Privacy-Protecting Techniques for Behavioral Biometric Data: A Survey
Abstract: Our behavior -the way we talk, walk, or think-is unique and can be used as a biometric trait. It also correlates with sensitive attributes like emotions. Hence, techniques to protect individuals' privacy against unwanted inferences are required. To consolidate knowledge in this area, we systematically reviewed applicable anonymization techniques. We taxonomize and compare existing solutions regarding privacy goals, conceptual operation, advantages, and limitations. Our analysis shows that some behavioral trait… Show more
Search citation statements
Paper Sections
Citation Types
Year Published
Publication Types
Relationship
Authors
Journals
Cited by 3 publications
References 140 publications
(English) Smart community services are reaching nearly every area of our daily life, often requiring private information from their users. The scope of all contributors to these services is to collaboratively share information for the benefit of all stakeholders, including citizens (user), organizations, schools, and governing institutions. User contribution can be participatory --flence intentionally given --0r smart community services can gather information opportunistically from user sensors and/or APls nearly automatically or with less user influence. The present dissertation focuses on participatory user contribution. SCS increasingly demand consciously undertaken participatory user contributions, that predominantly require a login-based user verification process based on an identification (I) and authentication (A) process. Throughout this process, the user logs in with a user identity, regardless of whether it is a real one or not. The verification process is associated with immanent privacy threats to users. The users can contribute with tagging, posting, or uploading information demanded by the SCS, which may need reliability guarantees linked to the trustworthiness of the users. Nowadays becoming more aware about their privacy and right to self-determine, users are not so willing to contribute unconditionally to the SCS, leading to a conflict between user privacy and the SCS requirements. The verification process for a user login as well as his contributions implies user privacy threats. Chapter 3 and 4 of the dissertation focus on the privacy threat analysis (PTA) of the user verification process and chapter 5 on user self-determined privacy aware contributions to the SCS. Chapter 3 focuses on the PTA of the verification process in the modelling phase. We extend the scientifically grounded LINDDUN PT A framework to be used systematically for modelling of the verification process to perform a user login. Our contribution includes the modelling of the I and A processes, considering IA methods, the extension of the trust boundary concept, and extensively extends the privacy threat mapping table. Our contributions are assembled in a systematic and reproducible step-by-step guide intended for privacy auditors including knowledge and decision support, whereby the results do not depend on the knowledge of the auditor or his intuition. The results provide the requirements for the authentication schemes (AS) to be implemented or selected. Chapter 4 focuses on the PTA of the verification process of realized AS. Bonneau et al. proposed a comparison framework to extensively evaluate AS for usability (U), deployability (D) and security (S), namely, the UDS framework. We extend it with a new defined privacy (P) category to become the UDSP framework. Our evaluation of the 38 AS -including biometrics -with the UDSP framework reveal inter alia fundamental privacy threats, for which we propose guidelines for more secure implementations. Chapter 5 focuses on self-determined and user accepted revocable privacy. The contributing user in particular is exposed to privacy threats when he contributes to a critical incident of a SCS, that requires evidence and trustworthiness for the contribution. That is the reason why we propose a taxonomy concept for classifying the criticality of incidents, including a mapping to enhanced privacy requirements and the cryptographic primitives that would support their realization in a privacy preserving fashion. The taxonomy for user self-determination comprising enforceable graded revocable privacy, which is nonetheless partially applicable to the right to be forgotten, is exemplified for two proofs-of-concepts applying cryptographic primitives alike blacklistable anonymous credentials and group signatures with distributed management. (Español) Los servicios de comunidades inteligentes o smart community services (SCS) están en casi todos los ámbitos de la vida cotidiana, y a menudo requieren información privada de sus usuarios. Estas contribuciones son para beneficiar todos los interesados, entre otros, ciudadanos (usuarios), organizaciones, escuelas e instituciones de gobierno. La contribución de usuarios puede ser participativa (intencionada) o los SCS pueden recoger casi automáticamente información de modo oportunista de sensores y/o APIs o con poca influencia por el usuario. La tesis doctoral se centra en contribuciones participativas de usuarios. Los SCS demandan más contribuciones participativas, que predominantemente requieren un proceso de verificación de usuario basado en una entrada al sistema (login) aplicando un proceso de identificación (I) y autentificación (A). En este proceso el usuario lleva a cabo un login con una identidad de usuario, sea una real o no. El proceso de verificación contiene amenazas inherentes para la privacidad del usuario. Este puede contribuir etiquetando, publicando o subiendo cualquier información solicitada. El SCS requiere evidencia con veracidad. En la actualidad los usuarios son más conscientes de su privacidad y del derecho de autodeterminación y no están dispuestos a contribuir incondicionalmente, llevando esto a un conflicto entre la privacidad del usuario y requerimientos de los SCS. El proceso de verificación del login del usuario y las contribuciones contienen amenazas de privacidad. Capítulo 3 y 4 de la tesis doctoral se centran en el análisis de amenazas de privacidad (privacy threat analysis (PTA)) del proceso de verificación y el capítulo 5 en contribuciones autodeterminadas por el usuario que respetan su privacidad. Capítulo 3 se centra en el PTA del proceso de verificación en la fase del modelamiento. Extendemos el LINDDUN PTA framework para ser aplicable sistemáticamente en el modelamiento del proceso de verificación del login de usuario. Nuestra contribución modela el proceso de I y A, considera métodos de IA, extiende los límites de confianza y amplía extensamente la tabla de mapeo de amenazas de privacidad. Hemos agrupado nuestras contribuciones en una guía paso a paso sistemática y reproducible, que incluye conocimiento y soporte de decisión, por lo cual los resultados no dependen del conocimiento o intuición del auditor. Los resultados facilitan los requerimientos para elegir o implementar sistemas de autentificación (authentication systems, AS). Capítulo 4 se centra en el PTA del proceso de verificación de los AS desarrollados. Los AS son evaluados ampliamente respecto a su usabilidad (U), posibilidad de despliegue (D) y seguridad (S) con el UDS framework de Bonneau et al. Extendemos UDS con una nueva categoría de privacidad (P) y se convierte en el UDSP framework. Nuestra evaluación de los 38 AS con el UDSP framework entre otras revela amenazas de privacidad elementales, así que proponemos pautas para una implementación más segura. Capítulo 5 se centra en la autodeterminación y revocabilidad de la privacidad del usuario, aceptada por este. Él está en particular expuesto a amenazas de privacidad cuando contribuye a incidentes críticos del SCS, que requieren una contribución con evidencia y veracidad. Esta es la razón por la que proponemos una taxonomía para la clasificación de la criticalidad de los incidentes incluyendo requerimientos de privacidad de usuario ampliados y primitivas criptográficas, que facilitan una realización manteniendo la privacidad. La taxonomía para la autodeterminación del usuario incluye – ejecutable por el usuario – privacidad escalonadamente revocable, que no obstante ya es parcialmente aplicable al derecho al olvido. Esta taxonomía se explica en dos pruebas de concepto aplicando ejemplarmente primitivas criptográficas como blacklistable anonymous credentials y group signatures with distributed management.
(English) Smart community services are reaching nearly every area of our daily life, often requiring private information from their users. The scope of all contributors to these services is to collaboratively share information for the benefit of all stakeholders, including citizens (user), organizations, schools, and governing institutions. User contribution can be participatory --flence intentionally given --0r smart community services can gather information opportunistically from user sensors and/or APls nearly automatically or with less user influence. The present dissertation focuses on participatory user contribution. SCS increasingly demand consciously undertaken participatory user contributions, that predominantly require a login-based user verification process based on an identification (I) and authentication (A) process. Throughout this process, the user logs in with a user identity, regardless of whether it is a real one or not. The verification process is associated with immanent privacy threats to users. The users can contribute with tagging, posting, or uploading information demanded by the SCS, which may need reliability guarantees linked to the trustworthiness of the users. Nowadays becoming more aware about their privacy and right to self-determine, users are not so willing to contribute unconditionally to the SCS, leading to a conflict between user privacy and the SCS requirements. The verification process for a user login as well as his contributions implies user privacy threats. Chapter 3 and 4 of the dissertation focus on the privacy threat analysis (PTA) of the user verification process and chapter 5 on user self-determined privacy aware contributions to the SCS. Chapter 3 focuses on the PTA of the verification process in the modelling phase. We extend the scientifically grounded LINDDUN PT A framework to be used systematically for modelling of the verification process to perform a user login. Our contribution includes the modelling of the I and A processes, considering IA methods, the extension of the trust boundary concept, and extensively extends the privacy threat mapping table. Our contributions are assembled in a systematic and reproducible step-by-step guide intended for privacy auditors including knowledge and decision support, whereby the results do not depend on the knowledge of the auditor or his intuition. The results provide the requirements for the authentication schemes (AS) to be implemented or selected. Chapter 4 focuses on the PTA of the verification process of realized AS. Bonneau et al. proposed a comparison framework to extensively evaluate AS for usability (U), deployability (D) and security (S), namely, the UDS framework. We extend it with a new defined privacy (P) category to become the UDSP framework. Our evaluation of the 38 AS -including biometrics -with the UDSP framework reveal inter alia fundamental privacy threats, for which we propose guidelines for more secure implementations. Chapter 5 focuses on self-determined and user accepted revocable privacy. The contributing user in particular is exposed to privacy threats when he contributes to a critical incident of a SCS, that requires evidence and trustworthiness for the contribution. That is the reason why we propose a taxonomy concept for classifying the criticality of incidents, including a mapping to enhanced privacy requirements and the cryptographic primitives that would support their realization in a privacy preserving fashion. The taxonomy for user self-determination comprising enforceable graded revocable privacy, which is nonetheless partially applicable to the right to be forgotten, is exemplified for two proofs-of-concepts applying cryptographic primitives alike blacklistable anonymous credentials and group signatures with distributed management. (Español) Los servicios de comunidades inteligentes o smart community services (SCS) están en casi todos los ámbitos de la vida cotidiana, y a menudo requieren información privada de sus usuarios. Estas contribuciones son para beneficiar todos los interesados, entre otros, ciudadanos (usuarios), organizaciones, escuelas e instituciones de gobierno. La contribución de usuarios puede ser participativa (intencionada) o los SCS pueden recoger casi automáticamente información de modo oportunista de sensores y/o APIs o con poca influencia por el usuario. La tesis doctoral se centra en contribuciones participativas de usuarios. Los SCS demandan más contribuciones participativas, que predominantemente requieren un proceso de verificación de usuario basado en una entrada al sistema (login) aplicando un proceso de identificación (I) y autentificación (A). En este proceso el usuario lleva a cabo un login con una identidad de usuario, sea una real o no. El proceso de verificación contiene amenazas inherentes para la privacidad del usuario. Este puede contribuir etiquetando, publicando o subiendo cualquier información solicitada. El SCS requiere evidencia con veracidad. En la actualidad los usuarios son más conscientes de su privacidad y del derecho de autodeterminación y no están dispuestos a contribuir incondicionalmente, llevando esto a un conflicto entre la privacidad del usuario y requerimientos de los SCS. El proceso de verificación del login del usuario y las contribuciones contienen amenazas de privacidad. Capítulo 3 y 4 de la tesis doctoral se centran en el análisis de amenazas de privacidad (privacy threat analysis (PTA)) del proceso de verificación y el capítulo 5 en contribuciones autodeterminadas por el usuario que respetan su privacidad. Capítulo 3 se centra en el PTA del proceso de verificación en la fase del modelamiento. Extendemos el LINDDUN PTA framework para ser aplicable sistemáticamente en el modelamiento del proceso de verificación del login de usuario. Nuestra contribución modela el proceso de I y A, considera métodos de IA, extiende los límites de confianza y amplía extensamente la tabla de mapeo de amenazas de privacidad. Hemos agrupado nuestras contribuciones en una guía paso a paso sistemática y reproducible, que incluye conocimiento y soporte de decisión, por lo cual los resultados no dependen del conocimiento o intuición del auditor. Los resultados facilitan los requerimientos para elegir o implementar sistemas de autentificación (authentication systems, AS). Capítulo 4 se centra en el PTA del proceso de verificación de los AS desarrollados. Los AS son evaluados ampliamente respecto a su usabilidad (U), posibilidad de despliegue (D) y seguridad (S) con el UDS framework de Bonneau et al. Extendemos UDS con una nueva categoría de privacidad (P) y se convierte en el UDSP framework. Nuestra evaluación de los 38 AS con el UDSP framework entre otras revela amenazas de privacidad elementales, así que proponemos pautas para una implementación más segura. Capítulo 5 se centra en la autodeterminación y revocabilidad de la privacidad del usuario, aceptada por este. Él está en particular expuesto a amenazas de privacidad cuando contribuye a incidentes críticos del SCS, que requieren una contribución con evidencia y veracidad. Esta es la razón por la que proponemos una taxonomía para la clasificación de la criticalidad de los incidentes incluyendo requerimientos de privacidad de usuario ampliados y primitivas criptográficas, que facilitan una realización manteniendo la privacidad. La taxonomía para la autodeterminación del usuario incluye – ejecutable por el usuario – privacidad escalonadamente revocable, que no obstante ya es parcialmente aplicable al derecho al olvido. Esta taxonomía se explica en dos pruebas de concepto aplicando ejemplarmente primitivas criptográficas como blacklistable anonymous credentials y group signatures with distributed management.
A kinematic dataset of locomotion with gait and sit-to-stand movements of young adults
Kinematic data is a valuable source of movement information that provides insights into the health status, mental state, and motor skills of individuals. Additionally, kinematic data can serve as biometric data, enabling the identification of personal characteristics such as height, weight, and sex. In CeTI-Locomotion, four types of walking tasks and the 5 times sit-to-stand test (5RSTST) were recorded from 50 young adults wearing motion capture (mocap) suits equipped with Inertia-Measurement-Units (IMU). Our dataset is unique in that it allows the study of both intra- and inter-participant variability with high quality kinematic motion data for different motion tasks. Along with the raw kinematic data, we provide the source code for phase segmentation and the processed data, which has been segmented into a total of 4672 individual motion repetitions. To validate the data, we conducted visual inspection as well as machine-learning based identity and action recognition tests, achieving 97% and 84% accuracy, respectively. The data can serve as a normative reference of gait and sit-to-stand movements in healthy young adults and as training data for biometric recognition.
Modern pHealth is an emerging approach to collecting and using personal health information (PHI) for personalized healthcare and personalized health management. For its products and services, it deploys advanced technologies such as sensors, actuators, computers, mobile phones, etc. Researchers have shown that today’s networked information systems, such as pHealth ecosystems, miss appropriate privacy solutions, and trust is only an illusion. In the future, the situation will be even more challenging because pHealth ecosystems will be highly distributed, dynamic, increasingly autonomous, and multi-stakeholder, with the ability to monitor the person’s regular life, movements, emotions, and health-related behavior in real time. In this paper, the authors demonstrate that privacy and trust in ecosystems are system-level problems that need a holistic, system-focused solution. To make future pHealth ethically acceptable, privacy-enabled, and trustworthy, the authors have developed a conceptual five-level privacy and trust model as well as a formula that describes the impact of privacy and trust factors on the level of privacy and trust. Furthermore, the authors have analyzed privacy and trust challenges and possible solutions at each level of the model. Based on the analysis performed, a proposal for future ethically acceptable, trustworthy, and privacy-enabled pHealth is developed. The solution combines privacy as personal property and trust as legally binding fiducial duty approaches and uses a blockchain-based smart contract agreement to store people’s privacy and trust requirements and service providers’ promises.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
Contact Info
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Product
Resources
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2025 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.
