copyright © dubex a/s 1997-2002 biometrics peter anglov
TRANSCRIPT
Copyright © Dubex A/S 1997-2002
Biometrics
Peter Anglov
Copyright © Dubex A/S 1997-2002
Content• Overview of Biometric Technologies
• Fingerprint
• Security Solutions
• Facial Recognition
• Surveillance
• Future trends
• Conclusion
Copyright © Dubex A/S 1997-2002
Authentication• Conventionel method
– ”To know something”• PIN code or Password
– ”To have something” • Key, Magnetic strip Card, SmartCard
• Biometric Method– ”To be something”
• Fingerprint, voice, etc.
Copyright © Dubex A/S 1997-2002
Biometric Definition• Biometrics is the science of measuring
and analysing biological data
• Data source– directly i.e. from a measurement of a
fysiological part of the body
– indirectly i.e. from a measurement of a behaviour
Copyright © Dubex A/S 1997-2002
Classification of Biometric Technologies
Type Technologies Characteristics
Fysiological Fingerprint
Handgeometri
Retina and iris scan
Facial recognition
DNA profile
Unique and permanent
Behaviour Voice pattern
Signature-verification
Keyboard typing
Unique but variable
Copyright © Dubex A/S 1997-2002
Equipment for collecting picture patterns• Requirements
– High operational stability– Low maintenance– Precise and reliable– No unpleasent instruments– The right price
Copyright © Dubex A/S 1997-2002
Pattern storage and matching
Pattern extract
Image processing
Capture of biological data
Processes for a typical biometric applikation
Sensor
Driver
Extraction algorithm
Identification
1:nMatching algorithm
Extraction algorithm
Driver
Sensor
Capture
Storage of Template• Terminal• Server• Chipcard
Sensor
Driver
Extraction algorithm
Verification
1:1Matching algorithm
BioAPI
ProprietaryAPIs
Copyright © Dubex A/S 1997-2002
From Biological to Electronic Data• It is NOT possible to recreate
e.g. a fingerprint from a digital pattern
Copyright © Dubex A/S 1997-2002
Accuracy and Reliability• False Acceptance Rate (FAR)
– The probability that an imposter matches a valid persons biological data
– Low values are best
• False Rejection Rate (FRR)– The probability that a valid persons
is rejected– Low values are best
• Crossover Error Rate (CER)– A measure for comparison of
biometric equipment and technologies where FAR and FRR are the same
– A low CER value means higher accuracy and a more reliable device
Copyright © Dubex A/S 1997-2002
Middleware software• Need for middleware software to glue it to legacy systems
– ISL from UK
– Keyware from Belgien
• Possibility to use several authentication systems
• Example:– PreciseBiometric fingerscanner
– ISL middleware
– Window 2000 server with Activ Directory
Copyright © Dubex A/S 1997-2002
Web Access and Biometrics• British Airways
• Access to passenger data flight schedule, re-fueling of aircrafts
• Fingerprint used for authentication– Veridicom fingerscanner
• Voicerecognition used for authentication– Microphone in PC
– Less bandwidth than pictures from videocam
• Chipcard with unique certificate used for authentication– Reliable connection
– After user authentication a token is placed in the chipcard
– Javacard 2.11 (GemPlus Express)
• CAS central server from Keyware
Copyright © Dubex A/S 1997-2002
Fingerprint• A fingerprint is unique and unchangeable
– An image of a series of lines and grooves from the surface of the finger
– One of the most stable and reliable methods of biometric identification
• Identical twins have the same DNA profile but different fingerprints
– Market shares ~ 50%
• Use– 1903 breakthru for use of fingerprint
– Today FBI is estimated to have 232 millioner sets of fingerprints on paper which are being transferred to electronic media
– Hospitals, Drivers license, physical and logical access control etc.
Copyright © Dubex A/S 1997-2002
A Fingerprint (Right whirl)
Hourglass (detail)
Corepoint (fix point)
Confluence (detail)
End (detail)
Fragment (to ends)
Delta (fix point)
sweat pore (not used at present)
False detail(lines that do not continue looking like an end)
Papillarline(with sweat pore)
Method for comparison: Counting details inward out and compare fingerprint on file with print from crime scene
Copyright © Dubex A/S 1997-2002
Classifikation of Fingerprint Patterns
CurveCurve
LeftWhirl Right
Copyright © Dubex A/S 1997-2002
Recording of Fingerprint• Optical
– CCD camera – digital camera– Possibilities for use of colors
• Capacitive– Silicium sensor– Pressure sensitive Rubber – Finger as ”half” capacity
• Ultrasonic– Higher resolution and dry fingers
• Thermal
• Micromechanic for pressure sensors
Copyright © Dubex A/S 1997-2002
Matching of Fingerprint
Copyright © Dubex A/S 1997-2002
Identification of Fingerprint• 1:n relation
– A fingerprint against a database with many fingerprints.
– Result is several matches which are examined further e.g. manually
– AFIS (Automated Fingerprint Identification System)– Used by Law Enforcement (possible to install in
Police vehicles)
• 1:1 relation (matchning)– Used for e.g. Access control. Requires prior
identification
– Dynamic adjustment of sensitivity
– False Acceptance Rate and False Rejection Rate
Copyright © Dubex A/S 1997-2002
Just a Finger ?• 5 –10 % have fingers that cannot be identified
• Practical problems– Wet or moist fingers– Cold fingers– Worn fingers (e.g. Working with solvents)– Dead fingers
• No blood pressure• No tonus
• Reluctans to put finger same place as others– Japanere, tyskere– Spritflow over glass surface
Copyright © Dubex A/S 1997-2002
Terminals for Physical Access Control• Central solution
– Common network with central database• Wiegand• Data/Clock (Magnetic stripe)• RS485• RS232
– Possible distributed database pr. terminal
• Standalone– Local database
• Data required by terminals– Positive list (cards to be accepted)– Negative list (cards revoked)
Copyright © Dubex A/S 1997-2002
Smartcard• Purpose: User identification
– Data on user profile for scanning– Linked to subsequent authentication
• Wireless Smartcard– Example MiFair card from Gemplus– Replacing the magnetic stripe cards– Possibility to combine contakt and wireless smartcard for physical and
logical soulutions respectively
• Dobbel authentication– Card authentication by terminal (Internal authentication)– Terminal authentication by card (External Authentication)– Mutual authentication, use of challenge response
Copyright © Dubex A/S 1997-2002
Terminals for logical access control
Copyright © Dubex A/S 1997-2002
Processes using Template-on-Card (1)
Matching algorithm
MatchExtract
Template
Match-on-Card
Image
Match
Extract
Terminal
Sensor
Driver
Extraction algorithm
Storing of template• Terminal• Chipkort• Server
Copyright © Dubex A/S 1997-2002
Processes using Template-on-Card (2)
Matching algorithm
Template
Image
Match
Extract
Terminal
Sensor
Driver
Extraction algorithm
Storing of template• Terminal• Chipkort• Server
Copyright © Dubex A/S 1997-2002
Processes using System-on-Card
Sensor
Driver
Extraction algorithm
Matching algorithm
Storing of template• Terminal• Chipkort• Server
Image
Template
Extract
Match
From area toline scanner
Copyright © Dubex A/S 1997-2002
• Biometrics (Chipcard with finger scanner)– Access Control
• Protection of data on smartcards in stead of pin-codes
• PKI (Public Key Infrastructure)– Electronical signatures to ensure authenticity and integrity of
documents– Protection of private keys
Biometrics and PKI (The Perfect Match)
Copyright © Dubex A/S 1997-2002
Threat and Cheat• Use of gloves
– Bandits
• Artificial materials– Same characteristics as human skin
– Re-using last persons imprint
• It is not possible to withdraw biological data En slags "elastik-pistol" - der
skyder med pinde, lavet af bambus & cykelslange
Copyright © Dubex A/S 1997-2002
Surveillance• Mass
– Identification of humans e.g. for common public security
• Individuals– Recognition e.g. to follow behaviour
patterns
• Access Control– Restricted access e.g. in areas of
luggage or fuel
• Aircrafts– Access to cabin and cockpit– Surveillance of airborne events from the
ground
Copyright © Dubex A/S 1997-2002
Facial Recognition• Facial Detection
– One or more faces e.g. In a complex scene
• Facial recognition– Authentication (1:1 matching)– Identification (1:n matching)
• Follow the facial changes over time (aging)
• Compression af facial image to 84 bytes (!)
• Dynamic facial recognition in a continous data stream vs. A still picture
Copyright © Dubex A/S 1997-2002
Enrollment of facial images i security systems
Copyright © Dubex A/S 1997-2002
Facial Identification and Recognition
Copyright © Dubex A/S 1997-2002
DNA profile• Use
– Forensics, Retsmedicinsk Institut• Biological evidence in crime cases
– NOT for IT use• It is possible to obtain cells from a person
in many ways
• Requirements for DNA sample– 200 picogram
• Example DNA profile analysis– DNA profile created as a result of 10 - 15
unique areas in the DNA – Select pre-defined areas (300-400 base pairs)– Size of image with DNA profile 100 - 700
Kbytes
Blood sample from crime scene
Copyright © Dubex A/S 1997-2002
Future Access Control to Computer Systems• With options
– Facial recognition + ”Digital ID” (barcode)
• Use of video camera
– Voice Recognition• No keyboard
– Fingerscanner
• Less probable using Iris og retina scans– Too sensitive areas and too
expensive
Copyright © Dubex A/S 1997-2002
Future ”Mobile Phone”• With options
– Fingerscan in stead of typing pin-code– Voice-identification– Language recognition
• Recording
• On-line translation
– Digital camera for facial recognition
Copyright © Dubex A/S 1997-2002
Business Perspective• Today
– Solutions available for high-risk areas (physical and electrónic)– Access control to computers– A viable alternative to expensive administration of passwords
• Tomorrow– Need to be ABSOLUTELY sure of correct sender and receiver– Standard with individual fingerscan with computers– Physical access control drives logical access control– Chipcard and/or mobile phone with biometric sensor– Use of voice recognition– Combined Biometric solutions for high-risk areas
Copyright © Dubex A/S 1997-2002
Technology Trends• Technology
– Smaller, cheaper, better linescanners will emarge replacing the area-scanners
– Chipcards with biometrics on the market 2002– DNA profile not useful for computersystems– Infrastructure challenges in larger installations
Copyright © Dubex A/S 1997-2002
”Big Brother”• Surveillance
– False sense of security with remote surveillance– Citizens will be identified with CPR and DNA profile– Increased demands for protection of registers with
information about the individual– We leave many traces every day which can be collected and
processed by computers– We may as well get used to it!