For applications like Terrorist Watch Lists and Smart Guns, a false rejection is more critical than a false acceptance. In this paper a new threat model focusing on false rejections is presented, and the 'standard' architecture of a biometric system is extended by adding components like crypto, audit logging, power, and environment to increase the analytic power of the threat model. Our threat model gives new insight into false rejection attacks, emphasizing the role of an external attacker. The threat model is intended to be used during the design of a system.
|Place of Publication||Enschede|
|Publisher||Distributed and Embedded Security (DIES)|
|Number of pages||15|
|Publication status||Published - Jun 2005|
|Name||CTIT Technical Report Series|
|Publisher||University of Twente, Centre for Telematica and Information Technology (CTIT)|
- Biometric system security
- False reject attack
- Attack trees
Buhan, I., Bazen, A., Hartel, P., & Veldhuis, R. (2005). A False Rejection Oriented Threat Model for the Design of Biometric Authentication Systems. (CTIT Technical Report Series; No. TR-CTIT-05-27). Enschede: Distributed and Embedded Security (DIES).