The Role and Status of Biometrics in eID

spotlessstareΑσφάλεια

29 Νοε 2013 (πριν από 3 χρόνια και 10 μήνες)

53 εμφανίσεις

The Role and Status of
Biometrics in eID
© Raul Sanchez-Reillo
University Carlos III de Madrid
GUTI (University Group of Smart Cards)
Contents
•Introduction to Biometrics
•The Role of Biometrics in eID
•The Current Status of Biometrics
•Steps Forward
Introduction to Biometrics
•They way we understand “Biometrics”
–Science devoted to identify persons by
automatic means, taking as input biological
and/or behavoural characteristics of a human
being
•Performing a task that the human brain does quite
simply and in fractions of a second
Introduction to Biometrics
•Two major kind of Biometric systems
–Recognition Systems:
•Identifying a person among the whole group of users enroled
in the system
•It must be an on-line system
•Typical applications: forensics
–Authentication Systems:
•Verifying the identity that a user claims to have
–Answering the question Are you who you say you are?
•It can be off-line
•Typical applications: access control, all kind of applications
where cards or keys are used.
Introduction to Biometrics
•Phases and Functional Blocks of a Biometric
System:
Introduction to Biometrics
•Techniques and Methods
–Many different techniques
•Fingerprint, Iris, Voice, Hand Geometry, Face,
Signature, etc.
–Each biometric technique may have several
methods
•Depending on the features extracted
•Depending on the mathematical approach
•They usually are incompatible among them
–No one, at this moment, can say a certain
technique is much better than others
Introduction to Biometrics
•Parameters for the Evaluation of a Biometric
Solution:
–Universality
–Unicity
–Stability
–Easiness in capturing biometric data
–Fraud robustness
–Cost
–User reaction
–Identification Performance (% error, FAR, FRR, etc.)
The Role of Biometrics
•Biometrics can play two major roles:
–Identifying a user in non-presential services
•i.e. when no-one else can perform such task
–Helping a security agent in the identification process
•to lower errors due to fatigue or environment changes
•Two targets can be addressed:
–Security
–Comfort
•increasin comfort to users, can lead to a better use of the
system, and therefore eliminate some security holes
The Role of Biometrics
•In current eID systems, Biometrics can be used
to:
–eliminate the security hole of PINs and passwords:
•They can be copied, forgotten, repeated, etc.
–adding some legal framework in the card-holder
authentication process
•Under study at this moment in some countries
–allowing a great amount of users, the access to eID
services
•Many potential users do not enter the system because they
do not remember PINs or passwords, or because they do
not trust the system
The Role of Biometrics
•Biometrics in eID through the eEpoch
approach:
–Substitute / complement the card-holder
authentication mechanism
–When this authentication is correctly verified,
then access to PKI certificates is given
–Also (currently under study), including some
biometric data in certificates
Current Status of Biometrics
•At this time, Biometrics is a NON-MATURE
technology
•Many challenges are still under research
–Performance
–Capture Devices and Fraud Detection
–Security
–User reactions
•But Biometrics can be used currently in eID
systems
–Under tight follow-up
–Without considering that it is the solution for
everything
Current Status of Biometrics
•About the Security Challenges:
Steps Forward
•Efforts should be done in two different
lines:
–Starting Pilot Projects
•To really test the technology
•To analyse the reactions of the users
•To study the best way to disseminate
–R+D Projects to Overcome the Challenges
•Some European and National projects are running
currently
•Some are focussed in one challenges, others are
global
Steps Forward
•BioSec Project:
–FP6 European Project with 23 partners
–Global study of most of the challenges
•WP1: Biometric Techniques (VTT)
•WP2: ID-Tokens (GUTI –UC3M)
•WP3: Protocols (TID)
•WP4: Scenarios (MIFIN)
•WP5: Testability (UBOL)
•WP6: Usability (UCOL)
•WP7: Disemination and Standards (ETRA)
–http://www.biosec.org/
–1st BioSec Public Workshop in Barcelona
(SPAIN), June 28th, 2004
•1 day tutorial on Biometrics and all isses
related