Biometric Authentication in


23 Φεβ 2014 (πριν από 7 χρόνια και 6 μήνες)

215 εμφανίσεις

Biometric Authentication in
Infrastructure Security

By: John Armington, Purdy Ho, Paul Koznek
and Richard Martinez

G. Davida, Y. Frankel and O. Rees (Eds.):
InfraSec 2002, LNCS 2437, pp. 1
18, 2002.

Copyright: Springer
Verlag Berlin Heidelberg

Presented by: Ana Stilinovich

Article Summary

The article introduces us to different
techniques of biometric authentication,
their strengths and weaknesses, as well as
legal and cultural issues that arise from
using these biometric techniques for
security measures.

NB: Definition for Biometrics as given by Dr. Jim Wayman is “The automatic
identification or identity verification of living, human individuals based on
behavioral or physiological characteristics”.

Appreciative Comments

The article gives a good introduction to
four biometric techniques; how they work
and what their advantages and flaws are.

The article in general is easy to follow, as
the layout of the article follows the same

Critical Comment

The article is too general. It talks about
the market for biometrics and standards,
but fails to talk about the infrastructure
security and just mentions other biometric
authentication techniques by name.

What is Infrastructure Security

Infrastructure security is a way of organizing
physical infrastructure, applications,
administration and procedures to support
information security, where infrastructure
stands for ‘the underlying system’.

Biometric techniques

Speaker Verification







Face Recognition


Viisage uses Eigenface


Visionics uses Local Feature Analysis

Biometric techniques continued…

Finger Scan


images reduced to minutia points


fingerprint patterns based on DNA

Iris Scan


patterns of iris tissue reduced to minutia points


patterns not based on DNA


The author does not mention anything about the
infrastructure security, but gives a fairly detailed
analysis of the four biometric techniques.

How comfortable would you feel of an
organization obtaining your biometric
information with your permission and storing it
for the future use, when you do not know the
security measures implemented in that system?