computer security
DESCRIPTION
Computer Security. Biometric authentication. Based on a talk by Dr J.J. Atick, Identix, “Biometrics in the Decade of Security”, CNSS 2003. Biometric authentication. Framework for security. Trust. Identification. Biometrics fingerprints face iris. Biometric authentication. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/1.jpg)
Computer SecurityBiometric
authenticationBased on a talk by Dr J.J. Atick, Identix, “Biometrics in the Decade of Security”, CNSS 2003
![Page 2: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/2.jpg)
Biometric authentication
Framework for security
Trust
Identification
Biometricsfingerprints
face iris
![Page 3: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/3.jpg)
Biometric authentication
Framework for security
Physical or logical access should be based on trusted gated actions
![Page 4: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/4.jpg)
Biometric authentication
Biometrics are uniquely qualified for this purpose:• Individual uniqueness• universality• accuracy• easiness• permanence• non-intrusiveness• cannot be lost, forgotten, stolen
![Page 5: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/5.jpg)
Biometric authentication
Fingerprints• Image• Minutiaes• Fingerprint
– based on irregularities (minutiae)
![Page 6: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/6.jpg)
Biometric authentication
Face recognition• Image• Nodal points• Face print
– based on facial skin irregularities (the skull is 3-dimensional, the kin is 2-dimensional)
![Page 7: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/7.jpg)
Biometric authentication
Iris recognition• Image• Iris pattern• Iris-print
![Page 8: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/8.jpg)
Finger-scan
Facial-scan
Middleware
Hand-scan
Iris -scan
Voice-scan
Signature-scan
Keys troke-scan
Biometric Market
![Page 9: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/9.jpg)
Market EvolutionGovernment• Law enforcement• Federal Agencies• DoD• National ID Programs
Regulated Industries• POS• Financial Healthcare • Transportation
• Commercial• E-commerce• Transactions
![Page 10: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/10.jpg)
Common Access Card
DoD Common Access Card
• Biometric Smart Card to enable trusted identity throughout the enterprise
• Logical and physical access• Evaluating fingerprint biometrics for military ID cards• Already half way through (expected roll-out by 2005)
![Page 11: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/11.jpg)
Enhanced Border Security
Entry/Exit Program• Protect, control & monitor access & entry into US• Background check on visa applications• Finger & face opportunity
Visa reform• Ability to check on visa applicants• Biometric smartcard as new visa
Worldwide reverberations
![Page 12: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/12.jpg)
International ID Programs
Several Foreign countries are in the process
of implementing national ID programs
• Fingerprint, facial and iris biometrics for national ID cards
• Fingerprint biometrics for national healthcare programs
• Fingerprint biometrics for passports
![Page 13: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/13.jpg)
Platform for security
• Enrollment & Registration• Qualification• Requirements of Trust• Biometric Identification
– Only: finger, face, iris
• Secure Credential Issuance• Access
– Physical, logical
• Surveillance
![Page 14: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/14.jpg)
Platform for security
• Enrollment & Registration• Qualification• Requirements of Trust• Biometric Identification
– Only: finger, face, iris
• Secure Credential Issuance• Access
– Physical, logical
• Surveillance
![Page 15: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/15.jpg)
Enrollment & Registration
• Critical step, could be costly if not done properly• Data must be in vendor independent
formats– Standard formats: e.g.ANSI/NIST-ITL 1-2000
• Data can be very valuable
![Page 16: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/16.jpg)
Qualification
Answer two questions• Is the identity unique?• Can it be granted trusted status
Requires• Search in a registration database• Submission to watch list & criminal
database
![Page 17: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/17.jpg)
Requirements of Trust
• State mandates– Healthcare, school workers, banking state
employees insurance
• Federal Mandates– Transportation workers
• Airlines, airports
– Postal workers– Government employees– Visa applicants, trusted travelers
• Passport and National IDs• Corporate enterprise
![Page 18: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/18.jpg)
Biometric Identification
Only finger, face, iris
• Finger & face have unique position because of existing databases
• Finger requires live scan 10 print rolled fingers
• Major breakthroughs in imaging make it easier to capture high quality prints– Quicker turnaround– Low rejection & rechecks
![Page 19: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/19.jpg)
Facial for Identification
• In many cases face is only available only finger, face, iris
• Performance– Rank 1 identification – 80%– Compare with single finger 90% (db size
10,000) NIST & FRVT2002
• Not perfect yet delivers significant value
• Improving performance
![Page 20: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/20.jpg)
Secure Credential Issuance
Impedes tampering & forging.
1. Badging screened applicant2. Smartcard
1. On Chip• Credentials, PKI certificate, Applications
2. Secure Markings3. Photo4. Color Coding5. Basic info: name, exp date, signature, etc6. Magnetic stripe and/or Barcode data
![Page 21: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/21.jpg)
Access
• Physical access– Buildings, offices, Safe Deposit
boxes, Parking lots, etc
• Logical access– Authentication, Authorization,
Internet, WAN, LAN, Wireless, etc
• Universal access– Home, office, any location, travel,
etc
![Page 22: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/22.jpg)
Detection
• Watch lists: facial & fingerprint databases
• Biometrics can be used to detect in real time individuals on the watch list– On demand screening– Checkpoint surveillance
![Page 23: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/23.jpg)
Detection: on demand screening
• Fingerprint systems for INS enforcement– border checks
• Mobile identification – IBIS (Identification Based Information Systems)
• Travel document screening
![Page 24: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/24.jpg)
Mobile identification -IBIS
Mobile PDAs with finger sensors & Cameras.Access to
– Secure wireless communication
![Page 25: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/25.jpg)
ID Document surveillance
• Travel documents readers• Watch list alarm• Use standard existing travel
documents• Creates manifest
![Page 26: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/26.jpg)
Checkpoint surveillance
• Security tool just like metal detectors & luggage scanners
• Ensures that each face passing through a checkpoint is checked against the watch-list database.
![Page 27: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/27.jpg)
ID Document surveillance
• Travel documents readers• Watchlist alarm• Use standard existing travel
documents• Creates manifest
![Page 28: Computer Security](https://reader036.vdocument.in/reader036/viewer/2022062309/56814e8c550346895dbc2bdf/html5/thumbnails/28.jpg)
Biometric smartcards –the trust triangle
Discuss SecurityIssues
Smartcard - PK, certificate - SK - Else???
User- Password ???- Smartcard
Reader
Application