Professional Documents
Culture Documents
63
Harry Wechsler
George Mason University
Abstract
The central position of this article is that validation and interoperability are paramount for the effective
and ethical use of biometrics. Illuminating the relevance for policymakers of the science underlying the
security and privacy aspects of biometrics, this article calls for adequate and enforceable performance
metrics that can be independently corroborated. Accordingly, the article considers biometrics and forensics
for the dual challenges of addressing security and privacy using smart identity management. The
discussion revolves around the concepts of “personally identifiable information” (PII) and interoperability
with emphasis on quantitative performance analysis and validation for uncontrolled operational settings,
variable demographics, and distributed and federated operations. Validation metrics includes expected
rates of identification/misidentification, precision, and recall. The complementary concepts of identity and
anonymity are addressed in terms of expected performance, functionality, law and ethics, forensics, and
statistical learning. Biometrics encompasses appearance, behavior, and cognitive state or intent. Modes of
deployment and performance evaluation for biometrics are detailed, with operational and adversarial
challenges for both security and privacy described in terms of trustworthiness, vulnerabilities, functional
creep, and feasibility of safeguards. The article underscores how lack of interoperability is mostly due to
overfitting and tuning to well-controlled settings, so that validation merely confirms “teaching to the test”
rather than preparation for real-world deployment. Most important for validation is reproducibility of
results including full information on the experimental design used, that forensic exclusion is allowed, and
that scientific methods for performance evaluation are followed. The article concludes with expected
developments regarding technology use and advancements that bear on security and privacy, including
data streams and video, de-anonymization and reidentification, social media analytics and cyber security,
and smart camera networks and surveillance.
KEY WORDS: anonymity, authentication, biometrics, biometrics literacy, data aggregation, data
mining, de-anonymization, discriminative methods, forensics, identity, identity management, likelihood
ratio (LR), metrics, performance, personally identifiable information (PII), privacy, reidentification,
security, statistical learning, surveillance, trustworthiness, validation
Introduction
This article discusses biometrics and forensics for the dual challenges of addressing
security and privacy using smart (personal) identity management (SIM). Security
and privacy are addressed vis-à-vis benefits, vulnerabilities, and safeguards. In
particular, we emphasize that both security and privacy are determined by protocols
(“best practices”), on one side, and performance and validation on the other side.
Protocols are used to enforce regulations and track the use and misuse of biometric
systems, e.g., functional creep, where data collected for one purpose are used for a
different one. Performance and validation, which should be metered using uncon-
trolled settings and interoperability, determine the robustness and reliability of the
authentication decisions made. Robustness is about high sensitivity and high speci-
ficity when coping with adversarial information, e.g., biometric variability during
image formation, and incomplete (“occlusion”) and corrupt (“disguise”) biometric
Review of Policy Research, Volume 29, Number 1 (2012)
© 2012 by The Policy Studies Organization. All rights reserved.
64 Harry Wechsler
Identity
We address here the complementary concepts of identity and anonymity in terms of
functionality, law, and ethics, using linkages between biometrics and forensics. The
scope of biometrics is all-encompassing and includes appearance, behavior, and
cognitive state or intent for current and forthcoming applications, while the scope
for forensics covers data collection and decision making for the purpose of adjudi-
cation. Gates (2011) frames the problem of identification in historical perspective,
bearing not only on criminology, but also on civil identification. In particular, she
refers to Arendt (1973), who argued in Origins of Totalitarianism that “the claim to
authority for determining who belongs and who does not is a central component
of sovereignty.” This has been “a particular preoccupation of modern states” and
is even more so today. Identity, loaded with personal information about subjects, is
therefore used for authentication and/or granting or denying specific rights. It is
Biometric Security and Privacy Using Smart Identity Management and Interoperability 65
worth pointing out that different perspectives on data privacy can hold. European
countries are required to apply Directive 95/46/EC, where biometric data are owned
by the data subject, while in non-European countries, e.g., United States, biometric
data are owned by the organization that processed the data (Busch, 2010).
According to the Wall Street Journal of July 13, 2011, “Dozens of law-enforcement
agencies from Massachusetts to Arizona are preparing to outfit their forces with
controversial hand-held face recognition devices as soon as September, raising
questions about privacy and civil liberties” (Steel & Angwin, 2011). The rollout of
such portable recognition devices has raised concerns among some privacy advo-
cates about the potential for misuse, e.g., functional creep. “A fundamental question
is whether or not using the device (‘scanning’) would constitute a ‘search’ that
requires a warrant.” Other questions raised concern the possible invasion of privacy
notwithstanding claims that honest people have nothing to hide, that there is no
privacy in public spaces, and that there are no legal restrictions in taking photos of
people freely passing through public spaces, even that “some courts have limited
surveillance of political protests, saying it violates demonstrators’ First Amend-
ment rights.” It is fair to say that currently the law lags technology and its use, e.g.,
tagging as done by social networks.
Identity, for all practical purposes, is about information rather than data. Raw
biometric data, i.e., unprocessed identity data, refer to a mere collection of images.
Information, however, expands on data to include implicit or explicit associations.
The etymology and semiotics of the word “information” are clear on this aspect.
They involve communication and meaning, and their hallmarks are those of
entropy and uncertainty. Last but not the least, “information” has value and estab-
lishes context to inform and instruct, and ultimately to control behavior.
Biometrics
Biometrics are all-encompassing with face recognition playing the major role.
Subjects are mostly passive during data capture, e.g., mass screening, which
Biometric Security and Privacy Using Smart Identity Management and Interoperability 67
Forensics
hypothesis is rejected for each of the classes known, the biometric query returns as
result “unfamiliar” as it fails to “mate” against all the known identity classes. The
biometric query is then answered with “none of the above,” which corresponds with
forensic exclusion in proper investigations. This approach is a characteristic of open
set recognition, which is quite different from closed set (biometric) recognition,
where the best choice, i.e., the identity class most similar in appearance to the
biometric query, becomes the default answer. Policymakers should require that
forensic exclusion become mandatory for all biometric applications.
It has recently become apparent that biometric inference for the purpose
of reliable and robust authentication should take advantage of multilevel and
multilayer fusion including multisensory data integration, e.g., face, fingerprints,
and iris. Multilevel fusion involves feature/parts representation, score (“match”),
and detection (“decision”) stages, while multilayer fusion involves modality, quality,
and method (algorithm) design choices. Data fusion can be driven by transduction
using strangeness and p-value, with aggregation achieved using boosting methods
(Freund & Schapire, 1996). The strangeness links in a straightforward way repre-
sentation and prediction using boosting to determine the significance of biometric
traits (Li & Wechsler, 2009). The same validation protocols, which are derived using
transduction and boosting, are used for both data fusion and performance evalu-
ation. This enables effective and efficient validation, which is instrumental to assess
biometric performance as discussed in the next session.
A systems engineering view is especially important when the systems are to be used on
a large scale, such as for border control or social service entitlement, when all the best
practices associated with system design and management are called for. While the evo-
lution of sensor devices, matching technologies, and human factors can dominate the
attention of system designers, the ultimate success of the overall system generally relies
on attention to conventional system development issues and interoperability. These
include
• A clear understanding of the system’s functional objectives, including the user popula-
tion and environmental constraints of the system’s deployment context.
• A model for accommodating the evolution of technology overtime.
• An understanding of the effectiveness of the system through frequent or continuous
operational testing.
• A strong understanding of the human interactions with the system and how they change
with time.
• A holistic security model that addresses the application security context and provides a
cogent analysis of the potential for fraudulent presentation of biometric samples.
The same process schedules revalidation at periodic intervals. At each stage of testing and
data collection, the information obtained may send the development process back to an
earlier stage to correct any observed deficiencies and improve robustness of the sensor to
varying conditions.
Biometric Security and Privacy Using Smart Identity Management and Interoperability 71
Adversaries may attempt to force the biometric system into failure modes to
evade recognition, requiring that secondary screening procedures should be just as
robustly designed as the main access procedures.
Best practices and protocols ensure that performance evaluation and validation
are meaningful. One needs first to ensure that enrollment and authentication
are distinct processes that acquire and match biometric signatures using preestab-
lished features (“traits”) and a priori settings for parameters and thresholds
for decision making (Wechsler, 2007). As an example, the Good, Bad & Ugly (GBU)
face recognition challenge, which underscores the role image quality plays in
performance (Phillips et al., 2011) enforces protocols where sequestered face
images are used exclusively for the eigenface decomposition (Wechsler, 2007).
Without due rigor in proper delineation between the processes mentioned above,
any validation study would be biased and artificially inflate performance expecta-
tions in real-life deployment. There is a large list of indexes (“figures of merit”)
available to characterize biometric performance, which suggests the level of security
and privacy one can expect. The list includes confusion matrices possibly enhanced
using costs and losses, receiver operating characteristic (ROC) (trades false positive
for false negative) and area under the ROC curve, Tippet (traces the LR for two
competing hypotheses) and detection error trade-off (trades type I and II errors),
confidence intervals on expected accuracy, and sensitivity and specificity, to name
just a few.
Additional figures of merit can further assess how recognition performance is
context dependent. As an example, a face recognition engine with constant sensi-
tivity of 99.9% and specificity of 99.9% appears to provide excellent performance.
Sensitivity (“recall”) is the percentage of “targets” found by the biometric engine,
specificity is the percentage of “non-targets” identified as such, and precision is the
percentage of correct target identification. Say that the face recognition engine
screens for negative identification a population of one million subjects at some point
of entry (POE) where just 1% or 10,000 out of 1,000,000 of subjects are impostors.
Since the face recognition engine is 99.9% sensitive, it will detect 9,990 impostors
and miss 10 impostors. To continue the analysis, recall that out of one million
subjects, 990,000 are not impostors. If the specificity is also 99.9%, one can see that
989,010 legitimate customers are let through, while 990 legitimate customers, or
approximately 0.1% of the original population, are labeled as impostors and denied
entry. What is still needed to complete a meaningful analysis is the prevalence of
impostors in the general population, which is referred to as the prior odds. Assume
now that the prevalence for impostors is 0.1% rather than 1%, i.e., there are 1,000
rather than 10,000 impostors. At 99.9% sensitivity, the face recognition engine will
pick up 999, leaving only one impostor to slip through. Of the 999,000 genuine
subjects, the recognition engine lets through 998,001 of them and falsely labels 999
of them as impostors. Performance evaluation yields now the same number of false
positive as true positive, and the positive predictive value (PPV) for impostors is
now only 50%. Each other subject labeled as an impostor is a mistake. When the
prevalence goes up to 1%, the POE decision is worth much more because the PPV
went up to 90%, i.e., only one-tenth rather than half of genuine subjects are denied
entry by mistake. When the prevalence rate for intrusion is very low, one can thus
afford to miss all intrusions and still achieve excellent accuracy rates.
72 Harry Wechsler
PN = 1 − (1 − P1 )N.
Consider now a biometric verifier that achieves 99.9% correct rejection, i.e., its
false accept rate (FAR) is as low as 0.001. The PN values for relatively small databases
given by N = 200, N = 2,000, and N = 10,000 are 18%, 86%, and 99.995%, respec-
tively. Once the enrolled database size “reaches only about 7,000 persons, the above
biometric actually becomes more likely (99.91%) to produce a false accept in iden-
tification trials than it is to produce a correct reject (99.9%) in verification trials. A
false accept rate of merely 10-4 on verification trials yields a false acceptance rate of
92% for identification against a data base that consists of 50,000 people. Merely very
good verifiers are of no use as identifiers. Observing the approximation PN ª N · P1
for small P1 << 1/N << 1, when searching a data base of size N, an identifier
needs to be roughly N times better than a verifier to achieve comparable odds
against a false accept” (Daugman, 2000). As an example, the best face verification
(“pair-matching”) system on LFW face data set cannot achieve better than 58%
identification for 50 subjects (Wolf et al., 2011).
Biometric Security and Privacy Using Smart Identity Management and Interoperability 73
The ultimate goal for any operational biometric system is reliable and robust
decision making.
Yet, the actual decision making process, specifically the setting of decision thresholds, has
often been neglected in speaker recognition research. Making these decisions has often
been dismissed as an unchallenging problem to be addressed during application devel-
opment. Yet for those who actually have had to deploy real operational systems, the
problem has been found to be quite challenging, indeed. The important point here is that
actual decision process must be considered to be part of any comprehensive speaker
recognition research program and that the ability of a system to make good decisions
should be an integral part of the evaluation. (Doddington et al., 2000)
Decisions must be made without the artificial luxury of having access to ground
truth, and they should bear on both security and privacy.
Another factor affecting validation is that of score normalization during postpro-
cessing (Wechsler, 2007). Score normalization (used for National Institute of Stan-
dards and Technology [NIST] face recognition vendor test [FRVT] evaluations
FRVT 2002 but not for earlier evaluations, e.g., FRVT 2000) (NIST, 2011) changes
the mode of operation for verification from 1:1 to 1:MANY because additional
enrolled biometric data and matching scores are required before one settles on the
final verification score for the original 1:1 verification task. Verification, however, is
basically hypothesis testing, and each hypothesis should be independently judged as
“true” or “false.” Empirical postprocessing score normalization enhances and
spreads the differences between a given probe image, whose verification one seeks
against a “pre selected” but actual gallery of images that it has access to. Perfor-
mance has been shown by FRVT 2002 to increase, using postprocessing empirical
score normalization, by about 6% on average. Postprocessing empirical score nor-
malization skews the results and is not a viable option for real-life deployment
where access to additional enrolled data is not readily available. The recent GBU
challenge disallows score normalization as a postprocessing option. In particular,
“any approach that redefines similarity s(t, q; T) [between enrolled subject ‘t’ and
query ‘q’] such that it depends upon [an enlarged enrolled subject] image set T is
NOT allowed” (Phillips et al., 2011).
The working hypothesis for the (large) face recognition evaluations carried
out so far has not been particularly concerned with the very possibility that subjects
seek to deny and/or foil recognition of their true biometric signatures. The sub-
jects wanted and/or under surveillance, however, are well motivated to hinder the
capture of their biometrics. Deception is most effective in cluttered environments
when it becomes easier to hide, thanks to many distracters and the heavy cognitive
load they place on the roving surveillance “eye.” Additional challenges related to
changes in facial appearance due to plastic surgery have become apparent recently.
To cope with such challenges, we exploit the fact that plastic surgery bears on
appearance in a nonuniform fashion using a recognition approach that integrates
information derived from local region analysis (De Marsico, Nappi, Riccio, &
Wechsler, 2011). We implemented and evaluated the performance of two new
integrative methods, face recognition against occlusions and expression variations
(FARO) and face analysis for commercial entities (FACE), which are based on
fractals and a localized version of a correlation index, respectively. They confirm the
expectation that face recognition is indeed challenged by the effects of plastic
74 Harry Wechsler
surgery. The same experimental results show that both FARO and FACE compare
favorably against standard face recognition methods such as Principal Component
Analysis (PCA) and Linear Discriminant Analysis (LDA) but are still limited by a
recognition accuracy rate of 70% and equal error rate of 20%.
Recent large-scale face recognition evaluations, e.g., FRVT 2002, Face Recogni-
tion Grand Challenge (FRGC), and FRVT 2006, still do not consider occlusion (to
avoid detection) and disguise (masquerading) for testing purposes. Singh, Vatsa,
and Noore (2009) have recently showed the deleterious effects of disguise on
biometric performance. The data used come from the facial AR database (with some
disguise accessories) or was synthetically generated. The best performance is usually
achieved on face images with variation in expression, followed by occlusion with
scarf, and images with glasses. The explanation for this finding is “there is only a
small region in a face [which varies due to expression] and the rest of the face
contributes to correct recognition.” The localization of most relevant discriminant
facial information suggests recognition by parts for biometric architectures and
matching through local estimation using transduction for learning and prediction
(Li & Wechsler, 2009). Our own evaluation studies have shown that the perfor-
mance displayed by well-known face recognition benchmark methods, e.g., eigen-
faces (PCA) and PCA + LDA (“Fisherfaces”), deteriorates significantly as a result of
disguise (Lai, Ramanathan, & Wechsler, 2008).
Additional evaluations of face recognition techniques for applications related to
Facebook (Becker & Ortiz, 2008) cast further doubt that the face recognition
problem is about to be solved anytime soon. The best performance reported by
the above study for 60,000 faces representing merely 500 users is only 65% using
support vector machines. This is quite different from the high 99% performance
accuracy (at FAR = 0.001) usually reported for very large evaluations such as FRGC.
The standard explanation provided for such discrepancies is the lack of interoper-
ability vis-à-vis uncontrolled settings and image variability, and as a consequence,
different underlying distributions the biometric data are drawn from. Similar res-
ervations are expressed by Pinto, DiCarlo, and Cox (2008), who further recom-
mend establishing good benchmarks and baselines for face recognition.
Most recently, two novel methods for face verification were proposed (Kumar,
Berg, Belhumeur, & Nayar, 2011). The first method—“attribute” classifiers—uses
binary classifiers trained to recognize the presence or absence of describable aspects
of visual appearance (e.g., gender, race, and age). The second method—“simile”
classifiers—records as features the similarity of faces or their regions across a
prespecified set of specific face references. Neither method requires costly, often
brittle, alignment between image pairs; yet, both methods produce compact
visual descriptions and work on real-world images. While both the attribute and
simile classifiers improve on the current state of the art for the LFW data set, the
performance is only around 85% on relatively limited size (in terms of subjects
enrolled) biometric data sets. Hand (2006) dovetails on such observations to report
on classifier technology and argues that “comparisons often fail to take into account
important aspects of real problems, so the apparent superiority of more sophisti-
cated methods may be something of an illusion [of progress].”
It should be apparent by now that both security and privacy depend on image
quality and content, the scale of operation and the extent of uncontrolled settings.
Biometric Security and Privacy Using Smart Identity Management and Interoperability 75
As an example, the GBU challenge (Phillips et al., 2011) encouraged the develop-
ment of algorithms that are robust to different levels of image quality and content
for frontal faces. The GBU challenge consists of three data partitions vis-à-vis quality
and content. The Good partition contains pairs of images that are considered easy to
recognize. On the Good partition, the base verification rate (VR) is 0.98 at a FAR of
0.001. The Bad partition contains pairs of images of average difficulty to recognize.
For the Bad partition, the VR is 0.80 at a FAR of 0.001. The Ugly partition contains
pairs of images considered difficult to recognize, with a VR of 0.15 at a FAR of
0.001. The base performance is from fusing the output of three of the top perform-
ers in the FRVT 2006.
Uncontrolled settings are not the only challenge to face recognition. There is also
an intrinsic component that makes some subjects contribute more than their fair
share to errors. This is referred to as the biometric zoo. “It is commonly accepted
that users of a biometric system may have differing degrees of accuracy within
the system. Some people may have trouble authenticating, while others may
be particularly vulnerable to impersonation. Goats, wolves, and lambs are labels
commonly applied to these problem users. The ‘animals’ are defined in terms
of verification performance when they are matched against themselves (goats) or
when matched against others (lambs and wolves)” (Doddington, Liggett, Martin,
Przybocki, & Reynolds, 1998). A new framework for the evaluation of biometric
systems based on the biometric menagerie, as opposed to collective statistics, has
been duly proposed (Yager & Dunstone, 2010).
Cross-matching is yet another hurdle that has to be overcome. Beveridge et al.
(2011) argue that:
. . . it is much more common to find relationships in which two images that are hard to
match to each other can be easily matched with other images of the same person. In other
words, these images are simultaneously both high and low quality. The existence of such
“contrary” images represents a fundamental challenge for approaches to biometric quality
that cast quality as an intrinsic property of a single image. Instead it indicates that quality
should be associated with pairs of images. In exploring these contrary images, we find a
surprising dependence on whether elements of an image pair are acquired at the same
location, even in circumstances where one would be tempted to think of the locations as
interchangeable.
All the challenges and drawbacks enumerated in this section amount to a sheer
lack of interoperability, which is critical to effective biometric recognition. By over-
fitting and tuning to specific settings, current practices undermine both security
and privacy. What takes place during validation is nothing more than “teaching to
the test” rather than preparing for real-world deployment and operations.
the population for whom the biometrics are collected. According to Dobzhansky
(1951), “experience shows that every person whom one meets differs from all
met before. Every human individual is unique, different from all others who
live or lived.” What is diversity after all? Again, according to Dobzhansky, diver-
sity is “the discontinuity of the variation among organisms. The observed varia-
tion does not form any kind of continuous distribution. Instead, a multitude of
separate, discrete distributions are found.” One conjecture under consideration is
that of biometric uniqueness, diversity notwithstanding. The conjecture
claims that no two individuals share the same extracted biometric characteristics.
Note that the conjecture on uniqueness is concerned with extracted and/or pro-
cessed biometrics rather than the original client data, which is unique by default.
There has been scrutiny of and challenge to this conjecture, in particular con-
cerning the biometric signatures extracted and used for authentication. The U.S.
Supreme Court heard in 1993 the case of Daubert versus Merrell Dow Pharma-
ceuticals, Inc. One of the concerns raised was about the reliability of fingerprint
evidence. The Supreme Court did list several criteria for qualifying expert
testimony:
• whether the particular technique or methodology in question has been subject
to a statistical hypothesis testing,
• whether its error rate has been established,
• whether the standards controlling the technique’s operation exist and have
been maintained,
• whether it has been peer reviewed and published, and
• whether it has a general widespread acceptance.
There are studies on the individuality of iris codes (Daugman, 2003) and
fingerprints (Pankanti, Prabhakar, & Jain, 2002) but none yet for human faces.
Daugman (2000) has investigated the role of statistical decision theory, in general,
and combinatorial complexity, in particular, to analyze decision landscapes, e.g.,
ROC curve, and to measure the uniqueness of biometric signatures. For biometrics
that do not compare lists of distinct features but rather use a simple analogue
measure such as correlation, using more (features) is not better. The basic but
obvious observation made by Daugman is “how likely it is that some proportion of
the features will be matched by chance by different people, and some proportion
will fail to be matched even by the same person, that really determines the shape
of the decision landscape. The goal of biometric feature encoding is to maximize
the number of degree-of-freedom that will belong to the score distribution [arising
from comparing different people], while minimizing the number [of degrees-of-
freedom] that will belong to the authentic [‘sameness’] distribution.” One metric
suggested by Daugman (2000) to gauge uniqueness is data size divided by its mean
correlation. It corresponds to Hartley’s classic definition of the number of
degrees-of-freedom or the number of resolvable cells in the information (space/
time ¥ frequency) diagram proposed by Gabor (similar to Heisenberg uncertainty
principle but applied to the uncertainty in localization [in space and/or time] vs.
spectral content).
Biometric Security and Privacy Using Smart Identity Management and Interoperability 79
The key to iris recognition proposed by Daugman (2004) is “the failure of a test
of statistical independence, which involves so many degrees of freedom such that
this test is virtually guaranteed to pass whenever the [binary] phase codes for two
different eyes are compared, but it uniquely fails when any eye’s phase code is
compared with another version of itself.” The test of statistical independence is
simply implemented using exclusive OR (XOR) applied to the 2048-bit vectors
that encode any two iris patterns, masked (ANDed) using their corresponding
mask bit vectors to prevent noniris artifacts from influencing iris comparisons.
The XOR test counts the number of different bit settings (0 and 1). The fractional
Hamming distance, which implements the above test, measures the dissimilarity
between any two iris patterns as the number of different bit settings. Diversity and
uniqueness, in general, and flexibility and privacy, in particular, are further
enhanced using different biometrics and fusing them. Woodward (1997) claims
that “biometric balkanization, or the use of multiple biometric technologies
deployed for multiple applications, provides greater privacy protections than does
biometric centralization, or the use of one dominant biometric technology for
multiple applications.” This observation should be, however, qualified to the
extent that it supports interoperability and is properly validated in terms of accu-
rate performance.
Template Security
While the preceding section deals with the larger security and privacy issues of
full-fledged systems, here, special attention is paid to the biometric templates
themselves. A critical component of any biometric system, templates encode bio-
metric signatures that store information about personal identity suitable for authen-
tication. Template security is about the integrity and proper use of such personal
identities. Any template protection scheme should have the following four proper-
ties (Jain, Nandakumar, & Nagar, 2008): (i) Diversity, such that cross-matching of
secured templates does not infringe on the privacy of the true owner, and functional
creep is avoided; (ii) Revocability, such that compromised biometrics can be deleted
(“cancellable biometrics”) and new ones reissued; (iii) Security, such that it should be
extremely difficult to generate the original biometrics; and (iv) Performance, such
that the protection scheme should not degrade the matching performance. Jain
and Kumar (2010) argue that the current template protection schemes “cannot
yet simultaneously meet all the four requirements listed above. Therefore, hybrid
schemes, which can avail the advantages of different template protection schemes,
should be pursued.”
Protecting the template is challenging first and foremost due to intra-user vari-
ability in the acquired biometric traits. Encryption is not a smooth function, and a
small difference in biometric traits can derail the encrypted features. Adversarial
attacks target first the integrity of the templates using help from insider threats,
e.g., enrollment fraud. Security breaches in both acquisition (“enrollment”) and
communication further endanger the integrity of templates, e.g., nonsecure infra-
structure. Last but not least, characteristic of biometric overtness, an adversary can
circumvent the biometric system by presenting spoofed traits. To meet challenges as
those listed above, Jain et al. (2008) review the solutions proposed so far and classify
80 Harry Wechsler
them into two broad classes, namely, feature transformation and biometric cryptosystems.
Under the first scheme, only the transformed template, using a random key for
transformation, is stored in the database. The same transformations are equally
applied during both enrollment and testing (“authentication”) and can be either
invertible (“salting”) or noninvertible (“hashing”), with the latter difficult to invert
even if the key is known. “Biometric cryptosystems (‘helper [public] data methods’)
were originally developed for the purpose of either securing a cryptographic key
using biometric features, [e.g., key binding using fuzzy vault and/or fuzzy commit-
ment], or directly generating a cryptographic key from biometric features, [e.g.,
fuzzy extractor]” (Jain et al., 2008). Matching is performed indirectly by “verifying
the validity of the extracted key with error correction coding techniques typically
used to handle intra-user variation.” Dodis, Reyzin, and Smith (2004) combine
randomness and error correction to expand on the fuzzy and helper data schemes.
They describe how to generate keys from noisy data, e.g., biometrics B, and the
means to reliably and securely authenticate them.
A basic criticism of biometrics is that “we, as individuals, lose our anonymity
whenever biometric scanning systems are deployed. Controlling information about
ourselves includes our ability to keep other parties from knowing who we are.
Biometrics can establish our identity almost instantaneously in unexpected, unwel-
come, or unforeseen future circumstances and in combination with related tech-
nologies would enable the state to monitor the actions and behavior of its citizenry”
Woodward (1997). To what extent can anonymity be nevertheless preserved while
using biometrics? Pfitzmann and Hansen (2005) define anonymity as “the state of
being not identifiable within a set of objects, the k-anonymity set” and argue that
“anonymity is the stronger, the larger the respective [cardinality of the k] anonymity
set is.” Serjantov and Danezis (2002) observe that “the potentially different prob-
abilities of different members of the anonymity set actually having sent or received
the message are unwisely ignored. Yet they can give a lot of extra information to the
attacker [and increase apparent vulnerability].” This carries over to biometrics
where the users engage differently in authentication, e.g., time, roles, protocols,
and routing.
Newton, Sweeney, and Malin (2005) deidentify facial images in the context of
sharing video surveillance data for the purpose of “limiting automatic persistent
recognition of populations whose images are captured on video but who have
done nothing suspicious.” Effective deidentification, similar to denial and decep-
tion, alleviates security and privacy concerns. Deidentification undermines specific
processing steps, e.g., foil accurate eye detection for normalization purposes and
increases at the same time the entropy (“uncertainty”) at the expense of authen-
tication. Some of the countermeasures used were concealment behind an opaque
object, or overloading the camera’s sensory apparatus with a bright light source.
The degree to which those two broad classes of methods appear to work can be
summed up in a single word: contrast, i.e., large color difference between adjacent
pixels. The explanation for such findings is simply that proper contrast usually
leads to discriminating features and thus to recognition. Playing with contrast is
similar to deploying camouflage and/or distracters. Alexander and Smith (2004)
point out that anonymity and template protection could be modeled using the
noisy channel concept from information theory where a noncooperative subject
Biometric Security and Privacy Using Smart Identity Management and Interoperability 81
would be involved with both transmission (of biometric data) and jamming. The
most effective means for anonymity would require targeted rather than random
noise.
Interoperability
Privacy is first and foremost about identity and its use. It is identity driven by
appearance and behavior or it is prediction of behavior driven by biometrics and
forensics. Interoperability is the thread that links biometrics and forensics with
distributed data collection and associated federated IM systems. Interoperability is
most important as it informs operational performance and validation, on one side,
and trustworthiness to reduce vulnerabilities, on the other side.
Vaidhyanathan (2011) points out that “privacy is about the fact that you have a
choice in what you reveal and that you exercise the choice knowingly.” Infringe-
ment of privacy is not universal but rather context and subject dependent. Com-
puter literacy affects the ability to control privacy settings, and those savvy to protect
themselves are usually younger. Interoperability, which bears on both security and
privacy, involves SIM, which “should support seamless interworking to facilitate
moving personally identifiable information between systems built along different
paradigms” (Vaidhyanathan, 2011). Chadwick and Inman (2009) advocate the
development and deployment of advanced federated IM protocols and correspond-
ing services to “let users securely link their various identity provider (IdP) accounts,
enabling the system to aggregate attributes from multiple authoritative sources
automatically without requiring users to authenticate separately to each IdP.”
Interoperability depends on image quality (Beveridge et al., 2010), diversity of
population, and protocols employed. Toward that end, protocols should ensure
that similarity does not depend upon the enrolled gallery and/or the query set.
This disallows score normalization, with images used for validation purposes
“excluded from model selection, training, or tuning of an algorithm” (Phillips
et al., 2011). Expectations on operational performance for the purpose of authen-
tication and security, on one side, and privacy, on the other side, are hard to make
due to uncontrolled settings, real-world operations, and data diversity. The cova-
riates that affect performance are many, and their complex relationships are dif-
ficult to model. The diversity of faces in the real world means that face recognition
algorithms must operate over a backdrop of appearance variability that is not
related to an individual’s unique identity. Face recognition algorithms intended
for real-world applications must perform predictably over changes in the demo-
graphic composition of the intended application populations. One should thus be
aware that “the demographic composition of non-match populations [e.g., differ-
ences in gender, race/ethnicity, and age] affects estimates of algorithm accuracy”
and that “thresholds may have to be reassessed periodically and adjusted as
needed” (Phillips et al., 2011).
Beveridge and colleagues (2011) comment on quality when they state that
“quality is typically thought of as a property of individual images, not image pairs”
and further question if “most face recognition failures are caused by low-quality
images or by pair-wise inconsistencies between target and query images.” Toward
82 Harry Wechsler
that end, they define “contrary images” as “images that have a contrary nature with
respect to quality in so much as their quality is simultaneously high and low as
defined by how they match to other images of the same person” and report that
“low-quality images are less common than contrary images, and this in turn sug-
gests that two high-quality face images may, when compared to each other, match
poorly.” What factors might be responsible for such a finding? The answer pro-
posed involves physical location rather than the usual culprits of differences in light,
pose, and expression, with the claim made that “same/different location is such a
strong predictor of whether two images will match well.”
Interoperability covers both performance (including misidentification and
reidentification) and functional creep (when federated repositories of personal
data collaborate to disambiguate identity for novel uses). The latter involves
random tagging of passersby and unearthing of their personal details, possibly
using data mining for inferring and predicting personal and sensitive information
about a person. This takes advantage of the potent but toxic mix of converg-
ing technologies for pervasive/ubiquitous computing and mobile devices. This
includes face recognition, e.g., PittPatt facial recognizer recently acquired by
Google, cloud computing, and social media. It leads to “augmented reality” when
“seamless merging of offline and online data can now overlay personal and private
information over the target’s face displayed on mobile devices” (Acquisti, Gross, &
Stutzman, 2011). Link analysis, social media analytics, and peer-based accretion of
data blend information and knowledge to create the augmented reality. Further-
more, Acquisti and others at Carnegie Mellon University have shown that by
mining public sources, including Facebook profiles and government databases,
one could identify personal interests and, in a few cases, the first five digits
of a social security number. To address this, the Social Security agency launched
in June 2011 a new “randomized” numbering system to make such predictions
less likely. Such outcomes go much beyond the expected lack of privacy in public
spaces vis-à-vis external appearance and personal behavior. They defy expected
anonymity of “personal” identity, grossly infringe on privacy, and “foreshadow a
future when we all may be recognizable on the street—not just by friends or
government agencies using sophisticated devices, but by anyone with a smart
phone and internet connection” (Acquisti et al., 2011). Such informed tagging
leads to increased “democratized” surveillance, in general, and de-anonymization,
reidentification, in particular. This enables facial visual searches similar to text
searching, and de facto creates an unregulated “Real-ID” infrastructure.
addresses when joining the social network—a policy that has been difficult at times
to enforce, as the prevalence of spam accounts suggest. Former Google CEO, Eric
Schmidt (2010b, August 10) has also made this suggestion, calling online anonymity
“dangerous” and predicting that governments will eventually “demand” that
people use their names for all online activity. In particular, Google knows what you
watch, what you search, and even with whom you are friends. Schmidt (2010a,
August 4) has previously said, “If you have something that you don’t want anyone
to know, maybe you shouldn’t be doing it in the first place.” He goes on to say “The
only way to manage this is true transparency and no anonymity.” The proposal to
tie real-world identities to online actions is a controversial one, with privacy and free
speech advocates countering that anonymity is necessary to protect dissidents and
other individuals, such as sexual abuse victims. Gigaom’s Matthew Ingram (2011)
wrote recently, “Many people believe that requiring real names will solve the
problems of trolls and bad behavior, but they don’t—and that policy can have
negative consequences in terms of suppressing dialogue about important topics.”
The right to privacy and anonymity go beyond using real names. Both Facebook
and Google+ have now the ability to tag users’ faces and to associate them with real
users’ name, locations, and behaviors. This opens the door to covert surveillance
when users are not personally engaged online but rather are monitored by others
on purpose or not. Last but not least, interoperability is key for uncontrolled
settings. Toward that end, validation studies should use full-fledged biometric (face)
engines with parameters and settings a priori. Validation should then be carried out
on the mix of (legacy) large scale but different (enrolled) databases.
Conclusions
This article captures various security and privacy issues revolving around the use of
biometrics and forensics drawing on the intertwined concepts of “personally iden-
tifiable information” (PII) (Narayanan & Shmatikov, 2010) and interoperability
(Pacyna, Rutkowski, Sarma, & Takahashi, 2009). The emphasis throughout is on
quantitative performance and proper validation for uncontrolled settings, variable
demographics, and distributed biometric recognition operations, e.g., expected
rates of correct identification and/or rates of misidentification. Most important for
validation is reproducibility of results including full information on the experimen-
tal design used, that forensic exclusion is allowed, and that scientific methods for
performance evaluation are followed. As an example, Huang, Ramesh, Berg, and
Learned-Miller (2008) warn users of the LFW facial database that “The second view
[‘partition’] of the [LFW] data should be used sparingly and only for performance
reporting. Ideally, it should only be used once, as choosing the best performer from
multiple algorithms, or multiple parameter settings, will bias results toward artifi-
cially high accuracy.” Related comments on the merit of new and purportedly better
methods, warn that
. . . there also comes a time when performance on a benchmark reaches ceiling perfor-
mance or methods become overengineered for nuances of a data set, and modest perfor-
mance gains may be indicative of overfitting. Alternatively, some new works or operational
scenarios may push the envelope in directions that are not well represented with exist-
ing benchmarks; in such cases, authors may need to develop alternative
Biometric Security and Privacy Using Smart Identity Management and Interoperability 85
benchmarks and justify this need in subsequent publications. Interestingly, real world face
recognition methods that achieve state-of-the-art performance on data sets like LFW may
actually perform worse on constrained, frontal data sets like FERET. (Hua, Yang, Turk,
Kriegman, & Huang, 2011)
A proven and reliable approach has not yet materialized despite claims to the
contrary. A simple explanation for such inconsistent results is that each new method
is tuned to “teach to the test.” The need for a novel validation framework for
biometric recognition, in general, and security and privacy, in particular, is well
aligned to a recent Weiser (2011) report to the effect that there has been a sweeping
shift on witness Identification, with the NJ Supreme Court acknowledging a “trou-
bling lack of reliability in eyewitness ID,” and issuing sweeping new rules making it
easier for defendants to challenge such evidence in criminal cases. Similar warran-
ties should be available and enforced in the digital world as well. Dwork (2011)
defines loss of privacy as “usually associated with failure to control access to infor-
mation, to control the flow of information, or to control the purposes for which
information is employed.” Dwork emphasizes the importance of taking “auxiliary
information into account in privacy-preserving data release,” e.g., assessing the use
of complex join operations characteristic of relational databases to undermine
semantic security. Dwork further proposes a firm foundation for private data
analysis using differential privacy when one separates the utility of the database, e.g.,
to estimate gender rates, from the risk of harm due to joining the database. An
informal and intuitive explanation of differential privacy states that “given the
output of some computation, one cannot tell if any specific data item was used as
part of the input because the probability of producing this output would have been
the same even without this item” (Machanavajjhala, Gehrke, & Kifer, 2006). This
can be achieved using k-anonymity and l-diversity leading to anonymization, and
deidentification and randomized responses “so as to effectively hide the presence or
absence of the data of any individual.” k-anonymity prevents data linkages (using
quasi-identifiers) when attributes are suppressed or generalized until each row is
identical with at least k-1 other rows. As k-anonymity is vulnerable to privacy breach
using homogeneity attacks (to extract shared sensitive data) and background attacks
(using prior knowledge to prime possible linkages), one should use l-diversity
where the sensitive attribute assumes at least l different values.
Domingo-Ferrer and Torra (2008) argue that (database) privacy “largely depends
on the context where this concept is being used.” They propose three privacy
dimensions (respondent, owner, and user) not necessarily orthogonal to each other.
k-anonymity, one approach to trade-off between information loss and disclosure risk,
is not short of shortcomings. It addresses data mining and privacy, in general, and
anonymization and reidentification, in particular, as it trades between data protec-
tion and data utility subject to constraints on data leakage. As microdata are sparse,
the “fat [long] tail” phenomenon, when unexpected events are not that rare after all,
makes k-anonymity fail on high-dimensional data sets. Although the supports of
“unpopular” items are small, these items are so numerous that they make up the bulk
of the non-null entries in the database. “As the data contains a large number of
attributes which may be considered quasi-identifiers, it becomes difficult to anony-
mize the data without an unacceptably high amount of information loss. This is
because an exponential number of combinations of dimensions can be used to make
86 Harry Wechsler
precise inference attacks, even when individual attributes are partially specified
within a range” (Aggarwal, 2005). A discussion on privacy is not complete without
considering its relation to liberty and right. Toward that end, it is instructive to make
reference to Isaiah Berlin and his concepts of positive and negative liberties. Positive
liberty is about the autonomy of the individual and value pluralism, while negative
liberty involves an answer to the question: “What is the area within which the
subject—a person or group of persons—is or should be left to do or be what he is able
to do or be, without interference by other persons” (Berlin, 2004).
The search for privacy needs to anticipate and to contend with new technologies
that shape the web and make it smarter. First and foremost, a mobile web of
communication with video poised to inundate it, with everyday objects joining our
social networks, with ever increasing amounts of web data that enable data mining to
make unanticipated linkages for the purpose of “augmented reality” (Acquisti et al.,
2011) and (private) functional creep, and with voice and gestures changing human–
computer interaction (Ackerman & Guizzo, 2011), Narayanan and Shmatikov (2008,
2009) have recently shown that reidentification targeting anonymized social net-
works is relatively easy, using network topology, even when the overlap between the
target network and the adversary’s auxiliary information is small, e.g., on Twitter and
Flickr. Strong control access mechanisms, proper legislation and informed consent,
computing education, and literacy are thus recommended for enhanced privacy.
Acknowledgment
The author expresses his deep gratitude to the editor, Christopher Gore, for his insightful
and thought-provoking comments that helped illuminate the relevance for policymakers of
the science underlying the security and privacy aspects of biometrics.
References
Ackerman, E., & Guizzo, E. (2011). 5 technologies that will shape the web. IEEE Spectrum, 48(6), 40–45.
Acquisti, A., Gross, R., & Stutzman, F. (2011). Faces of Facebook: Privacy in the age of augmented reality. Retrieved
from http://www.heinz.cmu.ed/~acquisti/face-recognition-study-FAQ/acquisti-faces-BLACKHAT-draft.pdf
(accessed September 24, 2011), Black Hat Conf., Las Vegas, NV.
Biometric Security and Privacy Using Smart Identity Management and Interoperability 87
Aggarwal, C. (2005). On k-anonymity and the curse of dimensionality. Proceedings of the 31st International
Conference on Very Large Databases, Trondheim, Norway, 901–909.
Alexander, J., & Smith, J. M. (2004). Engineering privacy in public: Confounding face recognition. 3rd Int’l
Workshop on Privacy Enhancing Technologies, Dresden, Germany, 88–106.
Arendt, H. (1973). The origins of totalitarianism. San Diego, CA: Harcourt Brace Jonanovich.
Axelsson, S. (1999). The base-rate fallacy and the difficulty of intrusion detection. 6th ACM Conf. on Computer and
Comm. Security, 1–7, Singapore.
Barlow, H. B. (1989). Unsupervised learning. Neural Computation, 1(3), 295–311.
Becker, B. C., & Ortiz, E. G. (2008). Evaluation of face recognition techniques for application to Facebook. 8th
IEEE International Conference on Automatic Face & Gesture Recognition, 1–6, Amsterdam, Holland.
Berlin, I. (2004). Liberty. New York: Oxford University Press.
Beveridge, J. R., Givens, G. H., Phillips, P. J., Draper, B. A., Bolme, D. S., & Lui, Y. M. (2010). FRVT 2006: Quo
vadis face quality. Image and Vision Computing, 28(5), 732–743.
Beveridge, J. R., Phillips, P. J., Givens, G. H., Draper, B. A., Teli, M. N., & Bolme, D. S. (2011). When
high-quality face images match poorly. Proc. 9th Int’l Conf. Automatic Face & Gesture Recognition, 572–578,
Santa Barbara, CA.
Black, B., Ayala, F. J., & Saffran-Brinks, C. (1994). Science and the law in the wake of Daubert: A new search
for scientific knowledge. Texas Law Review, 72(4), 715–761.
Bolle, R. M., Connell, J. H., Pankanti, S., Ratha, N. K., & Senior, A. W. (2004). Guide to biometrics. New York:
Springer Verlag.
Busch, C. (2010). Template protection projects in Europe, Hochschule Darmstadt/Fraunhofer IGD/Gjøvik
University College, BCC Tampa 2010-09-21.
Chadwick, D. W., & Inman, G. (2009). Attribute aggregation in federated identity management. Computer, 42(5),
33–40.
Champod, C., & Meuwly, D. (2000). The inference of identity in forensic speaker recognition. Speech Commu-
nication, 31(2–3), 193–203.
Charette, R. (2011). Here’s looking at you, and you, and you. IEEE Spectrum. Retrieved from http://spectrum.
ieee.org/riskfactor/computing/it/heres-looking-at-you-and-you-and-you (accessed September 24, 2011).
Crews, C. W., Jr. (2002). Human biometric technologies in a free society. Policy Analysis, 452, 1–20.
Crovitz, G. (2011). The right to privacy from Brandeis to Flickr. The Wall Street Journal. Retrieved from
http://online.wsj.com/article/SB10001424053111903554904576461990729880756.html (accessed Sep-
tember 25, 2011).
Darwiche, A. (2009). Modeling and reasoning with Bayesian Networks, Chap. 4. Cambridge: Cambridge University
Press.
Daugman, J. (2000). Biometric decision landscapes. TR 482, Cambridge University, Cambridge, UK.
Daugman, J. (2003). The importance of being random: Statistical principles of iris recognition. Pattern Recog-
nition, 36(2), 279–291.
Daugman, J. (2004). How iris recognition works. IEEE Transactions on Circuits and Systems for Video Technology,
14(1), 21–30.
De Marsico, M., Nappi, M., Riccio, D., & Wechsler, H. (2011). Robust face recognition after plastic surgery using
local region analysis. ICIAR, 2, 191–200.
Dessimoz, D., & Champod, C. (2008). Linkages between biometrics and forensic science. In A. K. Jain, P. Flynn,
A. A. Ross (Eds.), Handbook of biometrics (pp. 425–459). New York: Springer.
Dobzhansky, T. (1951). Genetics and the origin of species. New York: Columbia University Press.
Doddington, G. R., Liggett, W., Martin, A. F., Przybocki, M. A., & Reynolds, D. A. (1998). Sheep, goats, lambs, and
wolves: A statistical analysis of speaker performance. 5th Int. Conf. on Spoken Language Processing, 1351–1354.
Doddington, G. R., Przybocki, M. A., Martin, A. F., & Reynolds, D. A. (2000). The speaker recognition
evaluation. Speech Communication, 31, 225–254.
Dodis, Y., Reyzin, L., & Smith, A. (2004). Fuzzy extractors: How to generate strong keys from biometrics and
other noisy data. Proc. of Int’l Conf. on the Theory and Applications of Cryptographic Techniques (EUROCRYPT
’04), Interlaken, Switzerland, 523–540.
Domingo-Ferrer, J., & Torra, V. (2008). A critique of k-anonymity and some of its enhancements. 3rd Int’l Conf.
on Availability, Reliability and Security (ARES), Barcelona, Spain, 990–993.
Dwork, C. (2011). A firm foundation for private data analysis. Communications of the ACM, 54(1), 86–95.
Freund, Y., & Schapire, R. E. (1996). Experiments with a new boosting algorithm. Proc. of 13th Int. Conf. on
Machine Learning (ICML), Bari, Italy, 148–156.
Ganek, A. G., & Corbi, T. A. (2003). The dawning of the autonomic computing era. IBM Systems Journal, 42(1),
5–18.
Gates, K. A. (2011). Our biometric future: Facial recognition technology and the culture of surveillance. New York: New
York University Press.
88 Harry Wechsler
Gonzalez-Rodriguez, J., Rose, P., Ramos, D., Toledano, D. T., & Ortega-Garcia, J. (2007). Emulating DNA:
Rigorous quantification of evidential weight in transparent and testable forensic speaker recognition.
IEEE Transactions on Audio, Speech, and Language Processing, 15(7), 2104–2115.
Hand, D. J. (2008). Classifier technology and the illusion of progress. Statistical Sciences, 21(1), 1–15.
Ho, S. S., & Wechsler, H. (2008). Query by transduction. The IEEE Transactions on Pattern Analysis and Machine
Intelligence, 30(9), 1557–1571.
Hua, G., Yang, M. H., Turk, M., Kriegman, D. J., & Huang, T. S. (2011). Introduction to the special section on
real-world face recognition. The IEEE Transactions on Pattern Analysis and Machine Intelligence, 33(10),
1921–1924.
Huang, G. B., Ramesh, M., Berg, T., & Learned-Miller, E. (2008). Labeled faces in the wild: A database for
studying face recognition in unconstrained environments. In The Workshop on Faces in Real-Life Images at
European Conference on Computer Vision, 2008.
Ingram, M. (2011). Google+ and the loss of online anonymity. GIGAOM. Retrieved from http://gigaom.com/
2011/07/25/google-and-the-loss-of-online-anonymity/ (accessed September 26, 2011).
Jain, A. K., & Kumar, A. (2010). Biometrics of next generation: An overview. In E. Mordini & D. Tzovaras
(Eds.), Second generation biometrics. Heidelberg, Germany: Springer.
Jain, A. K., Nandakumar, K., & Nagar, A. (2008). Biometric template security. EURASIP Journal on Advances in
Signal Processing, 2008, 1–17.
Kraemer, H. C. (1992). Evaluating medical tests: Objective and quantitative guidelines. Newbury Park, CA: Sage
Publications.
Kumar, N., Berg, A., Belhumeur, P., & Nayar, S. (2011). Describable visual attributes for face verification and
image search. The IEEE Transactions on Pattern Analysis and Machine Intelligence, 33(10), 1962–1997.
Lai, H., Ramanathan, V., & Wechsler, H. (2008). Reliable face recognition using adaptive and robust correlation
filters. Computer Vision and Image Understanding, 111(3), 329–350.
Li, F., & Wechsler, H. (2005). Open set face recognition using transduction. The IEEE Transactions on Pattern
Analysis and Machine Intelligence, 27(11), 1686–1697.
Li, F., & Wechsler, H. (2009). Face authentication using recognition-by-parts, boosting and transduction.
International Journal of Pattern Recognition and Artificial Intelligence (IJPRAI), 23(3), 545–573.
Machanavajjhala, A., Gehrke, J., & Kifer, D. (2006). l-diversity: Privacy beyond k-anonymity. Proc. of the Int’l
Conf. on Data Engineering (ICDE’06), Atlanta, GA.
Maltoni, D., Maio, D., Jain, A. K., & Prabhakar, S. (2009). Handbook of fingerprint recognition (2nd ed.). New York:
Springer-Verlag.
Mordini, E., & Rebera, A. P. (2012). No identification without representation: Constraints on the use of
biometric identification systems. Review of Policy Research, 29(1), 5–19.
Narayanan, A., & Shmatikov, V. (2008). Robust de-anonymization of large sparse datasets. Proc. of 29th IEEE
Symposium on Security and Privacy, Oakland, CA, 111–125.
Narayanan, A., & Shmatikov, V. (2009). De-anonymizing social networks. 30th IEEE Symposium on Security and
Privacy, Oakland, CA, 173–187.
Narayanan, A., & Shmatikov, V. (2010). Myths and fallacies of “personally identifiable information.” Communi-
cations of the ACM, 53(6), 24–26.
Newton, E. M., Sweeney, L., & Malin, B. (2005). Preserving privacy by de-identifying face images. IEEE
Transactions on Knowledge and Data Engineering, 17(2), 232–243.
NIST (National Institute of Standards and Technology). (2011). Face recognition vendor test (FRVT) home page.
Retrieved from http://www.nist.gov/itl/iad/ig/frvt-home.cfm (accessed September 24, 2011).
O’Toole, A. J., Phillips, P. J., An, X., & Dunlop, J. (2011). Demographic effects on estimates of automatic face
recognition performance. Proc. 9th Int’l Conf. Automatic Face and Gesture Recognition, 83–90, Santa Barbara,
CA.
Pacyna, P., Rutkowski, A., Sarma, A., & Takahashi, K. (2009). Trusted identity for all: Toward interoperable
trusted identity management systems. Computer, 42(5), 30–32.
Pankanti, S., Prabhakar, S., & Jain, A. K. (2002). On the individuality of fingerprints. The IEEE Transactions on
Pattern Analysis and Machine Intelligence, 24(8), 1010–1025.
Pato, J. N., & Millet, L. I. (Eds.). (2008). Biometric recognition: Challenges and opportunities. Washington, DC:
National Research Council.
Pearl, J. (2009). Causality (2nd ed.), Chap. 2. Cambridge: Cambridge University Press.
Pfitzmann, A., & Hansen, M. (2005). Anonymity, unlinkability, undetectability, unobservability, pseudonymity, and
identity management—a consolidated proposal for terminology. Retrieved from http://dud.inf.tu-dresden.de/
Literatur_V1.shtml (accessed September 24, 2011).
Phillips, P. J., Beveridge, J. R., Draper, B. A., Givens, G. H., O’Toole, A. J., Bolme, D. S., Dunlop, J. P., Lui, Y.
M., Sahibzada, H., & Weimer, S. (2011). An introduction to the good, the bad, & the ugly face recognition
challenge problem. Proc. 9th Int’l Conf. Automatic Face and Gesture Recognition, 346–353, Santa Barbara, CA.
Biometric Security and Privacy Using Smart Identity Management and Interoperability 89
Phillips, P. J., Wechsler, H., Huang, J., & Rauss, P. J. (1998). The FERET database and evaluation procedure for
face-recognition algorithms. Image and Vision Computing, 16(5), 295–306.
Pinto, N., DiCarlo, J. J., & Cox, D. D. (2008). Establishing good benchmarks and baselines for face recognition.
Workshop on Faces in “Real-Life” Images (ECCV 2008), Marseille, France.
Ratha, N. K., Connell, J. H., & Bolle, R. M. (2001). Enhancing security and privacy in biometrics-based
authentication systems. IBM Systems Journal, 40(3), 614–634.
Rubinstein, Y. D., & Hastie, T. (1997). Discriminative vs informative learning. Proc. Third Int. Conf. on Knowledge
Discovery and Data Mining, 49–53.
Schmidt, E. (2010a). Google, privacy and the new explosion of data. Techonomy. Retrieved from http://
techonomy.typepad.com/blog/2010/08/google-privacy-and-the-new-explosion-of-data.html (accessed Sep-
tember 26, 2011).
Schmidt, E. (2010b). Eric Schmidt on privacy (VIDEO): Google CEO says anonymity online is “dangerous.”
Huffington Post. Retrieved from http://www.huffingtonpost.com/2010/08/10/eric-schmidt-privacy-stan_n_
677224.html (accessed September 26, 2011).
Schneier, B. (1999). The uses and abuses of biometrics. Communications of the ACM, 42(8), 136.
Serjantov, A., & Danezis, G. (2002). Towards an information theoretic metric for anonymity. Privacy Enhancing
Technologies, 259–263.
Singh, R., Vatsa, M., & Noore, A. (2009). Face recognition with disguise and single gallery images. Image and
Vision Computing, 27(3), 245–257.
Steel, E., & Angwin, J. (2011). Device raises the fear of facial profiling. The Wall Street Journal. Retrieved
from http://online.wsj.com/article/SB10001424052702303678704576440253307985070.html (accessed
September 24, 2011).
Vaidhyanathan, S. (2011). Welcome to the surveillance society. IEEE Spectrum, 48(6), 48–51.
Wechsler, H. (2007). Reliable face recognition methods: System design, implementation and evaluation. New York:
Springer-Verlag.
Wechsler, H. (2010). Intelligent biometric information management. Journal of Intelligent Information Manage-
ment, 2(9), 499–511.
Wechsler, H., & Ho, S. S. (2011). Evidence-based management of data collection and decision-making using
algorithmic randomness and active learning. Journal of Intelligent Information Management, 3(4), 142–159.
Weiser, B. (2011). In New Jersey, rules are changed on witness IDs. The New York Times. Retrieved from
http://www.nytimes.com/2011/08/25/nyregion/in-new-jersey-rules-changed-on-witness-ids.html (accessed
September 27, 2011).
Wolf, L., Hassner, T., & Taigman, Y. (2011). Effective unconstrained face recognition by combining multiple
descriptors and learned background statistics. The IEEE Transactions on Pattern Analysis and Machine
Intelligence, 33(10), 1978–1990.
Woodward, J. D. (1997). Biometrics: Privacy’s foe or privacy’s friend? Proceedings of the IEEE, 85(9), 1480–1492.
Yager, N., & Dunstone, T. (2010). The biometric menagerie. The IEEE Transactions on Pattern Analysis and
Machine Intelligence, 32(2), 220–230.
Zuckerberg, R. (2011). Facebook’s Randi Zuckerberg: Anonymity online “has to go away.” Huffington
Post. Retrieved from http://www.huffingtonpost.com/2011/07/27/randi-zuckerberg-anonymity-online_n_
910892.html (accessed September 26, 2011).
Copyright of Review of Policy Research is the property of Wiley-Blackwell and its content may not be copied
or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission.
However, users may print, download, or email articles for individual use.