BIOMETRICS - A Seminar Report
Descrição do Produto
BIOMETRICS A Seminar Report
Submitted for
Master of Engineering in Computer Engineering
Submitted to
GUJARAT TECHNOLOGICAL UNIVERSITY, GUJARAT
Submitted by Ms. VADI HENA GHANSHYAMBHAI (Enrollment No: 140030702015)
Department of Computer Engineering ATMIYA INSTITUTE OF TECHNOLOGY AND SCIENCE RAJKOT - GUJARAT
ATMIYA INSTITUTE OF TECHNOLOGY & SCIENCE - RAJKOT
CERTIFICATE This is to certify that Ms. VADI HENA GHANSHYAMBHAI Enrolment No:
140030702015
Branch:
Master of Engineering [Computer]
Semester:
3rd
Has
satisfactorily
completed
the
Seminar
Report
for
“BIOMETRICS” under my guidance and is reached to a level required for being accepted for examination.
Faculty In-Charge
Head of the Department
Table of Content
Abstract
1
Acknowledgement
2
List of figure
3
Chapter 1
Introduction
4
1.1
History and Development of Biometrics
7
1.2
What is Biometric
7
1.3
Classification
10
1.4
Basic Structure
11
Biometric System Components and Process
12
2.1
Components
12
2.2
Process
12
2.3
Types of Biometric System
13
2.4
Biometric Accuracy
14
Biometric Technology
17
3.1
Fingerprint Authentication
17
3.2
Retina Scanning
19
3.3
Iris Recognitions
21
3.4
Hand Geometry
25
3.5
Voice Pattern
27
3.6
Signature Pattern
29
3.7
Key Stroke
31
3.8
Facial Recognition
33
3.9
DNA Fingerprint
40
Chapter 2
Chapter 3
3.10
Comparison
42
Multimodal Biometric System
44
4.1
Fusion of Face, Voice and Fingerprint
44
4.2
Fusion of Face and Lip Movement
45
Chapter 5
Vulnerable Points Of Biometric System
46
Chapter 6
Applications
49
Chapter 7
Biometric Devices
53
Chapter 8
Conclusion
57
Chapter 9
References
58
Chapter 4
ABSTRACT Humans recognize each other according to their various characteristics for ages. We recognize others by their face when we meet them and by their voice as we speak to them. Identity verification (authentication) in computer systems has been traditionally based on something that one has (key, magnetic or chip card) or one knows (PIN, password). Things like keys or cards, however, tend to get stolen or lost and passwords are often forgotten or disclosed. To achieve more reliable verification or identification we should use something that really characterizes the given person. Biometrics offer automated methods of identity verification or identification on the principle of measurable physiological or behavioral characteristics. The characteristics are measurable andunique. Biometrics is the development of statistical and mathematical
methods
applicable
to
data
analysis
problems
in
the
biological
sciences.Physical characteristics such as fingerprints, retinas and irises, palm prints, facial structure, and voice recognition are just some of the many methods of biometric encryption. Depending on the context, a biometric system can be either a verification (authentication) system or an identification system. Biometrics is a rapidly evolving technology which has been widely used in forensics such as criminal identification and prison security. Recent advancements in biometric sensors and matching algorithms have led to the deployment of biometric authentication in a large number of civilian applications. With the increased use of computers as vehicles of information technology, it is necessary to restrict access to sensitive/personal data. Real-time biometric systems can be used to prevent unauthorized access to ATMs, cellular phones, smart cards, desktop PCs, workstations, computer networks and electronic banking.
1
ACKNOWLEDGEMENT
It gives me a great pleasure and satisfaction in presenting this seminar report. I would like to take this opportunity to express my sincere gratitude to faculty members who have been great sense of support and inspiration thought the research work successful. This seminar work would not have been possible without the kind support of many people. There are lots of people who inspired me and helped, worked for me in every possible way to provide the details about various related topics thus making research and report work success.
I am very grateful to Prof. Tupti Kodinariya for all his diligence, guidance, encouragement and help throughout the period of research, which have enabled me to complete the research work in time. His constant inspiration and encouragement along with his valuable guidance has been instrumental in the successful completion of this project.
I would like to thank my parents for their valuable support and encouragement. I would like to thank my friends for their support.
Last, but not the least my special thanks goes to my institute, Atmiya Institute of Technology & Science, Rajkot for giving me this opportunity to work in the great environment.
VADI HENA
2
LIST OF FIGURES
Figure 1.1 Single Biometric Figure 1.2 Multimode Biometric Figure 1.3 Basic Structure of Biometric Figure 2.1 Enrollment Process Figure 2.1 Verification Process Figure 2.3 Error Rate Figure 3.1 Fingerprint Authentication Process Figure 3.2 Retina Scan Figure 3.3 Iris Scan Figure 3.4 Iris Segmentation Figure 3.5 Boundary Detection Figure 3.7 Polar Code Figure 3.8 Hand Geometry Figure 3.9 Voice Pattern Figure 3.10 Raw Data in Signature writing Figure 3.11 Feature Extraction Figure 3.11 Feature Comparison Figure 3.12 Key Stroke Figure 3.13 Facial Enroll and Recognition Stage Figure 3.14 PSR Figure 3.14 Selecting Face Region Figure 3.15 Test Image Figure 3.16 Filtering on Face Region Figure 3.17 Correlation Output Figure 3.18 3D Face Matching Figure 3.19 DNA Fingerprinting Figure 4.1 Multimode Biometric Using Fingerprint, Face and Voice Figure 4.2 Multimode Biometric Using Face and Lip Movement Figure 5.1 Vulnerable Points Of Biometric System Figure 7.1 Iris Scanner Figure 7.2 Face Camera Figure 7.3 Hand Scanner Figure 7.4 Retina Scan Figure 7.5 Multi Biometrics
8 9 11 12 13 15 17 19 21 22 23 23 25 27 30 30 31 32 33 34 35 36 37 38 39 40 44 45 46 53 54 55 56 56
LIST OF TABLES
Table: 1.1 User Authentication Methods
5
Table: 3.1 Comparison of Biometric Technology
42
3
1. INTRODUCTION Reliable user authentication is becoming an increasingly important task in the Webenabled world. The consequences of an insecure authentication system in a corporate or enterprise environment can be catastrophic, and may include loss of confidential information, denial of service, and compromised data integrity. The value of reliable user authentication is not limited to just computer enhanced security. The prevailing techniques of user authentication, which involve the use of either passwords and user IDs (identifiers), or identification cards and PINs (personal identification numbers), suffer from several limitations. Passwords and PINs can be illicitly acquired by direct covert observation. Once an intruder acquires the user ID or network access. Many other applications in everyday life also require user authentication, such as banking, e- commerce, and physical access control to computer resources, and could benefit from and the password, the intruder has total access to the user’s resources. In addition, there is no way to positively link the usage of the system or service to the actual user, that is, there is no protection against repudiation by the user ID owner. For example, when a user ID and password is shared with a colleague there is no way for the system to know who the actual user is. A similar situation arises when a transaction involving a credit card number is conducted on the Web. Even though the data are sent over the Web using secure encryption methods, current systems are not capable of assuring that the rightful owner of the credit card initiated the transaction. In the modern distributed systems environment, the traditional authentication policy based on a simple combination of user ID and password has become inadequate. Fortunately, automated biometrics in general, and fingerprint technology in particular, can provide a much more accurate and reliable user authentication method. Biometrics is a rapidly advancing field that is concerned with identifying a person based on his or her physiological or behavioural characteristics. Biometrics is derived from the conjunction of the Greek words bios and metrics that mean life and to measure respectively. Examples of automated biometrics include fingerprint, face, iris, and speech recognition. Since biometrics is extremely difficult to forge and cannot be forgotten or stolen, Biometric authentication offers a convenient, accurate,irreplaceable and high secure alternative for an individual, which makes it has advantages over traditional cryptography-based authentication schemes. It has become a hot interdisciplinary topic involving biometric and Cryptography. Biometric data is personal 4
privacy information, which uniquely and permanently associated with a person and cannot be replaced like passwords or keys. Once an adversary compromises the biometric data of a user, the data is lost forever, which may lead to a huge financial loss. Hence, one major concern is how a person’s biometric data, once collected, can be protected. User authentication methods can be broadly classified into three categories as shown in Table 1.1. Because a biometric property is an intrinsic property of an individual, it is difficult to surreptitiously duplicate and nearly impossible to share. Additionally, a biometric property of an individual can be lost only in case of serious accident.
Method
Examples
What you know?
Properties
User ID
Shared
Password
Many passwords easy to
PIN
guess Forgotten
What you have?
Cards
Shared
Badges
Can be duplicated
Keys
Lost or stolen
What you know and what you ATM card + PIN
Shared
have?
PIN a weak link (Writing the PIN on the card)
Something unique about the user
Fingerprint
Not possible to share
Face
Repudiation unlikely
Iris
Forging difficult
Voice print
Cannot be lost or stolen
Table: 1.1 User Authentication Methods Biometric readings, which range from several hundred bytes to over a megabyte, have the advantage that their information content is usually higher than that of a password or a pass phrase. Simply extending the length of passwords to get equivalent bit strength presents significant usability problems. It is nearly impossible to remember a 2K phrase, and it would 5
take an annoyingly long time to type such a phrase (especially without errors). Fortunately, automated biometrics can provide the security advantages of long passwords while retaining the speed and characteristic simplicity of short passwords. Even though automated biometrics can help alleviate the problems associated with the existing methods of user authentication, hackers will still find there are weak points in the system, vulnerable to attack. Password systems are prone to brute force dictionary attacks. Biometric systems, on the other hand, require substantially more effort for mounting such an attack. Yet there are several new types of attacks possible in the biometrics domain. This may not apply if biometrics is used as a supervised authentication tool. But in remote, unattended applications, such as Web-based e-commerce applications, hackers may have the opportunity and enough time to make several attempts, or even physically violate the integrity of a remote client, before detection. A problem with biometric authentication systems arises when the data associated with a biometric feature has been compromised. For authentication systems based on physical tokens such as keys and badges, a compromised token can be easily cancelled and the user can be assigned a new token. Similarly, user IDs and passwords can be changed as often as required. Yet, the user only has a limited number of biometric features (one face, ten fingers, two eyes). If the biometric data are compromised, the user may quickly run out of biometric features to be used for authentication. Only the biometric authentication is based on an intrinsic part of a human being. So unlike a password or PIN or Smart Card, it can't be forgotten, misplaced, lost or stolen. We are having our identification with ourselves and therefore there is no need to carry any card or remember passwords for our identification.A biometric template is unique for an individual for whom it is created.Biometrics ensures that the person trying to access your network and applications is actually a sanctioned user, and not in a possession of a stolen smartcard or someone who found, hacked or cracked password. It is not only the initial cost that of the sensor or the matching hardware that is involved. Often the life cycle support cost can overtake the initial cost of the hardware. Most of the biometric systems like finger print recognition, iris recognition etc. areaccurate. But some others like facial recognition etc. are not that accurate.
6
1.1
HISTORY AND DEVELOPMENT OF BIOMETRICS
The idea of using patterns for personal identification was originally proposed in 1936 byophthalmologist Frank Burch. By the 1980’s the idea had appeared in James Bond films, but itstill remained science fiction and conjecture. In 1987, two other ophthalmologists Aram Safirand Leonard Flom patented this idea and in 1987 they asked John Daugman to try to createactual algorithms for this iris recognition. These algorithms which Daugman patented in 1994 arethe basis for all current iris recognition systems and products.
Daugman algorithms are owned by Iridian technologies and the process is licensed toseveral other Companies who serve as System integrators and developers of special platformsexploiting iris recognition in recent years several products have been developed for acquiring itsimages over a range of distances and in a variety of applications. One active imaging systemdeveloped in 1996 by licensee Sensar deployed special cameras in bank ATM to capture IRISimages at a distance of up to 1 meter. This active imaging system was installed in cash machinesboth by NCR Corps and by Diebold Corp in successful public trials in several countries during 1997to 1999. a new and smaller imaging device is the low cost “Panasonic Authenticam” digitalcamera for handheld, desktop, e-commerce and other information security applications. Ticketless air travel, check-in and security procedures based on iris recognition kiosks in airports havebeen developed by eye ticket. Companies in several, countries are now using Daughman’salgorithms in a variety of products.
1.2 WHAT IS BIOMETRIC? 1.2.1
SINGLE BIOMETRIC:
Biometric technologies are defined as automated methods of identifying or authenticating the identity of a living person based on unique physiological or behavioural characteristics. Biometrics can provide very secure and convenient authentication for an individual since they cannot be stolen or forgotten and are very difficult to forge.
7
Figure 1.1 Single Biometric The term “biometrics” is derived from two Greek words ‘bios’ for life and ‘metron’ for measure. A biometric can be described as a measurable physical and/or behavioral trait that can be captured and used to verify the identity of a person by comparing the metric to a previously stored template. The area of biometrics can therefore be defined as the task of automatically recognizing a person using his/her distinguishing traits. Examples of these “distinguishing traits” are fingerprints, voice patterns, facial characteristics etc. The idea of biometric identification is not new, it have been around for centuries. Example of a biometric is the photo on identification cards and passports, which still is the most important way of verifying the identity of a person. As early as the 14th century, the Chinese were reportedly using fingerprints as form of signature. During the late 1890’s, a method of bodily measurement called “Bertillonage” (after its founder Alphonse Bertillone) was used by Police Department in Paris & France and this identification based on the number of bodily measurement and physical description. The difference today, is that we now have access to technologies enabling us to do these verifications automatically and almost in real-time. Practically all biometrics system work in the same manner, first a person is enrolled into a database using The specified method, information about a certain characteristics of the human being is captured, this information is usually placed through an algorithm that turns the information into a code that the database stores. When the person need to be identified, the system will take the information about the person, again this new information is placed through the algorithm and then compares the new code with the ones in the database to discover a match and hence, identification.
8
1.2.2MULTIMODAL BIOMETRIC
Figure 1.2 Multimode Biometric
A multimodal biometric system uses multiple applications to capture different type biometric. This allows the integration of two or more types of biometric recognition and verification system in order to meet stringent performance requirements. A multimodal system could be a combination of finger print verification, face recognition, voice verification and smart card or any other combination of biometrics. For instance it is estimated that 5% of the population does not have legible fingerprints, a voice could be altered by a cold and face recognition systems are susceptible to changes in ambient light and the pose of the subject. This enhanced structure takes advantages of the proficiency of each individual biometric and can be used to overcome some of the limitations of a single biometric.
9
1.3
CLASSIFICATION OF BIOMETRICS
A physiological characteristic is a relatively stable physical characteristic, such as an individual’s fingerprint, hand geometry, iris pattern, or blood vessel pattern on the back of the eye. This type of biometric measurement is usually unchanging and unalterable without significant duress to the individual. Physical biometrics:
Fingerprint- Analyzing fingertip patterns. Facial Recognition- Measuring facial characteristics. Hand Geometry- Measuring the shape of the hand. Iris recognition- Analyzing features of colored ring of the eye. Vascular Patterns- Analyzing vein patterns. Retinal Scan- Analyzing blood vessels in the eye. Bertillonage- Measuring body lengths (no longer used).
A behavioral characteristic is more a reflection of an individual’s psychological makeup. A signature is the most common behavioral biometric used for identification. Because most behavioral characteristics vary over time, an identification system using these must allow updates to enrolled biometric references. 10
Behavioral biometrics: Speaker Recognition- Analyzing vocal behavior. Signature- Analyzing signature dynamics. Keystroke- Measuring the time spacing of typed words.
1.4
BASIC STRUCTURE OF A BIOMETRIC SYSTEM
Figure 1.3 Basic Structure of Biometric
Most biometrics systems use a similar procedure to verify a biometric. procedure can be divided into the following steps: enrolment, live sample, transaction completion template sample, storage & verification.
11
2. BIOMETRIC SYSTEM COMPONENTS AND PROCESS 2.1
COMPONENTS: Three major components are usually present in a biometric system:
A mechanism to scan and capture a digital or analog image of a living person’s biometric characteristic.
Software for storing, processing and comparing the image.
An interface with the applications system that will use the result to confirm an individual’s identity.
2.2
PROCESS:
Two different stages are involved in the biometric system process – 1) Enrollment, 2) Verification.
2.2.1 ENROLLMENT: As shown in Figure 2.1, the biometric image of the individual is captured during the enrollment process (e.g., using a sensor for fingerprint, microphone for voice verification, camera for face recognition, scanner for eye scan). The unique characteristics are then extracted from the biometric image to create the user’s biometric template. This biometric template is stored in a database or on a machine-readable ID card for later use during an identity verification process.
Figure 2.1 Enrollment Process
12
2.2.2 VERIFICATION: Figure 2.2 illustrates the identity verification process. The biometric image is again captured. The unique characteristics are extracted from the biometric image to create the users “live” biometric template. This new template is then compared with the template previously stored and a numeric matching score is generated, based on the percentage of duplication between the live and stored template. System designers determine the threshold value for this identity verification score based upon the security requirements of the system.
Figure 2.1 Verification Process
2.3
TYPES OF BIOMETRIC SYSTEM
There are two kinds of Biometric System Recognition Systems Identifying a person among the whole group of users enrolled in the system. It must be an online system. Typical applications : Forensics 13
Identification(1-to-many comparison) verifies if the individual exists within a known population. Identification confirms that the individual is not enrolled with another identity and is not on a predetermined list of prohibited persons. Identification will typically need a secured database containing a list of all applying individuals and their biometrics. The biometric for the individual being considered for enrollment would be compared against all stored biometrics. For many applications, an identification process is used only at the time of enrollment to verify that the individual is not already enrolled. Authentication Systems Verifying the identity that user claims to have. It can be offline. Typical applications: Access Control, all kinds of applications where cards are used. Authentication(1-to-1 comparison) confirms that the credential belongs to the individual presenting it. In this case, the device that performs the authentication must have access only to the individual’s enrolled biometric template, which may be stored locally or centrally.
2.4
BIOMETRIC ACCURACY
A key factor in the selection of the appropriate biometric technology is its accuracy. Biometric accuracy is the system’s ability of separating legitimate matches from imposters. When the live biometric template is compared to the stored biometric template, a matching score is used to confirm or deny the identity of the user. System designers set this numeric score to accommodate the desired level of accuracy for the system, as measured by the False Acceptance Rate (FAR) and False Rejection Rate (FRR).
• False Rejection Rate (FRR) refers to the statistical probability that the biometric system is not able to verify the legitimate claimed identity of an enrolled person, or fails to identify an enrolled person.
14
• False Acceptance Rate (FAR) refers to the statistical probability of False Acceptance or incorrect verification. In the most common context, both False Rejection and False Acceptance represent a security hazard. • Equal-Error RateWhen the decision threshold is adjusted so that the false-acceptance rate equal the false-rejection rate.
Figure 2.3 Error Rate If a mismatching pair of fingerprints is accepted as a match, it is called a false accept. On the other hand, if a matching pair of fingerprints is rejected by the system, it is called a false reject. The error rates are a function of the threshold as shown in Figure 2.3. Often the interplay between the two errors is presented by plotting FAR against FRR with the decision threshold as the free variable. This plot is called the ROC (Receiver Operating Characteristic) curve. The two errors are complementary in the sense that if one makes an effort to lower one of the errors by varying the threshold, the other error rate automatically increases. In a biometric authentication system, the relative false accept and false reject rates can be set by choosing a particular operating point (i.e., a detection threshold). Very low (close to zero) error rates for both errors (FAR and FRR) at the same time are not possible. By setting ahigh threshold, the FAR error can be close to zero, and similarly by setting a significantly low threshold, the FRR rate can be close to zero. A meaningful operating point for the threshold is decided based on the application requirements, and the FAR versus FRR error rates at that 15
operating point may be quite different. To provide high security, biometric systems operate at a low FAR instead of the commonly recommended equal error rate (EER) operating point where FAR=FRR.
16
3. BIOMETRIC TECHNOLOGY
3.1
FINGERPRINT SCANNING: •
"Fingerprint authentication" describes the process of obtaining a digital representation of a fingerprint and comparing it to a stored digital version of a fingerprint.
•
Fingerprints have long been recognized as a primary and accurate identification method.
3.1.1
PROCESS:
Figure 3.1 Fingerprint Authentication Process
17
•
Electronic fingerprint scanners capture digital "pictures" of fingerprints, either based on light reflections of the finger's ridges and valleys, or the electrical properties of the finger's ridges and valleys.
•
These pictures are then processed into digital templates that contain the unique extracted features of a finger.Uses the ridge endings and bifurcation's on a persons finger to plot points known as Minutiae.The number and locations of the minutiae vary from finger to finger in any particular person, and from person to person for any particular finger
•
These digital fingerprint templates can be stored in databases and used in place of traditional passwords for secure access.
•
Instead of typing a password, users place a finger on an electronic scanner. The scanner, or reader, compares the live fingerprint to the fingerprint template stored in a database to determine the identity and validity of the person requesting access.
• 3.1.2
Finally it gives decision that access to application or access denied. MATCHING APPROACH:
Two basic classes of matching techniques:
Image techniques Use both optical and numerical image correlation techniques
Feature techniques Extracts features and develop representations from these features
Combining the above two techniques: Hybrid techniques ,with improved accuracy
3.1.3 ADVANTAGES AND DISADVANTAGES: Advantages:
Very high accuracy.
Is the most economical biometric PC user authentication technique.
it is one of the most developed biometrics
Easy to use. 18
Small storage space required for the biometric template, reducing the size of the database memory required
It is standardized.
Disadvantages:
For some people it is very intrusive, because is still related to criminal identification.
It can make mistakes with the dryness or dirty of the finger’s skin, as well as with the age (is not appropriate with children, because the size of their fingerprint changes quickly).
Image captured at 500 dots per inch (dpi). Resolution: 8 bits per pixel. A 500 dpi fingerprint image at 8 bits per pixel demands a large memory space, 240 Kbytes approximately → Compression required.
3.2
RETINA SCAN:
Figure 3.2 Retina Scan
The human retina is a thin tissue composed of neural cells that is located in the posterior portion of the eye.
Because of the complex structure of the capillaries that supply the retina with blood, each person’s retina is unique.
19
The network of blood vessels in the retina is so complex that even identical twins do not share a similar pattern. Although retinal patterns may be altered in cases of diabetes, glaucoma or retinal degenerative disorders, the retina typically remains unchanged from birth until death.
A biometric identifier known as a retinal scan is used to map the unique patterns of a person’s retina.
The blood vessels within the retina absorb light more readily than the surrounding tissue and are easily identified with appropriate lighting. A retinal scan is performed by casting a beam of low-energy infrared light into a person’s eye as they look through the scanner’s eyepiece.
The pattern of variations is converted to computer code or template and stored in a database.
Pattern is matched against stored templates
3.2.1 ADVANTAGES AND DISADVANTAGES Advantages: •
Very high accuracy.
•
The eye from a dead person would deteriorate too fast to be useful, so no extra precautions have to been taken with retinal scans to be sure the user is a living human being.
Disadvantages: •
Very intrusive.
•
It has the stigma of consumer's thinking it is potentially harmful to the eye.
•
Comparisons of template records can take upwards of 10 seconds, depending on the size of the database.
•
Very expensive.
20
3.3
IRIS SCAN:
Figure 3.3 Iris Scan
The iris is a thin, circular structure in the eye, responsible for controlling the diameter and size of the pupils and thus the amount of light reaching the retina.
The iris is the colored portion of the eye surrounding the pupil. Its pattern results from a meshwork of muscle ligaments, and its color and contrast are determined bypigmentation.
“Eye color” is the color of the iris, which can be green, blue, or brown. In some cases it can be hazel (a combination of light brown, green and gold), grey, violet, or even pink.
In response to the amount of light entering the eye, muscles attached to the iris expand or contract the aperture at the center of the iris, known as the pupil.
The larger the pupil, the more light can enter. Iris recognition is an automated method of biometric identification that uses mathematical pattern-recognition techniques on video images of the iries of an individual’s eyes, whose complex random patterns are unique and can be seen from some distance.
Digital templates encoded from these patterns by mathematical and statistical algorithms allow unambiguous positive identification of an individual.
Databases of enrolled templates are searched by matcher engines .
21
Figure 3.4 Iris Segmentation
22
Figure 3.5 Boundary Detection
Figure 3.6 Iris Polar Mapping
23
Figure 3.7 Polar Code
24
3.3.1 ADVANTAGES AND DISADVANTAGES Advantages: •
Very high accuracy.
•
Verification time is generally less than 5 seconds.
•
The eye from a dead person would deteriorate too fast to be useful, so no extra precautions have to been taken with retinal scans to be sure the user is a living human being.
Disadvantages: •
Intrusive.
•
A lot of memory for the data to be stored.
•
Very expensive
3.4
HAND GEOMETRY:
Figure 3.8 Hand Geometry 25
Hand geometry systems are commonly available in two main forms. Full hand geometry systems take an image of the entire hand for comparison while Two Finger readers only image two fingers of the hand. Hand recognition technology is currently one of the most deployed biometrics discipline. Hand geometry is a biometric that identifies users by the shape of their hands. Usually a specialized reader device to measure aspects such as length, width, thickness, and surface area of the hand and fingers . A camera capture an image of the hand, with the help of a mirror to get also the edge. The graph of the hand is extracted, and some geometrical characteristics stored. Hand geometry readers measure a user's hand along many dimensions and compare those measurements to measurements stored in a file. 3.4.1 ADVANTAGES AND DISADVANTAGES Advantages:
Though it requires special hardware to use, it can be easily integrated into other devices or systems.
It has no public attitude problems as it is associated most commonly with authorized access.
The amount of data required to uniquely identify a user in a system is the smallest by far, allowing it to be used with SmartCardseasily.
Disadvantages: •
Very expensive
•
Considerable size.
•
It is not valid for arthritic person, since they cannot put the hand on the scanner properly.
26
3.5
VOICE PATTERN
Figure 3.9 Voice Pattern
27
•
Identification of the person who is speaking by characteristics of their voices (voice biometrics), also called Voice Patterns.
•
There is a difference between speaker recognition (recognizing who is speaking) and speech recognition (recognizing what is being said).
•
Voice biometrics works by digitizing a profile of a person's speech to produce a stored model voice print, or template.
•
Biometric technology reduces each spoken word to segments composed of several dominant frequencies called formants.
•
Each segment has several tones(pitch, quality, and strength) that can be captured in a digital format.
•
The tones collectively identify the speaker's unique voice print.
•
Voice prints are stored in databases in a manner similar to the storing of fingerprints or other biometric data.
•
Popular and low-cost, but less accurate and sometimes lengthy enrollment.
•
Voice recognition can be divided into two classes: •
template matching - template matching is the simplest technique and has the highest accuracy when used properly, but it also suffers from the most limitations.
•
feature analysis
•
The first step is for the user to speak a word or phrase into a microphone.
•
The electrical signal from the microphone is digitized by an "analog-to-digital (A/D) converter", and is stored in memory.
•
To determine the "meaning" of this voice input, the computer attempts to match the input with a digitized voice sample, or template, that has a known meaning.
•
This technique is a close analogy to the traditional command inputs from a keyboard. The program contains the input template, and attempts to match this template with the actual input using a simple conditional statement.
3.5.1 ADVANTAGES AND DISADVANTAGES Advantages: •
Non intrusive. High social acceptability.
•
Verification time is about five seconds.
28
Disadvantages: •
A person’s voice can be easily recorded and used for unauthorised PC or network.
•
Low accuracy.
•
An illness such as a cold can change a person’s voice, making absolute identification difficult or impossible.
3.6
SIGNATURE AND WRITING PATTERNS:
Two kinds of signatures: •
1. off-line(Static)
•
2. on-line(Dynamic)
Static: In this mode, users write their signature on paper, digitize it through an optical scanner or a camera, and the biometric system recognizes the signature analyzing its shape. This group is also known as “off-line”. Dynamic: In this mode, users write their signature in a digitizing tablet, which acquires the signature in real time. Dynamic recognition is also known as “on-line”. •
Dynamic information usually consists of the following information:
•
spatial coordinate x(t)
•
spatial coordinate y(t)
•
pressure p(t)
•
inclination in(t)
•
pen up/down
3.6.1 PROCEDURE FOR SIGNATURE VERIFICATION 1). Preprocess the raw data of the given signature. 29
Figure 3.10 Raw Data in Signature writing 2). Extract features and compare distances with the those in the template. Feature Extraction/Selection •
Global features:
#Width, Height, #Duration, #Orientation
•
Local features:
#X-coordinates, #Y-coordinates , #Curvature
•
Dynamic features:
#Velocity, #Acceleration,
#Pressure, #Pressure
changing •
Other features:
# Number of segments, #Critical points, etc.
Figure 3.11 Feature Extraction 3). Make decision according to the threshold specified in the template.
30
Figure 3.11 Feature Comparison 3.6.2
ADVANTAGES AND DISADVANTAGES
Advantages:
Non intrusive.
Little time of verification (about five seconds).
Cheap technology.
Disadvantages: •
Signature verification is designed to verify subjects based on the traits of their unique signature. As a result, individuals who do not sign their names in a consistent manner may have difficulty enrolling and verifying in signature verification.
•
3.7
Error rate: 1 in 50.
KEY STROKE: •
Keystroke dynamics is a biometric based on assumption that different people type in uniquely characteristic manners.
•
The rhythms with which one types at a keyboard are sufficiently distinctive to form the basis of the biometric technology known as keystroke dynamics.
31
•
The way and the manner in which we type on our computer keyboard varies from individual to individual and is considered to be a unique behavioral biometric.
•
Keystroke Dynamics or Recognition is probably one of the easiest biometrics forms to implement and manage.
•
This is so because at the present time, Keystroke Recognition is completely a software based solution.
•
There is no need to install any new hardware and even software.
•
All that is needed is the existing computer and keyboard that is already in place and use.
3.7.1 FEATURES •
•
Often used –
Latency between keystrokes
–
Duration of keystroke, hold-time
Seldom used –
Overall typing speed
–
Frequency of errors
–
Habit of using additional keys (numpad…)
–
Capital letters (order of releasing shift and letter)
–
Force of hitting keys (special keyboard needed)
3.7.2 EXAMPLE Latencies between keystrokes when writing “password” by two persons
Figure 3.12 Key Stroke
32
3.8
FACIAL RECOGNITION SYSTEM:
A facial recognition system is a computer-driven application for automaticallyidentifying a person from a digital image. It does that by comparing selected facialfeatures in the live image and a facial database. It is typically used for security systems and can be compared to other biometrics such asfingerprint or eye iris recognition systems.Popular recognition algorithms include eigenface, fisherface, the Hidden Markov model,and the neuronal motivated Dynamic Link Matching. A newly emerging trend, claimed toachieve previously unseen accuracies, is threedimensional face recognition. Anotheremerging trend uses the visual details of the skin, as captured in standard digital orscanned images.
Figure 3.13 Facial Enroll and Recognition Stage
33
Figure 3.14 PSR
34
Figure 3.14 Selecting Face Region
35
Figure 3.15 Test Image
36
Figure 3.16 Filtering on Face Region
37
Figure 3.17 Correlation Output
38
3.8.1 THREE-DIMENSIONAL FACE RECOGNITION
Figure 3.18 3D Face Matching Three-dimensional face recognition (3D face recognition) is a modality of facialrecognition methods in which the three-dimensional geometry of the human face is used.It has been shown that 3D face recognition methods can achieve significantly higheraccuracy than their 2D counterparts, rivaling fingerprint recognition. 3D face recognition achieves better accuracy than its 2D counterpart by measuringgeometry of rigid features on the face.[citation needed] This avoids such pitfalls of 2Dface recognition algorithms as change in lighting, different facial expressions, make-upand head orientation. Another approach is to use the 3D model to improve accuracy oftraditional image based recognition by transforming the head into a known view. The main technological limitation of 3D face recognition methods is the acquisition of3D images, which usually requires a range camera. This is also a reason why 3D facerecognition methods have emerged significantly later (in the late 1980s) than 2Dmethods. Recently commercial solutions have implemented depth perception byprojecting a grid onto the face and integrating video capture of it into a high resolution3D model. This allows for good recognition accuracy with low cost off-the-shelfcomponents. 39
Currently, 3D face recognition is still an open research field, though several vendorsalready offer commercial solutions. 3.8.2 ADVANTAGES AND DISADVANTAGES
Advantages:
Non intrusive
Cheap technology.
Disadvantages
2D recognition is affected by changes in lighting, the person’s hair, the age, and if the person wear glasses.
Requires camera equipment for user identification; thus, it is not likely to become popular until most PCs include cameras as standard equipment.
3.9
DNA FINGERPRINTING
The chemical structure of everyone's DNA is the same. The only difference betweenpeople (or any animal) is the order of the base pairs. There are so many millions of basepairs in each person's DNA that every person has a different sequence.
Using these sequences, every person could be identified solely by the sequence of theirbase pairs. However, because there are so many millions of base pairs, the task would bevery timeconsuming. Instead, scientists are able to use a shorter method, because ofrepeating patterns in DNA.
These patterns do not, however, give an individual "fingerprint," but they are able todetermine whether two DNA samples are from the same person, related people, or nonrelated people. Scientists use a small number of sequences of DNA that are known tovary among individuals a great deal, and analyze those to get a certain probability of amatch.
40
3.9.1 HOW IS DNA FINGERPRINTING DONE?
Every strand of DNA has pieces that contain genetic information which informs anorganism's development (exons) and pieces that, apparently, supply no relevant geneticinformation at all (introns). Although the introns may seem useless, it has been found thatthey contain repeated sequences of base pairs. These sequences, called Variable NumberTandem Repeats (VNTRs), can contain anywhere from twenty to one hundred base pairs.
Every human being has some VNTRs. To determine if a person has a particular VNTR, aSouthern Blot is performed, and then the Southern Blot is probed, through a hybridizationreaction, with a adioactive version of the VNTR in question. The pattern which resultsfrom this process is what is often referred to as a DNA fingerprint.
A given person's VNTRs come from the genetic information donated by his or herparents; he or she could have VNTRs inherited from his or her mother or father, or acombination, but never a VNTR either of his or her parents do not have. Shown beloware the VNTR patterns for Mrs. A [blue], Mr. A [yellow], and their fourchildren: D1 (the A's biological daughter), D2 (Mr. A's step-daughter, child of Mrs. A and her former husband [red]), S1 (the A' biological son), and S2 (the A' adopted son, not biologically related [his parents are light and dark green]).
Figure 3.19 DNA Fingerprinting
Because VNTR patterns are inherited genetically, a given person's VNTR pattern is moreor less unique. The more VNTR probes used to analyze a person's VNTR pattern, themore distinctive and individualized that pattern, or DNA fingerprint, will be. 41
3.9.2 ADVANTAGES AND DISADVANTAGES Advantages:
Very high accuracy.
It impossible that the system made mistakes.
It is standardized.
Disadvantages:
Extremely intrusive.
Very expensive.
3.10 COMPARISON:
Characteristics
Finger-
Hand
Retina
Iris
Face
Signature
Voice
print
Geometry
Ease of Use
High
High
Low
Medium
Medium
High
High
Error
Dryness,
Hand
Glasses
Lighting
Lighting
Changing
Noise,
Incidence
dirt, age
Injury,
,
age
lasses,
age, Signature
colds
hair
Accuracy
High
High
Very
Very
High
High
High
High
High
42
User
Medium
Medium
Medium
Medium
Medium
High
High
Medium
High
High
Medium
Medium
Medium
Acceptance
Long
Term High
Stability
Table 3.1
Comparison of Biometric Technology
43
4. A MULTIMODAL BIOMETRIC SYSTEM 4.1
A MULTIMODAL BIOMETRIC SYSTEM USING FINGERPRINT, FACE, AND SPEECH:
A biometric system which relies only on a single biometric identifier in making a personal identification is often not able to meet the desired performance requirements. Identification based on multiple biometrics represents an emerging trend. We introduce a multimodal biometric system, which integrates face recognition, fingerprint verification, and speaker verification in making a personal identification. This system takes advantage of the capabilities of each individual biometric. It can be used to overcome some of the limitations of a single biometrics. Preliminary experimental results demonstrate that the identity established by such an integrated system is more reliable than the identity established by a face recognition system, a fingerprint verification system, and a speaker verification system.
Figure 4.1 Multimode Biometric Using Fingerprint, Face and Voice 44
4.2
FACE AND LIP MOVEMENT
Figure diagrams BioID’s functions. The systemacquires (records), preprocesses, and classifies eachbiometric feature separately. During the training(enrollment) of the system, biometric templates aregenerated for each feature. For classification, the systemcompares these templates with the newly recordedpattern. Then, using a strategy that depends on thelevel of security required by the application, it combinesthe classification results into one result by whichit recognizes persons.
Figure 4.2 Multimode Biometric Using Face and Lip Movement 45
5. VULNERABLE POINTS OF BIOMETRIC SYSTEM A generic biometric system can be cast in the framework of a pattern recognition system. The stages of such a generic system are shown in Figure 5.1
Figure 5.1 Vulnerable Points Of Biometric System The first stage involves biometric signal acquisition from the user (e.g., the inkless fingerprint scan). The acquired signal typically varies significantly from presentation to presentation; hence, pure pixel-based matching techniques do not work reliably. For this reason, the second signal processing stage attempts to construct a more invariant representation of this basic input signal (e.g., in terms of fingerprint minutiae). The invariant representation is often a spatial domain characteristic or a transform (frequency) domain characteristic, depending on the particular biometric. During enrollment of a subject in a biometric authentication system, an invariant template is stored in a database that represents the particular individual. To authenticate the user against a given ID, the corresponding template is retrieved from the database and matched against the template derived from a newly acquired input signal. The matcher arrives at a decision based on the closeness of these two templates while taking into account geometry, lighting, and other signal acquisition variables. Note that password-based authentication systems can also be set in this framework. The keyboard becomes the input
46
device. The password encrypted can be viewed as the feature extractor and the comparator as the matcher. The template database is equivalent to the encrypted password database. There are eight places in the generic biometric system of Figure 5.1 where attacks may occur. The numbers in Figure 9.1 correspond to the items in the following list. 1. Presenting fake biometrics at the sensor: In this mode of attack, a possible reproduction of the biometric feature is presented as input to the system. Examples include a fake finger, a copy of a signature, or a facemask. 2. Resubmitting previously stored digitized biometrics signals: In this mode of attack, a recorded signal is replayed to the system, bypassing the sensor. Examples include the presentation of an old copy of a fingerprint image or the presentation of a previously recorded audio signal. 3. Overriding the feature extraction process: The feature extractor is attacked using a Trojan horse, so that it produces feature sets preselected by the intruder. 4. Tampering with the biometric feature representation: The features extracted from the input signal are replaced with a different, fraudulent feature set (assuming the representation method is known). Often the two stages of feature extraction and matcher are inseparable and this mode of attack is extremely difficult. However, if minutiae are transmitted to a remote matcher (say, over the Internet) this threat is very real. One could “snoop” on the TCP/IP (Transmission Control Protocol/Internet Protocol) stack and alter certain packets. 5. Corrupting the matcher: The matcher is attacked and corrupted so that it produces preselected match scores. 6. Tampering with stored templates: The database of stored templates could be either local or remote. The data might be distributed over several servers. Here the attacker could try to modify one or more templates in the database, which could result either in authorizing a fraudulent individual or denying service to the persons associated with the corrupted template. A smart card-based authentication system,where the template is stored in the smart card and presented to the authentication system, is particularly vulnerable to this type of attack.
47
7. Attacking the channel between the stored templates and the matcher: The stored templates are sent to the matcher through a communication channel. The data traveling through this channel could be intercepted and modified. 8. Overriding the final decision: If the final match decision can be overridden by the hacker, then the authentication system has been disabled. Even if the actual pattern recognition framework has excellent performance characteristics, it has been rendered useless by the simple exercise of overriding the match result. There exist several security techniques to thwart attacks at these various points. For instance, finger conductivity or fingerprint pulse at the sensor can stop simple attacks at point 1. Encrypted communication channelscan eliminate at least remote attacks at point 4. However, even if the hacker cannot penetrate the feature extraction module, the system is still vulnerable. The simplest way to stop attacks at points 5, 6, and 7 is to have the matcher and the database reside at a secure location. Of course, even this cannot prevent attacks in which there is collusion. Use of cryptographyprevents attacks at point 8. It is observed that the threats outlined in Figure are quite similar to the threats to password-based authentication systems. For instance, all the channel attacks are similar. One difference is that there is no “fake password” equivalent to the fake biometric attack at point 1 (although, perhaps if the password was in some standard dictionary it could be deemed “fake”). Furthermore, in a password- or token-based authentication system, no attempt is made to thwart replay attacks (since there is no expected variation of the “signal” from one presentation to another). However, in an automated biometric-based authentication system, one can check the liveness of the entity originating the input signal.
48
6. APPLICATIONS In the last years has considerably increased the area of application of biometrics and it's expected that in the near future, we will use biometry many times in our dayly activities such as getting in the car, openning the door of our house, accessing to our bank acount, shoping by internet, accessing to our PDA, mobil phone, laptops, etc. Depending of where the biometrics is deployed, the applications can be categorized in the following five main groups: forensic, government, commercial, health-care and traveling and immigration. However, some applications are common to these groups such as physical access, PC/network access, time and attendance, etc.
6.1
FORENSIC
The use of biometric in the law enforcement and forensic is more known and from long date, it is used mainly for identification of criminals. In particular, the AFIS (automatic fingerprint identification system) has been used for this purpose. Lately the facial-scan technology (mug shots) is being also used for identification of suspects. Another possible application is the verification of persons of home arrest, a voice-scan is an attractive solution for this problem. The typical application are: Identification of criminals- collecting the evidence in the scene of crime (e.g., fingerprints) it is possible to compare with data of suspects or make a search in the database of criminals. Surveillance --using cameras one can monitor the very busy places such as stadiums, airports, meetings, etc. Looking in the crowds for suspect, based on the face recognition biometric, using a images (e.g., mug shots) database of wanted persons or criminals. Since the events of September 11, 2001, the interest in biometric surveillance has increased dramatically, especially for air travel applications. Currently there are many cameras monitoring crowds at airports for detecting wanted terrorists. Corrections -This refers to the treatment of offenders (criminals) through a system of penal incarceration, rehabilitation, probation, and parole, or the administrative system by which these are effectuated. Is this cases a biometric system can avoid the possibility of accidentally releasing the wrong prisoner, or to ensure that people leaving the facilities are really visitors and not inmates.
49
Probation and home arrest - biometric can also be used for post-release programs (conditional released) to ensure the fulfillment of the probation, parole and home detention terms.
6.2
GOVERNMENT
There are many application of the biometry in the government sector. An AFIS is the primary system used for locating duplicates enrolls in benefits systems, electronic voting for local or national elections, driver's license emission, etc. The typical application are: National Identification Cards - the idea is to include digital biometric information in the national identification card. This is the most ambitious biometric program, since the identification must be performed in a large-scale database, containing hundred of millions samples, corresponding to the whole population of one country.
This kind of cards can be used for multiple purposes such as controlling the collection of benefits, avoiding duplicates of voter registration and drivers license emission. All this applications are primarily based on finger-scan and AFIS technology, however it is possible that facial-scan and iris-scan technology could be used in the future. Voter ID and Elections - while the biometric national ID card is still in project, in many countries are already used the biometry for the control of voting and voter registration for the national or regional elections. During the registration of voter, the biometric data is captured and stored in the card and in the database for the later use during the voting. The purpose is to prevent the duplicate registration and voting. Driver's licenses - In many countries the driver license is also used as identification document, therefore it is important to prevent the duplicate emission of the driver license under different name. With the use of biometric this problem can be eliminated. however it is important that the data must be shared between state, because in some country such as United States, the license are controlled at the states as opposed to the federal level. Benefits Distribution (social service) - the use of biometry in benefits distribution prevents fraud and abuse of the government benefits programs. Ensuring that the legitimate recipients have a quick and convenient access to the benefits such as unemployment, health care and social security benefits. Employee authentication - The government use of biometric for PC, network, and data access is also important for security of building and protection of information. Below are more detailed this kind of applications also used in commercial sector. 50
Military programs - the military has long been interested in biometrics and the technology has enjoyed extensive support from the national security community.
6.3
COMMERCIAL
Banking and financial services represent enormous growth areas for biometric technology, with many deployments currently functioning and pilot project announced frequently. Some applications in this sector are:
Account access - The use of biometric for the access to the account in the bank allows to keep definitive and auditable records of account access by employees and customers. Using biometry the the customers can access accounts and employees can log into their workstations. o ATMs - the use of biometric in the ATM transaction allows more security, o Expanded Service Kiosks - A more receptive market for biometrics may be special purpose kiosks, using biometric verification to allow a greater variety of financial transaction than are currently available though standard ATMs. o Online banking - Internet based account access is already widely used in many places, the inclusion of biometric will make more secure this type of transactions from home. Currently, there are many pilot programs using biometric in home banking. o Telephony transaction - Voice-scan biometric can be used to make more secure the telephone-based transactions. In this type of application, when the costumer calls to make a transaction, a biometric system will authenticate the customer's identity based on his or her voice with no need of any additional device. o PC/Network access - The use of biometric log-in to local PCs or remotely through network increase the security of the overall system keeping more protected the valuable information. o Physical access - the biometric is widely used for controlling the access to building or restricted areas. o E-commerce - biometric e-commerce is the use of biometrics to verify of identity of the individual conduction remote transaction for goods or services o Time and attendance monitoring - In this sector the biometrics is used for controlling the presence of the individuals in a determine area. For example for controlling the time sheet of the employees or the presence of students at the classroom
51
6.4
HEALTH CARE
The applications in this sector includes the use of biometrics to identify or verify the identity of individuals interacting with a health-care entity or acting in the capacity of health-care employee or professional. The main aim of biometrics is to prevent fraud, protect the patient information and control the sell of pharmaceutical products. Some typical application are: o PC/Network Access - the biometrics are used to control a secure access of the employees to the hospital network, primarily, in order to protect the patient information, o Access to personal information - Using biometrics, the medical patient information maybe stored on smart card or secure networks, this will enable the access of the patients to their personal information. Patient identification - In case of emergency, when a patient does not have identification document and is unable no communicate, biometric identification may be a good alternative to identify.
6.5
TRAVEL AND IMMIGRATION
The application in this sector includes the use of biometrics to identify or verify the identity of individual interacting during the course of travel, with a travel or immigration entity or acting in the capacity of travel or immigration employee. Typical application are: o Air travel - In many airport are already used a biometric system in order to reduce the inspection processing time for authorized travelers. o Border crossing - The use of biometrics to control the travelers crossing the national or state border is increasing, specially in regions with high volume of travelers or illegal immigrants. o Employee access - Several airport use biometric to control the physical access of employees to secure areas. o Passports - Some country already issues passports with biometric information on a barcode or smart chips. The use of biometrics prevent the emission of multiple passports for the same person and also facilitates the identification at the airports and border controls.
52
7. BIOMETRIC DEVICES
7.1
IRIS SCANNER
Iris cameras perform recognition detection of a person's identity by mathematical analysis of the random patterns that are visible within the iris of an eye from some distance. It combines computer vision, pattern recognition, statistical inference and optics. Of all the biometric devices and scanners available today, it is generally conceded that iris recognition is the most accurate. The automated method of iris recognition is relatively young, existing in patent since only 1994.
Figure 7.1 Iris Scanner Iris cameras, in general, take a digital photo of the iris pattern and recreating an encrypted digital template of that pattern. That encrypted template cannot be re-engineered or reproduced in any sort of visual image. Iris recognition therefore affords the highest level defence against identity theft, the most rapidly growing crime. The imaging process involves no lasers or bright lights and authentication is essentially noncontact. Today's commercial iris cameras use infrared light to illuminate the iris without causing harm or discomfort to the subject. The iris is the coloured ring around the pupil of every human being and like a snowflake, no two are alike. Each are unique in their own way, exhibiting a distinctive pattern that forms 53
randomly in uterus. The iris is a muscle that regulates the size of the pupil, controlling the amount of light that enters the eye.
7.2
FINGERPRINT SCANNER
Figure 7.2 Fingerprint Scanner A fingerprint scanner is an electronic device used to capture a digital image of the fingerprint pattern. This scan is digitally processed to create a biometric template which is stored and used for matching.
7.3
FACE CAMERA
Face detection is used in biometrics, often as a part of (or together with) a facial recognition system. It is also used in video surveillance, human computer interface and image database management. A face camera is a webcam with 2 Mpx or above which can take a clear crisp photograph of the face.
54
Figure 7.2 Face Camera Some recent digital cameras use face detection for autofocus. Also, face detection is useful for selecting regions of interest in photo slideshows that use a pan-and-scale Ken Burns effect. That is, the content of a given part of an image is transformed into features, after which a classifier trained on example faces decides whether that particular region of the image is a face, or not. A face model can contain the appearance, shape, and motion of faces. There are several shapes of faces. Some common ones are oval, rectangle, round, square, heart, and triangle. Motions include, but not limited to, blinking, raised eyebrows, flared nostrils, wrinkled forehead, and opened mouth.
7.5
HAND SCANNER
Figure 7.3 Hand Scanner 55
7.6
RETINA SCANNER
Figure 7.4 Retina Scan
7.7
MULTIBIOMETRICS
Figure 7.5 Multi Biometrics
56
8. CONCLUSION Biometrics can only be limited by limiting one's imagination. Biometric technology is now being used in almost every area. Not only that, but various types of biometric systems are being used to achieve various functionalities. There are many mature biometric systems available now. Proper design and implementation ofthe biometric system can indeed increase the overall security. There are numerous conditionsthat must be taken in account when designing a secure biometric system. First, it is necessary torealize that biometrics is not secrets. This implies that care should be taken and it is not secureto generate any cryptographic keys from them. Second, it is necessary to trust the input deviceand make the communication link secure. Third, the input device needs to be verified . The ultimate form of electronic verification of a person’s identity is biometrics; using a physical attribute of the person to make a positive identification. People have always used the brain’s innate ability to recognize a familiar face and it has long been known that a person’s fingerprints can be used for identification. The challenge has been to turn these into electronic processes that are inexpensive and easy to use. Banks and others who have tested biometric-based security on their clientele, however, say consumers overwhelmingly have a pragmatic response to the technology. Anything that saves the information-overloaded citizen from having to remember another password or personal identification number comes as a welcome respite. Biometrics can address most of the security needs, but at what cost? Surprisingly, the benefits quickly outweigh the costs. Like so many technological developments, innovative people have found new ways to implement biometric systems, so prices have come down dramatically in the last year or two. As prices have come down, the interest level and the knowledge about how to effectively utilize these systems have increased. So the investment is decreasing and the recognizable benefits are increasing. Biometrics, when properly implemented, not only increase security but also often are easier to use and less costly to administer than the less secure alternatives. Biometrics can’t be forgotten or left at home and they don’t have to be changed periodically like passwords.
57
9. REFERENCE 1. Sergey Tulyakov, Faisal Farooq, Praveer Mansukhani, Venu Govindaraju, “Symmetric Hash functions for Secure Finger print biometric systems”. 2. Y.Donis, L. Reyzin and A.Smith, “Fuzzy Extractors”In security with Noisy Data: Private Biometrics, Secure key Storage and Anti-Counterfeiting, P.Tuyls, B.Skoric and T.Kevenaar, Eds., chpt5,pp.79-77, Springer-Verlag, 20012. 3. Direct Indirect Human Computer Interaction Based Biometrics International Journal of Emerging Engineering Research and Technology Volume 3, Issue 3, March 2015. 4. A.A.E. Ahmed, I. Traore, “A new biometric technology based on mouse dynamics, IEEE Transactions on dependable and Secure Computing” 4 (3) (2007) 165–179. 5. Deshpande, S. Chikkerur, V. Govindaraju, Accent classification in speech, Fourth IEEE Workshop on Automatic Identification Advanced Technologies, 17–18 October, 2014, pp. 139–143. 6. F. Bannister and R. Connolly, “New Problems for Old? Defining e-Governance”, proceedings of the 44th Hawaii International Conference on System Sciences, (2012). 7. W.-S. Chen, K.-H. Chih, S.-W. Shih and C.-M. Hsieh, “Personal Identification Technique based on Human Iris Recognition with Wavelet Transform”, 2005 IEEE, ICASSP, (2012), pp. II -949. 8. R. Germain, A. Califano, and S. Colville, “Fingerprint Matching Using Transformation Parameter Clustering,” IEEE Computational Science and Engineering 4, No. 4, 42–49 (2014). 9. L. O’Gorman, “Practical Systems for Personal Fingerprint Authentication,” IEEE Computer 33, No. 2, 58–60 (2013). 10 N. K. Ratha and R. M. Bolle, “Smart Card Based Authentication,” in Biometrics: Personal Identification in Networked Society, A. K. Jain, R. M. Bolle, and S. Pankanti, Editors, Kluwer Academic Press, Boston, MA (2013), pp. 369–384. 11. T. Rowley, “Silicon Fingerprint Readers: A Solid State Approach to Biometrics,” Proceedings of the CardTech/SecureTech Conference, CardTech/SecureTech, Bethesda, MD (2013), pp. 152–159. 12. B. Miller, “Vital Signs of Identity,” IEEE Spectrum 31, No.2, 22–30 (2013). 13. B. Schneier, “The Uses and Abuses of Biometrics,” Communications of the ACM 42, No. 8, 136 (2012). 14. W. Bender, D. Gruhl, N. Morimoto, and A. Lu, “Techniques for Data Hiding,” IBM Systems Journal 35, Nos. 3&4, 313–336 (2013). 15. Biometric Digest -http://biometrics.cse.msu.edu. 16.Biometric Consortium - http://www.biometricgroup.com
58
Lihat lebih banyak...
Comentários
