Introduction to Biometrics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #1 Biometrics and Other Emerging Technologies in Applications Security August 22, 2005

Outline l Biometrics l Digital Identity Management l Identity Theft Management l Digital Forensics l Digital Watermarking l Risk Analysis l Economic Analysis l Secure Electronic Voting Machines l Other Applications l Areas in Information Security

Biometrics l Early Identication and Authentication (I&A) systems, were based on passwords l Recently physical characteristics of a person are being used for identification - Fingerprinting - Facial features - Iris scans - Blood circulation - Facial expressions l Biometrics techniques will provide access not only to computers but also to buildings and homes l USVISIT is an important application being developed by the Department of Homeland Security

Biometric Technologies l Pattern recognition l Machine learning l Statistical reasoning l Multimedia/Image processing and management l Managing biometric databases l Information retrieval l Pattern matching l Searching l Ontology management l Data mining

Data Mining for Biometrics l Determine the data to be analyzed - Data may be stored in biometric databases - Data may be text, images, video, etc. l Data may be grouped using classification techniques l As new data arrives determine the group this data belongs to - Pattern matching, Classification l Determine what the new data is depending on the prior examples and experiments l Determine whether the new data is abnormal or normal behavior l Challenge: False positives, False negatives

Secure Biometrics l Biometrics systems have to be secure l Need to study the attacks for biometrics systems l Facial features may be modified: - E.g., One can access by inserting another person’s features - Attacks on biometric databases is a major concern l Challenge is to develop a secure biometric systems

Secure Biometrics - II l Security policy for as biometric system - Application specific and application independent policies - Security constraints l E.g., Classify the biometric properties of the President l Security model for a biometrics systems - Determine the operations to be performed - Need to include both text, images and video/animation l Architecure for a biometric system - Need to identify securiy critical components - Reference monitor; the trusted components l Detecting intrusions in a biometric system

Digital Identity Management l Digital identity is the identity that a user has to access an electronic resource l A person could have multiple identities - A physician could have an identity to access medical resources and another to access his bank accounts l Digital identity management is about managing the multiple identities - Manage databases that store and retrieve identities - Resolve conflicts and heterogeneity - Make associations - Provide security l Ontology management for identity management is an emerging research area

Digital Identity Management - II l Federated Identity Management - Corporations work with each other across organizational boundaries with the concept of federated identity - Each corporation has its own identity and may belong to multiple federations - Individual identity management within an organization and federated identity management across organizations l Technologies for identity management - Database management, data mining, ontology management, federated computing

Identity Theft Management l Need for secure identity management - Ease the burden of managing numerous identities - Prevent misuse of identity: preventing identity theft l Identity theft is stealing another person’s digital identity l Techniques for preventing identity thefts include - Access control, Encryption, Digital Signatures - A merchant encrypts the data and signs with the public key of the recipient - Recipient decrypts with his private key

Digital Forensics l Digital forensics is about the investigation of Cyber crime l Follows the procedures established for Forensic medicine l The steps include the following: - When a computer crime occurs, law enforcement officials who are cyber crime experts gather every piece of evidence including information from the crime scene (i.e. from the computer) - Gather profiles of terrorists - Use history information - Carry out analysis

Digital Forensics - II l Digital Forensics Techniques - Intrusion detection - Data Mining - Analyzing log files - Use criminal profiling and develop a psychological profile - Analyze messages l Lawyers, Psychologists, Sociologists, Crime investigators and Technologists have to worm together l International Journal of Digital Evidence is a useful source

Steganography and Digital Watermarking l Steganography is about hiding information within other information - E.g., hidden information is the message that terrorists may be sending to their peers in different parts of the world - Information may be hidden in valid texts, images, films etc. - Difficult to be detected by the unsuspecting human l Steganalysis is about developing techniques that can analyze text, images, video and detect hidden messages - May use data mining techniques to detect hidden patterns l Steganograophy makes the task of the Cyber crime expert difficult as he/she has to analyze for hidden information - Communication protocols are being developed

Steganography and Digital Watermarking - II l Digital water marking is about inserting information without being detected for valid purposes - It has applications in copyright protection - A manufacturer may use digital watermarking to copyright a particular music or video without being noticed - When music is copied and copyright is violated, one can detect who the real owner is by examining the copyright embedded in the music or video

Risk Analysis l Analyzing risks - Before installing a secure system or a network one needs to conduct a risk analysis study - What are the threats? What are the risks? l Various types of risk analysis methods - Quantitative approach: Events are ranked in the order of risks and decisions are made based on the risks Qualitative approach: estimates are used for risks

Economics Analysis l Security vs Cost - If risks are high and damage is significant then it may be worth the cost of incorporating security - If risks and damage are not high, then security may be an additional cost burden l Economists and technologists need to work together - Develop cost models - Cost vs. Risk/Threat study

Secure Electronic Voting Machines l We are slowly migrating to electronic voting machines l Current electronic machines have many security vulnerabilities l A person can log into the system multiple times from different parts of the country and cast his/her vote l Insufficient techniques for ensuring that a person can vote only once l The systems may be attacked and compromised l Solutions are being developed l Johns Hopkins University is one of the leaders in the field of secure electronic voting machines

Other Applications l security - Encryption - Filtering - Data mining l Benchmarking - Benchmarks for secure queries and transactions l Simulation and performance studies l Security for machine translation and text summarization l Covert channel analysis l Robotics security - Need to ensure policies are enforced correctly when operating robots

Areas in Information Security l Core Areas - Operating System Security - Network Security - Middleware Security - Database Security - Applications Security - Intrusion Detection - Web Security l Some Special Areas - Biometrics - Secure Semantic Webs - Secure Geospatial Systems