Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright 1988-2006 1 Roger Clarke, Xamax Consultancy, Canberra Visiting Professor, Unis. of Hong Kong, U.N.S.W., ANU

Published byAlyssa Bradford Modified over 11 years ago

Similar presentations

Presentation on theme: "Copyright 1988-2006 1 Roger Clarke, Xamax Consultancy, Canberra Visiting Professor, Unis. of Hong Kong, U.N.S.W., ANU"— Presentation transcript:

1 Copyright 1988-2006 1 Roger Clarke, Xamax Consultancy, Canberra Visiting Professor, Unis. of Hong Kong, U.N.S.W., ANU http://www.anu.edu.au/Roger.Clarke/......../DV/ ID-ACTSTL-0603 {.html,.ppt} A.C.T. Society for Technology and the Law 23 March 2006 Smart Cards and Biometrics Is a Nightmare-Free Australia Card Feasible ??

2 Copyright 1988-2006 2 1.National Id Schemes 2.Smart Cards 3.Biometrics 4.Politics Is a Nightmare-Free Australia Card Feasible ??

3 Copyright 1988-2006 3 Human (Id)entification and (Id)entifiers Appearancehow the person looks Social Behaviourhow the person interacts with others ________________________________________________________________________________________________________ _________ Nameswhat the person is called by other people Codeswhat the person is called by an organisation ________________________________________________________________________________________________________ _________ Bio-dynamicswhat the person does Natural Physiographywhat the person is Imposed Physicalwhat the person is now Characteristics

4 Copyright 1988-2006 4

5 Copyright 1988-2006 5 Human Identity Authentication What the Person Knows e.g. mothers maiden name, Password, PIN What the Person Has (Credentials) e.g. a Token, such as an ID-Card, a Ticket e.g. a Digital Token such as a Digital Signature consistent with the Public Key attested to by a Digital Certificate Human Entity Authentication What the Person Is (Static Biometrics) What the Person Does (Dynamic Biometrics)

6 Copyright 1988-2006 6 The Scope of an Identification Scheme Specific-Purpose for individual organisations or programmes Bounded Multi-Purpose e.g. European Inhabitant Registration schemes limited to tax, social welfare, health insurance (cf. the TFN – Australian politicians are liars) General-Purpose National Identification Schemes e.g. USSR, ZA under Apartheid, Malaysia, Singapore

7 Copyright 1988-2006 7 Elements of a National ID Scheme A Database centralised or hub (i.e. virtually centralised) merged or new A Unique Signifier for Every Individual A 'Unique Identifier' A Biometric Entifier An (Id)entification Token (such as an ID Card) QA Mechanisms for: (Id)entity Authentication (Id)entification Obligations Imposed on: Every Individual Many Organisations Widepread: Data Flows including the (Id)entifier Use of the (Id)entifier Use of the Database Sanctions for Non-Compliance http://www.anu.edu.au/Roger.Clarke/DV/NatIDSchemeElms.html

8 Copyright 1988-2006 8 Claimed Benefits of a Natl Id Scheme http://www.privacy.org.au/Campaigns/ID_cards/NatIDScheme.html#CaseFor (aka furphy-watch) Reduction in Identity Fraud and Identity Theft (very limited – thats already addressed in many other programs; and it entrenches false ids) Enhanced National Security / Anti-Terrorism (zero impact, because terrorists are either foreign, or theyre sleepers / virgins) Productivity / Service-Delivery Benefits (achievable with specific-purpose and at worst multi-purpose schemes, not general-purpose)

9 Copyright 1988-2006 9 2.Smart Cards

10 Copyright 1988-2006 10 Categories of SmartCards 'memory cards' with storage-only 'smart-cards' storage, processor, systems software, applications software, permanent data, variable data 'super-smart cards smart-cards with a (very small) key-pad and display contact-based cards require controlled contact with a reader contactless cards may be read at short distance (or longer?) requires an aerial hybrid cards with both capabilities

11 Copyright 1988-2006 11 Chip and Carrier credit-card sized plastic card tag (clothing-tag, RFID-tag)... tin can cardboard carton pallet... animal body human body

12 Copyright 1988-2006 12 Convenient Carriers for Chips Cards: credit-card sized mobile (SIM)... Tags: clothing-tag RFID-tag bracelet, anklet... Things: tin can cardboard carton pallet car-body engine-block... People: neck of a pet, or valuable livestock wrist, gum or scrotum of a human being

13 Copyright 1988-2006 13 System Design Potentials Storage Capacity greater than other technologies such as embossing and mag-stripe Ability enhanced to provide services from a standalone unit, without connection to a host Storage segmentation ability Use of the same card for multiple services Use of the same card to link card-holders to multiple service-providers

14 Copyright 1988-2006 14 System Design Potentials – Security Non-Replicability of active elements of the card Third-Party Access to data is more challenging Authentication of devices with which the card communicates Application of different security measures for each storage segment Use of the same card for multiple services Use of the same card to independently link card-holders to multiple service-providers

15 Copyright 1988-2006 15 SmartCards as (Id)entity Authenticators ? Stored Name, Identifier, other data ? Stored Photo ? Stored Biometric ? Stored One-Time Passwords ? Stored Private Digital Signature Key ?

16 Copyright 1988-2006 16 Basic Requirements of a SmartCard (Id)entity Authenticator (1 of 2) Restrict identified transaction trails to circumstances in which they are justified (because of the impossibility of alternatives) Sustain anonymity except where it is demonstrably inadequate Make far greater use of pseudonymity, using protected indexes Make far greater use of attribute authentication Implement and authenticate role-ids rather than person-ids Use (id)entity authentication only where it is essential Sustain multiple specific-purpose ids, avoid multi-purpose ids Ensure secure separation between applications

17 Copyright 1988-2006 17 Basic Requirements of a SmartCard (Id)entity Authenticator (2 of 2) Ownership of each card by the individual, not the State Design of chip-based ID schemes transparent and certified Issue and configuration of cards undertaken by multiple organisations, including competing private sector corporations, within contexts set by standards bodies, in consultation with government and (critically) public interest representatives No central storage of private keys No central storage of biometrics Two-way device authentication, i.e. every personal chip must verify the authenticity of devices that seek to transact with it, and must not merely respond to challenges by devices

18 Copyright 1988-2006 18 3.Biometrics

19 Copyright 1988-2006 19 Biometrics Technologies Variously Dormant or Extinct Cranial Measures Face Thermograms Veins (hands, earlobes) Retinal Scan Handprint Written Signature Keystroke Dynamics Skin Optical Reflectance... Currently in Vogue Iris Thumb / Finger / Palm-Print(s) Hand Geometry Voice Face Special Case DNA Promised Body Odour Multi-Attribute

20 Copyright 1988-2006 20 Imposed Biometrics imposed physical identifiers... branding, tattooing, implanted micro-chips The [London] Financial Times, 6 Mar 06

21 Copyright 1988-2006 21 Categories of Biometric Application Authentication 1-to-1 / ref. measure from somewhere / tests an entity assertion Identification 1-to-(very-)many / ref. measures from a database that contains data about population-members / generates an entity assertion Vetting against a Blacklist 1-to-many / ref. measures and data of a small population of wanted or unwanted people / may create an entity assertion Duplicate Detection 1-to-(very-)many / ref. measures of a large population / may create an assertion person already enrolled

22 Copyright 1988-2006 22 The Biometric Process

23 Copyright 1988-2006 23 Privacy-Sensitive Architecture e.g. Authentication Against a Block- List

24 Copyright 1988-2006 24 Fraudulent Misrepresentation of the Efficacy of Face Recognition The Tampa SuperBowl was an utter failure Ybor City FL was an utter failure Not one person was correctly identified by face recognition technology in public places Independent testing results are not available Evidence of effectiveness is all-but non-existent Ample anecdotal evidence exists of the opposite

25 Copyright 1988-2006 25 Smartgate doesnt enhance security. It helps flow and efficiency in the limited space available in airports Murray Harrison CIO, Aust Customs 7 March 2006 Realistic Representation of the Efficacy of Face Recognition

26 Copyright 1988-2006 26 Quality Factors in Biometrics Reference-Measure Quality The Person's Feature (Enrolment) The Acquisition Device The Environmental Conditions The Manual Procedures The Interaction between Subject and Device The Automated Processes Association Quality Depends on a Pre-Authentication Process Subject to the Entry-Point Paradox Associates data with the Person Presenting and hence Entrenches Criminal IDs Risks capture and use for Masquerade Facilitates Identity Theft Risk of an Artefact Substituted for, or Interpolated over, the Feature Material Differences in: the Processes the Devices the Environment the Interactions An Artefact: Substituted Interpolated Result-Computation Quality Print Filtering and Compression: Arbitrary cf. Purpose- Built The Result-Generation Process The Threshhold Setting: Arbitrary? Rational? Empirical? Pragmatic? Exception-Handling Procedures: Non-Enrolment Non-Acquisition Hits Test-Measure Quality The Person's Feature (Acquisition) The Acquisition Device The Environmental Conditions The Manual Procedures The Interaction between Subject and Device The Automated Processes Comparison Quality Feature Uniqueness Feature Change: Permanent Temporary Ethnic/Cultural Bias Our understanding of the demographic factors affecting biometric system performance is... poor (Mansfield & Wayman, 2002)

27 Copyright 1988-2006 27 Factors Affecting Performance (Mansfield & Wayman, 2002) Demographics (youth, aged, ethnic origin, gender, occupation) Template Age Physiology (hair, disability, illness, injury, height, features, time of day) Appearance (clothing, cosmetics, tattoos, adornments, hair-style, glasses, contact lenses, bandages) Behaviour (language, accent, intonation, expression, concentration, movement, pose, positioning, motivation, nervousness, distractions) Environment (background, stability, sound, lighting, temperature, humidity, rain) Device (wear, damage, dirt) Use (interface design, training, familiarity, supervision, assistance)

28 Copyright 1988-2006 28 The Mythology of Identity Authentication Thats Been Current Since 12 September 2001 Mohammad Attas rights: to be in the U.S.A. to be in the airport to be on the plane to be within 4 feet of the cockpit door to use the aircrafts controls Authentication of which assertion, in order to prevent the Twin Towers assault? Identity (1 among > 6 billion)? Attribute (not 1 among half a dozen)?

29 Copyright 1988-2006 29 Biometrics and Single-Mission Terrorists Biometrics... cant reduce the threat of the suicide bomber or suicide hijacker on his virgin mission. The contemporary hazard is a terrorist who travels under his own name, his own passport, posing as an innocent student or visitor until the moment he ignites his shoe-bomb or pulls out his box-cutter (Jonas G., National Post, 19 Jan 2004) it is difficult to avoid the conclusion that the chief motivation for deploying biometrics is not so much to provide security, but to provide the appearance of security (The Economist, 4 Dec 2003)

30 Copyright 1988-2006 30 4.Politics

31 Copyright 1988-2006 31 Threats of the Age Terrorism Religious Extremism Islamic Fundamentalism

32 Copyright 1988-2006 32 Threats of the Age Terrorism Religious Extremism Islamic Fundamentalism Law and Order Extremism National Security Fundamentalism

33 Copyright 1988-2006 33 Mythologies of Identity Control That the assertions that need to be authenticated are assertions of identity (cf. fact, value, attribute, agency and location) That individuals only have one identity That identity and entity are the same thing That biometric identification: works is inevitable doesnt threaten freedoms will help much will help at all in counter-terrorism Every organisation is part of the national security apparatus

34 Copyright 1988-2006 34 Myth No. 2 – This is about just another Card Characteristics of a National ID Scheme Destruction of protective data silos Destruction of protective identity silos Consolidation of individuals many identities into a single general-purpose identity ==>The Infrastructure of Dataveillance Consolidation of power in organisations that exercise social control functions Availability of that power to many organisations

35 Copyright 1988-2006 35 Identity Management of the Most Chilling Kind The Public-Private Partnership for Social Control With the Capacity to Perform Cross-System Enforcement Services Denial Identity Denial Masquerade Identity Theft

36 Copyright 1988-2006 36 Myth No. 5 Strong Form: A national ID scheme is essential to national security Less Strong Form: A national ID scheme will contribute significantly to national security

37 Copyright 1988-2006 37 Terrorists, Organised Crime, Illegal Immigrants Benefits Are Illusory Mere assertions of benefits, no explanation: its obvious, its intuitive, of course it will work, all of which are partners to simplistic notions like Zero-Tolerance and we need to do anything that might help us wage the war on terrorism Lack of detail on systems design Continual drift in features Analyses undermine the assertions Proponents avoid discussing the analyses

38 Copyright 1988-2006 38 Miscreants (Benefits Recipients, Fine-Avoiders,...) Benefits May Arise, But Are Seriously Exaggerated Lack of detail on systems design Continual drift in features Double-counting of benefits from the ID Scheme and the many existing programs Analyses undermine the assertions Proponents avoid discussing the analyses

39 Copyright 1988-2006 39 Myth No. 7 A National ID Scheme can be devised so as to preclude abuse by: Unelected Governments Invaders Military Putsch Elected Governments that act outside the law that arrange the law as they wish

40 Copyright 1988-2006 40 Myth No. 8 The public accepts that the world changed on 11? (12!) September 2001 Privacy valuations are highly situational The gloss has gone People are becoming inured / bored / realistic about the threat of terrorism People know that a national ID scheme wont prevent terrorism Zogby Poll 2 Feb 2006 01- 05 Support Collapses % - % Luggage Search63 - 44 Car Search 60 - 37 Roadblock Search 59 - 33 Mail Search 55 - 25 Tel Monitoring 38 - 28 http://www.zogby.com/news/ReadNews.dbm?ID=1068

41 Copyright 1988-2006 41 Conclusion PETs can address some PITs, but a nightmare-free Australia Card is not feasible Any intellectual, and any regulator, who accommodates a national identification scheme, is selling-out liberty, and derogating their duties as human beings We must not be cowed by either of the twin terrors of Islamic Fundamentalism and National Security Fundamentalism

42 Copyright 1988-2006 42 Roger Clarke, Xamax Consultancy, Canberra Visiting Professor, Unis. of Hong Kong, U.N.S.W., ANU http://www.anu.edu.au/Roger.Clarke/......../DV/ ID-ACTSCL-0603 {.html,.ppt} A.C.T. Society for Technology and the Law 23 March 2006 Smart Cards and Biometrics Is a Nightmare-Free Australia Card Feasible ??

Download ppt "Copyright 1988-2006 1 Roger Clarke, Xamax Consultancy, Canberra Visiting Professor, Unis. of Hong Kong, U.N.S.W., ANU"

Similar presentations

Copyright 1987-2009 1 Roger Clarke Xamax Consultancy, Canberra Visiting Professor – Cyberspace Law & Policy UNSW and at the ANU and the Uni. of.

Copyright Roger Clarke Xamax Consultancy, Canberra Visiting Professor – Cyberspace Law & Policy UNSW and at the ANU and the Uni. of.
1 UNIVERSITIES of AUSTRALASIA BENCHMARKING RISK MANAGEMENT BILL DUNNE DIRECTOR RISK MANAGEMENT UNSW. PROUDLY SPONSORED BY UNIMUTUAL.

1 UNIVERSITIES of AUSTRALASIA BENCHMARKING RISK MANAGEMENT BILL DUNNE DIRECTOR RISK MANAGEMENT UNSW. PROUDLY SPONSORED BY UNIMUTUAL.
INFS 767 Fall 2003 The RBAC96 Model Prof. Ravi Sandhu George Mason University.

INFS 767 Fall 2003 The RBAC96 Model Prof. Ravi Sandhu George Mason University.
Copyright 1988-2006 1 Roger Clarke, Xamax Consultancy, Canberra Visiting Professor, Unis. of Hong Kong, U.N.S.W., ANU

Copyright Roger Clarke, Xamax Consultancy, Canberra Visiting Professor, Unis. of Hong Kong, U.N.S.W., ANU
Copyright 2005 1 Xamax Consultancy Pty Ltd, Canberra Visiting Professor, Uni. of Hong Kong, A.N.U. & U.N.S.W.

Copyright Xamax Consultancy Pty Ltd, Canberra Visiting Professor, Uni. of Hong Kong, A.N.U. & U.N.S.W.
Copyright, 1995-2002 1 Invitation to Research RESEARCH ETHICS Roger Clarke, Xamax Consultancy, Canberra Visiting Professor, CSIS, Uni of Hong Kong Visiting.

Copyright, Invitation to Research RESEARCH ETHICS Roger Clarke, Xamax Consultancy, Canberra Visiting Professor, CSIS, Uni of Hong Kong Visiting.
Copyright 1988-2006 1 Digital Privacy Roger Clarke, Xamax Consultancy, Canberra Board Member, Australian Privacy Foundation Visiting Professor, Unis. of.

Copyright Digital Privacy Roger Clarke, Xamax Consultancy, Canberra Board Member, Australian Privacy Foundation Visiting Professor, Unis. of.
Copyright 1988-2006 1 National Identity Cards? Bust the Myth of Security über Alles Roger Clarke, Xamax Consultancy, Canberra Visiting Professor, Unis.

Copyright National Identity Cards? Bust the Myth of Security über Alles Roger Clarke, Xamax Consultancy, Canberra Visiting Professor, Unis.
Copyright 2005 1 Roger Clarke, Xamax Consultancy, Canberra Visiting Professor, Unis. of Hong Kong, U.N.S.W., ANU

Copyright Roger Clarke, Xamax Consultancy, Canberra Visiting Professor, Unis. of Hong Kong, U.N.S.W., ANU
Chapter 7 System Models.

Chapter 7 System Models.
Chapter 7 Constructors and Other Tools. Copyright © 2006 Pearson Addison-Wesley. All rights reserved. 7-2 Learning Objectives Constructors Definitions.

Chapter 7 Constructors and Other Tools. Copyright © 2006 Pearson Addison-Wesley. All rights reserved. 7-2 Learning Objectives Constructors Definitions.
Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.

Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.
Copyright © 2003 Pearson Education, Inc. Slide 1.

Copyright © 2003 Pearson Education, Inc. Slide 1.
Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 6 Author: Julia Richards and R. Scott Hawley.

Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 6 Author: Julia Richards and R. Scott Hawley.
1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 3 CPUs.

1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 3 CPUs.
© fedict 2008. All rights reserved Legal aspects Belgian electronic identity card Samoera Jacobs – November 2008.

© fedict All rights reserved Legal aspects Belgian electronic identity card Samoera Jacobs – November 2008.
A Trajectory-Preserving Synchronization Method for Collaborative Visualization Lewis W.F. Li* Frederick W.B. Li** Rynson W.H. Lau** City University of.

A Trajectory-Preserving Synchronization Method for Collaborative Visualization Lewis W.F. Li* Frederick W.B. Li** Rynson W.H. Lau** City University of.
David Burdett May 11, 2004 Package Binding for WS CDL.

David Burdett May 11, 2004 Package Binding for WS CDL.
1 Introducing the Specifications of the Metro Ethernet Forum MEF 19 Abstract Test Suite for UNI Type 1 February 2008.

1 Introducing the Specifications of the Metro Ethernet Forum MEF 19 Abstract Test Suite for UNI Type 1 February 2008.
1 The standardization challenge of E-Government After data... what? David Petraitis 5 June 2003 Workshop on challenges, perspectives and standardization.

1 The standardization challenge of E-Government After data... what? David Petraitis 5 June 2003 Workshop on challenges, perspectives and standardization.

Similar presentations

Ads by Google