
# Zero Trust Multimodal Biometric Security System
## Final Project Report

**Author:** [Your Name/Team]
**Date:** December 2025

---

### 1. Project Overview
This project implements a state-of-the-art **Multimodal Biometric Security System** designed for high-security environments. Unlike traditional systems that rely on a single modality (like just a password or fingerprint), this system integrates three distinct biometric traits:
1.  **Face Recognition** (ResNet + BioHashing)
2.  **Fingerprint Recognition** (Siamese CNN + IoM Hashing)
3.  **Palm Verification** (Siamese CNN + IoM Hashing)

Furthermore, it employs a **Zero Trust Architecture**, meaning no user is trusted by default. Every access request is evaluated based on:
*   **Biometric Identity** (Who you are)
*   **Contextual Data** (Time of access, IP address trust score)

### 2. System Architecture
The system is built as a modern full-stack web application:

*   **Frontend**: React (Vite) with a "Glassmorphism" UI design, providing a seamless user experience.
*   **Backend**: FastAPI (Python) for high-performance asynchronous request handling.
*   **Database**: SQLite (SQLAlchemy) for relational data storage, using secure "Vault" columns for biometric templates.
*   **AI/ML Core**:
    *   **dlib/ResNet**: For face feature extraction.
    *   **MobileNetV2 (Siamese)**: For fingerprint and palm texture analysis.
*   **Security Layer**:
    *   **BioHashing**: Cancelable biometrics for faces.
    *   **IoM Hashing**: Index-of-Max hashing for fingerprints/palms.

### 3. Key Algorithms & Models

#### A. Face Recognition (ResNet-34)
We utilize a pre-trained **ResNet-34** model (provided by dlib) mapped to a 128-dimensional hypersphere. This model is robust to lighting and pose variations.
*   **Input**: Face Image
*   **Output**: 128D Float Vector

#### B. Cancelable Biometrics (BioHashing)
To protect user privacy, raw face embeddings are never stored. Instead, we use **BioHashing**:
1.  Generate a user-specific random **Token** (Seed).
2.  Generate a random **Projection Matrix** from this seed.
3.  Project the 128D feature vector into a new orthogonal space.
4.  Detailed quantization (Thresholding) produces a binary string.
*   **Benefit**: If a database is compromised, we just issue a new Token (revocability), unlike raw biometrics which cannot be changed.

#### C. Siamese Networks & Triplet Loss
For Fingerprint and Palm recognition, we fine-tuned a **Siamese Neural Network (MobileNetV2)** using **Triplet Loss**.
*   **Goal**: Ensure embeddings of the same finger are closer (Euclidean distance) than embeddings of different fingers.
*   **Triplet Loss**: `L = max(d(A,P) - d(A,N) + margin, 0)`

---




### 4. Implementation: Face Recognition Module

In this section, we will walk through the implementation of the Face Recognition pipeline, exactly as it is used in the backend.

**Steps:**
1.  **Face Detection**: Locating the face in the image using HOG (Histogram of Oriented Gradients).
2.  **Landmark Estimation**: Finding 68 key points (eyes, nose, jaw) to align the face.
3.  **Feature Extraction**: Running the aligned face through ResNet to get the 128D embedding.
4.  **BioHashing**: Securing the embedding.



In [None]:

# Step 1: Import Dependencies
import sys
import os
import cv2
import dlib
import numpy as np
import secrets

# Ensure backend paths are accessible
sys.path.append(os.getcwd())

print("[*] Libraries imported successfully.")




#### Step 2: Initialize Biometric Models
We load the dlib pre-trained models:
*   `shape_predictor_68_face_landmarks.dat`: For geometric alignment.
*   `dlib_face_recognition_resnet_model_v1.dat`: The deep learning model.



In [None]:

class BiometricDemo:
    def __init__(self):
        # Paths to models (adjust if necessary)
        self.shape_path = "shape_predictor_68_face_landmarks.dat"
        self.rec_path = "dlib_face_recognition_resnet_model_v1.dat"
        
        print(f"[*] Loading Shape Predictor: {self.shape_path}...")
        self.detector = dlib.get_frontal_face_detector()
        self.predictor = dlib.shape_predictor(self.shape_path)
        
        print(f"[*] Loading ResNet Model: {self.rec_path}...")
        self.face_rec = dlib.face_recognition_model_v1(self.rec_path)
        print("[+] Models Loaded.")

    def load_image(self, path):
        # Load using OpenCV and convert to RGB (dlib expects RGB)
        img = cv2.imread(path)
        if img is None:
            raise ValueError(f"Could not load image: {path}")
        return cv2.cvtColor(img, cv2.COLOR_BGR2RGB)

bs_demo = BiometricDemo()




#### Step 3: Feature Extraction Pipeline
The `extract_features` function performs the core logic:
1.  **Detect** faces in the image.
2.  **Align** the face using the 68 landmarks.
3.  **Compute** the 128D descriptor.



In [None]:

def extract_features(model, image):
    # 1. Detect Features
    dets = model.detector(image, 1)
    if len(dets) == 0:
        print("[-] No face detected.")
        return None
    
    print(f"[+] Detected {len(dets)} face(s). Processing the first one.")
    
    # 2. Get Landmarks & Align
    shape = model.predictor(image, dets[0])
    
    # 3. Compute Descriptor (ResNet)
    face_descriptor = model.face_rec.compute_face_descriptor(image, shape)
    
    # Convert dlib vector to numpy array
    return np.array(face_descriptor)

# Example Usage (Placeholder for demo)
# image = bs_demo.load_image("path/to/test.jpg")
# features = extract_features(bs_demo, image)
# print(f"Feature Vector Shape: {features.shape}")




#### Step 4: Security - BioHashing
Now we implement the **Cancelable Biometric** transformation.
We project the 128D vector onto a random orthogonal basis generated from a user-specific "seed token".



In [None]:

def generate_biohash(feature_vector, token_seed, hash_length=128):
    # Ensure reproducibility with the seed
    np.random.seed(token_seed)
    
    feature_len = len(feature_vector)
    
    # Generate random Projection Matrix (Random Orthonormal-ish)
    projection_matrix = np.random.randn(feature_len, hash_length)
    
    # Project: (1x128) dot (128x128) -> (1x128)
    projected = np.dot(feature_vector, projection_matrix)
    
    # Thresholding (Binarization)
    # If value > 0 -> 1, else 0
    biohash = (projected > 0).astype(int)
    
    return biohash

# Example:
# seed = 12345
# protected_template = generate_biohash(features, seed)
# print(f"BioHash: {protected_template}")




### 5. Conclusion
This implementation ensures that:
1.  **High Accuracy**: Leveraging ResNet-34.
2.  **Privacy**: Storing only the randomized BioHash.
3.  **Revocability**: If a hash is stolen, we simply rotate the `token_seed` and generate a new hash, effectively "changing" the user's biometric password.

End of Report.

