1 / 10

Balancing Throughput and Security Risk in a Border Management System

Balancing Throughput and Security Risk in a Border Management System. Bojan Cukic Lane Department of CSEE West Virginia University Dagstuhl Seminar 10431. UML Model with performance annotations. Performance Model. Risk Model. Application’s Performance/risk feedback. Framework.

uta
Download Presentation

Balancing Throughput and Security Risk in a Border Management System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Balancing Throughput and Security Risk in a Border Management System Bojan Cukic Lane Department of CSEE West Virginia University Dagstuhl Seminar 10431

  2. UML Model with performance annotations Performance Model Risk Model Application’s Performance/risk feedback Framework

  3. Traveler Queues Inspection Stations (w/ biometric ) Public Key Directory Secondary Inspection / Detainment Watch Lists / Identity DB Border Access Legend =Required Signal =Optional Signal = Movement =Optional Movement Risk in Border Management Modality, vulnerability, exceptions, throughput? Acceptance,modality, quality? Local, distributed, or central? Modality, quality, scalability, update, access ? False Non - Match Rate, Inconvenience acceptance? Risk function False Match Rate

  4. Risk Model Parameters • Which biometric modality /algorithm meets security requirements? • Impostor arrival rate varies • One in thousand passengers (10-3) • One in hundred thousand passengers (10-5) • One in ten million passengers (10-7) • Misclassification cost ratioμ=C(+|-):C(-|+) • It is 100 times more costly to miss an impostor (10-2) • 10,000 times more costly to miss an impostor (10-4) • 1,000,000 times more costly to miss an impostor (10-6) • 100,000,000 times more costly to miss an impostor (10-8)

  5. Modeling Approach • System architecture is nontrivial • Static and dynamic architectural aspects using UML. • Quantitative performance models using LQN. • Risk analysis • Border security systems rely on identity verification. • Validity of traveler’s biometric information. • Checks through watch lists. • Cost Curve modeling.

  6. Face Recognition Classification 2006 Face Recognition Vendor Test (FRVT)

  7. P(+)=0.01 P(-)=0.99 P(+)=0.0001 P(-)=0.9999 1E-4 P(+)=0.001 P(-)=0.999 Face recognition cost curves 1E-1 1E-2 1E-3

  8. Feasibility Analysis: In feasible implementations, FMR is NOT ACCEPTABLE!

  9. Performance considerations • Top performance drivers • A: Fingerprint capture • B: Face capture • C:Inspection Data • D:Review Documents • E:ReviewDocuments Secondary Inspection A:20 sec B:8 sec C: 3 sec D: 13 sec E:450sec A:10 sec B:3 sec C: 2 sec D: 16 sec E:450sec Total waiting time:15.4 min Performance options under the same riskfactors, one arrival rate… Low Cost, Low Benefit High Cost, Low Benefit A:11 sec B:3 sec C: 2 sec D: 10 sec E:430sec Low Cost, High Benefit High Cost, High Benefit

  10. Summary • Framework to integrate an analytical performance model with a security risk model. . • Minimize the risk of identity management errors, while maintaining acceptable passenger throughput. • Currently • Developing and evaluating adaptation control options. • Evaluating the impact of biometric fusion algorithms. • Challenges • Contexts: • Unseen arrival distributions (A380!). • Requirements: • Proactive risk management (country of origin - based) • Can workload impact security risk? • Justification and explanation of operational configurations. • Are human operators subject to adaptation suggestions?

More Related