{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,30]],"date-time":"2025-05-30T05:40:01Z","timestamp":1748583601791,"version":"3.41.0"},"publisher-location":"Cham","reference-count":35,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319233178"},{"type":"electronic","value":"9783319233185"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-23318-5_27","type":"book-chapter","created":{"date-parts":[[2015,8,26]],"date-time":"2015-08-26T17:50:33Z","timestamp":1440611433000},"page":"493-510","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Reasoning about Privacy Properties of Biometric Systems Architectures in the Presence of Information Leakage"],"prefix":"10.1007","author":[{"given":"Julien","family":"Bringer","sequence":"first","affiliation":[]},{"given":"Herv\u00e9","family":"Chabanne","sequence":"additional","affiliation":[]},{"given":"Daniel","family":"Le M\u00e9tayer","sequence":"additional","affiliation":[]},{"given":"Roch","family":"Lescuyer","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2015,8,27]]},"reference":[{"key":"27_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"17","DOI":"10.1007\/978-3-319-11851-2_2","volume-title":"Security and Trust Management","author":"T Antignac","year":"2014","unstructured":"Antignac, T., Le M\u00e9tayer, D.: Privacy architectures: reasoning about data minimisation and integrity. In: Mauw, S., Jensen, C.D. (eds.) STM 2014. LNCS, vol. 8743, pp. 17\u201332. Springer, Heidelberg (2014)"},{"key":"27_CR2","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"crossref","first-page":"60","DOI":"10.1007\/978-3-319-18491-3_5","volume-title":"Trust Management IX","author":"T Antignac","year":"2015","unstructured":"Antignac, T., Le M\u00e9tayer, D.: Trust driven strategies for privacy by design. In: Damsgaard Jensen, C., Marsh, S., Dimitrakos, T., Murayama, Y. (eds.) IFIPTM 2015. IFIP AICT, vol. 454, pp. 60\u201375. Springer, Heidelberg (2015)"},{"key":"27_CR3","doi-asserted-by":"crossref","unstructured":"Barth, A., Datta, A., Mitchell, J.C., Nissenbaum, H.: Privacy and contextual integrity: framework and applications. In: IEEE Symposium on Security and Privacy, S&P 2006, pp. 184\u2013198. IEEE Computer Society (2006)","DOI":"10.1109\/SP.2006.32"},{"key":"27_CR4","unstructured":"Becker, M.Y., Alexander, M., Laurent, B.: S4P: A generic language for specifying privacy preferences and policies. Technical report, Microsoft Research\/IMDEA Software\/EMIC (2010)"},{"key":"27_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"178","DOI":"10.1007\/978-3-642-04391-8_23","volume-title":"Biometric ID Management and Multimodal Communication","author":"J Bringer","year":"2009","unstructured":"Bringer, J., Chabanne, H., Kevenaar, T.A.M., Kindarji, B.: Extending match-on-card to local biometric identification. In: Fierrez, J., Ortega-Garcia, J., Esposito, A., Drygajlo, A., Faundez-Zanuy, M. (eds.) BioID MultiComm2009. LNCS, vol. 5707, pp. 178\u2013186. Springer, Heidelberg (2009)"},{"key":"27_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"90","DOI":"10.1007\/978-3-319-19249-9_7","volume-title":"FM 2015: Formal Methods","author":"J Bringer","year":"2015","unstructured":"Bringer, J., Chabanne, H., Le M\u00e9tayer, D., Lescuyer, R.: Privacy by design in practice: reasoning about privacy properties of biometric system architectures. In: Bj\u00f8rner, N., de Boer, F. (eds.) FM 2015. LNCS, vol. 9109, pp. 90\u2013107. Springer, Heidelberg (2015)"},{"key":"27_CR7","doi-asserted-by":"crossref","unstructured":"Bringer, J., Chabanne, H., Simoens, K.: Blackbox security of biometrics (invited paper). In: Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIH-MSP 2010, pp. 337\u2013340. IEEE Computer Society (2010)","DOI":"10.1109\/IIHMSP.2010.89"},{"key":"27_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"289","DOI":"10.1007\/978-3-642-12980-3_18","volume-title":"Towards Trustworthy Elections","author":"S Delaune","year":"2010","unstructured":"Delaune, S., Kremer, S., Ryan, M.: Verifying privacy-type properties of electronic voting protocols: a taster. In: Chaum, D., Jakobsson, M., Rivest, R.L., Ryan, P.Y.A., Benaloh, J., Kutylowski, M., Adida, B. (eds.) Towards Trustworthy Elections. LNCS, vol. 6000, pp. 289\u2013309. Springer, Heidelberg (2010)"},{"key":"27_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"523","DOI":"10.1007\/978-3-540-24676-3_31","volume-title":"Advances in Cryptology - EUROCRYPT 2004","author":"Y Dodis","year":"2004","unstructured":"Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523\u2013540. Springer, Heidelberg (2004)"},{"key":"27_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/11787006_1","volume-title":"Automata, Languages and Programming","author":"C Dwork","year":"2006","unstructured":"Dwork, C.: Differential privacy. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol. 4052, pp. 1\u201312. Springer, Heidelberg (2006)"},{"key":"27_CR11","unstructured":"European Parliament. European parliament legislative resolution of 12 March 2014 on the proposal for a regulation of the European parliament and of the council on the protection of individuals with regard to the processing of personal data and on the free movement of such data. General data protection regulation, ordinary legislative procedure: first reading (2014)"},{"key":"27_CR12","doi-asserted-by":"crossref","DOI":"10.7551\/mitpress\/5803.001.0001","volume-title":"Reasoning about Knowledge","author":"R Fagin","year":"2004","unstructured":"Fagin, R., Halpern, J., Moses, Y., Vardi, M.: Reasoning about Knowledge. MIT Press, Cambridge (2004)"},{"key":"27_CR13","unstructured":"Fournet, C., Kohlweiss, M., Danezis, G., Luo, Z.: ZQL: a compiler for privacy-preserving data processing. In: USENIX 2013 Security Symposium, pp. 163\u2013178. USENIX Association (2013)"},{"key":"27_CR14","doi-asserted-by":"crossref","unstructured":"Govan, M., Buggy, T.: A computationally efficient fingerprint matching algorithm for implementation on smartcards. In: Biometrics: Theory, Applications, and Systems, BTAS 2007, pp. 1\u20136. IEEE Computer Society (2007)","DOI":"10.1109\/BTAS.2007.4401959"},{"key":"27_CR15","unstructured":"G\u00fcrses, S., Troncoso, C., D\u00edaz, C.: Engineering privacy by design. In: Privacy and Data Protection Conference, Presented at the Computers (2011)"},{"key":"27_CR16","doi-asserted-by":"crossref","unstructured":"Halpern, J.Y., Pucella, R.: Dealing with logical omniscience. In: Conference on Theoretical Aspects of Rationality and Knowledge, TARK 2007, pp. 169\u2013176 (2007)","DOI":"10.1145\/1324249.1324273"},{"issue":"2","key":"27_CR17","doi-asserted-by":"publisher","first-page":"237","DOI":"10.1007\/s10623-005-6343-z","volume":"38","author":"A Juels","year":"2006","unstructured":"Juels, A., Sudan, M.: A fuzzy vault scheme. Des. Codes Crypt. 38(2), 237\u2013257 (2006)","journal-title":"Des. Codes Crypt."},{"key":"27_CR18","doi-asserted-by":"crossref","unstructured":"Juels, A., Wattenberg, M.: A fuzzy commitment scheme. In: ACM Conference on Computer and Communications Security, CCS 1999, pp. 28\u201336. ACM Press (1999)","DOI":"10.1145\/319709.319714"},{"issue":"1","key":"27_CR19","doi-asserted-by":"publisher","first-page":"123","DOI":"10.1002\/sec.626","volume":"7","author":"A Kanak","year":"2014","unstructured":"Kanak, A., Sogukpinar, I.: BioPSTM: a formal model for privacy, security, and trust in template-protecting biometric authentication. Secur. Commun. Netw. 7(1), 123\u2013138 (2014)","journal-title":"Secur. Commun. Netw."},{"key":"27_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1007\/978-3-642-54069-1_3","volume-title":"Privacy Technologies and Policy","author":"F Kerschbaum","year":"2014","unstructured":"Kerschbaum, F.: Privacy-preserving computation. In: Preneel, B., Ikonomou, D. (eds.) APF 2012. LNCS, vol. 8319, pp. 41\u201354. Springer, Heidelberg (2014)"},{"issue":"1","key":"27_CR21","doi-asserted-by":"publisher","first-page":"122","DOI":"10.1109\/TIFS.2010.2098872","volume":"6","author":"L Lai","year":"2011","unstructured":"Lai, L., Ho, S.-W., Vincent Poor, H.: Privacy-security trade-offs in biometric security systems - part I: single use case. IEEE Trans. Inf. Forensics Secur. 6(1), 122\u2013139 (2011)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"issue":"1","key":"27_CR22","doi-asserted-by":"publisher","first-page":"140","DOI":"10.1109\/TIFS.2010.2098873","volume":"6","author":"L Li","year":"2011","unstructured":"Li, L., Ho, S.-W., Vincent Poor, H.: Privacy-security trade-offs in biometric security systems - part II: multiple use case. IEEE Trans. Inf. Forensics Secur. 6(1), 140\u2013151 (2011)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"27_CR23","doi-asserted-by":"crossref","unstructured":"Li, H., Pang, L.: A novel biometric-based authentication scheme with privacy protection. In: Conference on Information Assurance and Security, IAS 2009, pp. 295\u2013298. IEEE Computer Society (2009)","DOI":"10.1109\/IAS.2009.304"},{"key":"27_CR24","doi-asserted-by":"crossref","unstructured":"Maffei, M., Pecina, K., Reinert, M.: Security and privacy by declarative design. In: IEEE Symposium on Computer Security Foundations, CSF 2013, pp. 81\u201396. IEEE Computer Society (2013)","DOI":"10.1109\/CSF.2013.13"},{"key":"27_CR25","doi-asserted-by":"crossref","unstructured":"McSherry, F.: Privacy integrated queries: an extensible platform for privacy-preserving data analysis. In: ACM Conference on Management of Data, SIGMOD 2009, pp. 19\u201330. ACM Press (2009)","DOI":"10.1145\/1559845.1559850"},{"key":"27_CR26","doi-asserted-by":"crossref","unstructured":"Le M\u00e9tayer, D.: Privacy by design: a formal framework for the analysis of architectural choices. In: ACM Conference on Data and Application Security and Privacy, CODASPY 2013, pp. 95\u2013104. ACM Press (2013)","DOI":"10.1145\/2435349.2435361"},{"key":"27_CR27","first-page":"989","volume":"14","author":"DK Mulligan","year":"2012","unstructured":"Mulligan, D.K., King, J.: Bridging the gap between privacy and design. Univ. Pennsylvania J. Const. Law 14, 989\u20131034 (2012)","journal-title":"Univ. Pennsylvania J. Const. Law"},{"key":"27_CR28","unstructured":"National Institute of Standards and Technology (NIST). MINEXII - an assessment of match-on-card technology (2011). http:\/\/www.nist.gov\/itl\/iad\/ig\/minexii.cfm"},{"key":"27_CR29","unstructured":"International Standard Organization. International standard ISO\/IEC 24787:2010, information technology - identification cards - on-card biometric comparison (2010)"},{"key":"27_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"265","DOI":"10.1007\/978-3-319-13039-2_16","volume-title":"Progress in Cryptology \u2013 INDOCRYPT 2014","author":"E Pagnin","year":"2014","unstructured":"Pagnin, E., Dimitrakakis, C., Abidin, A., Mitrokotsa, A.: On the leakage of information in biometric authentication. In: Meier, W., Mukhopadhyay, D. (eds.) INDOCRYPT 2014. Lecture Notes in Computer Science, vol. 8885, pp. 265\u2013280. Springer, LNCS (2014)"},{"issue":"2","key":"27_CR31","doi-asserted-by":"publisher","first-page":"287","DOI":"10.1093\/logcom\/exi078","volume":"16","author":"R Pucella","year":"2006","unstructured":"Pucella, R.: Deductive algorithmic knowledge. J. Log. Comput. 16(2), 287\u2013309 (2006)","journal-title":"J. Log. Comput."},{"issue":"2","key":"27_CR32","doi-asserted-by":"publisher","first-page":"833","DOI":"10.1109\/TIFS.2012.2184092","volume":"7","author":"K Simoens","year":"2012","unstructured":"Simoens, K., Bringer, J., Chabanne, H., Seys, S.: A framework for analyzing template security and privacy in biometric authentication systems. IEEE Trans. Inf. Forensics Secur. 7(2), 833\u2013841 (2012)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"issue":"1","key":"27_CR33","doi-asserted-by":"publisher","first-page":"67","DOI":"10.1109\/TSE.2008.88","volume":"35","author":"S Spiekermann","year":"2009","unstructured":"Spiekermann, S., Faith Cranor, L.: Engineering privacy. IEEE Trans. Softw. Eng. 35(1), 67\u201382 (2009)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"27_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"56","DOI":"10.1007\/978-3-540-79104-1_5","volume-title":"Information Security Practice and Experience","author":"Q Tang","year":"2008","unstructured":"Tang, Q., Bringer, J., Chabanne, H., Pointcheval, D.: A formal study of the privacy concerns in biometric-based remote authentication schemes. In: Chen, L., Mu, Y., Susilo, W. (eds.) ISPEC 2008. LNCS, vol. 4991, pp. 56\u201370. Springer, Heidelberg (2008)"},{"key":"27_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"310","DOI":"10.1007\/11527923_32","volume-title":"Audio- and Video-Based Biometric Person Authentication","author":"U Uludag","year":"2005","unstructured":"Uludag, U., Pankanti, S., Jain, A.K.: Fuzzy vault for fingerprints. In: Kanade, T., Jain, A., Ratha, N.K. (eds.) AVBPA 2005. LNCS, vol. 3546, pp. 310\u2013319. Springer, Heidelberg (2005)"}],"container-title":["Lecture Notes in Computer Science","Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-23318-5_27","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,30]],"date-time":"2025-05-30T04:59:16Z","timestamp":1748581156000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-23318-5_27"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319233178","9783319233185"],"references-count":35,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-23318-5_27","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2015]]},"assertion":[{"value":"27 August 2015","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}