Scribd
Upload
12 views34 pages

WINSEM2024 12 13 - Reference Material I

The document provides an overview of biometric systems, including definitions, authentication methods, and system design issues. It outlines the differences between biometric identification and verification, as well as the enrollment process and potential security concerns. Additionally, it discusses various authentication protocols, access control services, and the advantages of using hybrid methods that combine multiple identifiers.

Uploaded by

renukaashok2012
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
12 views34 pages

WINSEM2024 12 13 - Reference Material I

The document provides an overview of biometric systems, including definitions, authentication methods, and system design issues. It outlines the differences between biometric identification and verification, as well as the enrollment process and potential security concerns. Additionally, it discusses various authentication protocols, access control services, and the advantages of using hybrid methods that combine multiple identifiers.

Uploaded by

renukaashok2012
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 34

Introduction

Outline
• Descriptions
• Authentication
• Overview of Biometric Systems
• Biometric Identification
• Biometric Verification
• Biometric Enrollment
• Biometric System Security
Descriptions
• Biometrics: Science of identifying, or verifying the
identity of, a person based on physiological or
behavioral characteristics.
Descriptions
• Authorization:
 Authentication:
Permission or Validating or figuring
approval. out the identity of a
person.
Authentication
• There are 3 traditional way of verifying the
identity of a person:
– Possessions (keys, passports, smartcards , …)
– Knowledge
• Secret (passwords, pass phrases, …)
• Non-secret (user Id, mothers maiden name, favorite
color)
– Biometrics
• Physiological (fingerprints, face, iris, …)
• Behavioral (walking, keystroke pattern, talking, …)
Authentication
• The 3 modes of authentication are sometimes
combined
– User id + password
– ATM card + password
– Passport + face picture and signature
Authentication
There are two different authentication methods in
biometrics

• Verification: Is he/she the person who claims he/she


is? Works with id + biometrics. Thus it is based on a
combination of modes.

• Identification: Who is this person? Uses only the


biometrics and searches the entire database.
Overview of Biometric Systems
There are five important properties of biometric
identifiers:

1. Universality
2. Uniqueness
3. Permanence
4. Collectability
5. Acceptability
Overview of Biometric Systems
Biometric Identifiers
Overview of Biometric Systems
Biometric Subsystems
• Biometric readers (sensors)
• Feature extractors
• Feature Matchers
Overview of Biometric Systems
A generalized diagram of a biometric system is as
follows:
Overview of Biometric Systems
Design Issues:
4 basic design specifications of biometric systems are

▪ System accuracy
– How often the system accepts an imposter (FAR)
– How often the system rejects a genuine user (FRR)

▪ Computational Speed

▪ Exception Handling
– Failure to use (FTU)
– Failure to enroll (FTE)
– Failure to acquire (FTA)

▪ System Cost
Biometric Identification
Biometric identification is based only on biometric
credentials.
Biometric Identification
Biometric identification system can be used in
two different modes
• Positive identification
• Authorization of a group without id
• Negative identification
• Most Wanted List
Biometric Verification
Biometric verification differs from biometric
identification in that the presented biometric is only
compared with a single enrolled biometric entity
which matches the input id
Biometric Verification
There are two possible database configurations for the verification
systems

Centralized Database: As the name suggests the enrollment


information is in a central database. When the token (id/card) is
provided, the corresponding biometrics is retrieved and the
comparison is made with the newly presented biometric
sample. E.g. laptop

Distributed Database: In this case the enrollment template is


usually stored in a device that the user carries. The user
provides the device and his/her biometrics. Then the
comparison is performed between the two. E.g. smart cards
Biometric Enrollment
Process of registering subjects in biometric database
Positive Enrollment:
• To create a database of eligible subjects
• Biometric samples and other credentials are stored in the database. An
id (or a smart card) is issued to the subject.
Negative Enrollment:
• To create a database of ineligible subjects
• Often without subject cooperation or even knowledge
Biometric System Security
• Possible Security Concerns:
– Biometric information is presented when the owner is not
present.

– Hacking the scanner, feature extractor, matcher, database,


and any other possible module in the system.
Authentication
and
Biometrics
• Descriptions
• Secure Authentication Protocols
• Access Control Security Services
• Authentication Methods
• Authentication Protocols
• Matching Biometric Samples
• Verification by Humans
• Passwords vs. Biometrics
• Hybrid Methods
Descriptions
• Authorization: Permission to access a resource

• Access Control: A mechanism for limiting the use of some


resource to authorized users

• Access Control List: A data structure associated with a


resource that specifies the authorized users and the conditions
for their access

• Authenticate: To determine that something is genuine; to


determine reliably the identity of the communicating party

• Authentication: Permission to access a resource


Secure Authentication Protocols
Characteristics of an authentication protocol:
• Established in advance
• Mutually agreed
• Unambiguous
• Complete (Able to handle exceptions)

An authentication protocol itself does “not” guarantee


security
Access Control Security Services
Some basic security services that should be offered by
any access control system are:
• Authentication
• Non-repudiation
• Confidentiality
Authentication Methods
Possession (P)
Knowledge (K)
Biometrics (B)
Authentication Protocols
Authentication protocol is the tasks the user and the
access point has to perform to be able to determine
whether the user has enough credentials or not.

Part of Authentication Protocols:


– Enrollment
– Tokens. E.g. T={x1…xn|xi Є (P,K,B)}
– Comparison rules. E.g. Matching threshold
– Other rules. E.g. “Three strikes and you are out”, or the
order of the presentation of the tokens: “First id number,
then the fingerprint, and than the key”
Matching Biometric Samples
Remark:
• P and K are checked by exact comparison;
• B is compared via pattern recognition techniques because of sampling
variations, noise and distortions

Three crucial design aspects of biometric system:


• The biometric sampling or signal acquisition (B=f(ß))
• The similarity function s=s(B1, B2) between two templates
• The decision threshold T that decides on a match or mismatch
Matching Biometric Samples
• Identification
Only the biometrics is needed (no id is claimed).

• Authorization is granted if d=di


• Multiple di might satisfy the similarity criteria. A secondary
matcher (possible a human expert) tries to narrow it down.
Matching Biometric Samples
• Screening

• Negative identification.

• Searching whether a subject is in an “interesting” people


database or not. (Most wanted criminals)

• Using biometrics only may result in too many false positives


(or false negatives depending on T). Bad ROC.

• Therefore several tokens P1, B1, K1, P2, K2, B2 etc. should be
matched with the ones in the file.
Matching Biometric Samples
• Verification
• Id + B is provided. (Sometimes K too)
• The template corresponding the Id is retrieved from
the database
• If s(B,Bi)>T pass, else fail.
Matching Biometric Samples
• Continuity of Identity

• Are the authenticated and authorized persons


the same?

• Re-establishing the authentication credentials

• Surveillance cameras
Verification by Humans
• By looking at the biometrics (face, signatures…)
• Face verification error rate 1:1000
• Signature verification is not very secure
Passwords versus Biometrics
• Passwords: Exact match
• Biometrics: Probabilistic match
– FAR, FRR
Hybrid Methods
• More than one identifier is used {P, K, B}
• Two Remarks
– B with {P, K}. Reduces identification to
verification (from 1:many to 1:1)
– B1 with B2. Results in better ROCs than using
only B1 or only B2
• Combination of matching scores is an
application specific problem

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy