Biometric sensors rapid prototyping on field-programmable gate arrays VINCENZO CONTI 1 , CARMELO MILITELLO 2 , FILIPPO SORBELLO 3 and SALVATORE VITABILE 4 1 Facoltá di Ingegneria, e Architettura, Università degli Studi di Enna KORE, viale delle Olimpiadi, 94100, Enna, Italy; e-mail: vincenzo.conti@unikore.it; 2 Istituto di Bioimmagini e Fisiologia Molecolare – Consiglio Nazionale delle Ricerche (IBFM-CNR), UOS Cefalu’, C.da Pietrapollastra-Pisciotto – 90015 Cefalu’ (PA), Italy; e-mail: carmelo.militello@ibfm.cnr.it; 3 Dipartimento di Ingegneria Chimica, Gestionale, Informatica, Meccanica, Universita’ degli Studi di Palermo, 90128 Palermo, Italy; e-mail: filippo.sorbello@unipa.it; 4 Dipartimento di Biopatalogia e Biotecnologie Mediche e Forensi, Universita’ degli Studi di Palermo, via del Vespro, 90127 Palermo, Italy; e-mail: salvatore.vitabile@unipa.it Abstract Biometric user authentication in large-scale distributed systems involves passive scanners and networked workstations and databases for user data acquisition, processing, and encryption. Unfortunately, traditional biometric authentication systems are prone to several attacks, such as Replay Attacks, Communication Attacks, and Database Attacks. Embedded biometric sensors overcome security limits of conventional software recognition systems, hiding its common attack points. The availability of mature reconfigur- able hardware technology, such as field-programmable gate arrays, allows the developers to design and prototype the whole embedded biometric sensors. In this work, two strong and invasive biometric traits, such as fingerprint and iris, have been considered, analyzed, and combined in unimodal and multimodal biometric sensors. Biometric sensor performance has been evaluated using the well-known FVC2002, CASIA, and BATH databases. 1 Introduction Large-scale distributed systems enable the sharing and aggregation of geographically distributed resources by different organizations with distinct owners, administrators, and policies. In that context, it is arguably required to investigate novel methods and techniques to enable secure systems, data, and resources access (Oey et al., 2010). Large-scale distributed systems use several distributed access points for users authentication. Traditional access points are composed of passive scanners, networked workstations, and databases for user data acquisition, processing, and encryption. Authentication systems run on trusted servers to match acquired information against the corresponding stored templates. However, authentication procedures, based on the simple username–password pair, are insufficient to provide a suitable security level for those applications requiring high data and services protection. Biometric-based authentication systems represent a valid alternative to conventional approaches. Biometric authentication systems, using invasive physiological characteristics, have become popular, mostly for their high capabilities of discrimination (selectivity) to prevent unauthorized access to systems, data, and resources. On the other hand, the immutability of these features makes extremely strong and robust authentication systems design possible. However, biometry can be a severe weakness: if biometric data The Knowledge Engineering Review, Vol. 30:2, 201–219. © Cambridge University Press, 2015 doi:10.1017/S0269888914000307