TENSOR EU Project

Part of EU Open Research Repository
Published January 16, 2025 | Version v1
Conference paper Open

A Secure and Trustworthy Biometric Data Ecosystem for Cross-border Suspect Identification

Creators

  • 1. Department of Electrical and Computer Engineering, University of Thessaly, Volos, Greece
  • 2. CERTH, The Centre for Research & Technology, Hellas, Volos, Greece
  • 3. Research & Development Thridium, Ltd., London, United Kingdom
  • 4. Delft University of Technology, Delft, The Netherlands
  • 5. Institute of Computer Science (ICS) Foundation for Research and Technology - Hellas (FORTH), Crete, Greece
  • 6. Research & Innovation Development, Netcompany-Intrasoft S.A., Luxembourg, Luxembourg
  • 7. Dept. of Electronic Engineering, Hellenic Mediterranean University, Crete, Greece
  • 8. Department of Informatics and Telematics, Harokopio University of Athens

Description

This paper introduces the Biometrics Data Space framework, which is a secure ecosystem built on Data Spaces technology and it is designed to address the challenges of suspect identification during cross-border crime investigation. Apart from Data Spaces technology, the proposed framework innovates by leveraging also Privacy Enhancing Technologies (PETs) and blockchain to enable secure, trustworthy, and sovereign data exchange between Law Enforcement Agencies (LEAs) across borders. Specifically, it utilizes advanced PETs, including Large-Scale Biometric Data Indexing based on deep hashing techniques and Homomorphic Encryption to allow for suspect identification without disclosing sensitive information of personal biometric data. Thus, it enables LEAs to securely compare and exchange encrypted sensitive biometric data, including facial images, fingerprints and voiceprints, while maintaining data privacy and data sovereignty. LEAs define the usage rules for the biometic data they own and these rules are enforced to and respected by the other LEAs participating in the Biometrics Data Space. The proposed architecture is designed to be scalable, allowing the incorporation of additional biometric modalitiies and the easy expansion and integration with new participant LEAs.

Files

A Secure and Trustworthy Biometric Data Ecosystem for Cross-border Suspect Identification.pdf

Files (1.1 MB)

Additional details

Identifiers

ISSN
2573-2978

Funding

European Commission
TENSOR - Reliable biomeTric tEhNologies to asSist Police authorities in cOmbating terrorism and oRganized crime 101073920

References

  • H. Pettenpohl, M. Spiekermann, and J. R. Both, International Data Spaces in a Nutshell. Cham: Springer International Publishing, 2022, pp. 29–40. [Online]. Available: https://doi.org/DOI:10.1007/978-3-030-93975-5_3
  • P. Luif, "The treaty of prum: A replay of schengen?" 2007
  • "Stepping up cross-border cooperation – the prum decision — eur- ¨ lex." [Online]. Available: https://eur-lex.europa.eu/EN/legal-content/summary/stepping-up-cross-border-cooperation-the-pr-m-decision.html
  • "EUR-Lex - 52021PC0784 - EN - EUR-Lex, "Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on automated data exchange for police cooperation ("Prum II"), amending Council Decisions 2008/615/JHA ¨ and 2008/616/JHA and Regulations (EU) 2018/1726, 2019/817 and 2019/818 of the European Parliament and of the Council"." [Online]. Available: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=COM%3A2021%3A784%3AFIN
  • "EUR-Lex - 32016R0679 - EN - EUR-Lex, "Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA relevance)" ." [Online]. Available: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32016R0679
  • M. Axton, A. Baak, N. Blomberg, J.-W. Boiten, L. B. da Silva Santos, P. E. Bourne, J. Bouwman, A. J. Brookes, T. Clark et al., "The fair guiding principles for scientific data management and stewardship," Scientific data, vol. 3, p. 160018, 2016
  • "Member States and Commission to work together to boost artificial intelligence "made in Europe"." [Online]. Available: https://ec.europa.eu/commission/presscorner/detail/en/IP_18_6689
  • B. Otto, S. Steinbuss, A. Teuscher, and S. Lohmann, "IDS Reference Architecture Model," Jul. 2021. [Online]. Available: https://doi.org/DOI:10.5281/zenodo.5105529
  • "FIWARE TRUE (TRUsted Engineering) Connector: easing data sharing in Gaia-X." [Online]. Available: https://www.eng.it/en/case-studies/true-connector-per-facilitare-la-condivisione-di-dati-in-gaiax
  • "Fiware – foundation." [Online]. Available: https://www.fiware.org/foundation/
  • D. Puthal and S. P. Mohanty, "Proof of authentication: Iot-friendly blockchains," IEEE Potentials, vol. 38, no. 1, pp. 26–29, 2018
  • S. Yu, Y. Huang, L. Wang, Y. Makihara, S. Wang, M. A. Rahman Ahad, and M. Nixon, "Hid 2022: The 3rd international competition on human identification at a distance," in 2022 IEEE International Joint Conference on Biometrics (IJCB), 2022
  • A. Al-Khazzar and N. Savage, "Graphical authentication based on user behaviour," in 2010 International Conference on Security and Cryptography (SECRYPT). IEEE, 2010, pp. 1–4
  • O. Protocol, "Data: The new asset class — ocean protocol," 2024
  • IOTA, "Iota," 2024. [Online]. Available: https://iota.org/
  • M. Frank, R. Biedert, E. Ma, I. Martinovic, and D. Song, "Touchalytics: On the applicability of touchscreen input as a behavioral biometric for continuous authentication," IEEE transactions on information forensics and security, vol. 8, no. 1, pp. 136–148, 2012
  • IPFS, "Interplanetary file system," 2024. [Online]. Available: https://ipfs.tech
  • R. V. Yampolskiy and V. Govindaraju, "Behavioural biometrics: a survey and classification," International Journal of Biometrics, vol. 1, no. 1, pp. 81–113, 2008.
  • Y. Dodis, L. Reyzin, and A. Smith, "Fuzzy extractors: How to generate strong keys from biometrics and other noisy data," in Advances In Cryptology-EUROCRYPT 2004: International Conference On The Theory And Applications Of Cryptographic Techniques, Interlaken, Switzerland, May 2-6, 2004. Proceedings 23. Springer, 2004, pp. 523– 540.
  • R. Oak and M. Khare, "A novel architecture for continuous authentication using behavioural biometrics," in 2017 International Conference on Current Trends in Computer, Electrical, Electronics and Communication (CTCEEC). IEEE, 2017, pp. 767–771.
  • A. Gani, A. Siddiqa, S. Shamshirband, and F. Hanum, "A survey on indexing techniques for big data: taxonomy and performance evaluation," Knowledge and information systems, vol. 46, pp. 241–284, 2016.
  • L. Chi and X. Zhu, "Hashing techniques: A survey and taxonomy," ACM Computing Surveys (Csur), vol. 50, no. 1, pp. 1–36, 2017
  • X. Luo, H. Wang, D. Wu, C. Chen, M. Deng, J. Huang, and X.-S. Hua, "A survey on deep hashing methods," ACM Trans. Knowl. Discov. Data, vol. 17, no. 1, Feb. 2023. [Online]. Available: https://doi.org/10.1145/3532624
  • D. Zhong, H. Shao, and X. Du, "A hand-based multi-biometrics via deep hashing network and biometric graph matching," IEEE Transactions on Information Forensics and Security, vol. 14, no. 12, pp. 3140–3150, 2019
  • H. Shao, D. Zhong, and X. Du, "Efficient deep palmprint recognition via distilled hashing coding," in Proceedings of the IEEE/CVF conference on computer vision and pattern recognition workshops, 2019, pp. 0–0.
  • X. Du, D. Zhong, and H. Shao, "Cross-domain palmprint recognition via regularized adversarial domain adaptive hashing," IEEE Transactions on Circuits and Systems for Video Technology, vol. 31, no. 6, pp. 2372– 2385, 2020
  • F. Zou, F. Yang, W. Chen, K. Li, J. Song, J. Chen, and H. Ling, "Fast large scale deep face search," Pattern Recognition Letters, vol. 130, pp. 83–90, 2020
  • F. Zhu, X. Kong, L. Zheng, H. Fu, and Q. Tian, "Part-based deep hashing for large-scale person re-identification," IEEE Transactions on Image Processing, vol. 26, no. 10, pp. 4806–4817, 2017
  • C. Gentry, "Fully homomorphic encryption using ideal lattices," in Proceedings of the 41st annual ACM symposium on Theory of computing. ACM, 2009, pp. 169–178
  • J. Fan and F. Vercauteren, "Somewhat practical fully homomorphic encryption," IACR Cryptology ePrint Archive, vol. 2012, p. 144, 2012
  • Z. Brakerski and V. Vaikuntanathan, "Lattice-based fhe as secure as pke," IACR Cryptology ePrint Archive, vol. 2014, p. 46, 2014.
  • S. Costanzo, D. Laudenbach, and L. Schrettner, "Efficient privacy preserving biometric identification," in International Conference on Information Security and Cryptology. Springer, 2015, pp. 266–284
  • Z. Brakerski and V. Vaikuntanathan, "Efficient fully homomorphic encryption from (standard) lwe," in 2014 IEEE Symposium on Security and Privacy. IEEE, 2014, pp. 578–594
  • C. Juvekar, V. Vaikuntanathan, and A. Chandrakasan, "Gazel: A secure and efficient scheme for cloud-assisted medical diagnosis," in Proceedings of the 27th USENIX Security Symposium, 2018, pp. 5–21
  • D. Froelicher, J.-L. Raisaro, J. R. Troncoso-Pastoriza, and J.-P. Hubaux, "Unlynx: A decentralized system for privacy-conscious data sharing," in Proceedings of the 26th USENIX Security Symposium, 2017, pp. 311– 328.
  • M. Blanton, M. Aliasgari, and A. Steele, "Secure and efficient protocols for iris and fingerprint identification," in Proceedings of the 7th ACM workshop on Privacy in the electronic society. ACM, 2011, pp. 175– 184
  • Z. Erkin, E. Franz, J. Guajardo, S. Katzenbeisser, I. Lagendijk, and T. Toft, "Privacy-preserving face recognition," International Journal of Information Security, vol. 12, pp. 19–32, 2009
  • R. Agrawal, J. Kiernan, R. Srikant, and Y. Xu, "Order-preserving encryption for numeric data," in Proceedings of the 2004 ACM SIGMOD international conference on Management of data. ACM, 2004, pp. 563– 574.
  • Y. Dodis, L. Reyzin, and A. Smith, "Fuzzy extractors: How to generate strong keys from biometrics and other noisy data," in International conference on the theory and applications of cryptographic techniques. Springer, 2008, pp. 523–540
  • A. Juels and M. Wattenberg, "Fuzzy commitments," in Proceedings of the 6th ACM conference on Computer and communications security. ACM, 1999, pp. 28–36
  • X. Boyen, "Reusable fuzzy extractors for low-entropy distributions," in Proceedings of the 11th ACM conference on Computer and communications security. ACM, 2004, pp. 82–91
  • R. Renner and A. Smith, "Security of fuzzy extractors," in IACR International Conference on Theory of Cryptography. Springer, 2008, pp. 499–517.
  • C. Rathgeb and A. Uhl, "Survey of biometric template protection," vol. 14, no. 3, 2011, pp. 760–780.
  • T. C. Clancy, N. Kiyavash, and D. J. Lin, "Secure smartcard-based fingerprint authentication," in Proceedings of the ACM SIGMM workshop on Biometrics methods and applications. ACM, 2003, pp. 45–52
  • K. C. Mangold, "Data format for the interchange of fingerprint, facial & other biometric information ansi/nist-itl 1-2011 nist special publication 500-290 edition 3," 2016-08-21 04:08:00 2016. [Online]. Available: https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=921456
  • CAMUNDA, "Camunda: The universal process orchestrator," 2024. [Online]. Available: https://camunda.com
  • MongoDB, "Mongodb: The developer data platform," 2024. [Online]. Available: https://www.mongodb.com/
  • S. Project, "Solid project," 2024. [Online]. Available: https://solidproject.org/
  • A. G. Ferguson, "The rise of big data policing: Surveillance, race, and the future of law enforcement," in The Rise of Big Data Policing. New York University Press, 2017