Improvement in Security Evaluation of Biometric Systems

Security is one of the major issues in IT systems. When users need to be authenticated, Biometrics appears as an improved alternative to the traditional systems. If biometrics is to be used in an IT product devoted to security, there should be some kind of assurance that no security holes are added. Even more, user biometric data is a very sensible piece of data. Therefore security achieved shall be evaluated, and a methodology is needed to cover such evaluation in an objective way. Based on previous works in security evaluation, such as Common Criteria and ISO, and some few initiatives in providing such concepts to the biometrics world, authors present in this paper an overview of such works, as well as some proposals to improve security evaluation in biometrics. This leads not only to such proposals, but also to some future works to be carried on in order to complete the work here shown