Integration biometrics in web application: Security for web apps

Wulandari Kusuma Herdanu, Rabab Alayham Abbas Helmi, Mariana Syamsudin
Corresponding email: [email protected]


To evaluate the effectiveness of biometric security systems, an information theoretic framework is constructed. First, two performance metrics privacy, determined by the biometric measurements’ normalized equivocation rate, and security, determined by the biometric measurements’ key generation rate are specified. Then, it is decided that there is a fundamental tradeoff between these two measurements. First, we investigate the case where a potential attacker has no side knowledge. For this situation, the privacy-security region which defines the tradeoff mentioned above is derived. In perfect privacy biometric security systems, common knowledge among random variables plays a significant role. The case where the adversary possesses side knowledge is then considered. In this scenario, the privacy-security tradeoff has inner and outside bounds. Client-server and locally installable apps, which are getting older, have lost a considerable amount of market share to web applications. It is now possible because of some special benefits that web applications provide. They can function just as well as locally installed software and are accessible through web browsers without the need for installation or upkeep. Due to the lack of resources required by enterprises to administer them locally, web applications have gained popularity more swiftly. Now that new technologies, standards, and APIs have been developed, it is possible to employ more information security safeguards. The following sections of this article go into greater detail about web apps, web-based biometrics, and the integration of biometric authentication in web applications.

Full Paper PDF

Please direct all official communications to [email protected] to ensure timely and efficient delivery of your message.