Resources
Identity Use Cases & Scenarios.- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- D3.1: Overview on IMS.
- D3.2: A study on PKI and biometrics.
- D3.3: Study on Mobile Identity Management.
- D3.5: Workshop on ID-Documents.
- D3.6: Study on ID Documents.
- D3.7: A Structured Collection on RFID Literature.
- D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication.
- D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management.
- D3.10: Biometrics in identity management.
- D3.11: Report on the Maintenance of the IMS Database.
- D3.15: Report on the Maintenance of the ISM Database.
- D3.17: Identity Management Systems – recent developments.
- D12.1: Integrated Workshop on Emerging AmI Technologies.
- D12.2: Study on Emerging AmI Technologies.
- D12.3: A Holistic Privacy Framework for RFID Applications.
- D12.4: Integrated Workshop on Emerging AmI.
- D12.5: Use cases and scenarios of emerging technologies.
- D12.6: A Study on ICT Implants.
- D12.7: Identity-related Crime in Europe – Big Problem or Big Hype?.
- D12.10: Normality Mining: Results from a Tracking Study.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D3.2: A study on PKI and biometrics
 |
Title: CONCLUSION |
 |
As with many young and expanding fields, the issues of both Public Key Infrastructures and Biometrics are involved and complex. In this document, such issues, especially those relating to security and privacy have been considered
PKI has proven to be a relatively complex and expensive solution and from the perspective of diffusion into European markets it has been notably less successful than expected. Nevertheless it is still considered to be a very secure technology for authentication and electronic signatures. That said, the core premise underlying the public key cryptography, and thus PKI systems, is that secret keys always remain secret. This is just one of many security issues that PKIs face. In this case technical solutions are available which lead to increasing costs for the users’ infrastructure for electronic signatures. Another critical aspect of PKI systems is the underlying concept of trust (who trusts whom for what?) and the role of the certificate authority (CA) taken therein. In the case of signature fraud in a multilateral, not secured technological system the consequences of this fraud are largely borne by the PKI user, not the CA.
Additionally, PKIs suffer from privacy issues because traditional public-key certificates contain information about the holder. As such, a digital certificate can be traced uniquely to the person to whom it has been issued (or to the device in which it has been incorporated) and can be followed around instantaneously and automatically as it moves through the system. In spite of these threats, the protection of privacy has never been a core issue in the legal and policy discussions about PKI in Europe, though the Directive 1999/93/EC offers the option of pseudonymous certificates. However, the use of such certificates has rarely been implemented into national European legislation so far.
Based on the market penetration rate of qualified electronic signatures to date it can be seen that only a fraction of the potential market has adopted this innovation. Notably, successful implementations can be found especially where the signature is used in a process that has an added value such as within a central organisation.
Informally, it is believed, that most potential adopters have not even reached the knowledge stage, meaning they are not even aware that this technology exists. Possibly the awareness of this technology could create a need to adopt. This study suggests six concrete measures to improve the diffusion of PKI into the market:
To shift costs in order to achieve a fair distribution
Measures to reach the critical mass of users
Increasing awareness and knowledge about this technology
To especially target the user group called ‘early adopters’
To increase triability e.g. by trial versions of electronic signatures
To further reduce complexity of the private infrastructure required
Biometrics has proven to be a more readily acknowledged and understood technology, mainly due to its widely debated introduction into the public sphere. In this document, the two sub-sections of biometric technologies have been analysed, i.e. physiological (passive) and behavioural (active) biometrics. In contrast to the situation two years ago, biometrics are now tested with higher enrolment numbers under operative conditions. Notably there is a gap between high quality of biometrics under laboratory conditions and the limitations observed under practical implementation. For implementations of biometrics with large numbers of users, no data concerning operative costs over several years is currently available.
In this study technological weaknesses with respect to quality and convenience of the biometric methods were analysed. Many of these methods cannot be used by all people, for example iris recognition (e.g. people with aniridia) or genetic fingerprinting (e.g. monozygotic twins). In addition some methods cannot be used in certain environments. This applies to for example fingerprinting (people doing hard labour may have severely worn papillary structures) or face recognition (light conditions are vital for the quality of this method). For these cases alternative methods are needed when used for authentication or verification. Although the potential privacy issues related to this technology theoretically can be largely minimised (by not storing raw biometric data for example), from the point of view of current available solutions many questions towards implementation of the privacy criteria developed by the European Art. 29 Data Protection Working Party (WP 29) are still open. In some cases it is not known if privacy-critical information e.g., concerning health, can be extracted from templates. This is notably not thoroughly investigated in areas where numerous different algorithms are used to generate templates, e.g. for face recognition. Further research is necessary in this area, however it is expected that this will not be driven by the economic sector due to the lack of economic interest.
Importantly, the security reality of biometrics is still a matter of great debate. With any emerging security technology, one question is paramount: ‘How reliable is it?’ Two technical issues exist that can be used to quantify an answer, that of a false positive, i.e. concluding that an impostor is actually who they claim to be, and false negative, i.e. being unable to confirm the identity of a valid user. It seems to be an impossible task to optimise each of the criteria (1) quality (secure and compliant systems towards e.g., the WP 29 privacy criteria with low False Acceptance Rate (FAR)), (2) convenience (low False Rejection Rate (FRR) and fast authentication) and (3) costs at the same time.
A review of current biometrics technology has indicated that current achievable error-rates are simply not acceptable for access control in security critical applications. In addition to the fundamental problems with the technology itself, all systems are open to attack, with the vulnerabilities becoming increased with increasing complexity. This is certainly proving true for biometric systems.
Technological trends in biometric development are (1) the improvement of sensors e.g. for taking images or aliveness detection, (2) improvement of algorithms to generate templates and (3) developments in methods used to discriminate acceptance from rejection (such as neural network technologies). This will result in improved quality, and ultimately security of biometric solutions. In addition, further integration of systems e.g., bio-chips for genetic fingerprinting, will lead to improvements of functionality and further areas of application of biometrics.
It is possible for biometrics to offer significant enhancements to the PKI model. The co-operation of these technologies potentially brings a lot to the area of secure data exchange and general encryption. In the discussion on whether biometrics could enhance PKIs, the distinction has been drawn between (1) the use of biometrics in order to secure the access to the private key by the user, (2) the use of the biometric as an electronic signature and (3) the use of biometric characteristics as a private key in a PKI environment. Currently, most of those approaches are either still at the concept level, or in a pilot phase. Certainly within this structure, it appears that there is great promise for the continued integration of these two technologies.
Within the FIDIS Network of Excellence the results of this document are to be used for further research leading to several future deliverables. One area of research is the application of biometrics and PKI in ID documents such as passports, ID cards or e-health cards.
Certain aspects discussed in this document are also relevant for future work in the area of ID theft / ID fraud and ambient intelligence where authentication plays a central role. Certainly social and legal aspects of today’s technically weak authentications are an on-going matter of discussion there. From an ethical and legal perspective the question of how consent for transfer and processing of personal data defined by the European Directive 95/46/EC can be applied to passive authentication, e.g. using active biometrics, is still open. The solution to this issue is vital for the development of socially acceptable and commercially implementable concepts for ambient intelligent environments and thus also a key area of research within FIDIS.
| |
   |
|
| Denis Royer | 35 / 40 |
