160 likes | 383 Views
BioSec: Biometrics and Security in the 6th Framework Programme Porvoo Group 7 th meeting Reykjavik, Iceland. BioSec Biometrics & Security. Orestes Sanchez BioSec Coordinator Telefónica I+D, S.A.U. Biometrics: Open issues. Biometrics is a key technology for improving security and trust
E N D
BioSec: Biometrics and Security in the 6th Framework Programme Porvoo Group 7th meetingReykjavik, Iceland BioSec Biometrics & Security Orestes Sanchez BioSec Coordinator Telefónica I+D, S.A.U.
Biometrics: Open issues • Biometrics is a key technology for • improving security and trust • Privacy enhancing • Ambient intelligence Space • Open Issues: • Unsatisfactory level of performance for some biometrics • Lacking reliability and security of sensor technology • Inapplicability of unimodal biometric systems on very large databases • Performance evaluation of biometric systems changes from method to method • Knowledge production is not coordinated • Research/market fragmentation as a result of missing coordinated actions. • Lack of interoperable and reliable biometric data storage • Establishing standards in biometric systems in all system components • Reluctance of users to accept biometry as a trustable, reliable technology • Biometric systems are lacking user point of view, both in ergonomics and in usability • Legal issues concerning the protection of user privacy and rights on biometric data
BioSec • BioSec: Biometrics and Security • FP6 IST Integrated Project IST-2002-001766: • Towards a global dependability and security framework • Starting activities 1st December, 2003 for two years. • Security in BioSec means improvements in the following areas: • Usability and acceptance security perception • Designing for Trust and Confidence • Robustness and Performance • Physical and logical security • Law fulfilment • Multidisciplinary approach across the elements of the biometric authentication chain: • devices, systems and scenarios implementation
BioSec Objectives • Enable new technology development in basic biometric technologies to leverage security, across biometric authentication chain • Put the technology to work and to meet requirements of real world applications • Contribute to definition and adoption of standard and interoperable solutions in biometrics and ID Tokens. • Develop effective solutions for secure biometric template storage and match-on-tokens • Two selected scenarios: • physical Access • remote access • Performance, usability and acceptability evaluation with sound and scientific procedures. • Collection of Multiple-biometrics database
k Biometri a BioSec Consortium • Project Coordinator is Telefonica I+D • Industrial partners: • Siemens AG, Germany (SIEMENS) • Atmel Grenoble, S.A., France (ATMEL) • Finnair Oy, Finland (FINNAIR) • Giesecke and Devrient GmbH, Germany (GandD) • VCON Telecommunications Ltd., Israel (VCON) • Companies • Biometrika SRL, Italy (BIOK) • Etra I+D, S.A, Spain (ETRA) • Ibermatica, S.A. Spain (IBERMATICA) • MediaScore GmbH, Germany • Expertnet A.E., Greece (EXPERTNET) • Naukowa i Akademicka Sieć Komputerowa, Poland (NASK)
BioLab University of Bologna BioSec Consortium II • Government Bodies • Sisäasiainministeriö, Ministry of the Interior Finland (MIFIN) • Research Centres • Valtion Teknillinen Tutkimuskeskus, Finland (VTT) • Centre for Research and Technology Hellas, Greece (ITI-CERTH) • Academic centres • Tampereen Yliopisto (University of Tampere), Finland (UTA) • Alma Mater Studiorum – Universita Di Bologna, Italy (UNIBO) • Univ Carlos III de Madrid, Spain (UC3M) • Univ Politecnica de Madrid, Spain (UPM) • Univ Politecnica de Catalunya, Spain (UPC) • Universität zu Köln, Germany (UCOL) • Aristotle University Of Thessaloniki, Greece (AUTH) • Katholieke Universiteit Leuven, Belgium (KULRD) University of Cologne Department of Psychology
First year Review Scenarios and applications BioSec Technology BioSec interfaces BioSec Results BioSec technology Prototypes with BioSec technology BioSec Workflow Scenarios and applications Biometric technologies Specs Current Technology BioSec interfaces State-of-the-art technology First Prototypes
BioSec Interoperability Framework • Interoperability framework • Vertical and horizontal integration • Three components: • Sensor API • Capture • Low-level • BioAPI compliant: Lighter and object-oriented • Token API • APDU formats • Security Mechanisms: Confidentiality, Authenticity and Integrity • Services offered by the card and the terminal • Biometric Match-on-Token • Java Classes Specification for Terminal Programming • Biometric API • Integrated approach to matching • Logic and Biometric algorithms Application and services Protocols and network security BioSec API BioSec sensor API BioSec Token API Sensor X Sensor Y Token B Token A
Template storage and match-on-token • Leverage the use of secure personal biometric storage and providing solutions to overcome the need of centralized biometric databases • Put biometrics under user control. • Enabling privacy preserving scenarios • Develop Biometric ID Tokens: Smart Cards and USB-Tokens • Interoperable Token Application Program Interface. • Explore the integration of biometric template data formats • Robust and secure template storage and transmission in and out • Integrate Matching Algorithms on the Token • Strong liaison with eEPOCH (FP5-IST) partners
Personal storage for biometric data • Main Target: • Develop new means to personal ID Token • able to perform Biometric Authentication • Increase the use of personal ID Tokens among European Society • ID Tokens Requirements: • Secure storage, communication and processing • Comfortable for the user • Suitable for different environments • Interoperable • Technologies under study • JavaCards • Tokens: USB – or suitable to be adapted to other interfaces. • New Microelectronic Designs for future smart cards
Biometric ID TokensCarried-on activities • Definition of the storage format for Biometric Templates • Current standardization specifications: ISO SC37 drafts • Development of an API for Biometric ID Tokens • 1st version of specifications available at BioSec web site. • Development of Match-on-Token Solutions • Currently with Iris Biometrics on JavaCard, and Fingerprint on native code • By the end of Q1 2005, prototypes with USB-Tokens and Match-on-Token • USB Token Development Platform and Microelectronic Development Platform completed
Acceptance and Usability First phase studies on acceptance and usability of biometric technology • Cross cultural study (Finland, Spain, Germany) • Crucial result: German participants are better acquainted with biometric security systems than Finnish and Spanish participants, also they express less concerns with regard to centralised data storage • Field study (Vantaan Airport) • Crucial result: Usability and acceptance of the fingerprint system was high, perceived drawbacks are slowness and low reliability during first trial • Laboratory study (Mediascore Lab Cologne) • Crucial result: participants´ acceptance increases after first usage, a number of variables (gender, age, expertise) mediate the evaluation of biometrics
Current status • Sucessfull first year. • Technical achievements: • Specification of interoperability framework: sensors and storage. • First prototypes: • aliveness detection in fingerprint, • 3D recognition, • Voice noise models, • Iris recognition. • Match-on-Token • Multiple-biometrics database acquisition tools. • Two scenario setups: • Network access with remote authentication. • Physical access: Helsinki airport. • First results on usability and acceptance
Steps for 2nd year • Proof of concept of BioSec technologies • Evolve prototypes of sensors and biometric storage. • Comparative study with first stage results: • Usability and acceptance • Interoperability: final version of BioSec API. • Performance evaluation. • Improve tools for multiple-biometrics algorithms research • Physical access: • Interoperation of components and systems in real usage situation • Remote access: • Biometric authentication in new applications and security vulnerabilities • Standardisation
User-centred issues: Education. Legal framework. Identify acceptance barriers. Cross-European studies. Technical: Fusion of multimodal biometrics. Aliveness detection. Robustness. Storage. Certification: Evaluation of performance. Interoperability. Security. Applications: verification of identity in new areas: e-Government, e-Health, e-Everything. Scenarios for AmI Space Networked applications Every-day applications: private identification Biometric in electronic signature Biometric encryption ROI and cost estimation Challenges ahead
Further contacts • Coordinator • Orestes Sanchez • Telefónica I+D, S.A.U. • E-mail: biosec-coord@biosec.org • BioSec 3rd workshop: • 16th and 17th June, Helsinki, Finland • Website: www.biosec.org • Biometrics Standard Observatory • BioSec Office: biosec-office@biosec.org • BioSec Interest Group • Public results of the project • BioSec Newsletters