Abstract:
The need for fool proof authentication procedures away from traditional authentication mechanisms like passwords, security PINS has led to the advent of biometric authentication in information systems. Biometric data extracted from physiological features of a person including but not limited to fingerprints, palm prints, face or retina for purpose of verification & identification is saved as biometric templates. The inception of biometrics in access control systems has not been without its own hitches & like other systems it has had its fair share of security challenges. Biometric fingerprints are the most mature of all biometric spheres. Biometric systems are further subdivided into multimodal biometric systems and unimodal biometric systems. Effectiveness of biometric systems lies on how secure they are at averting inadvertent disclosure of biometric templates in an information system’s archive. This however has not been the case as biometric templates have been fraudulently accessed to gain unauthorized access to information systems. In order to achieve strong and secure biometric systems, systems designers and developers need to build biometric systems that properly secure biometric templates. Several approaches and biometric template protection schemes have been used to safeguard stored biometric templates. Even though there are various biometric template protection schemes and approaches in existence, few of them have been concretely tailored for unimodal biometric systems. This research’s intent was to establish an approach for securing biometric fingerprint templates in a relational database. To come up with this approach, precedent biometric template protection schemes and approaches were studied to determine their shortcomings after which an encryption scheme for securing biometric templates stored in a database by encrypting fingerprint templates with encryption keys derived from other fingerprints was designed, developed and tested to ascertain its efficacy. Evaluation of the results showed that a combination of security measures and not just one particular technique aids in optimizing security of archived biometric fingerprint templates.
