Scribd Logo
Upload

Welcome to Scribd!

  • Chapters 1 2

    Uploaded by

    radhe sham
    6 views36 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    6 views36 pages

    Chapters 1 2

    Uploaded by

    radhe sham

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 36

    GUIDE TO BIOMETRICS

    CHAPTER I & II

    September 7th 2005

    Presentation by Tamer Uz
    Chapter I

    Introduction
    Outline
     Descriptions
     Authentication
     Overview of Biometric Systems
     Biometric Identification
     Biometric Verification
     Biometric Enrollment
     Biometric System Security
    Descriptions
     Biometrics: Science of identifying, or verifying the
    identity of, a person based on physiological or
    behavioral characteristics.
    Descriptions
     Authorization:  Authentication:
    Permission or Validating or figuring
    approval. out the identity of a
    person.
    Authentication
     There are 3 traditional way of verifying the
    identity of a person:
     Possessions (keys, passports, smartcards , …)
     Knowledge
     Secret (passwords, pass phrases, …)
     Non-secret (user Id, mothers maiden name, favorite
    color)
     Biometrics
     Physiological (fingerprints, face, iris, …)
     Behavioral (walking, keystroke pattern, talking, …)
    Authentication
     The 3 modes of authentication are sometimes
    combined
     User id + password
     ATM card + password
     Passport + face picture and signiture
    Authentication
    There are two different authentication methods in
    biometrics

     Verification: Is he/she the person who claims he/she


    is? Works with id + biometrics. Thus it is based on a
    combination of modes.

     Identification: Who is this person? Uses only the


    biometrics and searches the entire database.
    Overview of Biometric Systems
    There are five important properties of biometric
    identifiers:

    1. Universality
    2. Uniqueness
    3. Permanence
    4. Collectability
    5. Acceptability
    Overview of Biometric Systems

    Biometric Identifiers
    Overview of Biometric Systems
    Biometric Subsystems
     Biometric readers (sensors)

     Feature extractors

     Feature Matchers
    Overview of Biometric Systems
    A generalized diagram of a biometric system is as
    follows:
    Overview of Biometric Systems
    Design Issues:
    4 basic design specifications of biometric systems are

     System accuracy
     How often the system accepts an imposter (FAR)
     How often the system rejects a genuine user (FRR)

     Computational Speed

     Exception Handling
     Failure to use (FTU)
     Failure to enroll (FTE)
     Failure to acquire (FTA)

     System Cost
    Overview of Biometric Systems
    Engineering Questions - What feature set is amenable for automatic
    matching?
    - Trusting people/biometrics?
    - Given the input data how to extract the features
    - Which biometrics is best for a given from it?
    application?
    - How to define a matching metric that translates the
    - How are the error numbers that are intuition of “similarity” among the patterns?
    reported for different biometrics to be
    interpreted? - How to implement the matching metric?
    - Are new security holes created because of - Organization of the database?
    the use of the biometrics?
    - Methods for searching the database?
    - How to achieve a low exception rate?
    - Security?
    - How to acquire the biometrics and how to
    do it in a convenient way? - Privacy?
    Biometric Identification
    Biometric identification is based only on biometric
    credentials.
    Biometric Identification
    Biometric identification system can be used in
    two different modes

    • Positive identification
    • Authorization of a group without id
    • Negative identification
    • Most Wanted List
    Biometric Verification
    Biometric verification differs from biometric
    identification in that the presented biometric is only
    compared with a single enrolled biometric entity
    which matches the input id
    Biometric Verification
    There are two possible database configurations for the
    verification systems

    Centralized Database: As the name suggests the enrollment


    information is in a central database. When the token (id/card)
    is provided, the corresponding biometrics is retrieved and the
    comparison is made with the newly presented biometric
    sample. E.g. laptop

    Distributed Database: In this case the enrollment template is


    usually stored in a device that the user carries. The user
    provides the device and his/her biometrics. Then the
    comparison is performed between the two. E.g. smart cards
    Biometric Enrollment
    Process of registering subjects in biometric database
    Positive Enrollment:
    • To create a database of eligible subjects
    • Biometric samples and other credentials are stored in the database. An
    id (or a smart card) is issued to the subject.
    Negative Enrollment:
    • To create a database of ineligible subjects
    • Often without subject cooperation or even knowledge
    Biometric System Security
     Possible Security Concerns:
     Biometric information is presented when the owner is not
    present.

     Hacking the scanner, feature extractor, matcher, database,


    and any other possible module in the system.
    Chapter II

    Authentication
    and
    Biometrics
    Outline
     Descriptions
     Secure Authentication Protocols
     Access Control Security Services
     Authentication Methods
     Authentication Protocols
     Matching Biometric Samples
     Verification by Humans
     Passwords vs. Biometrics
     Hybrid Methods
    Descriptions
     Authorization: Permission to access a resource

     Access Control: A mechanism for limiting the use of some


    resource to authorized users

     Access Control List: A data structure associated with a


    resource that specifies the authorized users and the conditions
    for their access

     Authenticate: To determine that something is genuine; to


    determine reliably the identity of the communicating party

     Authentication: Permission to access a resource


    Secure Authentication Protocols
    Characteristics of an authentication protocol:
     Established in advance

     Mutually agreed

     Unambiguous

     Complete (Able to handle exceptions)

    An authentication protocol itself does “not” guarantee


    security
    Access Control Security Services
    Some basic security services that should be offered by
    any access control system are:
     Authentication

     Non-repudiation

     Confidentiality
    Authentication Methods
    Possession (P)
    Knowledge (K)
    Biometrics (B)
    Authentication Protocols
    Authentication protocol is the tasks the user and the
    access point has to perform to be able to determine
    whether the user has enough credentials or not.

    Part of Authentication Protocols:


     Enrollment
     Tokens. E.g. T={x1…xn|xi Є (P,K,B)}
     Comparison rules. E.g. Matching threshold
     Other rules. E.g. “Three strikes and you are out”, or the
    order of the presentation of the tokens: “First id number,
    then the fingerprint, and than the key”
    Matching Biometric Samples
    Remark:
    • P and K are checked by exact comparison;
    • B is compared via pattern recognition techniques because of sampling
    variations, noise and distortions

    Three crucial design aspects of biometric system:


    • The biometric sampling or signal acquisition (B=f( ß))
    • The similarity function s=s(B1, B2) between two templates
    • The decision threshold T that decides on a match or mismatch
    Matching Biometric Samples
    Identification
    Only the biometrics is needed (no id is claimed).

    • Authorization is granted if d=di


    • Multiple di might satisfy the similarity criteria. A secondary matcher
    (possible a human expert) tries to narrow it down.
    Matching Biometric Samples
     Screening

    • Negative identification.

    • Searching whether a subject is in an “interesting” people


    database or not. (Most wanted criminals)

    • Using biometrics only may result in too many false positives


    (or false negatives depending on T). Bad ROC.

    • Therefore several tokens P1, B1, K1, P2, K2, B2 etc. should
    be matched with the ones in the file.
    Matching Biometric Samples
     Verification
    • Id + B is provided. (Sometimes K too)
    • The template corresponding the Id is retrieved from
    the database
    • If s(B,Bi)>T pass, else fail.
    Matching Biometric Samples
     Continuity of Identity

    • Are the authenticated and authorized persons


    the same?

    • Re-establishing the authentication credentials

    • Surveillance cameras
    Verification by Humans
     By looking at the biometrics (face, signatures…)
     Face verification error rate 1:1000
     Signature verification is not very secure
    Passwords versus Biometrics
     Passwords: Exact match
     Biometrics: Probabilistic match
     FAR, FRR
    Hybrid Methods
     More than one identifier is used {P, K, B}
     Two Remarks
     B with {P, K}. Reduces identification to
    verification (from 1:many to 1:1)
     B1 with B2. Results in better ROCs than using
    only B1 or only B2
     Combination of matching scores is an
    application specific problem
    QUESTIONS?

    You might also like