Mutlugün, M., Soğukpinar, I. (2009). Multi-level Authentication Scheme Utilizing Smart Cards and Biometrics. Third International Conference on Emerging Security Information, Systems and Technologies, pp: 93 – 98, Print ISBN: 978-0-7695-3668-2.
Li, C.T., Hwang, M.S. (2010). An efficient biometrics- based remote user authentication scheme using smart cards. Journal of Network and Computer Applications, Volume 33 Issue 1, pp- 1-5, ISSN: 1084-8045.
Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. Retrieved May 25, 2013, from http://www.sciencedirect.com/science/article/pii/S1084804510001657.
Enhanced Biometrics-based Remote User Authentication Scheme Using Smart Cards. Retrieved May 26, 2013, from http://eprint.iacr.org/2011/676.pdf.
Das, A.K. (2011). Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards. Information Security: IET (Vol. 5, Issue: 3), pp: 145 – 151, ISSN: 1751-8709.
Security Analysis and Enhancements of an Effective Biometric-Based Remote User Authentication Scheme Using Smart Cards. Retrieved May 28, 2013, from http://downloads.hindawi.com/journals/jbb/2012/519723.pdf.
Brindha, S., Vennila, Ila. (2011). Hiding Fingerprint in Face using Scattered LSB Embedding Steganographic Technique for Smart card based Authentication system. International Journal of Computer Applications (0975 – 8887), Vol. 26, No.10, pp: 51-55.
Yoon, E-J., Yoo, K-Y. (2013). Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem. The Journal of Supercomputing, Vol. 63, Issue: 1, pp: 235-255, Print ISSN: 0920-8542, Online ISSN: 1573-0484.
A Novel Biometric-Based Remote User Authentication Scheme Using Quadratic Residues. Retrieved 02, 2013, from http://www.ijiee.org/papers/348-I20002.pdf.
Yang, C., Ma, W., Huang, B., and Wang, X. (2007). Password-Based Access Control Scheme with Remote User Authentication Using Smart Cards. 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW'07), Vol. 2, pp: 448-452, Print ISBN: 978-0-7695-2847-2.
Kim, H-S., Seo, S. and Choi, J-Y. (2010). Security Analysis of Smart Card based Password Authentication Schemes. 3rd International Conference on Information Sciences and Interaction Sciences (ICIS), pp: 352 – 356, E-ISBN: 978-1-4244-7386-1, Print ISBN: 978-1-4244-7384-7.
Gao, Z., Tu, Y. (2008). An Improvement of Dynamic ID-Based Remote User Authentication Scheme with Smart Cards. Proceedings of the 7th World Congress on Intelligent Control and Automation (WCICA), pp: 4562 – 4567, E-ISBN: 978-1-4244-2114-5, Print ISBN: 978-1-4244-2113-8.
Khan, M.K. (2009). Enhancing the Security of a ‘More Efficient & Secure Dynamic ID-based Remote User Authentication Scheme’. Third International Conference on Network and System Security (NSS), pp: 420 – 424, E-ISBN: 978-0-7695-3838-9, Print ISBN: 978-1-4244-5087-9.
Wei, Y-Z., Hu, Y-P. (2006). Security Analysis of Timestamp-based Remote User Authentication Scheme Using Smart Cards. International conference on communications, circuits and systems proceedings, Vol. 3, pp: 1580 – 1582, E-ISBN: 0-7803-9585-9, Print ISBN: 0-7803-9584-0.
Wang, Y., Li, J. (2004). Security improvement on a timestamp based password authentication scheme. IEEE Transactions on Consumer Electronics, Vol. 50, Issue. 2, pp: 580-582, ISSN: 0098-3063.
Kai, H., Qingyu, O., Xiaoping, W., Yexin, S. (2009). Cryptanalysis of a remote user authentication scheme using smart cards. 5th International conference on Wireless Communications, Networking and Mobile Computing (WiCom), pp: 1 – 4, E-ISBN: 978-1-4244-3693-4, Print ISBN: 978-1-4244-3692-7.
Liaw, H.T., Lin, J.F., and Wu, W.C. (2006). An efficient and complete remote user authentication scheme using smart cards. Mathematical and Computer Modelling, Vol. 44, Issues. 1-2, pp: 223–228, ISSN: 0895-7177.
Smart cards and Biometrics. Retrieved June 10, 2013, from http://www.smartcardalliance.org/resources/pdf/Smart_Cards_and_Biometrics_030111.pdf.
Being smart with Biometrics & Smart cards. Retrieved June 15, 2013, from http://www.giac.org/paper/gsec/2188/smart-biometrics-smart-cards/103722.
Smart Card. Retrieved June 20, 2013, from https://en.wikipedia.org/wiki/Smart_card.
An Introduction to Smart cards. Retrieved July 2, 2013, from http://artofconfusion.org/smartcards/docs/intro.pdf.
Cryptographic Coprocessor. Retrieved June 20, 2013, from http://encyclopedia2.thefreedictionary.com/cryptographic+coprocessor.
Types of Smart card. Retrieved June 20, 2013, from http://www.smartcardbasics.com/smart-card-types.html.
Contactless Smart Card. Retrieved June 25, 2013, from http://en.wikipedia.org/wiki/Contactless_smart_card.
Storing Data on ID Cards. Retrieved June 28, 2013, from http://www.idwholesaler.com/learning-center/articles/id-cards/data-storage.htm.
Smart card Readers and Terminals. Retrieved June 30, 2013, from http://www.smartcardbasics.com/smart-card-reader.html.
Smart Cards Applications. Retrieved June 30, 2013, from http://www.smartcardalliance.org/pages/smart-cards-applications.
Smart Card Overview. Retrieved July 02, 2013, from http://www.smartcardbasics.com/smart-card-overview.html.
Drygajlo, A. (2011). Biometrics for Identity Documents and Smart Cards: Lessons Learned. Biometrics and ID Management: COST 2101 European Workshop, BioID 2011, Brandenburg (Havel), Proceedings, Vol. 6583, pp: 1-12, Print ISBN: 978-3-642-19529-7, Online ISBN: 978-3-642-19530-3.
Different Ways to Authenticate Users with the Pros and Cons of each Method. Retrieved July 05, 2013, from http://publications.nr.no/Authentication_atFHI.pdf.
Authentication, Tokens, Smart Cards and Biometrics: An Overview. Retrieved July 06, 2013, from http://www.pctools.com/guides/article/id/10/.
Strong Authentication using smart card technology for Logical Access. Retrieved July 06, 2013, from http://www.smartcardalliance.org/pages/publications-strong-authentication-using-smart-card-technology-for-logical-access.
Authentication Techniques for Smart Cards. Retrieved July 06, 2013, from http://www.osti.gov/bridge/servlets/purl/10141490-M8bQpq/native/10141490.pdf.
The Pros and Cons of Advanced Authentication. Retrieved July 07, 2013, from http://www.esecurityplanet.com/hackers/the-pros-and-cons-of-advanced-authentication-.html.
Multi-factor Authentication. Retrieved July 07, 2013, from https://en.wikipedia.org/wiki/Multi-factor_authentication.
One-time Password. Retrieved July 07, 2013, from http://en.wikipedia.org/wiki/One-time_password.
One Time password (OTP). Retrieved July 08, 2013, from http://www.gemalto.com/techno/otp/.
Design and Implementation of Public Key Infrastructure on Smart Card Operating System. Retrieved July 08, 2013, from http://www.cse.iitk.ac.in/users/moona/students/Y3167022.pdf/.
Henniger, O., Franke, K. (2004). Biometric user authentication on smart cards by means of handwritten signatures. First International Conference on biometric authentication (ICBA) Proceedings, pp: 547-554, Print ISBN: 978-3-540-22146-3, Online ISBN: 978-3-540-25948-0.
Biometric matching thresholds. Retrieved July 08, 2013, from http://biometrics.zzl.org/Biometric%20Matching%20Thresholds.pdf.
EMV. Retrieved July 08, 2013, from http://en.wikipedia.org/wiki/EMV.
The Electronic Purse: An Overview of Recent developments and Policy issues. Retrieved July 08, 2013, from http://www.bankofcanada.ca/1996/01/publications/research/technical-report-no74/.
Biometric passport. Retrieved July 09, 2013, from https://en.wikipedia.org/wiki/Biometric_passport.
Smart Cards and Biometrics in Healthcare Identity Applications. Retrieved July 09, 2013, from http://www.smartcardalliance.org/pages/smart-cards-applications-healthcare.
