Privacy risks ensuing from cross-matching among databases: A case study for soft biometrics

In this digital era, it is a very common practice for individual users to submit their data in multiple databases. However, the existence of correlated information in between these databases is a major source of privacy risk for the database respondents. In our study, we investigate such situations regarding soft biometric databases. A majority of modern biometric recognition systems utilize soft biometric traits in concurrence with primary biometric features due to the multiple gains incurred in the overall performance of the systems. In our work, a theoretical model has been developed which captures the notion of the user's privacy in the case of a soft biometric database leakage. In a broader sense, our work proposes a framework which quantifies the privacy levels of individuals supposing some form of correlation based attack has been successfully executed by an adversary. The modeling process itself is based upon elements of information theory such as conditional entropy (equivocation) and mutual information.