230 likes | 604 Views
Biometrics. Big Tymers. Andy Angel Bill. Learning Objectives. At the end of this presentation, you will learn: What is Biometrics Why We Need Biometrics Why Use Biometrics The Various Types Advantages and Disadvantages Common Usages Costs Cultural and Social Issues. Exercise.
E N D
Biometrics Big Tymers Andy Angel Bill
Learning Objectives • At the end of this presentation, you will learn: • What is Biometrics • Why We Need Biometrics • Why Use Biometrics • The Various Types • Advantages and Disadvantages • Common Usages • Costs • Cultural and Social Issues
Exercise • What is the difference between identification and authentication?
Basic Terms • Identification • Person is identified by interacting with the system • Matched against all the templates • Authentication • Use the user id and password • Biometric to prove you are the person in charge of that user id and password • Authorization • Governance of granting rights and permissions to an individual • Enrollment • The process of incorporating users into the system • The user provides samples into the system • Registered template
What is Biometrics? • Measurable • Quantifiable in different technologies • Identifiable • Physiological • Iris, fingerprint • Behavioral • Speech, walking pattern • Authenticate the identity • Ensure that you are who you say you are
Why We Need Biometrics • Security breaches • Transaction fraud [The Biometric Consortium] • Where the need exists • Federal, state and local governments, military, commercial applications, enterprise-wide network security infrastructures, government IDs, secure electronic banking, investing and other financial transactions, retail sales, law enforcement, and health and social services • A large percentage of the public are unwilling to engage in e-commerce or conduct other network transactions • Reinforced by cases of loss of personal privacy, fraudulent funds transfers, and outright theft and abuse of identity in network transactions [The Biometrics Foundation]
Why Use Biometrics? • Old types • Token Cards • Lost • Stolen • Duplicated • Forgotten • Passwords • Forgotten • Shared • Observed • Broken • Biometrics • Who you are and what you are • Not easily lost or stolen
Identification, Authentication and Authorization • Security systems often combine all three for user access to insure better protection • Identification • What is your name? Jane Doe • Authentication • What is your password? 125XY7 • Authorization • Session enabled. You have read access Jane Doe
Types of Biometrics • Eye Recognition • Voice Recognition • Finger/Palm Recognition • Face Recognition
Eye Recognition • Iris - a digital picture of the unique muscle patterns of the colored part of the eye • Retina – a digital picture of the blood vessel patterns of the eye • Access to government files • Advantages • Physical price is decreasing • Works well with id and authentication • Difficult to duplicate • Disadvantages • Intrusive • Long term camera effects not known although believed harmless
Voice Recognition • Voice • Recognizes the voice of the person to identify that person • Advantages • Uses individual’s acoustic patterns into programmed templates • Individual not required to touch or be scanned • Disadvantage • Ambient noise can interfere with reception
Finger/Palm Recognition • Minutiae • Location, Direction and Orientation • Correlation • Image comparison based on ridges • Ridge • Pattern landmark features • Texture analysis • Advantages • Unique to each finger • Easily obtained • One touch scanner access • Most commercially acceptable • Disadvantages • Easily compromised • 2% of population prints are not easily discernable
Face Recognition • Identifying someone by facial image through digital camera or infrared heat emissions • Nodal points (80) • Distance • Width • Depth • Shape • Length • Advantages • Can scan huge crowds • Non-intrusive • Very hard to duplicate • Disadvantages • Challenging with certain lighting schemes • Sometimes need individual stationary to identify
Worldwide Popularity - Survey Ponemon Institute and Unisys Corporation
Common Usages • Light biometrics like height, weight, and body surface for building access • Fingerprint scanning for entry into a laboratory • Instant access to laptops and electronic devices • Face recognition for terrorism threats • Palm recognition for criminal investigations
Multimodal Benefits • Single-mode biometric solutions • Limited and Vulnerable to id theft • Multimodal biometrics • Like fingerprints plus a password increase security and effectiveness
Costs • Sensible Vision face recognition $99 user +cam • Biometric Solution palm/finger recognition software/scanner $1K • Grover Industries voice recognition $99 per user • Panasonic Authenticam iris recognition $239
Cultural and Social Issues • Physiologically unable to use a biometric technique • Afraid of effects of a device • Iris recognition • Laser • Some cultures are uncomfortable with photographs of individuals
References • Bar-El, Hagai. (n.d.). When To Use Biometrics. Retrieved March 25, 2007 from http://www.infosecwriters.com/text_resources/pdf/When_To_Use_Biometrics.pdf • National Information Assurance Partnership, US Government Biometric Verification Mode Protection Profile for Medium Robustness Environments , v1.0, 15 November 2003, Sponsored by the DoD Biometrics Management Office (BMO) and the National Security Agency (NSA) http://www.biometrics.dod.mil/bio101/2.aspx • The Biometric Consortium (n.d.). Introduction to Biometrics. Retrieved March 6, 2007 from http://www.biometrics.org/intro.htm • The Biometric Foundation (n.d.). Why Biometrics. Retrieved March 25, 2007 from http://www.biometricfoundation.org/why_biometrics.html • National Science and Technology Council (NSTC) Committee on Technology, Committee on Homeland and National Security, Subcommittee on Biometrics. September 7, 2006. www.biometrics.gov. • Snelick, Indovina, Yen, Mink. Multimodial Biometrics: Issues in Design and Testing. National Institute of Standards and Technology. • Schneire, Bruce. Sensible Authentication excerpt from book “Beyond Fear: Thinking Sensibly about Security in an Uncertain World. 2003. http://www/scheier.com. • Ailisto, Lindholm, Makela, Vildjiounaite. Unobtrusive User Identification with Light Biometrics. VTT Electronics Conference October 23-27, 2004 Tampere Finland. ACM Library. • Sukhai, Nataliya. Access Control & Biometrics. InfoSecCD Conference ’04, Kennesaw, GA. October 8, 2004. • Consumers Worldwide Overwhelmingly Support Biometrics for Identity Verification Says Unisys Study. Research Study. www.unisys.com. April 25, 2006. • Jain, Anil K. and Ross, Arun. Multibiometric Systems. January 2004. Vol. 47, No 1. p. 34 - 40. ACM Library.
References, continued • Markowitz, Judith A. Voice Biometrics. September 2000. Vol. 43, No 9. p. 66 - 73. ACM Library. • Bhargav-Spantzel, Squicciarini, Bertino. Privacy Preserving Multi-Factor Authentication with Biometrics. November 3 2006. p. 63 -71. ACM Library. • US-Visit Update. Biometrics Helping to Identify and Apprehend Immigration Violators in the Mona Passage. Homeland Security. March 8, 2007. • Hong, Lin andJain, Anil K. Book Biometrics: Personal Identification in Networked Society. • Turle, Marcus. Reed Business Information UK. Biometric Technologies are Set to Play a Big Role in Commercial Security. Computer Weekly. p 2. Feb 20, 2007. • Jain, Hong, Pankanti. Biometric Identification. Feb 2000. Vol. 43, No.2. ACM Library. • Kosciuk, Patrick. Biometrics:possible safe haven or lost cause? Computers and Society. Volume 35, Issue 1 March 2005. Page 1. ACM Library 2005. • Chandra, Akhilesh and Calderon, Thomas. Diffusion of Biometrics in Information Systems. Dec. 2005 Vol. 48, No 12. ACM Library. • Bonsor, K.. How Facial Recognition Systems Work. Retrieved on June 18, 2006. http://computer.howstuffworks.com/facial-recognition.htm • National Science and Technology Council (NSTC) Committee on Technology, Committee on Homeland and National Security, Subcommittee on Biometrics. April 5, 2007. http://www.biometricscatalog.org/NSTCSubcommittee/Documents/Palm%20Print%20Recognition.pdf • Speech Analysis Tool http://www.phon.ucl.ac.uk/resource/sfs/wasp.htm