Non-Static Biometric Identification

chocolatehookSecurity

Nov 30, 2013 (3 years and 18 days ago)

87 views

Running Head: INNOVATION BRIEF

1

Non
-
Static

Biometric Identifi
cation

[
Device that Using Random Intensity Light Patterns Produces a Unique Image of the
Fingertip
]



Project Dates:

October 11, 2012


February 3
, 2013

Author of this Document:


Christopher Johnson

Olena Burnes

Team and
Roles:

Christopher Johnson
-

Project Manager, Programmer, Network Security Specialist


Introduction


Abstract


In the era of growing digital society cybercrimes threaten individual as well as organizational
information, assets, and identity. Instant

and

secure personal identification is crucially important
in controlling access to computer systems. Existing biometric identification systems increase the
security of computer systems. However, numerous inadequacies compromise the main purpose
of such device
s.
Existing Biometric Identifiers are static.


The main goal of this project is to create a device to capture a non
-
static biometric identifier for
the purpose of authentication. The innovative component of this project is the use of light
patterns at
varied intensity applied to fingertip in order to produce an image. The end result is a
non
-
static biometric identifier. Each pass through the scanner is random and the image created to
for comparison is dynamic. Traditional phys
iological biometrics use s
t
atic image

samples that
are compared to

a static template in order to
validate identity
. This makes them more susceptible
for spoofing. Spoof resistance is one of the key benefits to our non
-
static biometric identifier.

A
secondary method of authentication

utilizing sensory response is integrated in to the process in
order to create a two
-
factor authentication mechanism. This secondary innovative component
also provides proof of life.


Keywords

Biometric
s
, identifier,
automated biometric identification
system (ABIS), biometric data,
biometric algorithm, common biometric exchange file format (CBEFF), one
-
to
-
one, one
-
to
-
man
y
, verification,
software, hardware,
image recognition, network security, digital image,
computer, digital camera, facial features reco
gnition, fingerprints, iris
, retina
, static, non
-
static
.


Background Information
and Prior Art


Definition

INNOVATION BRIEF

2


2


The term “Biometrics” is derived from the two Greek words “Bio” that means “life” and
“metrics” that means (measure).
Technopedia

defines Biometrics as “a technological and
scientific authentication method based on biology and used in information assurance (IA).
Biometric identification authenticates secure entry, data or access via human biological
information such as DNA or finger
prints.”

Rajan (2011) describes Biometrics or Life Measurement as “the use of unique physical features
such as fingerprints, facial features, retina or iris to identify an individual. A concise definition of
biometrics is “the automatic recognition of a pe
rson using distinguishing traits.” A more
expansive definition of biometrics is “any automatically measurable, robust and distinctive
physical characteristic or personal trait that can be used to identify an individual or verify the
claimed identity of an

individual” (
Woodward at all, 2003).

The most important Biometrics’
application is security.


History


The history of Biometrics is traced to prehistoric times when cavemen signed their drawings with
their handprints. In Babylon, 2,000 years ago,
fingerprints were used for business transactions. In
China fingerprin
ts were used since XIV century.


The first finger print identification system was developed in XVIII century by Azizul Haque for
Edward Henry who at that
time

was Inspector General in India.

In his system Edward Henry
assigned numerical value to each individual finger, beginning with the right thumb and ending
with the left
pinky. Fingerprint records are grouped based upon pattern types such as “arch,”
“whorl,”

and “loop.” Henry’s

system had been
successfully
used by
law enforcement agencies
around the world.


In 1969 FBI contracted the National Institute of Standards and Technology to develop a system
to automate the process of fingerprint identification
(Woodward, 2003).


The first device for hand identification purpose was invented and patented by David Sidlauskas
in 1988.

Since that time, new technologies were developed and commercialized for
authentication purposes

providing secure access to computer network.


Biometrics Application


Biometrics by definition utilizes some unique biological
characteristics such as fingerprints, iris,
facial features, voice,

DNA, behavioral patterns, and or a
combination

of these features
. This
method is more
secure

than traditional password and PIN based methods that
can be stolen
or
cop
ied
.
However, some biometrics techniques can be spoofed using various methods. The most
secure biometrics techniques utilize a combinati
on of static biometric samples and a proof of life
test requiring the physical

presence of
an authorized

user

at the time of execution
.


INNOVATION BRIEF

3


3


Biometric
i
dentification devices are widely applied
in corporate, governmental, and military
settings. Such devices usually consist of a scanner or video camera as a biometric input, software
that translates biometric information into digital form and indexes it or compares it to the
existing information an
d a database of the stored biometric information.


Attributes and Features


A biometric system is essentially a pattern recognition system which makes a personal
identification by determining the authenticity of a specific physical or behavioral character
istic
possessed by the user. Biometric technologies are thus defined as the "automated methods of
identifying or authenticating the identity of a living person based on a physical or behavioral
characteristic" (Rutter, 2012).


The biometric system
connects an event to a single person, whereas other ID forms, such as a
personal identification number (PIN), may be used by anyone.


The Biometric Identifier has two modules


Database Preparation Module (DPM) and
Verification Module (VM). The DPM consist
s of two sub
-
modules


Enroll Module (EM) and
Training Module (TM). VM comprises two sub
-
modules


Matching Module (MM) and
Decision Module (DM). Each module will be modified and simplified (
Gompers, 2003)
.




Biometric Identifier













A biometric system includes the following components and
features:




A silicon sensor that reads data



A capacitance determines the pattern of ridges and valleys at any point during a cycle of
charging and discharging the capacitor array

Database Preparation
Module (DPM)


Verification Module (VM)

Biometric Identifier

Enroll
Module
(EM)

Training
Module
(TM)

Matching
Module
(MM)

Decision
Module
(DM
)

INNOVATION BRIEF

4


4




The data are scanned
and
via software convert
ed

into digital format
.



A map of

unique finger characteristics is created on the basis of minutia detection.



A biometric template
develops

signal processing algorithms.



Biometric templates are compared to the data storage that is encrypted for added security.



A decision process uses
matching event results and allows or denies access to the
computer system.


Biometric security device can be set up to either authenticate or identify a person using different
logic while matching input with the stored data.


Strengths and Weaknesses of
the Existing Biometric Identifiers


Strengths:


1.

The Biometric Identifiers meet most of the ASTM conceptual characteristics.

2.

The device has a potential to provide identification of a person with high accuracy rate.

3.

The Biometric tools are difficult to duplicate or steal.

4.

Application of Biometric Identifier increases overall security.

INNOVATION BRIEF

5


5


5.

A user is identified with the help of his/her own unique parameters.

6.

Non
-
repudiation of transactions confirmed by means of biometric i
dentification.

7.

Users cannot share access rights.

8.

It prevents of usage of stolen or lost identifiers.

9.

A devise optimizes administration.

10.

It r
educ
es

time required to access the protected resources
and excludes

mistakes while
typing passwords,
damage
or loss
of identifiers
.

11.

It i
ncrease
s

the overall sys
tem
administrator’s

productivity.

12.

Non
-
Static Biometric Identifier reduces

expenses

related to administration of the access
infrastructure
.

13.

The device is e
as
y

to use

-

no need to
memorize

type or change multiple passwords.

14.

It requires one
-
time enrollment.

15.

It provides q
uick authorization, user conv
enience and workflow efficiency.


Weaknesses:


1.

Identification of a person requires special equipment, computer software and expertise.

2.

Identification process is a time consuming and can affect the user’s performance.

3.

It requires special technology infrastructure and administration.

4.

Existing devices have a high cost of purchase
, adjustment

and maintenance.

5.

Existing systems require data tem
plates of many thousands of bytes, expensive storage
media and slowing process time.


Potential Challenges
:


1.

Insertion of the missing components and characteristics.

2.

Proximity and dynamics measurement.

3.

Potential threat of violation of an individual’s
privacy.

4.

Cost.

5.

Timelines.




INNOVATION BRIEF

6


6


Project Description and Innovation Claim


As Richards (2010) pointed out,
“Some of the most important factors necessary for any effective
biometric system are: accuracy, speed and throughput rate, acceptability to users,
uniqueness of
the biometric organ and action, resistance to counterfeiting, reliability, data storage requirements,
enrollment time, intrusiveness of data collection, and subject and system contact requirements
.



The attempt was made

to create a device to capture a non
-
static biometric identifier for the
purpose of authentication. The innovative component of this project is the use of light patterns at
varied intensity applied to

fingertip in order to produce a non
-
static sample
. The

end result is a
non
-
static biometric identifier. Each pass through the scanner is random and the image created to
for comparison is dynamic. Traditional physiological biometrics
compares

a static image to a
static template in order to compare for match. T
his makes them more susceptible for spoofing.
Spoof resistance is one of the key benefits to our non
-
static biometric identifier.

The integration
of the secondary innovation component of secure rolling codes communicated via the sense of
touch adds a proof

of life test and a second authentication mechanism.


In order t
o create the prototype
of Non
-
Static Biometric Identifier,
an Adruino

microprocessor
controller, high intensity LED lights, a TTL Jpeg camera board, an IR proximity sensor, a small
project box and a PC to receive and process image data

are used
. Each device must be coded in
order to function properly. For the purpose of thi
s sprint, we have attempted to achieve base
functionality in using the device to capture images to the PC. The LED light bed will be used to
produce the random intensity light patterns.
To provide automation, the IR Proximity sensor will
have a range value

in order to detect a finger being present in the scanner.
This will act as the
trigger for the device. Once triggered, Processing code on the PC side will send information
needed for producing light pa
tterns and the internal camera will capture the image
to the onboard
SD storage device. A total of five samples are captured each having a unique light pattern. At the
conclusion of the capture sequence, the Processing code executing on the PC will begin sending
the secure via the small vibration device embed
ded in the device. This will only occur if the
user’s finger has remained in the device. The rolling codes are one time use only and the IR
sensor must sense the finger for the duration of their validity and until the user enters the proper
code.



INNOVATION BRIEF

7


7



Here
are the circuit
s

for the actual prototype device.



Usage Scenario


1.

Finger is inserted into device.

2.

An LED matrix produces a random pattern of light on the finger at various intensities.

3.

The internal camera
capture
s

five
imag
es

and
stores them
.

4.

Images are

compared offline
.

5.

If image is a match, the rolling code is transmitted to the user
.

6.

The user enters the proper code and access is granted
.




Evaluation Criteria


Non
-
Static

Biometric Identifier will be evaluated using
the following

criteria.


INNOVATION BRIEF

8


8




Uniqueness

-

measured by the likely hood that an identical sample could exist in nature.
For example, 1 in 10,000 people born are identical twins, therefor; any identical shared
features would decrease the uniqueness of the identifier as a biometric sample (Sussman,
2010).



Permanence


a biometric trait must be sufficiently invariant over time
(Bartlow,

W
aymire & Zektser, 2009). For example, a biometric process that measured something
such as finger nail patterns would not be practical. Baseline images would need to
be
established on a weekly basis. This would not be easy to maintain or administrate.



Practical/Ease of Use
-

h
ow easy a process is to perform, has a large impact on its
implementation. If a procedure is lengthy or difficult, it may be counterproductive to

its
objectives.



Non
-
invasive
-

any biometric identification process must be non
-
invasive, safe and
utilizes biological features that do not make the individual uncomfortable. For example, it
would be questionable to use a biological characteristic such as

the circumference of an
individual’s waist as a method of identification. The biometric identifier should be
something that will be acceptable to any individual regardless of their appearance or
background.



Spoof Resistant
-

any biometric device or proces
s must with stand the scrutiny of
circumvention as a criterion for evaluation. Spoofing or emulating a biometric trait in
order to fool a device is just one way that a process might be circumvented.
Circumventing in essence refers to the ease with which a
trait of an individual can be
imitated. This may include but is not limited to fake fingers or voice pattern replicating
software (Bartlow, Waymire & Zektser, 2009).



Device Criteria
-

To be viable, a biometric device must needs to be cost effective. If a
system is too expensive it is less likely to be adopted by the industry or consumers.
Consumers also demand aesthetically pleasing form factors for these types of devices.
For example, if a biometric device was a large as a computer desk, it is unlikely to

become a popular method for home computer users. Users demand systems and devices
that are well documented, fool proof, safe, ergonomic, and provide status information
about the devices current state (Nielsen, 1995). For example, if you entered your
usern
ame and password into a system and it simply did not respond with any feedback, a
user would most likely become frustrated.




Project Logic Model


Goal


The main goal of this project is to
create a device to capture a non
-
static biometric identifier

based

on random light intensity images of the fingertip for verification and authentication
purpose.


Objectives

INNOVATION BRIEF

9


9



The following objectives reflect areas of the device
design

in the behavioral ground, in its
performance, in the process of image recognition, product’s appearance and its possible
application beyond network security settings. All objectives presented are measurable.




Behavioral.

To simplify user
-
device interactio
n by creating
new

software and a hardware
to eliminate several steps that existing devices require and design reliable and low
maintenance solutions to access the system.



Performance
. To increase security, accuracy and reliability of Biometric Identifier b
y
using random intensity light patters to produce
a unique image of the fingertip.



Process
. To design non
-
static biometric identifier that provides the access to the network
only during physical presence of a user.



Product
. To change the appearance of the

existing device by making it more aesthetic
and high tech.



Transference
. To expand the application of the product in the variety of settings.


Activities


In order to complete this project the following activities need to take place:

1.

Building a team of n
etwork security and programming students.

2.

Complete the research on
the
existing similar products.



Analyze the existing product and distinguish its shortcoming and
inadequacies.



Create a data base of devices that perform functions required for non
-
static
identification.


3.

Simplify authorized user’s access to the computer system:

o

Design a device to analyze and determine the user’s identity automatically.



Order the parts necessary to build a prototype such as hardware, the
camera sensors and LED lights, LCD Touch screen



Create a rough drawings of each circuit



Download the necessary libraries to make each circuit work



Assemble the I/O boards



Design a circ
uit using IR proximity to automatically sense the user and
activate the system.

4.

Satisfy a network security professionals by increasing the level of security and reliability
of the system’s access:

o

Design a device that uses an accurate method of identifyin
g the end user.



Design an LED light bed



Design a camera circuit

INNOVATION BRIEF

10


10




Create a circuit to integrate camera and LED light bed



Build these circuits and combine them into a working prototype



Code the functionality of the each circuit



Tie the functions together as a

working sketch.

5.

For CIO’ satisfaction, provide reliable and low maintenance solutions to access the
system:

o

Design a device using proven technologies in a simple configuration.



Design all the circuits in the most efficient and logical manner.


6.

For CFO
satisfaction, provide an affordable solution to access the system:

o

Design a device that could be cheaply produced on a large scale.



Use parts that are common place and inexpensive in the design.

7.

For CEO satisfaction, design a device with a strong network
security posture:

o

Design a device that can be proven and accepted by industry.



Debug device function and code



Beta test device



Present Prototype.

8.

Monitor the process of the device improvement and correct the mistakes.

9.

Create a prototype of the
Non
-
Static

Biometric Identifier.

10.

Make new aesthetically appealing design of the product.

11.

Run multiple tests and correct mistakes modifying the software

as well as hardware
.

12.

Present the Non
-
Static Biometric Identifier to a group of network security experts.


Description of Design Prototype

Prototype will utilize and Arduino Uno R3 microcontroller, a TTL camera sensor,

SD card
reader,
IR proximity sensor, LED matrix, a shift register
for the LED array and the LCD, small
motor, various diodes, resistors, and ca
pacitors
and a small project box to house the circuits with
an opening for finger insertion. Current prototype focuses on random patterns of light at various
intensities to produce a
non
-
static biometric identifier and code communication via the sense of
t
ouch.


Evaluation

The primary innovative component is functional to the degree that it performs the tasks
described. The secondary innovative component functions perfectly as designed. There have
been numerous test runs of both the device and the software
in tandem and separately. During
final testing all the basic functions worked during every procedure.


INNOVATION BRIEF

11


11


Project Completion Assessment

This project has been a success with room for refinement. Some of the components needed to
make the images more clear and accurate for comparison are simply
too

expensive for a student
project. For example a sensor capable of macros and a
custom

refraction

mechanism are a few of
the items lacking to bring the prototype full
circle
. Another
stumbling

block was the lack of
tooling available in my shop. The project is
sufficient

to prove that the primary innovation
concept is viable. I am quite pleased with th
e performance of the secondary innovation
component. Several test subjects tested the prototype and 100% of those participants were able to
receive the code correctly and enter it in order to gain access to the system. The entire
mechanical and electrical
function of the device and the software is a 100% complete.



INNOVATION BRIEF

12


12


Appendices












INNOVATION BRIEF

13


13


References


1.

ASTM International. Retrieved on October 18, 2012 from
http://www.astm.org/FAQ/whatisastm_answers.html


2.

Bartlow, N., Waymire, D., & Zektser, G. (2009, October 1).
Holistic evaluation of
multi
-
biometric systems
. Retrieved February 7, 2012, from NIST:
http://biometrics.nist.gov/cs_links/ibpc2010/pdfs/Bartlow2_Holistic_Evaluation_of_
Multibiometric_Systems_IBPC_2010_Paper.pdf

3.

Biometric History. Retrieved on October 31, 2012 from:
http://ww
w.biometrics.gov/Documents/BioHistory.pdf

4.

Biometrics
. (2002, June 5). Retrieved February 7, 2012, from ieee.org:
http://ewh.ieee.org/r10/bombay/news5/Biometrics.htm

5.

Gompers, J. (2003). Biometrics: The Basics. Retrieved on October 17, 2012 from:
http://securitysolutions.com/mag/security_biometrics_basics/


6.

Lerner, E. (2011). Biometric Identification. Retrieved on November 2, 2012 from:
http://www.aip.org/tip/INPHFA/vol
-
6/iss
-
1/p20.pdf

7.

Nielsen, J. (1995, January 1).
10 usability heuristics
. Retrieved February 7, 2012,
from http://www.nngroup.com/articles/ten
-
usability
-
heuristics/

8.

Phillips, J. P., Martin, A., Wilson, C
., & Przybocki, M. (2000, February 1).
An
introduction to evaluating biometric systems
. Retrieved February 7, 2012, from epic:
http://epic.org/privacy/surveillance/spotlight/1105/feret7.pdf

9.

Rajan, V. (2011). What Is Biometrics? Retrieved on October 18, 201
2 from:
http://www.cse.iitk.ac.in/users/biometrics/pages/what_is_biom_more.htm

INNOVATION BRIEF

14


14


10.

Richards, D. (2010). Biometric Identification. Retrieved on October17, 2012 from:
http://www.cccure.org/Documents/HISM/033
-
037.html#Heading3

11.

Rutter, J. (2012). Biometric Tools Used for Network Security. Retrieved on October
12, 2012 from:
http://www.ehow.com/list_6304215_biometric
-
tools
-
used
-
network
-
security.html#ixzz29I1cafsd


12.

Sidlauskas, D. United States Patent and Trademark Office. “Patent 4,736,203: 3D
h
and profile identification apparatus.” 5 April 1988.

13.

Sussman, A. (2010, October 7).
Methodology for evaluating multi
-
biometric systems
.
Retrieved February 7, 2012, from
http://www.slideshare.net/abelsussman/methodology
-
for
-
evaluating
-
multi
-
biometric
-
system
s

14.

Technopedia. Retrieved on October 31, 2012 from:
http://www.techopedia.com/definition/10239/biometrics

15.

Woodward, J., Horn, C., and Gatune
, J. (2003). Biometrics. Retrieved on October 12,
2012 from:
http://www.dtic.mil/cgi
-
bin/GetTRDoc?AD=ADA414520

16.

Woodward, J., Orlans, M., and Higgins, P. (2003). Biometrics. New York: McGraw
Hill.