Biometrics

paraderollΤεχνίτη Νοημοσύνη και Ρομποτική

17 Νοε 2013 (πριν από 3 χρόνια και 8 μήνες)

83 εμφανίσεις

Joshua Grieser


General Definition


Biometrics is the science and technology of
measuring and analyzing biological data


IT Definition


Refers to technologies and methods for uniquely
recognizing humans based upon at least one
physical or behavioral trait



Instead of using something you have (a key)
or something you know (a password),
biometrics uses
who you are
to identify you


Quantitative measurements of humans for the
purpose of identification dates back to 1870s


Measurement system of Alphonse Bertillon


System included skull diameter and arm and
foot length measurements


1920s: used to identify prisoners


1960s: digital signal processing techniques
lead to automating human identification


1970s: government using technologies for
fingerprint and hand geometry


Two categories of biometric identifiers


Anatomical


Behavioral


Different types of biometric systems


How it works


Enrollment process


Uses of biometric systems


Current


Future


Fingerprint


Face recognition


Iris recognition


Palm print


DNA


Voice patterns


Handwriting


Keystroke dynamics


Skin analysis


Vein patterns


Gait


Token


something a person possesses and
uses to assert a claim to identity


(Password, PIN)


Tokens no longer sufficient to authenticate
identity


Easy to counterfeit/steal


Cannot ensure positive identification of a person


Passwords forgotten and stolen


Biometric identifiers are linked to a person


More robust audit trail, documentation


Large number of civilian and government
applications


Physical access control


Welfare disbursement


International border crossing


National ID cards


Computer log
-
in


Safes


Home alarm systems


Seven factors used:


Universality


Uniqueness


Permanence


Measurability


Performance


Acceptability


Circumvention



Note: No single biometric will meet all
requirements of every possible application.


Universality


Means that every person using a system should
possess the trait.


Uniqueness


Means the trait should be sufficiently different for
each person using the system in order to
distinguish from one another.


Permanence


Relates to a trait varying over time. Trait with good
permanence will be more invariant over time, not
constantly changing.


Measurability (collectability)


Relates to the ease of measuring the trait. The data
form can be processed, features extracted.


Performance


Relates to accuracy, speed and robustness of the
technology used.


Acceptability


Relates to how well individuals in the population
accept the technology. They are willing to have that
biometric trait captured and assessed.


Circumvention


Relates to the how easy the trait is to imitate.


All systems boil down to the same three steps



Enrollment


Records information about you


Storage


Translates the info into a code or graph


Comparison


Compares traits to the template on file


All systems also use the same three
components



Sensor


Detects characteristic being used for identification


Computer


Reads and stores the information


Software


Performs actual comparison


In general, biometric system will scan trait
and process data by accessing a database.



Two modes


Verification mode


Identification mode



Biometric templates


Most biometric types are converted into
mathematical representations to compare against

Stored in
reader device,
central
repository, or
portable token

Some devices
have temporary
storage


System performs one
-
to
-
one comparison


Uses specific template stored in a database


Involves confirming or denying a person’s
claimed identity


Am I who I claim I am?


To determine which template to compare
against, one of the following is used:


Smart card


Username


ID number


System performs one
-
to
-
many comparison


More difficult


Attempts to recognize a person from a list of
users in the template database


Who am I?


Successfully identifies the human if the
sample collected matches template from the
database when compared


Comparison result has to fall into preset
threshold


Enrollment
-

first time an individual uses the
biometric system


During enrollment, biometric information
from individual is captured and stored in the
database


In subsequent uses, the sample is collected
and compared with the information stored at
the time of enrollment


Three Blocks


Interface between system and real world
(human)


Where the system acquires all necessary data


Actual interaction with sensors


Mainly image acquisition systems


Can be different depending on desired
characteristics


All pre
-
processing performed


Removes artifacts from sensors to enhance
input


Normalization


Example: removing background noise



Necessary, unique features are extracted to
create the template


Critical step, correct features have to be
extracted in the optimal way


Uses vector of numbers or an image with
particular properties to create template


Discards measurements not used in creation
of template


Reduce file size


Protect identity of enrollee


Encrypted using strong cryptographic
algorithms to secure and protect them from
disclosure


Protects biometric templates from being


Reconstructed


Decrypted


Reverse
-
engineered


Manipulated in other ways


Most templates are site specific


Data is converted into code, not real life
representation of person’s traits


When performing matching phase, template
is passed to matcher that compares it with
existing templates


Estimates distance between them using
comparing algorithm


(how different the two templates are)


Many different algorithms depending on
biometric type


Example: Hamming distance


If accepted, it is output for specified use like
entrance in a restricted area


“distance” between two strings of equal
length (how different they are)


Measures minimum number of substitutions
required to change one string into the other
string (number of errors)


Examples



t
o
n
e
d
µ?



r
o
s
e
s
µ? ??


10
1
1
1
01



10
0
1
0
01

= 2


2
17
3
8
96



2
23
3
7
96

= 3


Programmed in many different languages


Used for strings, integers, characters


Oldest biometric known


Were previously captured with ink on paper
and mailed/faxed


Entire process now done in near real time


Leading toward use in applications from
biometric passports to ATMs


Ridges and furrows used as reference points


60
-
70 points of reference in fingerprints


Face we are born with remains identifiable
throughout our lives


Curves and contours remain relatively stable


Requires large image capture device


Most suitable at fixed locations


Least intrusive, can be scanned from a
distance


Accuracy depends on lighting conditions


Each iris has different shapes and colors


As unique as a snowflake


Less intrusive, scanners don’t require bright
lights


Mathematical expression of iris is most
detailed of any biometric technology


Most accurate biometric


Considered one of the most secure



Approximately 250 distinctive characteristics
in an iris


All can be used as points of reference for
comparison


Odds of two people having the same pattern
are 1 in 7 billion


Comparing against database is quick and
high level of accuracy


Used in airports and other secure facilities


Most costly system



Size and shape of hands are unique to
individuals


Device scans 3
-
D geometry of hand and fingers


Creates mathematical picture which is compared
against a database


Readers are large, best suited for fixed point
access


Capture units withstand extreme workforce
conditions like temperature, weather


Can also verify individual’s hand even when it is
dirty


Password for voice is tone and timbre


Graph representation and compared against a
database


User has to teach the computer first by
speaking a number of phrases


Quick and efficient after the enrollment
process


Only ambient noise limits its application


Not just how you shape each letter


Analyzes act of writing


Examines pressure you use, speed and
rhythm with which you write


Records sequence in which you form letters


Add dots and crosses as you go or after you finish


Systems sensors can include touch
-
sensitive
writing surface or pen that contains sensors
and detects angle, pressure, and direction


Translates handwriting into a graph

Pressure

Speed

Acceleration

Angle


Aim to auto
-
update templates


Benefits:


No longer need to collect large number of biometric
samples during enrollment process


No longer necessary to re
-
enroll/retrain the system


Can significantly reduce the cost of maintaining a
biometric system


Issues:


Higher false acceptance


Threshold has to account for a changing template


Privacy and discrimination


Possible to use data from enrollment for ways in
which the user did not consent


Example: DNA recognition used to screen for
genetic diseases


Higher danger to owners


Thieves can get more desperate


Example: cut off a finger to get access to
fingerprint scanner


Cancelable biometrics


Unlike passwords, biometrics cannot be cancelled
or reissued to a person if compromised


Some people object to biometrics for cultural
or religious reasons


Possibility of companies selling biometric
data similar to email addresses/phone
numbers


Over reliance


not foolproof, can’t forget
about common sense security practices


Accessibility


some systems can’t be adapted
for all populations (elderly/disabled people)


Australia


Brazil


Canada


Germany


India


Iraq


Italy


United States


International sharing of biometric data


Countries, including US, are sharing biometric data
with other nations


Positive:


Could help combat terrorism by having access to other
countries’ data


Negative:


Easier for people in other countries to get access to
our data


Makes it easier to tamper with


Minority Report


Uses Iris scans for identification as well as POS
transactions


MythBusters


Attempted to break into commercial security door


Had fingerprint authentication


Successful with printed scan of fingerprint


Unsuccessful with gel fingerprint


Mission Impossible


Voice/iris recognition


Biometrics Vulnerability Assessment Service


Proprietary of Biometrics Institute


Customer submits their system for
independent testing


Conducted in an independent laboratory


Biometric devices are sent to have their
vulnerabilities investigated, assessed, and
reported


Helps make sure your system is secure and
work out any kinks


Central source of info on biometrics
-
related
activities of the federal government


Sister site
www.biometrics.org



Repository of public information and
opportunities for discussion


Developed to encourage collaboration and
sharing of info on biometric activities among:


Government departments and agencies


State, regional, and international organizations


General public


Biometrics Reference


General info about biometric technologies,
government programs and privacy planning


Presidential Directives


PD that touch on biometrics or federal biometric
activities


NSTC Subcommittee on Biometrics and
Identity Management Room


Info on the National Science & Technology Council’s
Subcommittee on Biometrics


Standards


Info on federal biometric standards policy


Hospitals using scan of veins in your hand to
identify patients


Easy access to medical records


Eliminates paper records


Germany, supermarkets use fingerprint
biometrics to identify consumer account
information and make payments


Possible use in the US


Combine heat sensors to fingerprint, hand
scanners


Confirm an actual hand is interacting


Mobile Automated Fingerprint ID System


Comparisons made immediately over mobile networks


US border control


Digital photo of both index fingers for non residents


Combat terrorism and monitor residence permits


Digital face/fingerprint images on passports


Increase security/reduce processing time at borders


Enable access to secure/sensitive areas like
energy supply facilities or nuclear power stations


Opportunities for digital citizen cards


e
-
government, e
-
banking, e
-
business


Layered systems


Combines a biometric method with a keycard or PIN



Multimodal systems


Combines multiple biometric methods
simultaneously to confirm identification


Example: iris scanner and a voiceprint system



3
-
D palm print systems replace 2
-
D


Much higher anti
-
counterfeit capability


Being tested at Hong Kong Polytechnic
University’s Biometrics Research Center


Uses laser scanning to construct 3
-
D shape
of tongue


Collected in about 2
-
3 seconds


Continually increasing revenues


More companies switching to biometric
security systems


Annual revenues expect $11 billion by 2017


Compound Annual


Growth Rate

http://www.youtube.com/watch?v=zH
RiWz8D8C0&list=PLA3DB8B404806A6
DD&index=4&feature=plpp_video

http://www.youtube.com/watch?v=AT
owdPuQGNY&feature=BFa&list=PLA3D
B8B404806A6DD&lf=plpp_video