Running Head: INNOVATION BRIEF
1
Non-Static Biometric Identification
[Device that Using Random Intensity Light Patterns Produces a Unique Image of the
Fingertip]
Project Dates: October 11, 2012 – February 3, 2013
Author of this Document: Christopher Johnson
Olena Burnes
Team and Roles:
Christopher Johnson - Project Manager, Programmer, Network Security Specialist
Introduction
Abstract
In the era of growing digital society cybercrimes threaten individual as well as organizational
information, assets, and identity. Instant and secure personal identification is crucially important
in controlling access to computer systems. Existing biometric identification systems increase the
security of computer systems. However, numerous inadequacies compromise the main purpose
of such devices. Existing Biometric Identifiers are static.
The main goal of this project is to create a device to capture a non-static biometric identifier for
the purpose of authentication. The innovative component of this project is the use of light
patterns at varied intensity applied to fingertip in order to produce an image. The end result is a
non-static biometric identifier. Each pass through the scanner is random and the image created to
for comparison is dynamic. Traditional physiological biometrics use static image samples that
are compared to a static template in order to validate identity. This makes them more susceptible
for spoofing. Spoof resistance is one of the key benefits to our non-static biometric identifier. A
secondary method of authentication utilizing sensory response is integrated in to the process in
order to create a two-factor authentication mechanism. This secondary innovative component
also provides proof of life.
Keywords
Biometrics, identifier, automated biometric identification system (ABIS), biometric data,
biometric algorithm, common biometric exchange file format (CBEFF), one-to-one, one-tomany, verification, software, hardware, image recognition, network security, digital image,
computer, digital camera, facial features recognition, fingerprints, iris, retina, static, non-static.
Background Information and Prior Art
Definition
INNOVATION BRIEF
2
The term “Biometrics” is derived from the two Greek words “Bio” that means “life” and
“metrics” that means (measure). Technopedia defines Biometrics as “a technological and
scientific authentication method based on biology and used in information assurance (IA).
Biometric identification authenticates secure entry, data or access via human biological
information such as DNA or fingerprints.”
Rajan (2011) describes Biometrics or Life Measurement as “the use of unique physical features
such as fingerprints, facial features, retina or iris to identify an individual. A concise definition of
biometrics is “the automatic recognition of a person using distinguishing traits.” A more
expansive definition of biometrics is “any automatically measurable, robust and distinctive
physical characteristic or personal trait that can be used to identify an individual or verify the
claimed identity of an individual” (Woodward at all, 2003). The most important Biometrics’
application is security.
History
The history of Biometrics is traced to prehistoric times when cavemen signed their drawings with
their handprints. In Babylon, 2,000 years ago, fingerprints were used for business transactions. In
China fingerprints were used since XIV century.
The first finger print identification system was developed in XVIII century by Azizul Haque for
Edward Henry who at that time was Inspector General in India. In his system Edward Henry
assigned numerical value to each individual finger, beginning with the right thumb and ending
with the left pinky. Fingerprint records are grouped based upon pattern types such as “arch,”
“whorl,” and “loop.” Henry’s system had been successfully used by law enforcement agencies
around the world.
In 1969 FBI contracted the National Institute of Standards and Technology to develop a system
to automate the process of fingerprint identification (Woodward, 2003).
The first device for hand identification purpose was invented and patented by David Sidlauskas
in 1988. Since that time, new technologies were developed and commercialized for
authentication purposes providing secure access to computer network.
Biometrics Application
Biometrics by definition utilizes some unique biological characteristics such as fingerprints, iris,
facial features, voice, DNA, behavioral patterns, and or a combination of these features. This
method is more secure than traditional password and PIN based methods that can be stolen or
copied. However, some biometrics techniques can be spoofed using various methods. The most
secure biometrics techniques utilize a combination of static biometric samples and a proof of life
test requiring the physical presence of an authorized user at the time of execution.
2
INNOVATION BRIEF
3
Biometric identification devices are widely applied in corporate, governmental, and military
settings. Such devices usually consist of a scanner or video camera as a biometric input, software
that translates biometric information into digital form and indexes it or compares it to the
existing information and a database of the stored biometric information.
Attributes and Features
A biometric system is essentially a pattern recognition system which makes a personal
identification by determining the authenticity of a specific physical or behavioral characteristic
possessed by the user. Biometric technologies are thus defined as the "automated methods of
identifying or authenticating the identity of a living person based on a physical or behavioral
characteristic" (Rutter, 2012).
The biometric system connects an event to a single person, whereas other ID forms, such as a
personal identification number (PIN), may be used by anyone.
The Biometric Identifier has two modules – Database Preparation Module (DPM) and
Verification Module (VM). The DPM consists of two sub-modules – Enroll Module (EM) and
Training Module (TM). VM comprises two sub-modules – Matching Module (MM) and
Decision Module (DM). Each module will be modified and simplified (Gompers, 2003).
BiometricIdentifier
Identifier
Biometric
Database Preparation
Module (DPM)
Enroll
Module
(EM)
Verification Module (VM)
Matching
Module
(MM)
Training
Module
(TM)
Decision
Module
(DM)
A biometric system includes the following components and features:


A silicon sensor that reads data
A capacitance determines the pattern of ridges and valleys at any point during a cycle of
charging and discharging the capacitor array
3
INNOVATION BRIEF





4
The data are scanned and via software converted into digital format.
A map of unique finger characteristics is created on the basis of minutia detection.
A biometric template develops signal processing algorithms.
Biometric templates are compared to the data storage that is encrypted for added security.
A decision process uses matching event results and allows or denies access to the
computer system.
Biometric security device can be set up to either authenticate or identify a person using different
logic while matching input with the stored data.
Strengths and Weaknesses of the Existing Biometric Identifiers
Strengths:
1.
2.
3.
4.
The Biometric Identifiers meet most of the ASTM conceptual characteristics.
The device has a potential to provide identification of a person with high accuracy rate.
The Biometric tools are difficult to duplicate or steal.
Application of Biometric Identifier increases overall security.
4
INNOVATION BRIEF
5
5. A user is identified with the help of his/her own unique parameters.
6. Non-repudiation of transactions confirmed by means of biometric identification.
7. Users cannot share access rights.
8. It prevents of usage of stolen or lost identifiers.
9. A devise optimizes administration.
10. It reduces time required to access the protected resources and excludes mistakes while
typing passwords, damage or loss of identifiers.
11. It increases the overall system administrator’s productivity.
12. Non-Static Biometric Identifier reduces expenses related to administration of the access
infrastructure.
13. The device is easy to use - no need to memorize type or change multiple passwords.
14. It requires one-time enrollment.
15. It provides quick authorization, user convenience and workflow efficiency.
Weaknesses:
1.
2.
3.
4.
5.
Identification of a person requires special equipment, computer software and expertise.
Identification process is a time consuming and can affect the user’s performance.
It requires special technology infrastructure and administration.
Existing devices have a high cost of purchase, adjustment and maintenance.
Existing systems require data templates of many thousands of bytes, expensive storage
media and slowing process time.
Potential Challenges:
1.
2.
3.
4.
5.
Insertion of the missing components and characteristics.
Proximity and dynamics measurement.
Potential threat of violation of an individual’s privacy.
Cost.
Timelines.
5
INNOVATION BRIEF
6
Project Description and Innovation Claim
As Richards (2010) pointed out, “Some of the most important factors necessary for any effective
biometric system are: accuracy, speed and throughput rate, acceptability to users, uniqueness of
the biometric organ and action, resistance to counterfeiting, reliability, data storage requirements,
enrollment time, intrusiveness of data collection, and subject and system contact requirements.”
The attempt was made to create a device to capture a non-static biometric identifier for the
purpose of authentication. The innovative component of this project is the use of light patterns at
varied intensity applied to fingertip in order to produce a non-static sample. The end result is a
non-static biometric identifier. Each pass through the scanner is random and the image created to
for comparison is dynamic. Traditional physiological biometrics compares a static image to a
static template in order to compare for match. This makes them more susceptible for spoofing.
Spoof resistance is one of the key benefits to our non-static biometric identifier. The integration
of the secondary innovation component of secure rolling codes communicated via the sense of
touch adds a proof of life test and a second authentication mechanism.
In order to create the prototype of Non-Static Biometric Identifier, an Adruino microprocessor
controller, high intensity LED lights, a TTL Jpeg camera board, an IR proximity sensor, a small
project box and a PC to receive and process image data are used. Each device must be coded in
order to function properly. For the purpose of this sprint, we have attempted to achieve base
functionality in using the device to capture images to the PC. The LED light bed will be used to
produce the random intensity light patterns. To provide automation, the IR Proximity sensor will
have a range value in order to detect a finger being present in the scanner. This will act as the
trigger for the device. Once triggered, Processing code on the PC side will send information
needed for producing light patterns and the internal camera will capture the image to the onboard
SD storage device. A total of five samples are captured each having a unique light pattern. At the
conclusion of the capture sequence, the Processing code executing on the PC will begin sending
the secure via the small vibration device embedded in the device. This will only occur if the
user’s finger has remained in the device. The rolling codes are one time use only and the IR
sensor must sense the finger for the duration of their validity and until the user enters the proper
code.
6
INNOVATION BRIEF
7
Here are the circuits for the actual prototype device.
Usage Scenario
1.
2.
3.
4.
5.
6.
Finger is inserted into device.
An LED matrix produces a random pattern of light on the finger at various intensities.
The internal camera captures five images and stores them.
Images are compared offline.
If image is a match, the rolling code is transmitted to the user.
The user enters the proper code and access is granted.
Evaluation Criteria
Non-Static Biometric Identifier will be evaluated using the following criteria.
7
INNOVATION BRIEF






8
Uniqueness - measured by the likely hood that an identical sample could exist in nature.
For example, 1 in 10,000 people born are identical twins, therefor; any identical shared
features would decrease the uniqueness of the identifier as a biometric sample (Sussman,
2010).
Permanence – a biometric trait must be sufficiently invariant over time (Bartlow,
Waymire & Zektser, 2009). For example, a biometric process that measured something
such as finger nail patterns would not be practical. Baseline images would need to be
established on a weekly basis. This would not be easy to maintain or administrate.
Practical/Ease of Use - how easy a process is to perform, has a large impact on its
implementation. If a procedure is lengthy or difficult, it may be counterproductive to its
objectives.
Non-invasive - any biometric identification process must be non-invasive, safe and
utilizes biological features that do not make the individual uncomfortable. For example, it
would be questionable to use a biological characteristic such as the circumference of an
individual’s waist as a method of identification. The biometric identifier should be
something that will be acceptable to any individual regardless of their appearance or
background.
Spoof Resistant - any biometric device or process must with stand the scrutiny of
circumvention as a criterion for evaluation. Spoofing or emulating a biometric trait in
order to fool a device is just one way that a process might be circumvented.
Circumventing in essence refers to the ease with which a trait of an individual can be
imitated. This may include but is not limited to fake fingers or voice pattern replicating
software (Bartlow, Waymire & Zektser, 2009).
Device Criteria - To be viable, a biometric device must needs to be cost effective. If a
system is too expensive it is less likely to be adopted by the industry or consumers.
Consumers also demand aesthetically pleasing form factors for these types of devices.
For example, if a biometric device was a large as a computer desk, it is unlikely to
become a popular method for home computer users. Users demand systems and devices
that are well documented, fool proof, safe, ergonomic, and provide status information
about the devices current state (Nielsen, 1995). For example, if you entered your
username and password into a system and it simply did not respond with any feedback, a
user would most likely become frustrated.
Project Logic Model
Goal
The main goal of this project is to create a device to capture a non-static biometric identifier
based on random light intensity images of the fingertip for verification and authentication
purpose.
Objectives
8
INNOVATION BRIEF
9
The following objectives reflect areas of the device design in the behavioral ground, in its
performance, in the process of image recognition, product’s appearance and its possible
application beyond network security settings. All objectives presented are measurable.





Behavioral. To simplify user-device interaction by creating new software and a hardware
to eliminate several steps that existing devices require and design reliable and low
maintenance solutions to access the system.
Performance. To increase security, accuracy and reliability of Biometric Identifier by
using random intensity light patters to produce a unique image of the fingertip.
Process. To design non-static biometric identifier that provides the access to the network
only during physical presence of a user.
Product. To change the appearance of the existing device by making it more aesthetic
and high tech.
Transference. To expand the application of the product in the variety of settings.
Activities
In order to complete this project the following activities need to take place:
1. Building a team of network security and programming students.
2. Complete the research on the existing similar products.
 Analyze the existing product and distinguish its shortcoming and
inadequacies.
 Create a data base of devices that perform functions required for non-static
identification.
3. Simplify authorized user’s access to the computer system:
o
Design a device to analyze and determine the user’s identity automatically.
 Order the parts necessary to build a prototype such as hardware, the
camera sensors and LED lights, LCD Touch screen
 Create a rough drawings of each circuit
 Download the necessary libraries to make each circuit work
 Assemble the I/O boards
 Design a circuit using IR proximity to automatically sense the user and
activate the system.
4. Satisfy a network security professionals by increasing the level of security and reliability
of the system’s access:
o
Design a device that uses an accurate method of identifying the end user.
 Design an LED light bed
 Design a camera circuit
9
INNOVATION BRIEF




10
Create a circuit to integrate camera and LED light bed
Build these circuits and combine them into a working prototype
Code the functionality of the each circuit
Tie the functions together as a working sketch.
5. For CIO’ satisfaction, provide reliable and low maintenance solutions to access the
system:
o
Design a device using proven technologies in a simple configuration.
 Design all the circuits in the most efficient and logical manner.
6. For CFO satisfaction, provide an affordable solution to access the system:
o
Design a device that could be cheaply produced on a large scale.
 Use parts that are common place and inexpensive in the design.
7. For CEO satisfaction, design a device with a strong network security posture:
o
Design a device that can be proven and accepted by industry.
 Debug device function and code
 Beta test device
 Present Prototype.
8. Monitor the process of the device improvement and correct the mistakes.
9. Create a prototype of the Non-Static Biometric Identifier.
10. Make new aesthetically appealing design of the product.
11. Run multiple tests and correct mistakes modifying the software as well as hardware.
12. Present the Non-Static Biometric Identifier to a group of network security experts.
Description of Design Prototype
Prototype will utilize and Arduino Uno R3 microcontroller, a TTL camera sensor, SD card
reader, IR proximity sensor, LED matrix, a shift register for the LED array and the LCD, small
motor, various diodes, resistors, and capacitors and a small project box to house the circuits with
an opening for finger insertion. Current prototype focuses on random patterns of light at various
intensities to produce a non-static biometric identifier and code communication via the sense of
touch.
Evaluation
The primary innovative component is functional to the degree that it performs the tasks
described. The secondary innovative component functions perfectly as designed. There have
been numerous test runs of both the device and the software in tandem and separately. During
final testing all the basic functions worked during every procedure.
10
INNOVATION BRIEF
11
Project Completion Assessment
This project has been a success with room for refinement. Some of the components needed to
make the images more clear and accurate for comparison are simply too expensive for a student
project. For example a sensor capable of macros and a custom refraction mechanism are a few of
the items lacking to bring the prototype full circle. Another stumbling block was the lack of
tooling available in my shop. The project is sufficient to prove that the primary innovation
concept is viable. I am quite pleased with the performance of the secondary innovation
component. Several test subjects tested the prototype and 100% of those participants were able to
receive the code correctly and enter it in order to gain access to the system. The entire
mechanical and electrical function of the device and the software is a 100% complete.
11
INNOVATION BRIEF
12
Appendices
12
INNOVATION BRIEF
13
References
1. ASTM International. Retrieved on October 18, 2012 from
http://www.astm.org/FAQ/whatisastm_answers.html
2. Bartlow, N., Waymire, D., & Zektser, G. (2009, October 1). Holistic evaluation of
multi-biometric systems. Retrieved February 7, 2012, from NIST:
http://biometrics.nist.gov/cs_links/ibpc2010/pdfs/Bartlow2_Holistic_Evaluation_of_
Multibiometric_Systems_IBPC_2010_Paper.pdf
3. Biometric History. Retrieved on October 31, 2012 from:
http://www.biometrics.gov/Documents/BioHistory.pdf
4. Biometrics. (2002, June 5). Retrieved February 7, 2012, from ieee.org:
http://ewh.ieee.org/r10/bombay/news5/Biometrics.htm
5. Gompers, J. (2003). Biometrics: The Basics. Retrieved on October 17, 2012 from:
http://securitysolutions.com/mag/security_biometrics_basics/
6. Lerner, E. (2011). Biometric Identification. Retrieved on November 2, 2012 from:
http://www.aip.org/tip/INPHFA/vol-6/iss-1/p20.pdf
7. Nielsen, J. (1995, January 1). 10 usability heuristics. Retrieved February 7, 2012,
from http://www.nngroup.com/articles/ten-usability-heuristics/
8. Phillips, J. P., Martin, A., Wilson, C., & Przybocki, M. (2000, February 1). An
introduction to evaluating biometric systems. Retrieved February 7, 2012, from epic:
http://epic.org/privacy/surveillance/spotlight/1105/feret7.pdf
9. Rajan, V. (2011). What Is Biometrics? Retrieved on October 18, 2012 from:
http://www.cse.iitk.ac.in/users/biometrics/pages/what_is_biom_more.htm
13
INNOVATION BRIEF
14
10. Richards, D. (2010). Biometric Identification. Retrieved on October17, 2012 from:
http://www.cccure.org/Documents/HISM/033-037.html#Heading3
11. Rutter, J. (2012). Biometric Tools Used for Network Security. Retrieved on October
12, 2012 from: http://www.ehow.com/list_6304215_biometric-tools-used-networksecurity.html#ixzz29I1cafsd
12. Sidlauskas, D. United States Patent and Trademark Office. “Patent 4,736,203: 3D
hand profile identification apparatus.” 5 April 1988.
13. Sussman, A. (2010, October 7). Methodology for evaluating multi-biometric systems.
Retrieved February 7, 2012, from
http://www.slideshare.net/abelsussman/methodology-for-evaluating-multi-biometricsystems
14. Technopedia. Retrieved on October 31, 2012 from:
http://www.techopedia.com/definition/10239/biometrics
15. Woodward, J., Horn, C., and Gatune, J. (2003). Biometrics. Retrieved on October 12,
2012 from: http://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA414520
16. Woodward, J., Orlans, M., and Higgins, P. (2003). Biometrics. New York: McGraw
Hill.
14