Presentation is loading. Please wait.

Presentation is loading. Please wait.

BOPS – Biometric Open Protocol Standard Emilio J. Sanchez-Sierra.

Published byTracy Caldwell Modified over 8 years ago

Similar presentations

Presentation on theme: "BOPS – Biometric Open Protocol Standard Emilio J. Sanchez-Sierra."— Presentation transcript:

1 BOPS – Biometric Open Protocol Standard Emilio J. Sanchez-Sierra

2 The problem (Introduction) Access control, Authentication and Authorization. At some point in human history, someone was not allowed somewhere (or know something). My house is, well, for me. No one unauthorized should be allowed to enter. The same applies with my car and other possessions that I want secure. The usual way of protecting unauthorized access to my property is by means of a car key. In other words, I possess something that allows me access.

3 The problem (Introduction) Access control, Authentication and Authorization. In times of war, we have used passphrases to identify allies, even if I have never met them before in my life. They 'knew' something, that asserted in a way, their identity and/or belonging to a group.

4 The problem (Introduction) Access control, Authentication and Authorization. Problems: Physical Objects can be copied. Passwords can be overheard or inferred. Part of the solution: Multi factor authentication Something you have Something you know

5 The problem (Introduction) Access control, Authentication and Authorization. The good: Adequate solution for access control. The not so good: Identity assertion.

6 Biometrics Biometrics is the science of measuring human beings based on unique biological features that are part of our bodies at birth: face, fingerprint, palm print, voice, vein patterns, retinal blood vessel patterns, DNA, retina, and iris. Friction ridges on a finger

7 Biometrics Consumers, Research and Biometrics 52% of smartphone users want to use their fingerprints instead of the passwords, a further 61% want to use fingerprints to unlock their phones, and 48% want to use eye recognition. Another survey, sponsored by PayPal and the National Cyber Security Alliance, found that 53% of those surveyed are “comfortable” replacing passwords with fingerprints. Also 45% would opt for a retinal scan.

8 Biometrics Consumers, Research and Biometrics Microsoft Research funded a study that titled “The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes”, the cornerstone conclusion of which indicates that the vast passwords replacement transition should conform to the following criteria: nothing to carry, efficient to use, and easy recovery from a loss. The Microsoft study goes as far as concluding such criteria could be achieved mostly in the biometric schemes.

9 Biometrics Consumers, Research and Biometrics Passwords are not the correct solution for a digital world The first computer password (as far as we known), was deployed in part by Fernando Corbató in the 1960's. The purpose of the implementation of passwords was for "compartmentalization so people didn’t have to live in a communal setting". In other words: Access Control

10 Biometrics Consumers, Research and Biometrics Unexpected events: Networking Web / Internet Moore's Law

11 Biometrics Consumers, Research and Biometrics Passwords, it seems, are an artifact of two eras overlapping.

12 What is BOPS? BOPS stands for Biometric Open Protocol Standard. The purpose of BOPS is to provide an open and biometrics-agnostic multilevel security protocol and platform. In layman terms it allows non technical users interact with a system using multi-factor authentication (one of them being biometrics) that integrates with systems in a simple manner (from a technical point of view).

13 What is BOPS? During the following explanations, consider the following elements always present. All communications between Devices/Clients and BOPS are done via two way (mutual) SSL authentication. The transport layer of encryption uses 571 bit Elliptic Curve Encryption.

14 What is BOPS? States: Pre Genesis (prior enrollment) Genesis Post Genesis Components: Client Device BOPS Server

15 What is BOPS? Pre Genesis: Client Device Contains OTP in the form of certificate for a 1 time 2 way secure sockets layer connection to be used during Genesis. BOPS Server Awaiting connection from Devices for Genesis

16 What is BOPS? Genesis The client uses the 1 time certificate to establish connection with the BOPS server, the Client submits all uniquely identifying information for the device. BOPS server replies with a new 2-way SSL Key containing identity, a password for encryption and decryption, and a set of values which prevent replay. The user device is considered enrolled at this point and can interact with other services via the use of the API.

17 What is BOPS? Post Genesis (after enrollment) Client Device Contains new encrypted certificate for 2 way SSL with BOPS Server Encrypted Biometrics BOPS Server Device Information (NO BIOMETRICS, NO KEYS nor other artifacts are stored)

18 What is BOPS? Implementations of BOPS and Examples Genesis

19 What is BOPS? Implementations of BOPS and Examples

20

21 What is BOPS? Genesis The client uses the 1 time certificate to establish connection with the BOPS server, the Client submits all uniquely identifying information for the device. BOPS server replies with a new 2-way SSL Key containing identity, a password for encryption and decryption, and a set of values which prevent replay. The user device is considered enrolled at this point and can interact with other services via the use of the API.

22 What is BOPS? Implementations of BOPS and Examples

23

24

25

26 What is BOPS? Machine enrollment to account

27 What is BOPS? Login via Push Notification

28 What is BOPS? Login from device to machine

29 What is BOPS? Implementations of BOPS and Examples

30 Thanks you for your attention. Questions?

31 References: The standard for implementation is BOPS, IEEE specification P2410. http://standards.ieee.org/develop/project/2410.html Oasis has a similar standard “in process” for Biometric security called Identity Biometric Protocol Standard (IBOPS). We also use this standard for implementation. https://www.oasisopen.org/committees/tc_home.php?wg_abbrev=ibops Some Images taken from http://xkcd.com/ http://en.wikipedia.org/ http://www.Cattail.nu

Download ppt "BOPS – Biometric Open Protocol Standard Emilio J. Sanchez-Sierra."

Similar presentations

Security Controls and Systems in E-Commerce

Security Controls and Systems in E-Commerce
BIOMETRIC VOTING SYSTEM

BIOMETRIC VOTING SYSTEM
Digital DNA Server Login People ®. Login People ˃ IT security vendor ˃ Patented Digital DNA ® technology innovation Digital DNA Server Multi-factor Authentication.

Digital DNA Server Login People ®. Login People ˃ IT security vendor ˃ Patented Digital DNA ® technology innovation Digital DNA Server Multi-factor Authentication.
What is Biometric identification 1 ? –Biometrics is the use of automated methods to recognize a person based on a physical characteristic. –Biometric technologies.

What is Biometric identification 1 ? –Biometrics is the use of automated methods to recognize a person based on a physical characteristic. –Biometric technologies.
National Institute of Science & Technology Fingerprint Verification Maheswar Dalai Presented By MHESWAR DALAI Roll No. #CS200127358 “Fingerprint Verification.

National Institute of Science & Technology Fingerprint Verification Maheswar Dalai Presented By MHESWAR DALAI Roll No. #CS “Fingerprint Verification.
By: Monika Achury and Shuchita Singh

By: Monika Achury and Shuchita Singh
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
BIOMETRICS AND NETWORK AUTHENTICATION Security Innovators.

BIOMETRICS AND NETWORK AUTHENTICATION Security Innovators.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.

SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.
Lesson 1-What Is Information Security?. Overview History of security. Security as a process.

Lesson 1-What Is Information Security?. Overview History of security. Security as a process.
Security-Authentication

Security-Authentication
“KEEPING YOU TOGETHER, BUT APART” BY: KANISHA NEWMAN United Identity Bank.

“KEEPING YOU TOGETHER, BUT APART” BY: KANISHA NEWMAN United Identity Bank.
1J. M. Kizza - Ethical And Social Issues Module 16: Biometrics Introduction and Definitions Introduction and Definitions The Biometrics Authentication.

1J. M. Kizza - Ethical And Social Issues Module 16: Biometrics Introduction and Definitions Introduction and Definitions The Biometrics Authentication.
Module 14: Biometrics Introduction and Definitions The Biometrics Authentication Process Biometric System Components The Future of Biometrics J. M. Kizza.

Module 14: Biometrics Introduction and Definitions The Biometrics Authentication Process Biometric System Components The Future of Biometrics J. M. Kizza.
Dr. John P. Abraham Professor UTPA.  Particularly attacks university computers  Primarily originating from Korea, China, India, Japan, Iran and Taiwan.

Dr. John P. Abraham Professor UTPA.  Particularly attacks university computers  Primarily originating from Korea, China, India, Japan, Iran and Taiwan.
By Alvaro E. Escobar 1 Biometrics Agenda I. Video II. Biometric Overview III. Biometric Technologies IV. Accuracy Metrics V. BioPrivacy Concerns.

By Alvaro E. Escobar 1 Biometrics Agenda I. Video II. Biometric Overview III. Biometric Technologies IV. Accuracy Metrics V. BioPrivacy Concerns.
Authentication Approaches over Internet Jia Li

Authentication Approaches over Internet Jia Li
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.

E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
RIVERA SÁNCHEZ-1 CSE 5810 User Authentication in Mobile Healthcare Applications Yaira K. Rivera Sánchez Computer Science & Engineering Department University.

RIVERA SÁNCHEZ-1 CSE 5810 User Authentication in Mobile Healthcare Applications Yaira K. Rivera Sánchez Computer Science & Engineering Department University.

Similar presentations

Ads by Google