BOPS – Biometric Open Protocol Standard Emilio J. Sanchez-Sierra.

Slides:



Advertisements
Similar presentations
Security Controls and Systems in E-Commerce
Advertisements

BIOMETRIC VOTING SYSTEM
Digital DNA Server Login People ®. Login People ˃ IT security vendor ˃ Patented Digital DNA ® technology innovation Digital DNA Server Multi-factor Authentication.
What is Biometric identification 1 ? –Biometrics is the use of automated methods to recognize a person based on a physical characteristic. –Biometric technologies.
National Institute of Science & Technology Fingerprint Verification Maheswar Dalai Presented By MHESWAR DALAI Roll No. #CS “Fingerprint Verification.
By: Monika Achury and Shuchita Singh
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
BIOMETRICS AND NETWORK AUTHENTICATION Security Innovators.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.
Lesson 1-What Is Information Security?. Overview History of security. Security as a process.
Security-Authentication
“KEEPING YOU TOGETHER, BUT APART” BY: KANISHA NEWMAN United Identity Bank.
1J. M. Kizza - Ethical And Social Issues Module 16: Biometrics Introduction and Definitions Introduction and Definitions The Biometrics Authentication.
Module 14: Biometrics Introduction and Definitions The Biometrics Authentication Process Biometric System Components The Future of Biometrics J. M. Kizza.
Dr. John P. Abraham Professor UTPA.  Particularly attacks university computers  Primarily originating from Korea, China, India, Japan, Iran and Taiwan.
By Alvaro E. Escobar 1 Biometrics Agenda I. Video II. Biometric Overview III. Biometric Technologies IV. Accuracy Metrics V. BioPrivacy Concerns.
Authentication Approaches over Internet Jia Li
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
RIVERA SÁNCHEZ-1 CSE 5810 User Authentication in Mobile Healthcare Applications Yaira K. Rivera Sánchez Computer Science & Engineering Department University.
Chapter 10: Authentication Guide to Computer Network Security.
Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.
CS 736 A methodology for Analyzing the Performance of Authentication Protocol by Laseinde Olaoluwa Peter Department of Computer Science West Virginia.
© NeoAccel, Inc. TWO FACTOR AUTHENTICATION Corporate Presentation.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Geneva, Switzerland, September 2014 Identity Based Attestation and Open Exchange Protocol (IBOPS) Scott Streit Chief Scientist.
Physical ways of keeping your system secure. Unit 7 – Assignment 2. (Task1) By, Rachel Fiveash.
Security PS Evaluating Password Alternatives Bruce K. Marshall, CISSP, IAM Senior Security Consultant
Biometrics. Biometric Identity Authentication I am the author of IEEE P BOPS Triple of Device, Biometric, 2-Way SSL Cert One Time Password Liveness.
Authority of Information Technology Application National Center of Digital Signature Authentication Ninh Binh, June 25, 2010.
Keystroke Authentication It’s All in How You Type John C. Checco BiometriTech 2003 bioChec™
1 Information Systems CS-507 Lecture Types of Controls Access Controls – Controlling who can access the system. Input Controls – Controls over how.
Biometrics Authentication Technology
CS453: Introduction to Information Security for E-Commerce Prof. Tom Horton.
Encryption. Introduction The incredible growth of the Internet has excited businesses and consumers alike with its promise of changing the way we live.
Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.
Biometric Technologies
Biometrics: A Tool for Information Security 1 Authors: Anil K. Jain, Arun Ross, Sharath Pankanti IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY,
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Welcome Topic : Security.
Web Services Security Patterns Alex Mackman CM Group Ltd
INTRODUCTION TO BIOMATRICS ACCESS CONTROL SYSTEM Prepared by: Jagruti Shrimali Guided by : Prof. Chirag Patel.
Physical security By Ola Abd el-latif Abbass Hassan.
BIOMETRICS.
Biometrics and Security Colin Soutar, CTO Bioscrypt Inc. 10th CACR Information Security Workshop May 8th, 2002.
My topic is…………. - It is the fundamental building block and the primary lines of defense in computer security. - It is a basic for access control and.
Unit 32 – Networked Systems Security
Managing Secure Biometric Systems Meghan Armes IA Management April 24, 2007.
By Kyle Bickel. Road Map Biometric Authentication Biometric Factors User Authentication Factors Biometric Techniques Conclusion.
Electronic Banking & Security Electronic Banking & Security.
Information Systems Design and Development Security Precautions Computing Science.
An Introduction to Biometrics
Michael Carlino. ROADMAP -Biometrics Definition -Different types -Future -Advantages -Disadvantages -Common Biometric Report -Current Issues.
3D Password.
Information Security and Privacy By: Mike Battestilli.
CLOUDENTIFY.
Outline The basic authentication problem
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
PAYMENT GATEWAY Presented by SHUJA ASHRAF SHAH ENROLL: 4471
Private and Secure Biometric User Authentication in the Web Master Thesis Defense Zaki Alsubhi Department of Computer Science University of Colorado.
Authentication.
Biometrics.
Biometrics.
Biometric technology.
A SEMINAR REPORT ON BIOMETRICS
Security.
Unit 8 Network Security.
BY: Michael Etse and Maverick Fermill
Ones Technology Products & Solutions
Preparing for the Windows 8. 1 MCSA Module 6: Securing Windows 8
Presentation transcript:

BOPS – Biometric Open Protocol Standard Emilio J. Sanchez-Sierra

The problem (Introduction) Access control, Authentication and Authorization. At some point in human history, someone was not allowed somewhere (or know something). My house is, well, for me. No one unauthorized should be allowed to enter. The same applies with my car and other possessions that I want secure. The usual way of protecting unauthorized access to my property is by means of a car key. In other words, I possess something that allows me access.

The problem (Introduction) Access control, Authentication and Authorization. In times of war, we have used passphrases to identify allies, even if I have never met them before in my life. They 'knew' something, that asserted in a way, their identity and/or belonging to a group.

The problem (Introduction) Access control, Authentication and Authorization. Problems: Physical Objects can be copied. Passwords can be overheard or inferred. Part of the solution: Multi factor authentication Something you have Something you know

The problem (Introduction) Access control, Authentication and Authorization. The good: Adequate solution for access control. The not so good: Identity assertion.

Biometrics Biometrics is the science of measuring human beings based on unique biological features that are part of our bodies at birth: face, fingerprint, palm print, voice, vein patterns, retinal blood vessel patterns, DNA, retina, and iris. Friction ridges on a finger

Biometrics Consumers, Research and Biometrics 52% of smartphone users want to use their fingerprints instead of the passwords, a further 61% want to use fingerprints to unlock their phones, and 48% want to use eye recognition. Another survey, sponsored by PayPal and the National Cyber Security Alliance, found that 53% of those surveyed are “comfortable” replacing passwords with fingerprints. Also 45% would opt for a retinal scan.

Biometrics Consumers, Research and Biometrics Microsoft Research funded a study that titled “The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes”, the cornerstone conclusion of which indicates that the vast passwords replacement transition should conform to the following criteria: nothing to carry, efficient to use, and easy recovery from a loss. The Microsoft study goes as far as concluding such criteria could be achieved mostly in the biometric schemes.

Biometrics Consumers, Research and Biometrics Passwords are not the correct solution for a digital world The first computer password (as far as we known), was deployed in part by Fernando Corbató in the 1960's. The purpose of the implementation of passwords was for "compartmentalization so people didn’t have to live in a communal setting". In other words: Access Control

Biometrics Consumers, Research and Biometrics Unexpected events: Networking Web / Internet Moore's Law

Biometrics Consumers, Research and Biometrics Passwords, it seems, are an artifact of two eras overlapping.

What is BOPS? BOPS stands for Biometric Open Protocol Standard. The purpose of BOPS is to provide an open and biometrics-agnostic multilevel security protocol and platform. In layman terms it allows non technical users interact with a system using multi-factor authentication (one of them being biometrics) that integrates with systems in a simple manner (from a technical point of view).

What is BOPS? During the following explanations, consider the following elements always present. All communications between Devices/Clients and BOPS are done via two way (mutual) SSL authentication. The transport layer of encryption uses 571 bit Elliptic Curve Encryption.

What is BOPS? States: Pre Genesis (prior enrollment) Genesis Post Genesis Components: Client Device BOPS Server

What is BOPS? Pre Genesis: Client Device Contains OTP in the form of certificate for a 1 time 2 way secure sockets layer connection to be used during Genesis. BOPS Server Awaiting connection from Devices for Genesis

What is BOPS? Genesis The client uses the 1 time certificate to establish connection with the BOPS server, the Client submits all uniquely identifying information for the device. BOPS server replies with a new 2-way SSL Key containing identity, a password for encryption and decryption, and a set of values which prevent replay. The user device is considered enrolled at this point and can interact with other services via the use of the API.

What is BOPS? Post Genesis (after enrollment) Client Device Contains new encrypted certificate for 2 way SSL with BOPS Server Encrypted Biometrics BOPS Server Device Information (NO BIOMETRICS, NO KEYS nor other artifacts are stored)

What is BOPS? Implementations of BOPS and Examples Genesis

What is BOPS? Implementations of BOPS and Examples

What is BOPS? Genesis The client uses the 1 time certificate to establish connection with the BOPS server, the Client submits all uniquely identifying information for the device. BOPS server replies with a new 2-way SSL Key containing identity, a password for encryption and decryption, and a set of values which prevent replay. The user device is considered enrolled at this point and can interact with other services via the use of the API.

What is BOPS? Implementations of BOPS and Examples

What is BOPS? Machine enrollment to account

What is BOPS? Login via Push Notification

What is BOPS? Login from device to machine

What is BOPS? Implementations of BOPS and Examples

Thanks you for your attention. Questions?

References: The standard for implementation is BOPS, IEEE specification P Oasis has a similar standard “in process” for Biometric security called Identity Biometric Protocol Standard (IBOPS). We also use this standard for implementation. Some Images taken from