Abstract—Meaning of Information security is protecting
information and the systems from unauthorized access, use,
disclosure, disruption, modification, inspection, recording or
destruction. Therefore it is necessary to apply effective
encryption/decryption methods to achieve data security. The
user only needs to remember the short password to retrieve
the key. The password can be forgotten and stolen. As
Biometrics based authentication systems confirm an
individual’s identity based on the physiological and/or
behavioral characteristics of the individual. It has
advantages over password based methods. Biometrics based
method provides direct link between the service and actual
user. With biometrics, there is nothing to lose or forget, and
it is relatively difficult to manipulate. Biometrics and
cryptography are the two most prominent solutions for user
authentication, data integrity preservation, and trustworthy
verification. By combining biometrics with cryptography,
high level of security can be achieved
I. INTRODUCTION
Information security is concerned with the confidentiality,
integrity and availability of information/data regardless of
the form the data may take: electronic, print, or other forms
[1]. Information assurance focuses on the reasons for
assurance that information is protected, and is thus
reasoning about information security. The Government,
Military and private businesses uses or deal with
confidential information about their employees, activities,
products and financial status. Most of this information is
now collected, processed and stored on computer in term of
files or databases and transmitted across using networks to
other computers [2].
A. Key Concepts :
Confidentiality, Integrity, Availability, Authenticity and
Non-repudiation are the core principles of information
security [2].
1) Confidentiality
Confidentiality is the term used to prevent the disclosure of
information to unauthorized individuals or systems. For
example, Sender wants to send confidential data/information
to the receiver. Then information should remain
confidential. That means other person except sender and
receiver should not get access to the data. Confidentiality is
necessary for maintaining the privacy of the people whose
personal information a system holds.
2) Integrity
Integrity means that data cannot be modified or changed. It
is violated when a message is actively modified in transit.
Information security systems typically provide message
integrity in addition to data confidentiality. The information
must be available when it is needed. During transit, data
should not get modified by an unauthorized person.
3) Authenticity
It is necessary to ensure that the data, transactions,
communications or documents are genuine. It is also
important for authenticity to validate that both parties
involved are who they claim they are.
4) Non-Repudiation
Non-repudiation implies that one party of a transaction
cannot deny having received a transaction nor can the other
party deny having sent a transaction. For Example: Sender
has sent amount of Rs. 10,000/- to the receiver
electronically. After sending the amount, sender should not
deny of not sending the amount electronically.
II. LITERATURE SURVEY
1) In the paper [1], biometric template security which is an
important issue because, unlike passwords and tokens,
compromised biometric templates cannot be revoked and
reissued. Protecting the template is a challenging task
due to intra-user variability in the acquired biometric
traits. He presented an overview of various biometric
template protection schemes and discussed their
advantages and limitations in terms of security,
revocability, and impact on matching accuracy. A
biometric system is vulnerable to a variety of attacks
aimed at under integrity of the authentication process.
These attacks are intended to either circumvent the
security afforded by the system or to deter the normal
functioning of the system. Biometric recognition offers a
reliable solution to the problem of user authentication in
identity management systems.
For Full Article Click Here...
No comments:
Post a Comment