Biometrics are an authentication method which is based on matching unique characteristics of human such as eyes, face, voice, fingerprint and etc. Biometrics are used for organizations which require higher security protocols. This process is a two stage process were first stage is registration and the second stage is authentication. Registration is a process where biometric data are taken from and individual trough scanners and converted into binary code and stored in computer storage. Second stage is authentication when the system needs to verify the person and grant access it checks that the data is matching or not. This all process is not secure because there can be attacks like spoofing, forge input and etc. To avoid that biometric data should be secured with encryption and secured transport protocols.
In this scenario of biometrics enabled e-voting system requires two most secure methods which is scalable and dependable. E-voting is based on an internet application form which can voters can get enrolled and on time of election vote as well. For these system methods being used should be easily available and high on security. The internet is not totally secure that’s why application methods should be secure and unique. Out of all biometric method two methods that tick all boxes are iris scanning and face detection. Both of these methods have been around for quite a while and being used in high security areas such as crime fighting, banking and etc. Firstly iris scan method is built on iris pattern matching which is positioned below leads of eyes. In this method first for enrollment computer attached camera takes a photo of the iris which is a detail picture of a circle of the iris. This data is stored in computer’s database there many points in the iris which are measured from the iris photo and stored in the same database. For the second stage iris are scanned before granting access to any system or a place. After that that image is scanned with all the shared images and if matched the access is granted. But only if all features are matched. This system is secured because the iris is different in every person there is no identical match in even twins. It is also an internal organ so it is hard to make a dummy iris sample to do foraged authentication or registration. Second method is Face detection method which is based on the same technology as iris but in this method face is captured and matched with the stored database. The main reason behind choosing this method is that it is based on the same technology as iris scanning so the cost of installation, registration and maintenance will be less. Unlike iris this technology has lower FFR/FAR rate but has the same level of security as iris scanning. The face detection has one drawback that with age the person’s face will change so they will have to register after some period of time.
The people’s response towards this Biometric enabled e-voting is not fully accepted in the UK right now due to recent ID card matter in which UK government has scrapped this scheme because it was too expensive to implement. But there is some positive step towards this as well where e-voting trough internet and telephone was successful in the recent election for old and disabled people. Recent election showed that due to a large number of turns out during a certain time stretch hundreds of people didn’t get to vote. If this e-voting was in place for everyone this would not have happened. This has made the government think about it as well and they are starting to plan out the whole system with security and authentication process safety as well because if fallen into wrong hand this information can cause disaster. In UK there are some organizations that use e-voting for their personal use. There are also some countries such as Ghana and Swiss Canton of Geneva which is using Biometric enabled e-voting system successfully for last few years. Both of them are using 2 way authentication systems which include pin number and fingerprint. This way it makes it safer from outer attacks. On the whole right now UK government and public are not ready for such application in voting but there are some signs for future development as other countries are showing that it can be done.
In order to understand this section first there should be an understanding of repudiation and non-repudiation. Simple meaning of repudiation is denial but in terms of definition for computing systems repudiation means a system’s ability of denial against false access or entry. This can be overcome by having a two stage authentication system where the user is verified two times. And secondly this is a non-financial system where voter is not doing transactions by sending and receiving this is only one way system where the government will authenticate and verify the vote. E-voting should support Repudiation because if not the FAR rate will automatically be high and system will be vulnerable towards attacks of fraud entries. This can be tracked by checking for repudiation at four stages enrollment, authentication, verification and ballot counting. The process is described by below given example.
While enrollment of e-voting there should be a rejection if an individual is registered under the same set of biometrics data or same person register with two times with different set of biometrics. Secondly while authentication for voting there should be a denial of service for an individual who is trying to register form same type of biometric data. After that comes voting if a person who is given authentication there should be a denial of service if he or she tries to register vote more than one time. Finally while the vote counting there should be a cancelation of the vote if it comes from same id of the same set of biometric code. This way system will be more secure for government to rely on.
SSL/TLS with RSA
This lets a channel for safety of transference among two applications above internet through a shared security handshake. SSL/TLs have usages of algorithms known as RSA, RC4 and etc. This joint protocol and algorithm is secure in maximum number of cases but in some attacks known as crypto-graphical attacks which were effective against them. This decrypts the files of protected bodywork and slaves the data this is because of the exchange of public key during the first handshake. SSL/TLS also vulnerable to side track attack which happens alongside of communication line while sniffing the information. This glitch was found recently where hacker can hack whole session by putting one line in massage. This also can be called a trace which comes back with information then broadcasting it to the hacker.
|Sniffing||Collecting information session by session and decrypting the public key||This can give all privet information and location of the user. And also can lead to several more attacks once got the decrypted public key.|
|Side Tracking||Keeping track of all processes alongside communication path||This could form into decrypted path and leaving all information publicly receivable.|
|Session Regeneration||Keeping a trace in the form of a cold and when it’s not being used regenerating a new session||This can lead to loss of all information on the server side or server side as well.|
- The next generation of biometrics – from rapid DNA analysis to social networking – revealed at Biometrics 2012 (prweb.com)
- Redflag on Biometric Iris Scanning (prweb.com)
- Kyiv Introduces Biometric ID (prnewswire.com)
- Eye Movements Could Be Next PC Password (livescience.com)
- Eye movements could be next password (nbcnews.com)
- Eye-Movement Tracking Allows for Stronger Password Protection (devicemag.com)
- EyeVerify Aims to Enhance Mobile Security With Eye Scanning App (betakit.com)
- Biometrics in elections: Beyond its lofty goal (rappler.com)
- Ukraine Approves Biometric IDs (darkreading.com)
- Kyiv Introduces Biometric ID (virtual-strategy.com)