Nibras Abo Alzahab , Giulia Rafaiani , Massimo Battaglioni , Ana Cavalli , Franco Chiaraluce , Marco Baldi
{"title":"BiometricIdentity dApp: Decentralized biometric authentication based on fuzzy commitment and blockchain","authors":"Nibras Abo Alzahab , Giulia Rafaiani , Massimo Battaglioni , Ana Cavalli , Franco Chiaraluce , Marco Baldi","doi":"10.1016/j.softx.2024.101932","DOIUrl":null,"url":null,"abstract":"<div><div>As biometric authentication has been increasingly integrated into cutting-edge technology, it is interesting to study how its level of trust and interoperability across multiple devices can be increased. They can actually be enhanced through decentralization, particularly by using blockchain technology. Since transaction data on the blockchain are open and readable by all parties, a high level of user trust is achieved, enhancing transparency and interoperability across the network. The software we propose bridges the gap between the security of biometric information and the transparency of blockchain and decentralized technologies. Specifically, the software is a decentralized application (dApp), based on the Ethereum blockchain, which relies on a smart contract to manage its logic. The logic of the smart contract employs the fuzzy commitment scheme (FCS) to securely hash biometric templates, while always maintaining fault tolerance thanks to error correction codes (ECC). This mechanism ensures data integrity within a transparent, decentralized framework. The proposed dApp enhances biometric authentication by supporting both the enrollment and authentication processes. Its smart contract enables managing access control within this decentralized infrastructure. In practical applications, the proposed system can demonstrate its potential as a secure and decentralized alternative to traditional centralized systems.</div></div>","PeriodicalId":21905,"journal":{"name":"SoftwareX","volume":"28 ","pages":"Article 101932"},"PeriodicalIF":2.4000,"publicationDate":"2024-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"SoftwareX","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2352711024003029","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}
引用次数: 0
Abstract
As biometric authentication has been increasingly integrated into cutting-edge technology, it is interesting to study how its level of trust and interoperability across multiple devices can be increased. They can actually be enhanced through decentralization, particularly by using blockchain technology. Since transaction data on the blockchain are open and readable by all parties, a high level of user trust is achieved, enhancing transparency and interoperability across the network. The software we propose bridges the gap between the security of biometric information and the transparency of blockchain and decentralized technologies. Specifically, the software is a decentralized application (dApp), based on the Ethereum blockchain, which relies on a smart contract to manage its logic. The logic of the smart contract employs the fuzzy commitment scheme (FCS) to securely hash biometric templates, while always maintaining fault tolerance thanks to error correction codes (ECC). This mechanism ensures data integrity within a transparent, decentralized framework. The proposed dApp enhances biometric authentication by supporting both the enrollment and authentication processes. Its smart contract enables managing access control within this decentralized infrastructure. In practical applications, the proposed system can demonstrate its potential as a secure and decentralized alternative to traditional centralized systems.
期刊介绍:
SoftwareX aims to acknowledge the impact of software on today''s research practice, and on new scientific discoveries in almost all research domains. SoftwareX also aims to stress the importance of the software developers who are, in part, responsible for this impact. To this end, SoftwareX aims to support publication of research software in such a way that: The software is given a stamp of scientific relevance, and provided with a peer-reviewed recognition of scientific impact; The software developers are given the credits they deserve; The software is citable, allowing traditional metrics of scientific excellence to apply; The academic career paths of software developers are supported rather than hindered; The software is publicly available for inspection, validation, and re-use. Above all, SoftwareX aims to inform researchers about software applications, tools and libraries with a (proven) potential to impact the process of scientific discovery in various domains. The journal is multidisciplinary and accepts submissions from within and across subject domains such as those represented within the broad thematic areas below: Mathematical and Physical Sciences; Environmental Sciences; Medical and Biological Sciences; Humanities, Arts and Social Sciences. Originating from these broad thematic areas, the journal also welcomes submissions of software that works in cross cutting thematic areas, such as citizen science, cybersecurity, digital economy, energy, global resource stewardship, health and wellbeing, etcetera. SoftwareX specifically aims to accept submissions representing domain-independent software that may impact more than one research domain.