Browse > Article
http://dx.doi.org/10.13089/JKIISC.2021.31.4.841

Secure Biometric Data Utilization and Protection  

Song, Chang-kyu (Chungbuk National University)
Kim, Young-jin (Korea Financial Telecommunications & Clearings Institute)
Chun, Myung-geun (Chungbuk National University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.31, no.4, 2021 , pp. 841-852 More about this Journal
Abstract
Biometric recognition refers to a technology that identifies or verifies an individual after registering each individual's physical, physiological, and behavioral characteristics with an automated device. However, the biometric data used here corresponds to personal information since it can identify an individual. Therefore, when it is compromised or misused, it negatively affects the privacy of the data subject. In this paper, we review the current status of domestic laws related to biometric information and the status of infringements related to this. And then, some biometric application models are derived and vulnerabilities and countermeasures for each model are discussed. Finally, for the developer and service provider of the biometric system, protection guidance is presented.
Keywords
Biometrics; Biometric Data; Biometric Authentication; Information Protection;
Citations & Related Records
연도 인용수 순위
  • Reference
1 "Information technology - Biometrics - Overview and application," ISO/IEC TR 24741, 2018.
2 Sa Mun Kim, Dae Jong Lee, and Myung Geun Chun, "Infrared Gait Recognition using Wavelet Transform and Linear Discriminant Analysis," Journal of Korean Institute of Intelligent Systems, 294(6), pp. 622-627, Dec. 2014.
3 Ju Hee Cho, Byeong Jun Cho, Dae Jong Lee, and Myung Geun Chun, "ECG based Personal Authentication using Principal Component Analysis," Transaction of the Korean Institute of Electrical Engineers P, 66P(4), pp. 258-262, Dec. 2017.   DOI
4 Best Predictive Recommendations for Commercial Biometric Use, International Biometrics & Identification Association, 2014.
5 Biometrics Privacy Guidelines, Biometrics Institute, 2019.
6 Boo Geum Jung, Hun Yeong Kwon, Hea Sook Park, and Jong In Lim, "Biometrics Service Trends and Improvement of Bio Data Protection Law referring to GDPR," Journal of Korean Institute of Communications and Information Sciences, 43(1), pp. 201-208, Jan. 2018.   DOI
7 "Information security, cyber security and privacy protection - Biometric information protection," ISO/IEC FDIS 24745, 2021.
8 "Information technology - Biometric presentation attack detection," ISO/IEC 30107, 2016.
9 https://fidoalliance.org/specifications
10 "Information technology - Security techniques - Privacy framework," KS X ISO/IEC 29100, 2011.
11 Biometric Information Protection Guideline, Korea Communications Commission, 2017.
12 Ethical principles for the biometrics, Biometrics Institute, 2019.
13 Wencheng Yang, et al., "A cancelable biometric authentication system based on feature-adaptive random projection," Journal of Information Security and Applications, https://www.sciencedirect.com/science/article/abs/pii/S2214212620308504, May 2021.
14 Myung Geun Chun, "Biometric information protection and personal authentication using information splitting," International Symposium on Advanced Intelligent Systems (ISIS), Dec. 2019.