{"title":"用于企业身份管理部署的生物识别身份验证服务:数据保护视角","authors":"C. Senk, Florian Dotzler","doi":"10.1109/ARES.2011.14","DOIUrl":null,"url":null,"abstract":"Biometric Authentication as a Service is an innovative approach for strong authentication in web environments based on the Software as a Service model. However, both the adoption of SaaS systems and biometric technologies negatively correlate with perceived privacy and data protection risks. We specify a list of evaluation criteria for BioAaaS systems from a data protection point of view including elements specific to both biometrics and SaaS. We further apply these criteria on a prototypical implementation of a SaaS-compliant biometric authentication service based on keystroke dynamics for enterprise deployment. The assessment shows that for the most part the prototype conforms to technical data protection requirements. At the organizational level the selection and control of a trust-worthy provider and the conclusion of the service agreement remain.","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"32 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"49","resultStr":"{\"title\":\"Biometric authentication as a service for enterprise identity management deployment: a data protection perspective\",\"authors\":\"C. Senk, Florian Dotzler\",\"doi\":\"10.1109/ARES.2011.14\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Biometric Authentication as a Service is an innovative approach for strong authentication in web environments based on the Software as a Service model. However, both the adoption of SaaS systems and biometric technologies negatively correlate with perceived privacy and data protection risks. We specify a list of evaluation criteria for BioAaaS systems from a data protection point of view including elements specific to both biometrics and SaaS. We further apply these criteria on a prototypical implementation of a SaaS-compliant biometric authentication service based on keystroke dynamics for enterprise deployment. The assessment shows that for the most part the prototype conforms to technical data protection requirements. At the organizational level the selection and control of a trust-worthy provider and the conclusion of the service agreement remain.\",\"PeriodicalId\":254443,\"journal\":{\"name\":\"2011 Sixth International Conference on Availability, Reliability and Security\",\"volume\":\"32 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-08-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"49\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 Sixth International Conference on Availability, Reliability and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ARES.2011.14\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 Sixth International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2011.14","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Biometric authentication as a service for enterprise identity management deployment: a data protection perspective
Biometric Authentication as a Service is an innovative approach for strong authentication in web environments based on the Software as a Service model. However, both the adoption of SaaS systems and biometric technologies negatively correlate with perceived privacy and data protection risks. We specify a list of evaluation criteria for BioAaaS systems from a data protection point of view including elements specific to both biometrics and SaaS. We further apply these criteria on a prototypical implementation of a SaaS-compliant biometric authentication service based on keystroke dynamics for enterprise deployment. The assessment shows that for the most part the prototype conforms to technical data protection requirements. At the organizational level the selection and control of a trust-worthy provider and the conclusion of the service agreement remain.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
