A Cancelable Iris- and Steganography-Based User Authentication System for the Internet of Things

Remote user authentication for Internet of Things (IoT) devices is critical to IoT security, as it helps prevent unauthorized access to IoT networks. Biometrics is an appealing authentication technique due to its advantages over traditional password-based authentication. However, the protection of b...

Descripción completa

Detalles Bibliográficos
Autores principales: Yang, Wencheng, Wang, Song, Hu, Jiankun, Ibrahim, Ahmed, Zheng, Guanglou, Macedo, Marcelo Jose, Johnstone, Michael N., Valli, Craig
Formato: Online Artículo Texto
Lenguaje:English
Publicado: MDPI 2019
Materias:
Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6651016/
https://www.ncbi.nlm.nih.gov/pubmed/31284592
http://dx.doi.org/10.3390/s19132985
_version_ 1783438247166214144
author Yang, Wencheng
Wang, Song
Hu, Jiankun
Ibrahim, Ahmed
Zheng, Guanglou
Macedo, Marcelo Jose
Johnstone, Michael N.
Valli, Craig
author_facet Yang, Wencheng
Wang, Song
Hu, Jiankun
Ibrahim, Ahmed
Zheng, Guanglou
Macedo, Marcelo Jose
Johnstone, Michael N.
Valli, Craig
author_sort Yang, Wencheng
collection PubMed
description Remote user authentication for Internet of Things (IoT) devices is critical to IoT security, as it helps prevent unauthorized access to IoT networks. Biometrics is an appealing authentication technique due to its advantages over traditional password-based authentication. However, the protection of biometric data itself is also important, as original biometric data cannot be replaced or reissued if compromised. In this paper, we propose a cancelable iris- and steganography-based user authentication system to provide user authentication and secure the original iris data. Most of the existing cancelable iris biometric systems need a user-specific key to guide feature transformation, e.g., permutation or random projection, which is also known as key-dependent transformation. One issue associated with key-dependent transformations is that if the user-specific key is compromised, some useful information can be leaked and exploited by adversaries to restore the original iris feature data. To mitigate this risk, the proposed scheme enhances system security by integrating an effective information-hiding technique—steganography. By concealing the user-specific key, the threat of key exposure-related attacks, e.g., attacks via record multiplicity, can be defused, thus heightening the overall system security and complementing the protection offered by cancelable biometric techniques.
format Online
Article
Text
id pubmed-6651016
institution National Center for Biotechnology Information
language English
publishDate 2019
publisher MDPI
record_format MEDLINE/PubMed
spelling pubmed-66510162019-08-07 A Cancelable Iris- and Steganography-Based User Authentication System for the Internet of Things Yang, Wencheng Wang, Song Hu, Jiankun Ibrahim, Ahmed Zheng, Guanglou Macedo, Marcelo Jose Johnstone, Michael N. Valli, Craig Sensors (Basel) Article Remote user authentication for Internet of Things (IoT) devices is critical to IoT security, as it helps prevent unauthorized access to IoT networks. Biometrics is an appealing authentication technique due to its advantages over traditional password-based authentication. However, the protection of biometric data itself is also important, as original biometric data cannot be replaced or reissued if compromised. In this paper, we propose a cancelable iris- and steganography-based user authentication system to provide user authentication and secure the original iris data. Most of the existing cancelable iris biometric systems need a user-specific key to guide feature transformation, e.g., permutation or random projection, which is also known as key-dependent transformation. One issue associated with key-dependent transformations is that if the user-specific key is compromised, some useful information can be leaked and exploited by adversaries to restore the original iris feature data. To mitigate this risk, the proposed scheme enhances system security by integrating an effective information-hiding technique—steganography. By concealing the user-specific key, the threat of key exposure-related attacks, e.g., attacks via record multiplicity, can be defused, thus heightening the overall system security and complementing the protection offered by cancelable biometric techniques. MDPI 2019-07-06 /pmc/articles/PMC6651016/ /pubmed/31284592 http://dx.doi.org/10.3390/s19132985 Text en © 2019 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
spellingShingle Article
Yang, Wencheng
Wang, Song
Hu, Jiankun
Ibrahim, Ahmed
Zheng, Guanglou
Macedo, Marcelo Jose
Johnstone, Michael N.
Valli, Craig
A Cancelable Iris- and Steganography-Based User Authentication System for the Internet of Things
title A Cancelable Iris- and Steganography-Based User Authentication System for the Internet of Things
title_full A Cancelable Iris- and Steganography-Based User Authentication System for the Internet of Things
title_fullStr A Cancelable Iris- and Steganography-Based User Authentication System for the Internet of Things
title_full_unstemmed A Cancelable Iris- and Steganography-Based User Authentication System for the Internet of Things
title_short A Cancelable Iris- and Steganography-Based User Authentication System for the Internet of Things
title_sort cancelable iris- and steganography-based user authentication system for the internet of things
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6651016/
https://www.ncbi.nlm.nih.gov/pubmed/31284592
http://dx.doi.org/10.3390/s19132985
work_keys_str_mv AT yangwencheng acancelableirisandsteganographybaseduserauthenticationsystemfortheinternetofthings
AT wangsong acancelableirisandsteganographybaseduserauthenticationsystemfortheinternetofthings
AT hujiankun acancelableirisandsteganographybaseduserauthenticationsystemfortheinternetofthings
AT ibrahimahmed acancelableirisandsteganographybaseduserauthenticationsystemfortheinternetofthings
AT zhengguanglou acancelableirisandsteganographybaseduserauthenticationsystemfortheinternetofthings
AT macedomarcelojose acancelableirisandsteganographybaseduserauthenticationsystemfortheinternetofthings
AT johnstonemichaeln acancelableirisandsteganographybaseduserauthenticationsystemfortheinternetofthings
AT vallicraig acancelableirisandsteganographybaseduserauthenticationsystemfortheinternetofthings
AT yangwencheng cancelableirisandsteganographybaseduserauthenticationsystemfortheinternetofthings
AT wangsong cancelableirisandsteganographybaseduserauthenticationsystemfortheinternetofthings
AT hujiankun cancelableirisandsteganographybaseduserauthenticationsystemfortheinternetofthings
AT ibrahimahmed cancelableirisandsteganographybaseduserauthenticationsystemfortheinternetofthings
AT zhengguanglou cancelableirisandsteganographybaseduserauthenticationsystemfortheinternetofthings
AT macedomarcelojose cancelableirisandsteganographybaseduserauthenticationsystemfortheinternetofthings
AT johnstonemichaeln cancelableirisandsteganographybaseduserauthenticationsystemfortheinternetofthings
AT vallicraig cancelableirisandsteganographybaseduserauthenticationsystemfortheinternetofthings

Ejemplares similares