Server-Side Encrypting and Digital Signature Platform with Biometric Authorization

Full Text (PDF, 901KB), PP.1-13

Views: 0 Downloads: 0

Author(s)

Leszek Siwik 1,* Lukasz Mozgowoj 2

1. AGH-UST University of Science and Technology, Krakow, 30-059, Poland

2. Biometric Trust Information Systems, Krakow, 31-864, Poland

* Corresponding author.

DOI: https://doi.org/10.5815/ijcnis.2015.04.01

Received: 11 Jul. 2014 / Revised: 16 Oct. 2014 / Accepted: 1 Jan. 2015 / Published: 8 Mar. 2015

Index Terms

PKI, digital signature, encryption, PKCS, CSP, biometry, finger vein

Abstract

The most important shortcomings of solutions based on public key infrastructure and digital signatures are: costs, ambiguous laws, and nuisance of daily use.
The purpose of this article is to discuss the motivation and benefits, as well as a presentation of concepts, high-level architecture, and demonstration of the operation of bioPKI; i.e., a server-side encryption and digital signature platform with biometric authorization. The usefulness of even the most advanced platform of any type is negligible if convenient and easy-to-implement mechanisms are not provided to integrate this solution with external systems and applications. Thus, the possibility of integrating the bioPKI platform with applications and systems supporting PKCS#11 or CryptoAPI CSP is discussed.

Cite This Paper

Leszek Siwik, Lukasz Mozgowoj, "Server-Side Encrypting and Digital Signature Platform with Biometric Authorization", International Journal of Computer Network and Information Security(IJCNIS), vol.7, no.4, pp.1-13, 2015. DOI:10.5815/ijcnis.2015.04.01

Reference

[1]Ballad B., Ballad T., Banks E., Access Control, Authentication, and Public Key Infrastructure.1st Edition, 2010.
[2]Bement, A.L. Security requirements for cryptographic modules, Information Technology Laboratory, National Institute of Standards and Technology, 2001.
[3]Bhattacharyya D., Ranjan R., Alisherov A., Choi M., Biometric Authentication: A Review, International Journal of u- and e- Service, Science and Technology Vol. 2, No. 3, September, 2009.
[4]Boulgouris N. V., Plataniotis K.N., Micheli-Tzanakou E., Biometrics: Theory, Methods, and Applications (IEEE Press Series on Computational Intelligence). 1st Edition, 2009.
[5]Chapman, M.R., SaaS Enterpreneur. The definite guide to success in your cloud application business, Softletter, 2012.
[6]Diffie W., Hellman M.E., New Directions In Cryptography, IEEE Transactions in Information Theory 22:(6), 644-654, 1976.
[7]Heseltine T., Pears N., Austin J., Chen Z., Face Recognition: A Comparison of Appearance-Based, Proc. VIIth Digital Image Computing: Techniques and Applications, Sun C., Talbot H., Ourselin S. and Adriaansen T. (Eds.), 10-12 Dec. 2003, Sydney.
[8]Himaga M., Kou K., Finger vein authentication technology and financial applications, w: Advances in Biometrics, Springer Verlag, London, 2008
[9]Huang B., Dai Y., Li R., Tang W., Li W., Finger-vein Authentication Based on Wide Line Detector and Pattern Normalization, International Conference on Pattern Recognition, 2010.
[10]Jain A.K., Ross A.A., Nandakumar K., Introduction to Biometrics. 1st Edition, 2011.
[11]McGrath, M.P. Understanding PaaS, O’Reilly Media, 2012.
[12]Menezes A.J., van Oorschot P.C., Vanstone S.A., Handbook of Applied Cryptography. Edycja V, 2005.
[13]Mitnick, K.D., Simon, W.L., Wozniak S., The art of Deception Controlling the human element of security, Wiley Publishing, 2002.
[14]Orthacker C., Centner M.,Kittl, C., Qualified Mobile Server Signature, Security and Privacy – Silver Linings in the Cloud, IFIP Advances in Information and Communication Technology, Springer Berlin Heidelberg, 2010https://online.tugraz.at/tug_online/voe_main2.getvolltext?pCurrPk=52961.
[15]Schneier, B. Applied cryptography, 2nd Edition, John Wiley and Sons, 1996.
[16]Vacca J.R., Public Key Infrastructure: Building Trusted Applications and Web Services. 1st Edition, 2004.
[17]Common Criteria for Information Technology Security Evaluation, Part 3: Security assurance components, version 3.1, Revision 4, CCMB-2012-09-003 https://www.niap-ccevs.org/Documents_and_Guidance/ cc_docs/CCPART3V3.1R4.pdf.
[18]Government factsheet, February 2010. http://www.epractice.eu/files/eGovernment%20in%20LI%20-%20Feb%202010%20-%208.0.pdf.
[19]Microsoft, The Cryptography API, or How to Keep a Secret, 2013 http://msdn.microsoft.com/en-us/library/ms867086.aspx.
[20]Cipher Corporation Ltd., nCipher Security World – White paper,2001,http://www.cc.com.pl/pl/prods/ncipher/pdf/ncipher_security_world_wp.pdf.
[21]Public Statement on Server Based Signature Services, Forum of European Supervisory Authorities for Electronic Signatures (FESA), October 17, 2005: http://www.fesa.eu/public-documents/PublicStatement-ServerBasedSignatureServices-20051027.pdf.
[22]RSA Laboratories, PKCS #11 v2.11: Cryptographic Token Interface Standard, 2001, http://www.clizio.com/download/pkcs-11v2-11r1.pdf.
[23]Thales Security World – A secure Key management Architecture for the Thales nShield Family of Hardware Security Modules – Thales White Paper.
[24]Polish Digital Signature Act. Dz.U.01.130.1450, on the basis of European directive: EU 1999/93/EC, September 2001.