![Page 1: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/1.jpg)
Biometric Authentication in a Biometric Authentication in a Wireless EnvironmentWireless Environment
7/16/2013 1
Wireless EnvironmentWireless Environment
Dr. Mohammad IqbalThanks to : Alex Kotlarchyk, Florida Atlantic University
![Page 2: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/2.jpg)
GoalsGoals
Biometric protocols suitable for a wireless networked environment
Secure system/network access via
7/16/2013 2
Secure system/network access via biometric authentication
Secure wireless transmission of biometric data
![Page 3: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/3.jpg)
Why Wireless Biometrics?Why Wireless Biometrics?
Combination of two rapidly growing technologies1. Biometric systems for verification and
identification
7/16/2013 3
identification• Homeland Security
2. Wireless systems for mobility• Over 1 trillion wireless phone min. in US,
2004
Common advantage is convenience
![Page 4: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/4.jpg)
Current Examples of Biometric Current Examples of Biometric DeploymentsDeployments Eastern Financial’s Boca Mission Bay branch
– Handprint scan to unlock the door to safe deposit boxes
Statue of Liberty– Fingerprint scan to access lockers
7/16/2013 4
Nine Zero hotel in Boston– Iris scan for entrance to $3,000-a-night suite
Piggly-Wiggly grocery stores– Testing pay-by-fingerprint system
Bank of Tokyo-Mitsubishi– Credit cards w/ embedded vein-pattern information
![Page 5: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/5.jpg)
Human authenticationHuman authentication
Types of human authentication
– What you know (secret)• Password, PIN, mother’s maiden name
– What you have (token)
7/16/2013 5
– What you have (token)• ATM card, smart card
– What you are (biometric)• Stable: fingerprint, face, iris
• Alterable: voice, keystroke
– Where you are (authorization?)• Wireless
![Page 6: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/6.jpg)
Suitability of BiometricsSuitability of Biometrics
Paradox of secure biometrics
– A biometric is stable and distinctive. This is good for identification.
– However, something unique can never be
7/16/2013 6
– However, something unique can never be changed. This is not so good for verification if the biometric is compromised.
– Furthermore, a biometric is not a secret, so it can be found and copied. This is bad.
– So, are stability and uniqueness not good after all?
![Page 7: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/7.jpg)
KeyspaceKeyspace
Number of possible codewords (CW)– Token
• 12-digit: CW = 10^12 CWs
– Password• Full 62 ASCII alphanumeric chars used randomly in an 8-
7/16/2013 7
• Full 62 ASCII alphanumeric chars used randomly in an 8-char password = over 10^14 CWs
• Most actual users selection ≈ 10^6 CWs, so in practice, the 12-digit token is more secure
– Biometrics (2001 technology, may change)• ≈ inverse of FAR
– Iris ≈ 10^6 CWs– Fingerprint ≈ 10^4 CWs– Voice ≈ 10^3 CWs– Face ≈ 10 → 100 CWs
![Page 8: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/8.jpg)
Increasing KeyspaceIncreasing Keyspace
Combined authentication to increase keyspace– Multibiometric authentication
• More than one biometric
7/16/2013 8
• More than one biometric– Combine standard biometrics (e.g. face and fingerprint
(multimodal), or multiple fingerprints)
– Combine standard biometric with “soft” biometric
• Soft biometric = gender, height, race, eye color, etc.
– Multifactor authentication• More than one authentication type
– Combine biometric w/ password or token
![Page 9: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/9.jpg)
7/16/2013 9
Source: Technology Review, June 2004
![Page 10: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/10.jpg)
Biometric AdvantagesBiometric Advantages
Convenience– Can’t be lost (in general)– Can’t be forgotten
Can’t be loaned
7/16/2013 10
Can’t be loaned Mostly unique (matching may not be) Perceived strong non-repudiation Does not change significantly (in general)
(Ident.) Both verification and identification
applications
![Page 11: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/11.jpg)
Biometric DisadvantagesBiometric Disadvantages
Ability to authenticate dependent on technology (FAR, FRR)
Personal data, but not secret/secured data Easy to copy raw data
7/16/2013 11
Easy to copy raw data Cost of technology Non-revocable Cannot change if compromised (Ver.) Inexact matching (variable presentation) Social acceptance
![Page 12: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/12.jpg)
Biometric Authentication SystemBiometric Authentication System
7/16/2013 12
Source: Podio, NIST
![Page 13: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/13.jpg)
Template SizeTemplate Size
7/16/2013 13
![Page 14: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/14.jpg)
Wireless Biometric System SecurityWireless Biometric System Security
Security issues
– Biometric authentication to ensure secure access to the system/network
• In other words, wireless system access security
7/16/2013 14
• In other words, wireless system access security
– Wireless message authentication to ensure secure transmission of biometric data
• In other words, personal information security and privacy across the wireless network
– Physical security• Devices, computers, transmitters/receivers, etc.
![Page 15: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/15.jpg)
Biometric Authentication ThreatsBiometric Authentication Threats
7/16/2013 15
![Page 16: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/16.jpg)
Defense of Biometric SystemDefense of Biometric System
Capture device presented with ‘false’ biometric
– e.g. fake finger, short video, high-res
7/16/2013 16
– e.g. fake finger, short video, high-res color iris image, latent image
– Use biometric ‘in addition’ not ‘instead of’ (multi-verification)
– Vitality sensor, 3-D confirmation
![Page 17: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/17.jpg)
Defense of Biometric System Defense of Biometric System (continued)(continued)
Modification of capture device– Only a problem if capture and template
generation (and maybe matching) are done on the device (trusted biometric device)
7/16/2013 17
the device (trusted biometric device)
– Tightly integrate capture mechanism with processing hardware
– Ruggedize device
– Display physical sign of tampering
– Inactivate if tampered (TILT!)
– Encryption of template
![Page 18: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/18.jpg)
Defense of Biometric System Defense of Biometric System (continued)(continued)
Remainder are network security or template database security issues
– Wireless network security will be
7/16/2013 18
– Wireless network security will be discussed
– Database security is beyond the scope of this presentation
– Don’t forget OS security
![Page 19: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/19.jpg)
Biometric CryptographyBiometric Cryptography
Use of biometric data for encryption & decryption
“fuzzy” commitment, vault – Ari
7/16/2013 19
“fuzzy” commitment, vault – Ari Juels, RSA Labs
![Page 20: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/20.jpg)
Biometric Cryptography (example)Biometric Cryptography (example)
Template(key)
Password(hashed) E(h(Pwd))
Enroll(Encrypt)
00000 1111101010 10101 01010 01010
“stored”
7/16/2013 20
Verify(Decrypt)
Template(key)
compare
11010 11101
10000 10111
HammingDistance = 2
WithinThreshold?
“live”
![Page 21: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/21.jpg)
Biometrics StandardsBiometrics Standards
Common Biometric Exchange File Format (CBEFF) ANSI-NIST-ITL-2000
– Data exchange & quality– Criminal identification
American Association for Motor Vehicle Administration (AAMVA) DL/ID 2000
FBI
7/16/2013 21
FBI – Wavelet Scalar Quantization (WSQ) – fingerprint image (de)compression– Electronic Fingerprint Transmission Standard (EFTS)
Intel Common Data Security Architecture (CDSA) ANSI X9.84 – Biometric data security (life cycle)
– Originally developed for financial industry; uses CBEFF
APIs– Open: BioAPI, Java Card Biometric API; uses CBEFF– Proprietary: BAPI …what is Microsoft planning?
XCBF– XML Common Biometric Format from OASIS; uses CBEFF– Mechanisms for secure transmission, storage, integrity, & privacy of biometrics
![Page 22: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/22.jpg)
Biometric StandardsBiometric Standards
Recently from NIST…– Biometric Data Specification for Personal
Identity Verification (PIV)• January 24, 2005 (Draft)• New standards governing interoperable use of
7/16/2013 22
• New standards governing interoperable use of identity credentials to allow physical and logical access to federal government locations and systems
– Technical and formatting requirements for biometric credentials
– Restricts values and practices for fingerprints and facial images
– Geared toward FBI background checks and formatting data for a PIV card
– CBEFF and BioAPI compliant
![Page 23: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/23.jpg)
CBEFF CBEFF -- OverviewOverview
Framework for sharing raw or template data
Supports encryption & digital signature for security
7/16/2013 23
for security File = SBH (header) + BSMB (data) + SB
(signature) Patrons identify the data format Approved interchange formats
– Finger Minutiae, Finger Pattern, Finger Image, Face Recognition, Iris, Signature/Sign, Hand Geometry
![Page 24: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/24.jpg)
CBEFF Patron FormatsCBEFF Patron Formats
Format A – The CBEFF Data Structure– Patron: CBEFF– Small embedded or legacy systems, limited storage– No data exchange between systems
Format B – The BioAPI Specification Biometric Identification
7/16/2013 24
Format B – The BioAPI Specification Biometric Identification Record (BIR) Format
– Patron: BioAPI Consortium– BioAPI compliant systems– Client / server data exchange
Format C – ANSI X9.84 Biometric Object– Patron: ANSI Subcommittee X9, Working Group F4– Large systems– Data exchange in a secure manner with authentication
Format D – Biometric Information Data Objects for Use Within Smart Cards or Other Tokens (recent)… e.g. Java Card
![Page 25: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/25.jpg)
Wireless AdvantagesWireless Advantages
Mobility Flexibility
– Easier to relocate and configure– More scalable
Cost
7/16/2013 25
Cost– No cost due to physical barriers, private property.
Productivity– More opportunity to connect
Aesthetics– No clutter from wires
Robustness– Less physical infrastructure to damage and repair
![Page 26: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/26.jpg)
Wireless DisadvantagesWireless Disadvantages
Lower channel capacity– Limited spectrum available
– Power restrictions
– Noise levels
7/16/2013 26
– Noise levels
Noise and interference
Frequency allocation– U.S. – FCC
Greater security concern– Information traveling in free space
![Page 27: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/27.jpg)
Wireless ProtocolsWireless Protocols
Network domains– Broadband
• IEEE 802.16, Worldwide Interoperability for Microwave Access (WiMAX) –framework, not single system or class of service
– Cellular networks• Global System for Mobile communication (GSM)• Universal Mobile Telecommunications System (UMTS =WCDMA)
7/16/2013 27
• Universal Mobile Telecommunications System (UMTS =WCDMA)
– Cordless systems• Time Division Multiple Access (TDMA)• Time Division Duplex (TDD)
– Mobile Internet Protocol (Mobile IP) – Wireless Local Area Network (WLAN)
• IEEE 802.11 (Wi-Fi) a,b,g (n … not yet ratified)
– Wireless Personal Area Network (WPAN)• IrDA, Bluetooth, ultra wideband, wireless USB
– Home Automation (narrow band)• Infineon, ZigBee, Z-Wave
![Page 28: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/28.jpg)
Wireless Protocol ComparisonWireless Protocol Comparison
7/16/2013 28
Source: PC Magazine, March 22, 2004
![Page 29: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/29.jpg)
Security and ProtocolsSecurity and Protocols
Security domains– Application security
• Wireless Application Protocol (WAP)– Uses Wireless Transport Layer Security (WTLS)
• Current Class 2 devices based on IETF SSL/TLS• Future Class 3 devices will use a WAP Identity Module (WIM)
• Web services
7/16/2013 29
• Web services– Simple Object Access Protocol (SOAP) – toolkits available for Java & .NET
• Operating system security (Java run-time, Palm OS, Microsoft Windows CE)
– Device security (PINs, pass-phrases, biometrics)– Security of wireless protocols
• IEEE 802.11 (Wi-Fi)– Wireless Encryption Protocol (WEP)… weak and flawed– Wi-Fi Protected Access (WPA). Uses Temporal Key Integrity Protocol (TKIP)
• IEEE 802.11i – Wireless Security spec. (WPA, AES, FIPS 140-2 compliant)
– Authentication security• Remote Authentication Dial In User Service (RADIUS)• Kerberos• SSL
![Page 30: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/30.jpg)
Network EncryptionNetwork Encryption
Secure Shell (SSH)– Application Layer– Secure remote connection replacement for telnet, rlogin,
rsh
Secure Socket Layer (SSL)
7/16/2013 30
Secure Socket Layer (SSL)– Transport Layer Security (TLS)– Uses TCP & has specific port numbers– Main use is HTTPS (port 443)
Internet Protocol Security (IPSec)– Network Layer– Includes a key management protocol– Included in IPv6
![Page 31: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/31.jpg)
Network System ArchitectureNetwork System Architecture
Where does authentication happen?– Device
• Data not externally transmitted
– Local Computer• Data transmitted between device(s) and PC (WPAN)
7/16/2013 31
• Data transmitted between device(s) and PC (WPAN)
– LAN-Connected Computer• Data transmitted locally (WLAN)
– Remote Computer• Data transmitted remotely (WWAN)
– Application dependent• Data transmitted between capture device and database• Database template storage requirement = template size *
number of templates
![Page 32: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/32.jpg)
Avenues of AttackAvenues of Attack
Local ComputerLAN- connected Computer
LAN
= wireless
7/16/2013 32
Capture Device WAN
Remote Computer
![Page 33: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/33.jpg)
Wireless Security IssuesWireless Security Issues
Denial of Service (DoS)– Jamming…Use Spread Spectrum (DSSS, FHSS) technology– As a device battery attack, i.e., more processing = more battery usage
Eavesdropping– Signal is in the open air (war dialing)
Theft or loss of device
7/16/2013 33
Theft or loss of device– Due to size, portability, and utility
Dependency on public-shared infrastructure– What security is in place?
Masquerading– Rogue clients pretend to be legitimate endpoint– Rogue access points trick clients to logging in
Malware– Worms (Cabir) and Viruses (Timfonica, Phage) on wireless devices– Use Antivirus software
![Page 34: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/34.jpg)
Wireless Security ParadoxWireless Security Paradox
We use wireless devices for convenience
Security measures often decrease
7/16/2013 34
Security measures often decrease convenience and performance
Result: Security features are often disabled or given lower priority
![Page 35: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/35.jpg)
System Design ConsiderationsSystem Design Considerations
Verification– Are you who you claim to be (or are supposed to be)?– 1:1 matching– Usually consensual– Typically smaller template databases– Authorization (computer, network, building)
7/16/2013 35
– Authorization (computer, network, building)
Identification– Who are you?– 1:n matching– Often no explicit consent or awareness– Typically larger template databases– Surveillance (homeland and border security), forensics, criminal
investigation (AFIS)
Why not both?– i.e. You are not who you say you are, so who are you?
![Page 36: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/36.jpg)
Scenario: Biometrics at the AirportScenario: Biometrics at the Airport
Workforce security– Biometric authentication
• Identify all employees who require restricted area access• ID card encoded to protect data• Biometric scanning devices networked at access control points to
permit/deny access
Facility integrity
7/16/2013 36
Facility integrity– Employees w/ vehicle access must be authenticated via biometrics– Access control within aircraft
• Biometric devices for authorized personnel to access sensitive areas within aircraft
Communications infrastructure– Networked biometric scanning stations
Passenger security– Authenticate passengers with passports or ID cards containing
encoded biometrics– Identify suspicious or unknown people with biometric surveillance
![Page 37: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/37.jpg)
Putting it TogetherPutting it Together
How do we maximize advantages and minimize disadvantages when a biometric system is combined with a
7/16/2013 37
biometric system is combined with a wireless system for an optimal wireless biometric system?
![Page 38: Biometric Authentication in a Wireless Environmentmohiqbal.staff.gunadarma.ac.id/Downloads/files/35157/mohiqbal... · Goals Biometric protocols suitable for a wireless networked environment](https://reader031.vdocument.in/reader031/viewer/2022022515/5afd4da17f8b9a814d8d434c/html5/thumbnails/38.jpg)
Future ResearchFuture Research
Pattern for “fuzzy” matching?– Biometrics, digital watermarks, IDS, search
engines
Biometric cryptography
7/16/2013 38
Biometric cryptography– Biometric key generation
• Fuzzy matching methodologies
• Embedding biometric keys within wireless protocols– X.509 certificates
– Protocol payload area
– Protocol header (authentication) area
• Use coefficients? (polynomial, elliptic curve)