Presentation is loading. Please wait.

Presentation is loading. Please wait.

FIT3105 Biometric based authentication and identity management

Similar presentations


Presentation on theme: "FIT3105 Biometric based authentication and identity management"— Presentation transcript:

1 FIT3105 Biometric based authentication and identity management
Lecture 5

2 FIT3105 - Security and Identity Management
Biometric method Biometrics terminologies Biometrics properties The importance of biometrics in authentication and identity management Biometrics technologies Authentication and identity systems with biometrics Biometrics and smart cards. Biometrics issues Biometrics architecture FIT Security and Identity Management

3 FIT3105 - Security and Identity Management
Reading list (overview and related papers) FIT Security and Identity Management

4 FIT3105 - Security and Identity Management
Definition 'A Biometric' is a measurable physical or behavioural characteristic of a human being - hence 'biometrics' are measures of people. A physiological characteristic: fingerprint, iris pattern, form of hand, etc. A behavioural characteristic: the way you sign, the way you speak, etc. Biometric methods are proposed for use in recognising identity, or authenticating claims of identity FIT Security and Identity Management

5 FIT3105 - Security and Identity Management
Biometrics in IT Biometrics in IT is the measurement and statistical analysis of biological data using computer and related technologies Using IT and related technologies to map human characteristics to digitised data for identification and authentication purposes. FIT Security and Identity Management

6 FIT3105 - Security and Identity Management
Biometrics in IT Biometric of each person has to be unique. We need to find the distinguishing things that make each person unique and possible way to store, process and retrieve the information efficiently and securely. Should the measurements of these distinguishing things for different people be the same or different? How will these things be measured, digitised and processed? FIT Security and Identity Management

7 Biometric questions on identity
Is this the person who she/he claims to be? Has this person’s biometrics been in the system? How do we compare the new one and the existing ones? Should this individual be given access to our computer system? Is this person on a watch list of attackers? Should this person be allowed to enter your office, building, etc? FIT Security and Identity Management

8 Verification of identification
1:1 match allows only the person who satisfies the biometric test, with high degree of certainty, to gain access to the parliament meeting room, or computer server room, or bank offices, etc. 1:Many match: Ten suspects of this bank robbery case, murder case, vandalism case, etc. The person has been issued several licences or authorised accesses. No match: There is no match to this person’s biometric in our system (he/she is not on the watch list or not in the database of suspects). FIT Security and Identity Management

9 Biometrics’ basic properties for identification and authentocation
Universality: the data must be universal. Uniqueness: the data must be unique Stability: the data should stay in tact over the life time of the entity. Easy-to-collect: it must be easy to collect and digitize the data. Performance: computer processing time must not take too long. Acceptability: the method must be acceptable to the industries and government organisations. Forge resistance: it must be infeasible to forge the data. FIT Security and Identity Management

10 Biometrics: how it works
Authentication with biometrics is a two-phase process. In the first phase, users have to enrol by having their individual features such as fingerprints or/and irises or/and faces or/and signatures, etc. to be scanned (collected by devices). Key features are extracted and then converted to unique templates which are stored in a database usually in encrypted form. In the second phase, when corresponding features presented by a would-be user are compared to the templates in the database. The system tries to find If there is any match and produces a rejection or acceptance based on criteria and some threshold. The system tries to minimise the rate of false rejections or false acceptances. FIT Security and Identity Management

11 Static vs. dynamic biometric methods
Static biometric methods e.g: authentication based on a feature that is always present (what if the feature changes over the time) Dynamic biometric methods e.g: authentication based on a certain behaviour pattern (can this be mimicked by another person? And How can it be digitised, stored and processed correctly?) FIT Security and Identity Management

12 Biometric technologies (e.g)
Simple biometric technologies Hand geometry biometrics including fingerprint Iris and retinal scanning Face recognition using visible or infrared light/ image processing. Signature recognition (identify a person based on his/her signature) Voice recognition (identify a person based on his/her voice) FIT Security and Identity Management

13 Biometric technologies (e.g)
Other possible biometric technologies: Vein recognition (hand) Gait recognition Body odour measurements Ear shape DNA Keystroke dynamics Body movement Etc. FIT Security and Identity Management

14 Biometrics with fingerprint techniques (e.g)
Borrowed from other author FIT Security and Identity Management

15 Biometrics with fingerprint (e.g)
Optical fingerprint sensor Capacitive sensor Borrowed from other author FIT Security and Identity Management

16 Design of biometrics systems
Major components of a biometric system: Data collection Processing Matching Decision Storage Retrieval, Transmission, and comparison. FIT Security and Identity Management

17 Biometric system design
Extracted features Data collection Raw Data processing Template Matching Storage Matching score Biometrics Applications Decision Authentication/identification decision FIT Security and Identity Management

18 Data collection/acquisition subsystem
Comprises input devices or sensors that read the biometric information from the user Eg.; video camera, fingerprint scanner, digital tablet, microphone, etc. Converts biometric information into a suitable form for processing by the remainder of the biometric system FIT Security and Identity Management

19 Requirements for data collection
Sampled biometric characteristics must be similar to users’ enrolled templates. The users and data collectors may require training to be able to get the input data as accurate as possible. Adaptation of users’ templates or re-enrolments may be necessary to accommodate changes in physiological characteristics. Sensors must be similar/standard so that biometric features are measured consistently. FIT Security and Identity Management

20 Raw data processing subsystem
This subsystem receives raw biometric data from the data collection subsystem, then Transforms the data into the form required by matching subsystem This subsystem may use filters to remove possible noise. It carries out the feature extraction from the raw biometric data for further processing FIT Security and Identity Management

21 FIT3105 - Security and Identity Management
Matching subsystem Receives processed biometric data from raw data processing subsystem and biometric template from storage subsystem. Measures the similarity of the claimant’s sample with the reference template. methods: distance metrics, probabilistic measures, neural networks, etc. The result should be a number known as match score FIT Security and Identity Management

22 FIT3105 - Security and Identity Management
Storage subsystem Keeps the templates of enrolled users (One or more templates for each user are stored in storage). For different applications: the templates can be stored in: physically protected storage within the biometric device Digital database portable devices such as smart cards, palm devices, mobile phones, etc. FIT Security and Identity Management

23 FIT3105 - Security and Identity Management
Decision subsystem Interprets the match score from the matching subsystem (Eg: a threshold is defined. If the score is above the threshold, the user is authenticated. If it is below, the user is rejected). May require more than one submitted samples to reach a decision. May produce false positive or negative. FIT Security and Identity Management

24 Biometrics applications
Physical access control To high security areas To public buildings or areas Time & attendance control Identification Forensic person investigation Social services applications, e.g. immigration or prevention of welfare fraud Personal documents, e.g. electronic drivers license or ID card FIT Security and Identity Management

25 Biometrics for identification
Positive identification: Is this the person who claims to be? Yes: Provide access or log-in access to a valid user No: do not provide access or log-in access Negative identification: Is this the person who denies to be? Yes: prevent multiple authorisations to the system. It is hard to be transferred, forgotten, lost or copied Hopefully eliminate repudiation claims Automatic personalisation of user interfaces FIT Security and Identity Management

26 Biometrics and Identification
Many countries apply biometrics for identification cards: ID Cards include basic personal information, a digital photo and a biometric identifier (facial recognition, iris scan, fingerprint). FIT Security and Identity Management

27 Authentication and identification with biometrics - conclusion
Biometrics information must be reliable. It also must not be forgeable. Algorithms used for computer processing. (retrieving, processing and comparing) have to be accurate. Authentication for biometrics systems must be strong enough to protect privacy and maintain security. FIT Security and Identity Management


Download ppt "FIT3105 Biometric based authentication and identity management"

Similar presentations


Ads by Google