Abstract
The nonrepudiation of a biometric authentication depends on the authenticity of the corresponding biometric profile. If the enrollment process is not controlled by some trusted entity, a user’s biometric data might be misleadingly linked to another person’s digital identity. To secure the biometric enrollment in open Web-based environments, we propose the biometric observer principle: An ...
Abstract
The nonrepudiation of a biometric authentication depends on the authenticity of the corresponding biometric profile. If the enrollment process is not controlled by some trusted entity, a user’s biometric data might be misleadingly linked to another person’s digital identity. To secure the biometric enrollment in open Web-based environments, we propose the biometric observer principle: An arbitrary trustworthy person observes an individual’s enrollment at a biometric identity provider and confirms this to the system. The concept rests on a specified trust model, which assesses the trustworthiness of both the observer and the authenticity of an observed biometric profile. Trust relations between observer and observed persons are managed by the authentication system. We implemented a cloud-based biometric identity provider to validate and demonstrate the proposed concept.