Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Data Mining

Standards in biometrics Short insight in thesis results

advertisement 
Standards in biometrics
Short insight in thesis results
Martin Adolph, martin.adolph@itu.int
The views expressed in this presentation are those of the author and do not necessarily reflect the opinion
of the ITU or its membership.
Motivation
●
●
Diploma thesis, Computer science, Chair Privacy
and Data Security, Dresden University of
Technology, Germany
Thesis outline
1. Biometrics and biometric recognition
1.Authentication methods
2.Biometric systems
3.Biometric traits
4.Security and privacy
2. Standards and standardization activities
1.Standards and standardization
02/18/09
2.Standards related to biometrics
2
Definition
bios - life
●
Biometrics
metrikos – to measure, measurement
●
Study of automated methods to uniquely
and accurately recognize individuals
based on distinguishing physiological and/
or behavioral traits.
02/18/09
3
Milestones
Non-automated recognition
Automated recognition
Bertillon system,
measurements
of the human body
JTC1 SC 37
on biometrics
2002
1870
for centuries
Face,
voice,
signature
02/18/09
1890
?
future
1994 2001 today
Sir Francis Galton et al.,
set of finger ridge
characteristics
(Galton points, minutiae)
ITU-T Q13/7
Range of
Telebiometrics applications,
standardization
activities in
different SDOs
US patent 5291560
Daugman,
Iris recognition
Around 1960
4
Applications
Government applications
- personal ID documents
- border and immigration control
- welfare-disbursement
- elections
- e-Government
- e-Health
Commercial applications
- security – access control
(doors, devices, networks, ATM)
- comfort and safety, e.g.,
automotive sector
- e-Commerce
02/18/09
Forensic applications
- criminal investigations
- corpse identificaiton
- parenthood determination
Future:
Overlap of government and commercial
applications?
Ubiquitous use of biometrics?
5
Applications (2)
02/18/09
Sources:
Jain et al. „An Introduction to Biometric
Recognition,“ IEEE TRANSACTIONS ON
CIRCUITS AND SYSTEMS FOR VIDEO
TECHNOLOGY, VOL. 14, NO. 1,
JANUARY 2004
6
http://www.foodserve.com/
Why did it take so long?
●
Reasons include
–
Insufficient recognition accuracy
–
Vulnerabilities
●
●
02/18/09
Intrinsic failures
Adversary attacks
–
Low public acceptance, privacy concerns
–
Lack of standards
7
Recognition accuracy
●
e.g., Face Recognition Vendor Test (FRVT)
showed improvements
–
–
●
Algorithm design
Sensors
Challenges
0,9
0,8
FRR at
FAR=0,001
0,7
9
0,7
0,6
0,54
0,5
–
–
02/18/09
–
Uncontrolled
illumination
Low-resolution
images
Moving subjects
0,4
0,3
0,2
0,2
0,1
0,01
0
1993
1997
2002
Source: http://frvt.org/FRVT2006/
2006
8
Vulnerabilities
●
Intrinsic failures
–
Incorrect decisions due to
●
●
●
–
Approaches
●
●
●
●
02/18/09
Limited individuality of biometric trait
Limited feature representation
Ineffective matcher
Operation threshold
Frequent template update
Multibiometrics
High resolution sensors, improved
matching algorithms, etc
9
Vulnerabilities (2)
●
Adversary attacks
–
Biometric overtness
●
–
Administration attacks
●
–
Covert acquisition of biometric traits – risk
of spoofing
Risk of enrollment integrity compromise
Non-secure infrastructure
Source: Ratha et al.
„Enhancing security and privacy in
biometrics-based authentication
Systems,“ IBM Systems Journal,
vol. 40, no. 3, 2001, pp. 614-634.
02/18/09
Also see: ITU-T X.1086 (X.tpp-1)
(2008): 12 vulnerabilities in
10
telebiometric functional model
Vulnerabilities (3)
●
Countermeasures
–
Adversary attacks
●
Biometric overtness
–
●
Administration attacks
–
●
Procedures and policies
Non-secure infrastructure
–
–
–
02/18/09
Liveness detection
Template protection
Biometric encryption
Etc., e.g., as proposed in X.1086 et seqq.
11
Privacy concerns
●
Exposure of sensitive personal information
–
Unintended functional scope
●
–
Unintended application scope
●
–
●
●
e.g., biometric data can reveal medical
conditions
e.g., data mining, profiling
Covert recognition
“Once compromised, biometrics cannot be
updated, reissued or destroyed“
Technical solutions, policies, guidelines
02/18/09
12
Standards
02/18/09
13
Standards (2)
●
SC 37: Vocabulary, interfaces, data interchange
formats, functional architecture and related profiles,
performance testing and reporting, cross-jurisdictional
and societal aspects (30 published)
●
SC 27: Template protection techniques, authentication
context, security evaluation (0 published)
●
SC 17: IC cards, optical memory cards, MRP
●
ITU-T Q9 / 17: Telebiometrics (8 published)
http://www.itu.int/ITU-T/studygroups/com17/sg17-q9.html
02/18/09
14
Standards (3)
●
●
●
●
●
(major) part of the work started in 2002
Not too many different SDOs/Fora in the
standardization arena
Progress in interfaces and formats
Few standards published related to
security and privacy protection in
biometrics
… but many promising drafts circulate
02/18/09
15
Thank you!
02/18/09
16
Related documents
Security methods and devices, including biometrics
Security methods and devices, including biometrics
What Are the Benefits of Biometrics for Access Control
What Are the Benefits of Biometrics for Access Control
Biometric and Surveillance Technology for Human and Activity Identification Call for Papers
Biometric and Surveillance Technology for Human and Activity Identification Call for Papers
Sample essay questions for Chapters 4 & 8
Sample essay questions for Chapters 4 & 8
BIOMETRIC CONSORTIUM
BIOMETRIC CONSORTIUM
Identity Based Attestation and Open Exchange Protocol (IBOPS) ITU Workshop on
Identity Based Attestation and Open Exchange Protocol (IBOPS) ITU Workshop on
IEEE Transactions on Instrumentation and Measurement Special
IEEE Transactions on Instrumentation and Measurement Special
j - Boston University
j - Boston University
Usable Biometrics Ashley Brooks Usability and Privacy 95-899 Cranor, Reiter, and Hong
Usable Biometrics Ashley Brooks Usability and Privacy 95-899 Cranor, Reiter, and Hong
Unit 1 Gradesheet and Study Guides A for blog
Unit 1 Gradesheet and Study Guides A for blog
PHYSIOLOGICAL INTERACTION
PHYSIOLOGICAL INTERACTION
ISSN: 2278-6252 BIOMETRICS IN MODERN ERA
ISSN: 2278-6252 BIOMETRICS IN MODERN ERA
Document13214162 13214162
Document13214162 13214162
Research Journal of Applied Sciences, Engineering and Technology 10(1):... ISSN: 2040-7459; e-ISSN: 2040-7467
Research Journal of Applied Sciences, Engineering and Technology 10(1):... ISSN: 2040-7459; e-ISSN: 2040-7467
International Journal Of Engineering And Computer Science ISSN:2319-7242
International Journal Of Engineering And Computer Science ISSN:2319-7242
Encryption and Biometrics:Context, methodologies and perspectives of biological data Abstract
Encryption and Biometrics:Context, methodologies and perspectives of biological data Abstract
Biometrics: Privacy`s Foe Or Privacy`s Friend?
Biometrics: Privacy`s Foe Or Privacy`s Friend?
CALL-AfghanBiometrics
CALL-AfghanBiometrics
Download
advertisement