Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Biometrics - Wikispaces

advertisement 
Biometrics
Katie Law
Perry “Doc” Revlett
Bill Rosburg
Vicki Walter
Biometrics
• http://www.youtube.com/watch?v=fydYXNE6
SyA
Welcome
To High Five Corp.
Bring your Thumb and have some Fun !!
Our Team !
•
•
•
• Doc
Katie
Vicki
Bill
Topics to discuss with you!
• How High Five can help your Theme Park ?
– Keeping your family safe .
– Saving you money
– What our security team can do for you
– What the family will get for doing their thumb
print .
Problem
• Shared admission passes creates financial
losses for the park resulting in increased costs
to patrons.
Proposed Solution
• Eliminate cards and use hand scans for
admission.
– Patrons must scan their hands for entrance into
the park and then scan themselves out as they
leave.
– They cannot rescan for entry until they scan out.
– Will prevent the passing of cards to friends and
family members.
– Only the patron may enter with their hand scan.
Family Plan
• The cost for the family for a year pass
– 10% off of any clothes at the theme park
– 30% off of any Food item
– Free Drinks [Soda only]
– Fast Passes for the rides
BIOMETRICS
• Derives its meaning from
Greek
• “bios and metron”
meaning life measure
Background on Biometrics
• Biometrics
– First introduced in the 1970s and early 1980s
– This technology gathers unique physiological or
behavioral attributes of a person for storing it in a
database or comparing it with one already found
in a database.
– Reason for biometrics include the positive
authentication and verification of a person and
ensuring confidentiality of information in storage
or in transit
Biometrics
• 2 Categories of Biometrics
– Physiological – also known as static biometrics: Biometrics
based on data derived from the measurement of a part of
a person’s anatomy. For example, fingerprints and iris
patterns, as well as facial features, hand geometry and
retinal blood vessels
– Behavioral – biometrics based on data derived from
measurement of an action performed by a person and,
distinctively, incorporating time as a metric, that is, the
measured action. For example, voice (speaker verification)
Overview of Biometrics
Biometric
Acquisition Device
Sample
Feature Extracted
Iris
Infrared-enabled video
camera, PC camera
Black and white iris image
Furrows and striations of iris
Fingerprint
Desktop peripheral, PC card,
mouse chip or reader
embedded in
keyboard
Fingerprint image (optical,
silicon, ultrasound or
touchless)
Location and direction of ridge
endings and bifurcations
on fingerprint, minutiae
Voice
Microphone, telephone
Voice Recording
Frequency, cadence and
duration of vocal pattern
Signature
Signature Tablet, Motionsensitive stylus
Image of Signature and record
of related dynamics
measurement
Speed, stroke order, pressure
and appearance of
signature
Face
Video Camera, PC camera,
single-image camera
Facial image (optical or
thermal)
Relative position and shape of
nose, position of
cheekbones
Hand
Proprietary Wall-mounted
unit
3-D image of top and sides of
hand
Height and width of bones and
joints in hands and
fingers
Retina
Proprietary desktop or wall
mountable unit
Retina Image
Blood vessel patterns and
retina
Biometrics – How do they work?
• Although biometric technologies
differ, they all work in a similar
fashion:
– The user submits a sample that is an
identifiable, unprocessed image or
recording of the physiological or
behavioral biometric via an
acquisition device (for example, a
scanner or camera)
– This biometric is then processed to
extract information about distinctive
features to create a trial template or
verification template
– Templates are large number
sequences. The trial template is the
user’s “password.”
Usability issues in Biometrics
• User acceptability
• Knowledge of technology
• Familiarity with biometric
characteristic
• Experience with device
Biometric solutions
• Educate
• Train
• Explain Interfaces
• Use Trainers
• Supervised
Playtime….PRACTICE
Promise that Biometrics hold for
Privacy
• Increased Security
–Biometric cannot be lost, stolen or
forgotten; it cannot be written down
and stolen by social re-engineering
–By implementing biometrics
organizations can positively verify
users’ identities, improving personal
accountability
Perils that Biometrics hold for Privacy
• Privacy is one of the leading inhibitor for biometrics technology.
Main issues:
– Misuse of Data
• Health/Lifestyle – Specific biometric data has been linked with
the information beyond which it is set out to be used. Is a
person able to control the information gathered on
himself/herself?
– Function Creep
• Law Enforcement – The template database may be available
for law enforcement
• Credit Reporting – The template database may be cross
referenced against other databases including those held in
hospitals and the police departments, by a credit reporting
agency
Future Trends in Biometrics
• Body Odor – Body odor can be digitally recorded for
identification. A British company, Mastiff Electronic
System Ltd. Is working on such a system
• DNA Matching – The is the ultimate biometric
technology that can produce proof positive
identification of an individual
• Keystroke Dynamics – Keystroke dynamics, also
referred to as typing rhythms, is an innovative
biometric technology
Comparison of Different Biometrics
Technology
Biometric Comparison
Various Applications for
fingerprinting technology
•Banking Security - ATM security,card transaction
•Physical Access Control (e.g. Airport)
•Information System Security
•National ID Systems
•Passport control (INSPASS)
•Prisoner, prison visitors, inmate control
•Voting
•Identification of Criminals
•Identification of missing children
Fingerprinting technology
• Strengths:
most mature biometric technology
accepted reliability
many vendors
sensors are small-space saving
• Perceived weakness:
association with criminal justice
Fingerprint Sensors
Fingerprint Sensors
• Optical
• Silicon Based Capacitive
Sensors
• Ultrasound
• Thermal
COMMONLY IDENTIFIED
DISADVANTAGES OF FINGERPRINTING
Problems
• Dirt , grime and wounds
Solutions
• Employee Training
• Hand washing stations
• Scan both hands
• Placement of finger
• Instructional videos
provided at entrances and
scanners
Attacks on Biometric
Systems…………………
Artificially
created
Biometrics
Attack at
the
Database
Attacking
Via Input
Port
The goal of an attack
•
•
•
•
•
Steal data
Blackmail
Bragging rights
Vandalism
Demonstrate
vulnerability/satisfy curiosity
• Damage company reputation
• Get into the park for free!
Attacks-contd..
Spoofing:- “The process of defeating a biometric system through
the introduction of fake biometric samples”. Examples of spoof
attacks on a fingerprint recognition system are lifted latent
fingerprints and artificial fingers.
Examples of spoofed fingers.
•Put subject’s finger in impression material and create a mold.
•Molds can also be created from latent fingerprints by photographic
etching techniques like those used in making of PCB (gummy fingers).
•Use play-doh, gelatin, or other suitable material to cast a fake finger.
•Worst-case scenario: dead fingers.
Attacks-solutions..
Hardware Solution
•Temperature sensing, detection of pulsation on fingertip, pulse oximetry, electrical
conductivity, ECG, etc.
Software Solution (Research going on)
•Live fingers as opposed to spoofed or cadaverous fingers show some kind of
moisture pattern due to perspiration.
•The main idea behind this method is to take two prints after a time frame of say 5
seconds and the algorithm makes a final decision based on the vitality of the
fingerprint.
Conclusion
A balance
between Security
and Privacy must
be achieved!
Your Unique Fingerprint
• Fingerprints begin forming in the 10th
week of fetal development and are
fully determined by week 17
• Ridges and valleys are a result of
– The DNA code which determines the way in which the skin
of a fetus forms
– Environmental factors of the uterus during formation
• Position of the fetus
• Density and composition of the amniotic fluid
• Even identical twins will have variations in fingerprints
due to the influence of the environment of the uterus
and their random position at the time of formation
Leaving a Print
• Each friction ridge contains pores that are
attached to sweat glands
– These glands produce a water and oil solution that
• Coats the ridges
• Is transferred to surfaces when touched
• Amount of oil can affect the scan
– Too much (from hand lotion and the like) can be
removed by washing
– Too little (from dry skin) can be remedied by rubbing
the fingertips across the palm, forehead, or bridge of
the nose
Analyzing Fingerprints
• Trained analysts can determine the
minute differences between two prints
• Fingerprint analysts and engineers worked
together to develop a system to quickly and
easily make comparisons
– Scanners to collect fingerprints
– Hardware to store the data
– Software to make comparisons and calculations of
similarities between images
Types of Scanners: Optical
• Optical (similar to a digital camera)
– A picture is taken with the finger on a glass plate
– An array of light sensitive diodes illuminate the ridges
and valleys
– Overall clarity and definition are checked
– Exposure is changed if necessary to correct light/dark
contrast or to sharpen edges
• Capacitance scanners use electric
current instead of light to determine
the
fingerprint pattern
Types of Scanners: Capacitance
• Use tiny electrical chips that measure differences in
electric capacitance based on distance
– Ridges are closer, while valleys are farther away
– The difference in distance creates a difference in voltage
and capacitance that can be measured
– The processor then uses the differences from each of the
chips in the array to develop a picture of the fingerprint
• More secure because it requires
the actual shape of the ridges
and valleys instead of just
the pattern
Major Feature Classification
• Loops
– Begin on one side of the finger, curve around
or upward, and exit the other side
– 65% of people have loop fingerprints
• Arches
– Slope upward and then down
– More narrow than a loop
– 5% of people have arch fingerprints
• Whorls
– Form a circular or spiral pattern
– 30% are whorls
• The arrangement, shape, size and number
of lines of the same pattern can help to
distinguish one from another
Identity Verification
• The software uses complex algorithms to
compare specific tiny features of
the fingerprint (known as minutiae)
• To get a match, the system finds a
sufficient number of features and
minutiae patterns that the two prints
have in common
– It also verifies that their relative locations are a match
– The more points required, the more secure
Distinguishing between Individuals
• Examples of identifying features
– Loops and rods
– Ellipse
– Spiral
– Tented arch
– Island
– Bifurcations (branches)
– Minutiae such as the intersection of
bifurcations, ending points of islands
and the center points of sweat glands
Benefits
•
•
•
•
Comfort
Accuracy
Availability
Costs
bromba.com, 2010
Additional Benefits
• Reduced financial losses due to shared and stolen
passes
• Finger scans for fast-pass
– Further reduction of wait time
• Can be linked to an online cash account so patrons
do not need to carry cash or credit cards while in
the park
– Discounts can be applied to in-park purchases for those
who use the finger scan instead of cash or credit;
resulting in shorter lines for food and drink.
Accuracy
• Most researched and developed of all biometric
options
• Low error rate
– The fingerprint identification process has a 98%+
identification rate and the false positive identification rate is
less than 1%.
– Within a typical fingerprint image obtained by a live scan
device, there is an average of 30-40 minutiae.
• The Federal Bureau of Investigation (FBI) has shown that no two
individuals can have more than 8 common minutiae.”
– The U.S. Court system has consistently allowed testimony
based on 12 matching minutiae; in some courts, a lower
number of matching minutiae have been allowed.
Bioconsulting.com, 1996
User Acceptability
• Has a high user acceptability rating
– CA DMV study showed that there was a 96.48%
favorable public response to Fingerprints vs. a
93.44% favorable response for Retinal Scan.
– CA DMV study notes that, of all the people
approached to participate in the DMV project,
2,515 refused to participate in Retinal Scan while
only 619 refused to participate in Fingerprint.
Bioconsulting.com, 1996
Other Biometrics
• Retinal scans may not work because of
ambient light
• Voice recognition may not work because of
ambient noise
• Facial recognition will not work due to levels
of scans
• DNA is too hazardous and too slow
Success Story
• Who: 24-Hour Fitness
• What: Enter 10 digit check in code, scan finger
• Why:
– Convenience-no cards or cash required
– Security-eliminates lost and stolen cards, only members
can access gyms
– Green focus: eliminates a lot of paper and plastic waste
from card production
• How: Scan both index fingers in case one hand is
occupied or injured
24hourfitness.com, 2011
Success Story
• They do not store clients’ finger prints, instead
they partnered with MorphoTrak, a leader in the
biometric industry, to develop this convenient
new way to check into their clubs.
– By scanning the client’s finger, they chart the distance
between a few distinct points that are unique to each
individual and come up with an identifying number
based on those distances.
– They do not store a fingerprint, nor can the data they
store be re-created into a fingerprint image.
24hourfitness.com, 2011
Success Story
24hourfitness.com, 2011
Sources
•
•
•
•
•
•
•
•
•
•
•
•
•
•
24 Hour Fitness. FAQ’s [homepage on the Internet]. (CA): 24 Hour Fitness; n.d. [date accessed 2011 July 9]. Available from:
http://www.24hourfitness.com/company/faq/.
Britt R R. Lasting Impressions: How Fingerprints are Created [homepage on the Internet]. Live Science; 2004 Nov. 2. [date
accessed 2011 July 10]. Available from: http://www.livescience.com/30-lasting-impression-fingerprints-created.html.
Bromba M U. Biometrics FAQ [homepage on the Internet]. Dr. Manfred Bromba; 2010 Dec. 24. [date accessed 2011 July 9].
Available from: http://www.bromba.com/faq/biofaqe.htm#Besten.
Fingerprint Facts [homepage on the Internet]. Sense Technologies; 2001. [date accessed 2011 July 10]. Available from:
http://www.senseme.com/scripts/biometrics/fingerprints.htm.
Harbour K. WV BIOMETRICS: Fertile ground for innovation [homepage on the Internet]. Charleston (WV): West Virginia
Department of Commerce; 2011. [date accessed 2011 July 9]. Available from:
http://www.wvcommerce.org/business/industries/biometrics/fertileground.aspx.
Harris T. How Fingerprint Scanners Work [homepage on the Internet]. How Stuff Works, Inc.; n.d. [date accessed 2011 July 9].
Available from: http://computer.howstuffworks.com/fingerprint-scanner.htm.
IBGweb, Find Biometrics. Fingerprint Recognition [homepage on the Internet]. BiometricsInfo.org; n.d. [date accessed 2011 July
9]. Available from: http://www.biometricsinfo.org/fingerprintrecognition.htm.
Kirubanandan S. Biometrics and Authentication [homepage on the Internet]. n.d. [date accessed 2011 July 9]. Available from:
cups.cs.cmu.edu/courses/ups-sp07/slides/070327-biometrics.ppt.
Podio F L, Dunn J S. Biometric Authentication Technology: From the Movies to Your [homepage on the Internet]. National
Institute of Standards and Technology; n.d. [date accessed 2011 July 10]. Available from:
http://www.itl.nist.gov/div893/biometrics/Biometricsfromthemovies.pdf.
Ruggles T. Comparison of Biometric Techniques [homepage on the Internet]. 2002 July 10. [date accessed 2011 July 9]. Available
from: http://www.bioconsulting.com/bio.htm.
Tynan D. Biometrics: From Reel to Real [homepage on the Internet]. PC World Magazine; 2011. [date accessed 2011 July 9].
Available from: http://pcworld.about.com/news/May182005id120889.htm..
Watson S. How Fingerprinting Works [homepage on the Internet]. How Stuff Works, Inc.; n.d. [date accessed 2011 July 9].
Available from: http://science.howstuffworks.com/fingerprinting.htm.
Wilson O. Privacy & Identity - Security and Usability: The Viability of Passwords & Biometrics [homepage on the Internet].
Chicago (IL): n.d. [date accessed 2011 July 9]. Available from:
facweb.cs.depaul.edu/research/vc/ciplit2004/ppt/Orville_Wilson.ppt.
Wilson T V. How Biometrics Works [homepage on the Internet]. How Stuff Works, Inc; n.d. [date accessed 2011 July 9]. Available
from: http://science.howstuffworks.com/biometrics2.htm.
Related documents
Security methods and devices, including biometrics
Security methods and devices, including biometrics
Biometrics: myths and reality
Biometrics: myths and reality
Biometrics - Texas Crime Prevention Association
Biometrics - Texas Crime Prevention Association
Biometrics: Voice Recognition
Biometrics: Voice Recognition
Biometrics
Biometrics
Biometrics, Identity and Development
Biometrics, Identity and Development
010 Roy Feague Day One - Cardiology Workflow Summit
010 Roy Feague Day One - Cardiology Workflow Summit
Fingerprinting - class-attendance
Fingerprinting - class-attendance
Chapter 5 Protecting Information Resources
Chapter 5 Protecting Information Resources
TOC 11
TOC 11
Surfing without the chance of being tracked *
Surfing without the chance of being tracked *
What is the Bertillonage system?
What is the Bertillonage system?
Download
advertisement