copyright(c) 2002, all rights reserved. sdl, hitachi, ltd. and waseda university.1 trends of...
TRANSCRIPT
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 1
Trends of Biometrics TechnologyStandardization
14 May 2002Naohisa Komatsu
Waseda University, Japan
ITU-T Workshop on Security
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 2
Authentication process
networksystem
user
terminal
terminalauthentication
userauthentication
cryptosystem
Knowledge-based : Threat of forgetting e.g. passwordPossession-based : Threat of loss e.g. cardIndividual characteristics : No threat of forgetting or loss e.g. fingerprint, voice, handwriting
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 3
Parameters for User Authentication
knowledge possessions physiologicalcharacteristics
fingerprint , face
hand , eye ......
handwriting , voice
keystroke ......
password
......
key , ID card
......
stored data → personal features
input data → personal features
stored data = input data?
=
?
Individual characteristics
behavioralcharacteristics
stored data = input data?
threat offorgetting
threat ofloss
change through time passing
a.
b.
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 4
Characteristics of Biometrics (OMRON Corp.)
Each biometrics has its own merits or Each biometrics has its own merits or demerits.demerits.There are no ideal biometrics.There are no ideal biometrics.
high
accu
r acy
acceptability
low
highlow
ideal0
Retina
Fingerprint
Hand geometry
0.5m Iris
0.1m Voice0
Signature 1~3m
Face
number
Finger geometry
Pattern of vein
1%
0.1%
0.01%
10-4%
0.01m
0
0
0
Distance between system and user
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 5
The Standardization of Biometrics Technologies
Why standardization is necessary? Data format (CBEFF) and Application Program Interface (BioAPI) Security requirements (X9.84) Accuracy test (Best Practice)
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 6
Needs of Standards To accelerate fair competition by clarifying
vulnerability and countermeasures. Accuracy test Standards for applying biometrics
To reduce the cost of system development Application program interface Data format
For effective development through common framework for biometric system. Common Criteria Privacy guideline
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 7
Data interoperabity : CBEFF Program interoperability : BioAPI
Goal of BioAPI & CBEFF
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 8
Purpose of BioAPI
Purpose Interoperability and development cost
reduction of biometric authentication systems.
Providing a high-level generic biometric authentication model
Authentication/Identification, Server/Client
Scope Any form of biometric technology Enrollment,authentication,identification,dat
abaseinterface
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 9
History of BioAPI
NIST merged HA-API, BAPI and BioAPI.
NIST:National Institute of Standards and TechnologiesHA-API: Human Authentication API
1997 1998 1999 2000 2001 ~
Former
BioAPIDRAFT
HA-API1.0
HA-API2.0
BAPI1.0
BioAPIReference
ImplementationVer1.0 Beta
BioAPISpecification
Ver.1.0
I/O Software joinedBioAPI consortium
BioAPIReference
ImplementationVer1.1
BioAPISpecification
Ver.1.1
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 10
Outline of BioAPI Structure
Application
BioAPI Framework
BSP BSP BSP
Device Device Device
API
SPI SPI SPIBSP : Biometrics Service Provider Biometric function provided by technology vendors
SPI : Service Provider Interface
API : Application Program Interface
Biometric Device fingerprint scanner, camera, etc...
Middleware mediates between API & SPI ・ Reference implementation for windows is available
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 11
Outline of CBEFF Purpose
Interoperability between different systems. Accommodation to any biometric technology.
History Sponsor
NIST ITL , Biometrics Consortium Developing organization
CBEFF Technical Development Team Cooperating with
BioAPI Consortium , X9.F4 Working Group , IBIA , TeleTrustT
Publication NISTIR6529 “Common Biometric Exchange File
Format” (NIST, January 3, 2001) http://www.nist.gov/cbeff
NIST ITL : Information Technology LaboratoryIBIA : International Biometric Industrial Association
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 12
CBEFF Data Structure Includes three blocks SBH ( Standard Biometric Header )
Header of CBEFF file BSMB ( Biometric Specific Memory Block )
Contains the biometric data Vendors can place any biometric data directly into this
block Biometric information, template, original header, etc...
SB ( Signature Block ) Contains signature or MAC for integrity Optional
SBH( Standard Biometric Header )
BSMB( Biometric Specific Memory Block )
SB( Signature Block )
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 13
Relation Among Standardizations
The standardizations are progressing to convergence on BioAPI and CBEFF BioAPI Specification ver.1.1 ( 2001/3 ) “CBEFF” NISTIR6529 ( 2001/1 )
BioAPI
CBEFF
ANSI X9.84
BAPI
HA-API
ANSI X9.84 : Operating requirements for biometrics authentication systems for the financial industry
adoption
adoption
merged into
ISO7816-11
considering adoption
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 14
Outline of X9.84
Approved in March, 2001 by committee on Financial Services, X9 and subcommittee on Information Security, X9F.
A standard of biometric data management and security for financial biometric system.
X9.84 specifies Security requirements of enrollment,
verification/identification, storage, termination,etc...
Template format compatible with CBEFF
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 15
Requirements of X9.84
To maintain the integrity of biometric data and verification results
To mutually authenticate between sender and receiver component of biometric data and verification results.
To ensure the confidentiality of the biometric data
Common requirements of data management in enrollment,
verification/identification, storage, termination, etc...
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 16
Initial Enrollment for Example
Authorization to perform the enrollment process Authentication of the enrollee Maintain integrity and authenticity of templates Meet level 2 physical security requirement in a controlled
environment and level 3 in an uncontrolled environment.
DataCollection Signal
Processiong
Storage
Matching
Enrollment Model
Mechanism and procedure shall be in place to
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 17
Outline of “Best Practice” Purpose
To provide the best method for the accuracy test of biometric system in real world
Scope Any biomerics and application
Features Experimental evaluation Three test methods depending on the aim of evaluation
Technology evaluation: algorithm Scenario evaluation: Specific system assumed by an evaluator Operational evaluation: Running system
Definition of experimental condition How to select subjects, to collect biometric data, to match them…
Representation of performance ROC curve for accuracy Failure to enroll and acquire for usability Detailed report for repeatability
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 18
The Standardization of Biometrics Technologies in
Japan
Position of INSTAC/AIM/JBAA Activities of JBAA
Operating Requirements Decision Guideline Vulnerability of Biometrics Technologies Biometrics and PKI Biometrics and Privacy
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 19
Standardization Activities in Japan
ECOM WG6△ V0.5 △ Evaluation criteria for biometrics authentication V1.0
IPA Project△ Accuracy Test Guideline△ ORD Guideline
Accuracy TestJIS-TRJIS-TR△
△
JBAABDPP,X9.84
1996 1997 1998 1999 2001 2002 以降2000
1994CC V1.0
1995BS7799
ECOM : Electronic Commerce Promotion Council of Japan
IPA : Information-technology Promotion Agency,Japan
INSTAC : Information Technology Research and Standardization Center
JIS : Japanese Industrial Standard
JBAA : Japan Biometric Authentication Association
CC : Common Criteria
BS7799 : British Standard7799
BDPP : Biometric Devices Protection Profile
ORD: Operating Requirements Decision
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 20
ASIA Committee
( International )Standardization
EU/USA Committee
Biometrics Consortium
Biometrics Working Group
Bio WGMalaysia
Bio WGTaiwan BEAM Consortium
SIngapore
BEAM: Biometrics EnAbled Mobile Commerce
Korea BiometricsAssociation(KBA)JBAA
Asia Biometrics Joint Meeting
AIMJ
INSTAC/JSAISO/IEC
SC17/SC27
Position of INSTAC,AIM,JBAA
INSTAC/JSA : Information Technology Research and Standardization Center / Japanese Standards Association AIM : Automatic Identification Manufactures Association, JapanJBAA: Japan Biometric Authentication Association
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 21
How to Expand Biometrics Market?
Solution for market creation is necessary.Solution for market creation is necessary.
Image processing → Security technology
Image processing → Security technology
- Based on different methods and data for accuracy test- Publication of the best results
- Based on different methods and data for accuracy test- Publication of the best results
- Few examples- Indefinite requirements for security, convenience, etc.
- Few examples- Indefinite requirements for security, convenience, etc.
Standardization of accuracy test is important.
IPA/Hitachi Project ’99
( 16 companies )
IPA/Hitachi Project ’99
( 16 companies )
IPA: Information-Technology Promotion Agency,Japan
(2) Cost effectiveness ?( Business )(3) User acceptability ?( Social )
(1) Accuracy ?( Technology )
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 22
Outline of Complete Activities
(1) ECOM Personal Authentication WG April/1996 ~ March/1998 Examine the scheme of the test and evaluation and
the personal authentication model using biometrics (www.ecom.or.jp)
(2) IPA/Hitachi National Project January/1999 ~ December/1999 Examine the standards scheme of accuracy test and
operation requirements sponsored by IPA(MITI) (www.sdl.hitachi.co.jp/ipa_biotest/ipa/english.htm)
ECOM: Electronic Commerce Promotion Council of JapanMITI: The ministry of International Trade and IndustryIPA: Information-technologies Promotion Agency of Japan
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 23
Outline of Current Activities
Standardization activities are done in two organizations
(1) Biometrics WG of INSTAC/JSA “Make a Standardization of test and evaluation of
biometrics device and system in Electronic Commerce application”
(2) Biometrics WG of AIM “Enlighten the biometrics technology and research the
biometrics market”
(3) Biometrics WG of JBAA Discussion about implementation of “Biometric
Authentication Authority” which provides network type biometric identification
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 24
Biometrics WG of INSTAC/JSAPurpose The standardization of the biometrics authentication
technologies is done in Electric Commerce application
Members of WG Chairman : N. Komatsu(Waseda Univ.) Members : METI, Animo*, Casio, Fujitsu, Hitachi*, KDDI,
Matsushita, MELCO, NEC, NTT-data* , OKI, Sony, Toshiba, etc.
* : Working Group leader
Contents of activities (1) Draft Japanese Industrial Standards of Test and
Evaluation (Physical and behavioral characteristics) (2)Liaison with ISO/IEC JTC1/SC17
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 25
Creation of real-based biometric market
Purpose of The Project
Guidelines for accuracy test
Guidelines for accuracy test
Vendors
Users
ProposalGuidelines for requirements
decision
Guidelines for requirements
decision
guide for Design Evaluation method
Valuation basisRequirements decision
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 26
(1) Objective evaluation for multiform products, various evaluators “viewpoints” and individual tests
(2) Common basis with Europe and America・ Japanese accuracy test could be accepted
・ Refer to proposals of NBTC about mathematical basis
(3) Focus on fingerprint based authentication systems
Policy of Accuracy Test
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 27
Fingerprintcapture
Decisionfunction
Fingerprint
Result(True/False)
Result(True/False)
Authentication system
Verification Device
Distance
Image enhancementFeature extraction
TemplatesMatching functionsOutput distance
Fingerprint captureFingerprint Matcher
Output distance
Verification DeviceDecision function
Output result
Verification Device
Fingerprint Matcher
Authentication system
Classification of Functional Structures
FingerprintMatcher
FingerprintMatcher
Parameters
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 28
start
・ ROC Curve・ Availability
Rate
Gu
idelin
es f
or
accu
racy
tests
Gu
idelin
es f
or
accu
racy
tests
FingerprintCollection
FingerprintCollection
VerificationVerification
AccuracyCalculationAccuracy
Calculation
Defined Items
・ Collection environment ・ Number of fingers
・ Number of fingerprints・ Experimental subjects・ Training to input finger
・ Combination of genuine ・ Combination of imposter
・ Calculation methods・ Result descriptionA
ccura
cy T
est
Soft
ware
Definition of Test ItemsTest process
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 29
Results Description FMR & FNMR as ROC curve
Calculated at each threshold or parameters Described by a logarithmic ROC curve
Availability rate Rate of persons who can use the product
0 0.1%False Non-Match Rate(FNMR)
Fals
e M
atc
h R
ate
(FM
R)
0.01%
0.1%
0.01%
Distance ( t )
Fre
quency
Genuine hi (t)
Imposterhg (t)
Threshold Th
FMRFNMR
Distance DistributionROC Curve
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 30
Comparison with Best Practice
Accuracy Test Guideline Best Practice Biometrics Fingerprint All biometrics technologies
Application
Verification only (1 to 1)
All applications ・Verification ・(Positive) Identification ・Negative Identification
Targ
et
Depend on a object of evaluation For algorithms Technical For devices
Scenario Evaluation
Method For systems
Operational
Results Description
・ROC(FNMR,FMR) curve ・Accuracy Test Guideline ・Test Specification
・ROC(FNMR,FMR) curve ・Failure to acquire, Failure to enroll ・Test Specification ・BinningError vs Penetration curve
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 31
Comparison with Best Practice
Item Accuracy Test Guideline Best Practice Number of Biometric
Information
Decided with expected accuracy
・As many as possible ・No strict criterion
Requirements for Fingerprint
Collection
・There must be enough time interval between collecting enrollment data and test data. ・The length of interval is not specified.
・The time interval must be longer than general time of healing of that body part. (2 to 3 weeks for fingerprints)
Availability Rate
Fingerprint data that failed to enroll or verify are not used for accuracy evaluation.
・Fingerprint data that failed to enroll or verify are not used for accuracy evaluation. ・Failure to Enroll Rate ・Failure to Acquire Rate
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 32
Outline of the ORD Guideline
(1) The guidelines provide the methods to decide the requirements for application
(2) Investigation of applications using authentication 6 fields (Finance, Public, Medical, PD/Retail, Housing,etc.) Hearing from 50 users
(3) Application model leads requirements on usability
(4) Risk analysis leads requirements on security
ORD: Operating Requirements Decision
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 33
Security Level Classification
UsabilitySafety
Level ( H ) ( M ) ( L )
Criterion ・ Very Highl Risk・ Relation to Social Safety
・ High Risk・ Relation to Social Trust
・ Low Risk・ No necessary Security
Example Applications
・ Area Control in Nuclear Power Plant・ Area Control in Mint Bureau・ Access Control for Arms・ Area Control in Smart Card Issuer・ Access Control of CA’s Private Key
・ Area Control in Bank・ Immigration・ Access Control of Smart Card・ Debit/Credit Card・ Remote Banking・ Medical chart ・ATM・ DB in Enterprise
・PC Log in・ Entrance of Apartment・ Attendance of Office・ User Tracking・ Observing
FAR(:ex) 0.00006 % 1 %~ 0.01 % About 1%
Expression
FRR takes first priority
FRR FAR takes first priority Functional Requirements
)(PCORPopulation )(
1
)()()(
PCORMember
FARPermisible
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 34
①Access Control
Authenticate Value
Real Space
Protected Space(Physical or Electronic)
③Tracking
AuthenticateID Place Time
Real Space
②Flow ControlElectronic Space
Flow of Sanction
・ Signature・ Seal
e-Doc
Real Space
Electronic Record(Log)
Safe
ty
Usability
Authenticate
Model Classification for Biometric
Applications
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 35Requirements
Procedure of ORD
CB
Risk Analysis
Functional RequirementsSpecification
Threats Analysis
Occurrence Rate
Safety Requirements
Usability Requirements
Evaluation
Reportof device:
A
Security Level Classification
Adjustment
Value
ValueEvaluation
Model Classification
Start
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 36
ObjectTo create the fair biometric market, JBAA(1) Investigates problems of standardization of biometric
authentication(2) Proposes activities for standardization, promote projects for
common framework by academic, business, and governmental circles
Agenda(1) Interoperability ・ Investigation of standardization of data format and API ・ Clarifying PKI model(2) Performance ・ Investigation of standardization for accuracy test ・ Investigation of privacy and other compliance(3) Assurance ・ Investigation of security standardization and protection profiles ・ Investigation of operating requirements decision guideline and proposal of a draft. ・ Clarifying policy for examination of vulnerability
Japan Biometric Authentication Association
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 37
Purpose - System integrators/users can select appropriate biometric
devices
Term - Sep 2000 - now
Members - Hitachi, Omron, Oki, Mitsubishi, Computer Associates, Japan
Telecom, NEC, Secure Generation, Sharp, Secom, Cyber Sign, Waseda university etc.
Outline of project (1) Research of biometric technologies (2) Discussion about problems of service/business model (3) Comprehensive discussion about common technical
problems for standardization (4) Experiment to verify above problems
Activities of Technology WG of JBAA
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 38
Privacy Consideration Biometric information can be easily stolen and forged
→ Vulnerability Biometrics is the ultimate privacy data Privacy protection in X9.84 is based on HIPAA
(Healthcare Insurance Portability and Accountability Act). Act on the prohibition of unauthorized access to
computer systems (Feb, 2000) bans dishonest acquisition and use of identification code.Biometrics fall under this category.
We should make a privacy guideline for biometric authentication systems and lead system integrator and operator to a better understanding of privacy.
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 39
Vulnerability Consideration
What’s “Vulnerability” for information systems? Characteristic of the system causes the system not to perform the
requirement designed. Vulnerability for Biometric authentication systems is…
The characteristics causes impersonation The characteristics causes the impediment of the system availability
For secure biometric authentication systems To define all of the vulnerability on the system To define the risk of every vulnerable characteristic To define the countermeasure of the vulnerable characteristics
Need for definition of the vulnerability of biometric systems
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 40
Biometrics specific vulnerability False Acceptance rate Artificial biometric object Hill-climbing attack etc…
Common vulnerability for information system Forgery or alternation of
Template data of users Matching software Result of the matching Electronic Biometric data
etc…
Examples of The Vulnerability for Biometric Authentication Systems
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 41
Comparison of PKI/Biometrics Models
Client Model Server Model
Basic model
Authentication server
Model
Basic model
Authentication server
Model
Templates are stored in
Client Client BCA BCA
Verified in Client ClientApplicatio
nAuthenticati
on server
Digital authenticati
on inApplication
Authentication server
Application
Authentication server
Security Requiremen
ts
・ Confidentiality in client・ Consistency with PKI
・ Integrity of biometric info. ・ Consistency with PKISuitable model should be selected according to
various system requirements
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 42
Server Model ( Basic Model )
PKI based authentication →Biometrics authentication
Verification ofSignature &Biometrics
ApplicationServer
BCACertificate
(1)Challenge code
(2)User signature, Certificate & biometrics
(3)Service
CA
CRL
Inputbiometrics
& Sign
ClientTerminal
Secret key
UserCertificate
UserTemplate
BCA
TemplateDatabase
CACertificate
BiometricData
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 43
Client Model ( Basic Model )
Biometrics authentication → PKI based authentication
SignatureVerification
ApplicationServer
CACertificate
(1) Challenge code
(2) User signature & Certificate
(3) Service
BiometricVerification
& Sign
ClientTerminal
Secret key
UserCertificate
UserTemplate
CA
CRL
BCA
BiometricData
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 44Sign
Secret key
UIM
Certificate
CACertificate
BaseStation
CA Certificate
Signature Verification
①Challenge code
② Signature,Certificate,fingerprint data
CarrierNet
Biometric Verification
Mobile phone
BCA
Biometric CertificateDatabase
IP Network
③ Biometric Certificate
④Service
- Server Model -
Application Server
Biometric Authentication on Mobile Phones
Biometric
Data
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 45
Biometric DB
BiometricAuthentication
Server
Biometric Authentication Authority
Verification Engine
PKI Certificate Authority
Client① Access
② Authentication Request
EC Sites
Biometric Data
④ Authentication Request
③ Acquisition of Biometric Data
⑤ Verificatio
n⑥ Result
・・・
Biometrics
SignatureFingerprint Iris VoceHand-geometry Face
⑥ Result
Biometric Authentication Authority (Japan Telecom)
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 46
Intra-CampusLAN
Internet
Satellite CampusSatellite Campus
Mobile CampusMobile Campus
Home CampusHome Campus
Theater / Restaurant /
Salon
Theater / Restaurant /
Salon Ticketing CenterTicketing Center
Biometrics Campus (Mitsubishi Corp.)
COOPCOOP
Issuing Machines for
Certificates
Issuing Machines for
Certificates
Lecture RoomLecture Room
Copy MachineCopy MachineSafety BoxSafety Box
Library SystemLibrary
System
Labs / Computer Rooms Library / Dormitory
Labs / Computer Rooms Library / Dormitory
Workflow System for office workers
Workflow System for office workers
Student Discount User Authentication
On-line Registration for Certificates/ Student Discount
Parking LotParking Lot
Authentication Servers
Authentication Servers
ServersServers
Access Control
User AuthenticationUser Authentication
Authorization AuthenticationAttendance
On-line Attendance
On-line Registration /On-line inquiry
Access Control for Intra-campus LAN
Application for Parking Lot
Vending MachineVending Machine
User Authentication
Cell. PhoneCell. Phone
User Authentication
ID Card(IC)ID Card(IC)
Holder Authentication
Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 47
Study Items
■Standardization・ Operating requirement decision guideline・ Privacy consideration・ Vulnerability consideration・ Authentication model (PKI+biometrics)・ etc.■Utilizing merits of biometrics・ Authentication without user’s consciousness・ Authentication with user’s feelings