Presentation is loading. Please wait.

Presentation is loading. Please wait.

GUIDE TO BIOMETRICS CHAPTER I & II September 7 th 2005 Presentation by Tamer Uz.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "GUIDE TO BIOMETRICS CHAPTER I & II September 7 th 2005 Presentation by Tamer Uz."— Presentation transcript:

1 GUIDE TO BIOMETRICS CHAPTER I & II September 7 th 2005 Presentation by Tamer Uz

2 Chapter I Introduction

3 Outline Descriptions Descriptions Authentication Authentication Overview of Biometric Systems Overview of Biometric Systems Biometric Identification Biometric Identification Biometric Verification Biometric Verification Biometric Enrollment Biometric Enrollment Biometric System Security Biometric System Security

4 Descriptions Biometrics: Science of identifying, or verifying the identity of, a person based on physiological or behavioral characteristics. Biometrics: Science of identifying, or verifying the identity of, a person based on physiological or behavioral characteristics.

5 Descriptions Authorization: Permission or approval. Authorization: Permission or approval. Authentication: Validating or figuring out the identity of a person. Authentication: Validating or figuring out the identity of a person.

6 Authentication There are 3 traditional way of verifying the identity of a person: There are 3 traditional way of verifying the identity of a person: Possessions (keys, passports, smartcards, …) Possessions (keys, passports, smartcards, …) Knowledge Knowledge Secret (passwords, pass phrases, …) Secret (passwords, pass phrases, …) Non-secret (user Id, mothers maiden name, favorite color) Non-secret (user Id, mothers maiden name, favorite color) Biometrics Biometrics Physiological (fingerprints, face, iris, …) Physiological (fingerprints, face, iris, …) Behavioral (walking, keystroke pattern, talking, …) Behavioral (walking, keystroke pattern, talking, …)

7 Authentication The 3 modes of authentication are sometimes combined The 3 modes of authentication are sometimes combined User id + password User id + password ATM card + password ATM card + password Passport + face picture and signiture Passport + face picture and signiture

8 Authentication There are two different authentication methods in biometrics Verification: Is he/she the person who claims he/she is? Works with id + biometrics. Thus it is based on a combination of modes. Verification: Is he/she the person who claims he/she is? Works with id + biometrics. Thus it is based on a combination of modes. Identification: Who is this person? Uses only the biometrics and searches the entire database. Identification: Who is this person? Uses only the biometrics and searches the entire database.

9 Overview of Biometric Systems There are five important properties of biometric identifiers: 1. Universality 2. Uniqueness 3. Permanence 4. Collectability 5. Acceptability

10 Overview of Biometric Systems Biometric Identifiers

11 Overview of Biometric Systems Biometric Subsystems Biometric readers (sensors) Biometric readers (sensors) Feature extractors Feature extractors Feature Matchers Feature Matchers

12 Overview of Biometric Systems A generalized diagram of a biometric system is as follows:

13 Overview of Biometric Systems Design Issues: 4 basic design specifications of biometric systems are  System accuracy How often the system accepts an imposter (FAR) How often the system accepts an imposter (FAR) How often the system rejects a genuine user (FRR) How often the system rejects a genuine user (FRR)  Computational Speed  Exception Handling Failure to use (FTU) Failure to use (FTU) Failure to enroll (FTE) Failure to enroll (FTE) Failure to acquire (FTA) Failure to acquire (FTA)  System Cost

14 Overview of Biometric Systems Engineering Questions - Trusting people/biometrics? - Which biometrics is best for a given application? - How are the error numbers that are reported for different biometrics to be interpreted? - Are new security holes created because of the use of the biometrics? - How to achieve a low exception rate? - How to acquire the biometrics and how to do it in a convenient way? - What feature set is amenable for automatic matching? - Given the input data how to extract the features from it? - How to define a matching metric that translates the intuition of “similarity” among the patterns? - How to implement the matching metric? - Organization of the database? - Methods for searching the database? - Security? - Privacy?

15 Biometric Identification Biometric identification is based only on biometric credentials.

16 Biometric Identification Biometric identification system can be used in two different modes Positive identification Positive identification Authorization of a group without id Authorization of a group without id Negative identification Negative identification Most Wanted List Most Wanted List

17 Biometric Verification Biometric verification differs from biometric identification in that the presented biometric is only compared with a single enrolled biometric entity which matches the input id

18 Biometric Verification There are two possible database configurations for the verification systems Centralized Database: As the name suggests the enrollment information is in a central database. When the token (id/card) is provided, the corresponding biometrics is retrieved and the comparison is made with the newly presented biometric sample. E.g. laptop Distributed Database: In this case the enrollment template is usually stored in a device that the user carries. The user provides the device and his/her biometrics. Then the comparison is performed between the two. E.g. smart cards

19 Biometric Enrollment Process of registering subjects in biometric database Positive Enrollment: To create a database of eligible subjects To create a database of eligible subjects Biometric samples and other credentials are stored in the database. An id (or a smart card) is issued to the subject. Biometric samples and other credentials are stored in the database. An id (or a smart card) is issued to the subject. Negative Enrollment: To create a database of ineligible subjects To create a database of ineligible subjects Often without subject cooperation or even knowledge Often without subject cooperation or even knowledge

20 Biometric System Security Possible Security Concerns: Possible Security Concerns: Biometric information is presented when the owner is not present. Biometric information is presented when the owner is not present. Hacking the scanner, feature extractor, matcher, database, and any other possible module in the system. Hacking the scanner, feature extractor, matcher, database, and any other possible module in the system.

21 Chapter II Authentication and Biometrics

22 Outline Descriptions Descriptions Secure Authentication Protocols Secure Authentication Protocols Access Control Security Services Access Control Security Services Authentication Methods Authentication Methods Authentication Protocols Authentication Protocols Matching Biometric Samples Matching Biometric Samples Verification by Humans Verification by Humans Passwords vs. Biometrics Passwords vs. Biometrics Hybrid Methods Hybrid Methods

23 Descriptions Authorization: Permission to access a resource Authorization: Permission to access a resource Access Control: A mechanism for limiting the use of some resource to authorized users Access Control: A mechanism for limiting the use of some resource to authorized users Access Control List: A data structure associated with a resource that specifies the authorized users and the conditions for their access Access Control List: A data structure associated with a resource that specifies the authorized users and the conditions for their access Authenticate: To determine that something is genuine; to determine reliably the identity of the communicating party Authenticate: To determine that something is genuine; to determine reliably the identity of the communicating party Authentication: Permission to access a resource Authentication: Permission to access a resource

24 Secure Authentication Protocols Characteristics of an authentication protocol: Established in advance Established in advance Mutually agreed Mutually agreed Unambiguous Unambiguous Complete (Able to handle exceptions) Complete (Able to handle exceptions) An authentication protocol itself does “not” guarantee security

25 Access Control Security Services Some basic security services that should be offered by any access control system are: Authentication Authentication Non-repudiation Non-repudiation Confidentiality Confidentiality

26 Authentication Methods Possession (P) Knowledge (K) Biometrics (B)

27 Authentication Protocols Authentication protocol is the tasks the user and the access point has to perform to be able to determine whether the user has enough credentials or not. Part of Authentication Protocols: Enrollment Enrollment Tokens. E.g. T={x 1 …x n |x i Є (P,K,B)} Tokens. E.g. T={x 1 …x n |x i Є (P,K,B)} Comparison rules. E.g. Matching threshold Comparison rules. E.g. Matching threshold Other rules. E.g. “Three strikes and you are out”, or the order of the presentation of the tokens: “First id number, then the fingerprint, and than the key” Other rules. E.g. “Three strikes and you are out”, or the order of the presentation of the tokens: “First id number, then the fingerprint, and than the key”

28 Matching Biometric Samples Remark: P and K are checked by exact comparison; P and K are checked by exact comparison; B is compared via pattern recognition techniques because of sampling variations, noise and distortions B is compared via pattern recognition techniques because of sampling variations, noise and distortions Three crucial design aspects of biometric system: The biometric sampling or signal acquisition (B=f(ß)) The biometric sampling or signal acquisition (B=f(ß)) The similarity function s=s(B 1, B 2 ) between two templates The similarity function s=s(B 1, B 2 ) between two templates The decision threshold T that decides on a match or mismatch The decision threshold T that decides on a match or mismatch

29 Matching Biometric Samples Identification Identification Only the biometrics is needed (no id is claimed). Authorization is granted if d=d i Authorization is granted if d=d i Multiple d i might satisfy the similarity criteria. A secondary matcher (possible a human expert) tries to narrow it down. Multiple d i might satisfy the similarity criteria. A secondary matcher (possible a human expert) tries to narrow it down.

30 Matching Biometric Samples Screening Screening Negative identification. Negative identification. Searching whether a subject is in an “interesting” people database or not. (Most wanted criminals) Searching whether a subject is in an “interesting” people database or not. (Most wanted criminals) Using biometrics only may result in too many false positives (or false negatives depending on T). Bad ROC. Using biometrics only may result in too many false positives (or false negatives depending on T). Bad ROC. Therefore several tokens P1, B1, K1, P2, K2, B2 etc. should be matched with the ones in the file. Therefore several tokens P1, B1, K1, P2, K2, B2 etc. should be matched with the ones in the file.

31 Matching Biometric Samples Verification Verification Id + B is provided. (Sometimes K too) Id + B is provided. (Sometimes K too) The template corresponding the Id is retrieved from the database The template corresponding the Id is retrieved from the database If s(B,B i )>T pass, else fail. If s(B,B i )>T pass, else fail.

32 Matching Biometric Samples Continuity of Identity Continuity of Identity Are the authenticated and authorized persons the same? Are the authenticated and authorized persons the same? Re-establishing the authentication credentials Re-establishing the authentication credentials Surveillance cameras Surveillance cameras

33 Verification by Humans By looking at the biometrics (face, signatures…) By looking at the biometrics (face, signatures…) Face verification error rate 1:1000 Face verification error rate 1:1000 Signature verification is not very secure Signature verification is not very secure

34 Passwords versus Biometrics Passwords: Exact match Passwords: Exact match Biometrics: Probabilistic match Biometrics: Probabilistic match FAR, FRR FAR, FRR

35 Hybrid Methods More than one identifier is used {P, K, B} More than one identifier is used {P, K, B} Two Remarks Two Remarks B with {P, K}. Reduces identification to verification (from 1:many to 1:1) B with {P, K}. Reduces identification to verification (from 1:many to 1:1) B1 with B2. Results in better ROCs than using only B1 or only B2 B1 with B2. Results in better ROCs than using only B1 or only B2 Combination of matching scores is an application specific problem Combination of matching scores is an application specific problem

36 QUESTIONS?

Download ppt "GUIDE TO BIOMETRICS CHAPTER I & II September 7 th 2005 Presentation by Tamer Uz."

Similar presentations

Dr. Marc Valliant, VP & CTO

Dr. Marc Valliant, VP & CTO
CSC 386 – Computer Security Scott Heggen. Agenda Authentication Passwords Reducing the probability of a password being guessed Reducing the probability.

CSC 386 – Computer Security Scott Heggen. Agenda Authentication Passwords Reducing the probability of a password being guessed Reducing the probability.
Chapter 9 Creating and Maintaining Database Presented by Zhiming Liu Instructor: Dr. Bebis.

Chapter 9 Creating and Maintaining Database Presented by Zhiming Liu Instructor: Dr. Bebis.
BIOMETRICS By Lt Cdr V Pravin 05IT6019. BIOMETRICS  Forget passwords...  Forget pin numbers...  Forget all your security concerns...

BIOMETRICS By Lt Cdr V Pravin 05IT6019. BIOMETRICS  Forget passwords...  Forget pin numbers...  Forget all your security concerns...
66: Priyanka J. Sawant 67: Ayesha A. Upadhyay 75: Sumeet Sukthankar.

66: Priyanka J. Sawant 67: Ayesha A. Upadhyay 75: Sumeet Sukthankar.
Section 2.3.5 – Biometrics 1. Biometrics Biometric refers to any measure used to uniquely identify a person based on biological or physiological traits.

Section – Biometrics 1. Biometrics Biometric refers to any measure used to uniquely identify a person based on biological or physiological traits.
Department of Electrical and Computer Engineering Physical Biometrics Matthew Webb ECE 8741.

Department of Electrical and Computer Engineering Physical Biometrics Matthew Webb ECE 8741.
Biometrics II CUBS, University at Buffalo

Biometrics II CUBS, University at Buffalo
FIT3105 Biometric based authentication and identity management

FIT3105 Biometric based authentication and identity management
Biometric Authentication: Security Issues M. Fahim Zibran February 23, 2009.

Biometric Authentication: Security Issues M. Fahim Zibran February 23, 2009.
Introduction to Biometrics Dr. Pushkin Kachroo. New Field Face recognition from computer vision Speaker recognition from signal processing Finger prints.

Introduction to Biometrics Dr. Pushkin Kachroo. New Field Face recognition from computer vision Speaker recognition from signal processing Finger prints.
Chapter 11 Integration Information Instructor: Prof. G. Bebis Represented by Reza Fall 2005.

Chapter 11 Integration Information Instructor: Prof. G. Bebis Represented by Reza Fall 2005.
Thwarting Attacks Dr. Pushkin Kachroo. Introduction Biometrics can help convenience and security Might remove or strengthen some weak points but get new.

Thwarting Attacks Dr. Pushkin Kachroo. Introduction Biometrics can help convenience and security Might remove or strengthen some weak points but get new.
Chapter 5 Basic System Errors (Alireza Tavakkoli).

Chapter 5 Basic System Errors (Alireza Tavakkoli).
Performance Testing “ Guide to Biometrics” - chapter 7 “ An Introduction to Evaluating Biometric Systems” by Phillips et al., IEEE Computer, February 2000,

Performance Testing “ Guide to Biometrics” - chapter 7 “ An Introduction to Evaluating Biometric Systems” by Phillips et al., IEEE Computer, February 2000,
Video- and Audio-based Biometric Person Authentication Motivation: Applications. Modalities and their characteristics. Characterization of a biometric.

Video- and Audio-based Biometric Person Authentication Motivation: Applications. Modalities and their characteristics. Characterization of a biometric.
Biometrics and Authentication Shivani Kirubanandan.

Biometrics and Authentication Shivani Kirubanandan.
Integrating Information Dr. Pushkin Kachroo. Integration Matcher 1 Matcher 2 Integration Decision Match No Match B1B1 B2B2.

Integrating Information Dr. Pushkin Kachroo. Integration Matcher 1 Matcher 2 Integration Decision Match No Match B1B1 B2B2.
Going beyond passwords

Going beyond passwords
A Brief Survey on Face Recognition Systems Amir Omidvarnia March 2007.

A Brief Survey on Face Recognition Systems Amir Omidvarnia March 2007.

Similar presentations

Ads by Google