Usable Biometrics Ashley Brooks Usability and Privacy 95-899 Cranor, Reiter, and Hong

advertisement
Usable Biometrics
Ashley Brooks
Usability and Privacy 95-899
Cranor, Reiter, and Hong
April 11, 2006
Outline

Biometric Basics
What is Biometrics?
 Why use Biometrics?
 Model of Biometric system
 Types of Biometrics

Evaluating Accuracy
 User Acceptance
 Advantages & Disadvantages

Biometrics

Derived from the Greek words
“Bio”: Life
 “Metric”: to measure


Measures and Analyzes
characteristics
Physiological
 Behavioral


Authentication
Authentication

2 major means for authentication
Identification
 Verification


Identification vs. Verification
Question raised
 Analysis
 Uses

Biometric
Components
Types of Biometrics

Physiological
Fingerprints
 Face
 Eyes
 DNA


Behavioral
Voice
 Keystroke

Fingerprinting
Face
Eyes
DNA
Voice
Key Stroke



Requires no special
hardware
Methods are
transparent to users
increasing user
acceptance
Can be used for
cryptographically
stronger secrets for
login and encryption
Accuracy
 Usability
Metrics
 Failure
to Enroll (FTE)
 Failure to Acquire (FTA)
 Performance
Metrics
 False Acceptance
Rates (FAR)
 False Rejection Rates (FRR)
Usability Metrics
Failure to enroll (FTE)
 Medicine Intake
 Hoarseness
 Sticky fingers
 Cataract
 Rare skin diseases
Failure to acquire (FTA)
 Smudged finger
prints
 Retina alignment
 Mumbling
 Hand positioning
Performance
Metrics
User Acceptance
 Socially
acceptable
 Knowledge
of technology and
computers
 Acceptance of the concept
 Usability
 Security
 Personal
privacy
Usability
Considerations
 Familiarity
with characteristics
 Experience with devices
 Environment of use
 Transaction Criticality
Security
Considerations
Biometrics are not secrets and are
therefore susceptible to modified or
spoofed measurements
 There is no recourse for revoking a
compromised identifier
 Strategic Solutions



Liveness testing
Multi-biometrics
Privacy
Considerations
A reliable biometric system provides an
irrefutable proof of identity
 Threatens individuals right to anonymity





Cultural concerns
Religious concerns
Violates civil liberties
Strategic Solutions


Biometric cryptosystems
Transparency
Advantages
 Reduces
cost within organizations
 Increases security
 Competitive advantage
 Convenience to employees
 Non-repudiation
 Eliminates a paper trail
Disadvantages
 Accuracy
of Performance
 Failure to enroll rate
 Information Abuse
 May violate privacy
Conclusion
 Biometrics
is a technology that
can simplify the process of
authentication
 Biometrics can be best used in
situations where specific identity
or exception identity is desired
References









Tynan, Dan, “Biometrics: from Reel to Real”
www.pcworld.com/resource/printable/article/o,aid,120889,00.asp
Yudkowsky, Chaim, “Byte of Success”,
http://accounting.smartpros.com/x40536.xml
http://perso.wanadoo.fr/fingerchip/biometrics/movies.htm
Biometrics
http://searchsecurity.techtarget.com/sdefinition/0,,sid14_gci211666,00.h
tml
International Biometric Group,
http://www.biometricgroup.com/reports/public/reports/
Patrick, Andrew S., “Usability and Acceptability of Biometric Security
Systems” , Institute for Information Technology National Research
Council
Biometric Assessment Benefits http://www.axsbiometrics.com/riskans.htm
Bioidentification http://www.bromba.com/faq/biofaqe.htm
Fact sheet
http://www.jrc.cec.eu.int/download/press/20050330_biometrics_fact_sheet.pdf
Download