1. OVERVIEW OF BIOMETRIC SYSTEMS

highpitchedteamSecurity

Nov 30, 2013 (4 years and 1 month ago)

98 views

Overview of Biometric Systems


4

1
.
OVERVIEW

OF

BIOMETRIC

SYSTEM
S


1
.1 Overview

This chapter presents an overview
of

Biometric Systems.
A Comparison of v
arious
b
iometrics

is given.

H
uman physiological and/or behavioral characteristic
s

that
can be
used as a biometric identifier to recogniz
e a person
are described
.

A
dvantages

of

a
pplications of Biometric Systems

are represented.



1
.2 Biometric Systems

Biometrics refer

to automatic recognition of an individual based on
his
/
her behavioral
and/or physiological characteristics
.
A
biometric syst
em
is essentially a pattern
recognition system that recognizes a person by determining the authenticity of a specific
physiological and/or behavioral characteristic possessed by that person. An important
issue in designing a practical biometric system is t
o determine how an individual is
recognized. Depending on the application context, a biometric system may be called
either a
verification
system or an
identification
system:

• A verification system authenticates a person’s identity by comparing the capture
d
biometric characteristic with

his/
her own biometric template(s) pre
-
stored in the system.
It conducts one
-
to
-
one comparison to determine whether the identity claimed by the
individual is true. A verification system either rejects or accepts the submitted

claim of
identity;

• An identification system recognizes an individual by searching the entire template
database for a match. It conducts one
-
to
-
many comparisons to establish the identity of
the individual. In an identification system, the system establis
hes a subject’s identity (or
fails if the subject is not enrolled in the system database) without the subject having to
claim an identity .


The term
authentication
is also frequently used in the biometric field, sometimes as a
synonym for verification; ac
tually, in the information technology language,
authenticating a user means to let the system know the user identity regardless of the
mode (verification or identification).

Overview of Biometric Systems


5

The block diagrams of a verification system and an identification system are
shown

in
Figure 1
.1; user enrollment, which is common to both tasks is also graphically
illustrated. The enrollment module is responsible for registering individuals in the
biometric system database (system DB). During the enrollment phase, the biometric
charac
teristic of an individual is first scanned by a biometric reader to produce a raw
digital representation of the characteristic. A quality check is generally performed to
ensure that the acquired sample can be reliably processed by successive stages. In ord
er
to facilitate matching, the raw digital representation is usually further processed by a
feature extractor to generate a compact but expressive representation, called a
template
.
Depending on the application, the template may be stored in the central da
tabase of the
biometric system or be recorded on a
magnetic card
or
smartcard
issued to the
individual. The verification task is responsible for verifying individuals at the point of
access. During the operation phase, the user’s name or PIN (Personal Iden
tification
Number) is entered through a keyboard (or a keypad); the biometric reader captures the
characteristic of the individual to be recognized and converts it to a digital format,
which is further processed by the feature extractor to produce a compac
t digital
representation. The resulting representation is fed to the feature matcher, which
compares it against the template of a single user (retrieved from the system DB based
on the user’s PIN). In the identification task, no PIN is provided and the sys
tem
compares the representation of the input biometric against the templates of all the users
in the system database; the output is either the identity of an enrolled user or an alert
message such as “user not identified”
.

Because identification in large d
atabases is
computationally expensive, classification and indexing techniques are often deployed to
limit the number of templates that have to be matched against the input.


Overview of Biometric Systems


6


Figure
1
.1
. Block diagrams of enrollment, verification, and identification tasks

[

3
]
.



Depending on the application domain, a biometric system could operate either as an
online
system or an
off
-
line
system. An on
-
line system requires the recognition to be
performed quickly and an immediate response is imposed (e.g., a computer netwo
rk
logon application). On the other hand, an off
-
line system usually does not require the
recognition to be performed immediately and a relatively long response delay is allowed
(e.g., an employee background check application). Typically, on
-
line systems a
re
fully
automatic
and require that the biometric characteristic be captured using a live
-
scan
scanner, the enrollment process be unattended, there be no (manual) quality control, and
the matching and decision be fully automatic. Offline systems, however,
are typically
Overview of Biometric Systems


7

semi
-
automatic
, where the biometric acquisition could be through an off
-
line scanner
(e.g, scanning a fingerprint image from a latent or inked fingerprint card), the
enrollment may be supervised (e.g., when a criminal is “booked,” a forensic
expert or a
police officer may guide the fingerprint acquisition process), a manual quality check
may be performed to ensure good quality acquisition, and the matcher may return a list
of candidates which are then manually examined by a forensic expert to
arrive at a final
(human) decision.


An application could operate either in a
positive
or a
negative
recognition mode

[
3

]
:

• In a positive recognition application, the system establishes whether the person is who
he
/she
claims to be. The purpose of a posi
tive recognition is to prevent multiple people
from using the same identity. For example, if only Alice is authorized to enter a certain
secure area, then the system will grant access only to Alice. If the system fails to match
the enrolled template of Ali
ce with the input, a rejection results; otherwise, an
acceptance results;

• In a negative recognition application, the system establishes whether the person is who
he
/she
denies being. The purpose of negative recognition is to prevent a single person
from
using multiple identities. For example, if Alice has already received welfare
benefits and now she claims that she is Becky and would like to receive the welfare
benefits of Becky (this is called “double dipping”), the system will establish that Becky
is n
ot who she claims to be. If the system fails to match the input biometric of Becky
with a database of people who have already received benefits, an acceptance results;
otherwise, a rejection results.


Note that although the traditional methods of user auth
entication such as passwords,
PINs, keys, and tokens may work for positive recognition,

while
negative recognition
can only be established through biometrics. Furthermore, positive recognition
application can operate both in verification or identification
mode, but negative
recognition applications cannot work in verification mode: in fact, the system has to
search the entire archive to prove that the given input is not already present.




Overview of Biometric Systems


8

1
.3 A Comparison of Various Biometrics

Any human physiological and/o
r behavioral characteristic can be used as a biometric
identifier to recognize a person as long as it satisfies
the following

requirements:



Universality
, which means that each person should have
a

biometric;


Distinctiveness
, which indicates that any
two persons should be sufficiently different
in terms of their biometric identifiers;


Permanence
, which means that the biometric should be sufficiently invariant (with
respect to the matching criterion) over a period of time;



Collectability
, which indi
cates that the biometric can be measured quantitatively.
However, in a practical biometric system, there are a number of other issues that should
be considered, including:


performance
, which refers to the achievable recognition accuracy, speed, robustnes
s,
the resource requirements to achieve the desired recognition accuracy and speed, as well
as operational or environmental factors that affect the recognition accuracy and speed;


Acceptability
, which indicates the extent to which people are willing to a
ccept a
particular biometric identifier in their daily lives;


Circumvention
, which reflects how easy it is to fool the system by fraudulent methods.


A practical biometric system should have acceptable recognition accuracy and speed
with reasonable resou
rce requirements, harmless to the users, accepted by the intended
population, and sufficiently robust to various fraudulent methods.


A number of biometric identifiers are in use in various applications (Figure
1
.2). Each
biometric has its strengths and we
aknesses and the choice typically depends on the
application. No single biometric is expected to effectively meet the requirements of all
the applications. The match between a biometric and an application is determined
depending upon the characteristics of

the application and the properties of the biometric.

Overview of Biometric Systems


9


Figure
1
.2
. Some
examples of
biometrics are shown: a) ear, b) face, c) facial
thermogram, d) hand thermogram, e) hand vein, f) hand geometry, g) f
ingerprint, h) iris,
i) retina,
j)

s
ignature, and k)

voice.


When choosing a biometric for an application the following issues have to be addressed

[4]
:


Does

the application need verification or identification? If an application requires an
identification of a subject from a large database, it needs a scal
able and relatively more
distinctive biometric (e.g., fingerprint, iris, or DNA).


What

are the operational modes of the application? For example, whether the
application is attended (semi
-
automatic) or unattended (fully automatic), whether the
users are
habituated (or willing to be habituated) to the given biometrics, whether the
application is covert or overt, whether subjects are cooperative or non
-
cooperative, and
so on.


What
is the storage requirement of the application? For example, an application
that
performs the recognition at a remote server may require a small template size.


How

stringent are the performance requirements? For example, an application that
demands very high accuracy needs a more distinctive biometric.


What

types of biometric
s are acceptable to the user? Different biometrics are
acceptable in applications deployed in different demographics depending on the
cultural, et
hical , and social, religious
. The acceptability of a biometric in an application
is often a compromise betwee
n the sensitivity of a community to various
Overview of Biometric Systems


10

perceptions/taboos and the value/convenience offered by biometrics
-

based recognition.
A brief introduction to the most comm
on biometrics is provided below:
[
4
]


DNA
:

DeoxyriboNucleic Acid (DNA) is the one
-
dimens
ional ultimate unique code for
one’s individuality, except for the fact that identical twins have identical DNA patterns.
It is, however, currently used mostly in the context of forensic applications for person
recognition. Several issues limit the utility

of this biometric for other applications:

i
) Contamination and sensitivity: it is easy to steal a piece of DNA from an unsuspecting
subject that can be subsequently abused for an ulterior purpose;

ii) Automatic real
-
time recognition issues: the present t
echnology for DNA matching
requires cumbersome chemical methods (wet processes) involving an expert’s skills and
is not geared for on
-
line non
-
invasive recognition;

iii) Privacy issues: information about susceptibilities of a person to certain diseases
co
uld be gained from the DNA pattern and there is a concern that the unintended abuse
of genetic code information may result in discrimination, for example, in hiring
practices.


Ear
: It is known that the shape of the ear and the structure of the cartilagin
ous tissue
of the pinna are distinctive. The features of an ear are not expected to be unique to an
individual. The ear recognition approaches are based on matching the distance of salient
points on the pinna from a landmark location on the ear.


Face
: Th
e face is one of the most acceptable biometrics because it is one of the most
common methods of recognition that humans use in their visual interactions. In
addition, the method of acquiring face images is nonintrusive. Facial disguise is of
concern in una
ttended recognition applications. It is very challenging to develop face
recognition techniques that can tolerate the effects of aging, facial expressions, slight
variations in the imaging environment, and variations in the pose of the face with
respect to

the camera (2D and 3D rotations).


Facial
, hand, and hand vein infrared thermograms
: The pattern of heat radiated by the
human body is a characteristic of each individual body and can be captured by an
infrared camera in an unobtrusive way much like a re
gular (visible spectrum)
photograph. The technology could be used for covert recognition and could distinguish
between identical twins. A related technology using near infrared imaging is used to
scan the back of a clenched fist to determine hand vein stru
cture. Infrared sensors are
prohibitively expensive which is a factor inhibiting widespread use of the thermograms.

Overview of Biometric Systems


11


Gait
: Gait is the peculiar way one walks and is a complex spatio
-
temporal biometric.
Gait is not supposed to be very distinctive, but is s
ufficiently characteristic to allow
verification in some low
-
security applications. Gait is a behavioral biometric and may
not stay invariant, especially over a large period of time, due to large fluctuations of
body weight, major shift in the body weight,

major injuries involving joints or brain, or
due to inebriety. Acquisition of gait is similar to acquiring facial pictures and hence it
may be an acceptable biometric. Because gait
-
based systems use videosequence footage
of a walking person to measure sev
eral different movements of each articulate joint, it is
computing and input intensive.


Hand and finger geometry
: Some features related to a human hand (e.g., length of
fingers) are re
latively invariant and peculiar
to an individual. The image acquisitio
n
system requires cooperation of the subject and captures frontal and side view images of
the palm flatly placed on a panel with outstretched fingers. The representational
requirements of the hand are very small (nine bytes in one of the commercially
avail
able products), which is an attractive feature for bandwidth
-

and memory
-
limited
systems. Due to its limited distinctiveness,

hand geometry
-
based systems are typically
used for verification and do not scale well for identification applications. Finger
geom
etry systems (which measure the geometry of only one or two fingers) may be
preferred because of their compact size.


Iris
:

Visual texture of the human iris is determined by the chaotic morphogenetic
processes during embryonic development and is posited t
o be distinctive for each
pers
on and each eye
. An iris image is typically captured using a non
-
contact imaging
process. Capturing an iris image involves cooperation from the user, both to register the
image of iris in the central imaging area and to ensure

that the iris is at a predetermined
distance from the focal plane of the camera. The iris recognition technology is believed
to be extremely accurate and fast.


Keystroke dynamics
:

It is hypothesized that each person types on a keyboard in a
characterist
ic way. This behavioral biometric is not expected to be unique to each
individual but it offers sufficient discriminatory information to permit identity
verification. Keystroke dynamics is a behavioral biometric; for some individuals, one
may expect to obs
erve large variations from typical typing patterns. The keystrokes of a
person using a system could be monitored unobtrusively as that person is keying in
information.

Overview of Biometric Systems


12


Odor
: It is known that each object exudes an odor that is characteristic of its chemic
al
composition and could be used for distinguishing various objects. A whiff of air
surrounding an object is blown over an array of chemical sensors, each sensitive to a
certain group of (aromatic) compounds. A component of the odor emitted by a human
(or
any animal) body is distinctive to a particular individual. It is not clear if the
invariance in the body odor could be detected despite deodorant smells and varying
chemical composition of the surrounding environment.


Retinal scan
: The retinal vasculatu
re is rich in structure and is supposed to be a
characteristic of each individual and each eye. It is claimed to be the most secure
biometric since it is not easy to change or replicate the retinal vasculature. The image
capture requires a person to peep i
nto an eyepiece and focus on a specific spot in the
visual field so that a predetermined part of the retinal vasculature may be imaged. The
image acquisition involves cooperation of the subject, entails contact with the eyepiece,
and requires a conscious e
ffort on the part of the user. All these factors adversely affect
public acceptability of retinal biometrics. Retinal vasculature can reveal some medical
conditions (e.g., hypertension), which is another factor standing in the way of public
acceptance of r
etinal scan
-
based biometrics.


Signature
: The way a person signs his name is known to be a characteristic of that
individual. Although signatures require contact and effort with the writing instrument,
they seem to be acceptable in many government, legal,

and commercial transactions as a
method of verification. Signatures are a behavioral biometric that change over a period
of time and are influenced by physical and emotional conditions of the signatories.
Signatures of some people vary a lot: even success
ive impressions of their signature are
significantly different. Furthermore, professional forgers can reproduce signatures to
fool the unskilled eye.


Voice
:

Voice capture is unobtrusive and voice print is an acceptable biometric in
almost all societies.
Voice may be the only feasible biometric in applications requiring
person recognition over a telephone. Voice is not expected to be sufficiently distinctive
to permit identification of an individual from a large database of identities. Moreover, a
voice si
gnal available for recognition is typically degraded in quality by the
microphone, communication channel, and digitizer characteristics. Voice is also
affected by a person’s health (e.g., cold), stress, emotions, and so on
.

Overview of Biometric Systems


13

These various biometric identifi
ers described above are compared in Table 1.1. Note
that fingerprint recognition has a very good balance of all the desirable properties.
Every human being possesses fingerprints with the exception of any hand
-
related
disabilities. Fingerprints are very di
stinctive, fingerprint details are permanent, even if
they may temporarily change slightly due to cuts and bruises on the skin or weather
conditions. Live
-
scan fingerprint sensors can easily capture high
-
quality images and



Table 1
.1. Comparison of biom
etric technologies
. The data are based on the
perception of the

authors. High, Medium, and Low are denoted by H, M, and L,
respectively.
[3
]


they do not suffer from the problem of segmentation of the fingerprint from the
background (e.g., unlike face recog
nition). However, they are not suitable for covert
applications (e.g., surveillance) as live
-
scan fingerprint scanners cannot capture a
fingerprint image from a distance without the knowledge of the person. The deployed
fingerprint
-
based biometric systems
offer good performance and fingerprint sensors
have become quite small and affordable. Because fingerprints have a long history of use
in forensic divisions worldwide for criminal investigations, they have a stigma of
criminality associated with them. Howe
ver, this is changing with the high demand of
automatic recognition to fight identity fraud in our electronically interconnected society.
Overview of Biometric Systems


14

With a marriage of fingerprint recognition, cryptographic techniques, and vitality
detection, fingerprint systems are
becoming quite difficult to circumvent . Fingerprint
recognition is one of the most mature biometric technologies and is suitable for a large
number of recognition applications.


1
.
4.

Advantages of Biometric Systems

The traditional technologies available t
o achieve a positive recognition include
knowledge
-
based methods (e.g., PINs and passwords) and token
-
based methods (e.g.,
keys and cards). Most people set their passwords based on words or digits that they can
easily remember, such as names and birthdays
of family members, favorite movie or
music stars, and dictionary words. Such passwords are easy to crack by guessing or by a
simple brute force dictionary attack. Although it is possible, and even advisable, to keep
different passwords for different applic
ations and change them frequently, most people
use the same password across different applications and never change them. If a single
password is compromised, it may result in a breach in security in many applications.
For example, a hacker may create a bo
gus web site that entices users with free air miles
if they were to register on the website with a login name and password. The hacker may
then try to use the same login name and password to attack the users’ corporate
accounts, and most likely succeed. Lo
nger passwords are more secure but harder to
remember which prompts some users to write them down in accessible locations (e.g.,
on a “Post
-
it” note) and hide it under the keyboard. Strong passwords are difficult to
remember and result in more Help Desk ca
lls for forgotten or expired passwords.
Cryptographic techniques such as encryption can provide very long passwords
(encryption keys) that are not required to be remembered but that are in turn protected
by simple passwords, thus defeating their purpose. F
urther, a hacker needs to break only
one password among all the employees to gain access to a company’s Intranet and thus,
a single weak password compromises the overall security of every system that the user
has access to. Thus, the security of the entire

system is only as good as the weakest
password. Finally, when a password is shared with a colleague, there is no way for the
system to know who the actual user is. Similarly, there are many problems with
possession
-
based personal recognition. For example,

keys and tokens can be shared,
duplicated, lost or stolen and an attacker may make a “master” key that may open many
locks. It is significantly more difficult to copy, share, and distribute biometrics with as
Overview of Biometric Systems


15

much ease as passwords and tokens. Biometrics
cannot be lost or forgotten and online
biometrics
-
based recognition systems require the person to be recognized to be present
at the point of recognition. It is difficult to forge biometrics and extremely unlikely for a
user to repudiate, for example, havi
ng accessed a computer network. Further, all the
users of the system have relatively equal security level and one account is no easier to
break than any other. Biometrics introduces incredible convenience for the users while
maintaining a sufficiently high

degree of security.


Let us now consider a brute force attack on a biometric system operating in a
verification mode in a commercial application. The chance of success of a brute force
attack depends on the matching accuracy of the biometric verification.

Let us assume
that a certain commercial biometric verification system wishes to operate at 0.001%

False Match Rate

FMR. At this setting, several biometric systems (e.g., the state
-
of
-
the
-
art fingerprint and iris recognition systems) can easily deliver les
s than 1%

False Non
-
Match Rate

(
FNMR
)

[3]. A
n

FMR of 0.001% indicates that if a hacker launches a brute
force attack with a large number of different fingerprints, 1 out of 100,000 attempts will
succeed on an average. This may be considered equivalent to t
he security offered by a
randomly chosen 5
-
digit PIN (although, a brute force attack against a 5
-
digit PIN is
guaranteed
to succeed in 100,000 attempts and requires only 50,000 attempts, on an
average). To attack a biometric
-
based system, one needs to gene
rate (or acquire) a large
number of samples of that biometric (e.g., fingerprints), which is much more difficult
than generating a large number of PINs/passwords. Finally, the FMR of a biometric
system can be arbitrarily reduced for higher security at the
cost of increased
inconvenience to the users that results from a higher FNMR. Note that a longer PIN or
password also increases the security while causing more inconvenience in remembering
and correctly typing them.

Certain commercial applications would li
ke to operate the biometric system in an
identification mode instead of the verification mode for the added convenience of not
requiring the users to claim an identity. Usually, speed is perceived as the biggest
problem in scaling up an identification appl
ication. However, the fact is that the
identification accuracy scales even worse than the speed. Consider an identification
application with 10,000 users. We can certainly find a combination of a fast fingerprint
matching algorithm and special purpose hard
ware capable of making an identification in
Overview of Biometric Systems


16

a few seconds. On the other hand, a matching algorithm with a verification FMR of
0.001% will have an identification FMR
N
of 10,000×0.001%=10%! This implies that an
impostor has a good chance of gaining access to

the system by simply using all of

the
ten fingers on

his/
her two hands. Therefore, while small to medium scale commercial
applications (e.g., a few hundred users) may still use single biometric identification, the
only obvious solution for building a high
ly accurate identification system for large scale
applications appears to be
multimodal biometric
systems. For example, a system may
combine face and fingerprint of a person or fingerprints from multiple fingers of a
person for recognition.


1
.5
.

Applicati
ons of Biometric Systems

The applications of biometrics can be divided into the following three main groups:


Commercial
applications such as computer network login, electronic data security,

e
-
commerce, Internet access, ATM, credit card, physical access

control, cellular phone,
medical records management, distance learning, etc.


Government

applications such as national ID card,correctional facility, driver’s
license, social security, welfare
-
disbursement, border control, passport control, etc.


Forens
ic
applications such as corpse identification, criminal investigation, terrorist
identification, parenthood determination, missing children, etc.


Traditionally, commercial applications have used knowledge
-
based systems (e.g., PINs
and passwords), governme
nt applications have used token
-
based systems (e.g., ID cards
and badges), and forensic applications have relied on human experts to match biometric
features. Biometric systems are being increasingly deployed in large scale civilian
applications.








Overview of Biometric Systems


17

1
.
6

Summary


Biometric
-
based systems have some limitations that may have adverse implications for
the security of a system. While some of the limitations of biometrics can be overcome
with the evolution of biometric technology and a careful system design, it

is important
to understand that
foolproof
personal recognition systems simply do not exist and
perhaps, never will. Security is a risk management strategy that identifies controls,
eliminates, or minimizes uncertain events that may adversely affect system

resources
and information assets. The security level of a system depends on the requirements
(threat model) of an application and the cost
-
benefit analysis. In our opinion, properly
implemented biometric systems are effective deterrents to perpetrators


A
s biometric technology matures, there will be an increasing interaction among the
market, technology, and the applications. This interaction will be influenced by the
added value of the technology, user acceptance, and the credibility of the service
provid
er. It is too early to predict where and how biometric technology would evolve
and get embedded in which applications. But it is certain that biometric
-
based
recognition will have a profound influence on the way we conduct our daily business
.