telebiometric - شرکت ارتباطات زیرساخت sarafi-telebiometric1_… · • the...

26
TeleBiometric سهراب صرافی آبادی دبیر گروه۱۷ ابی فنیرت و ارزیاس دفتر نظا کارشن

Upload: others

Post on 30-Apr-2020

12 views

Category:

Documents


0 download

TRANSCRIPT

TeleBiometric

آبادی سهراب صرافی

۱۷دبیر گروه

کارشناس دفتر نظارت و ارزیابی فنی

Introduction

• With the growing use of applications(e-commerce, e-

voting and e-banking) involving the transfer of personal

data make it essential to provide reliable systems that are

user-friendly and generally acceptable.

• Biometric seems to provide a way of overcoming some of

conventional systems drawbacks, by basing verification on

aspects that are specific to each individuals.

Biometric Information

• Biometric Information is recorded from many biological

sources by sensors.

• Biometric Elements may be categorized as unique

processed complex signals

When it comes to working biometric identification technologies,

it’s not only our fingerprints that do the talking. Now, our eyes,

hands,

signature, speech, and even facial temperature can ID us.

Biometric Information Protection

• analysis of the threats to and countermeasures inherent in

biometric system application models;

• security requirements for securely binding a biometric

reference with an identity reference

• biometric system application models with different

scenarios for the storage of biometric references and

comparison;

Biometric Standards

Biometric reference: one or more stored biometric

samples, biometric templates or biometric models

attributed to a biometric data subject and used for

comparison

Identity reference: an identifier with a value that remains

the same for the duration of the existence of the entity in

a domain• Name

• Social Security

• Etc.

• Finger Print image

• Face image

• Etc.

Security Requirements

• Confidentiality: protect biometric information againstunauthorized access or disclosure.

• Integrity: safeguard the accuracy and completeness ofbiometric information

• Renewability :property of a transform or process to createmultiple, independent transformed biometric references derivedfrom one or more biometric samples while not revealinginformation about the original reference.

• revocability: ability to prevent future successful verification of a specific biometric reference and the corresponding identity reference

Technical Challenge

• There are two phases in a biometric system :

1. Learning phase

2. Recognition phase

Traditional Techniques

use something you have to make a

personal identification, such as a passport, driver’s license, ID

card, credit card, or key

use something you know to make a

personal identification, such as a password or a personal

identification number (PIN)

these traditional approaches are not based on any inherent

attributes of an individual to make a personal identification

Disadvantages of Traditional

Techniques

• Tokens may be lost, stolen, forgotten, or misplaced

• PIN may be forgotten by a valid user or guessed by an impostor

• Approximately 25% of the people appear to write their PIN ontheir ATM card, thus defeating the protection offered by PINwhen ATM cards are stolen.

• Unable to differentiate between an authorized person and animpostor who fraudulently acquires the token or knowledge ofthe authorized person

Biometric systems

• A biometric system is essentially a pattern recognition

system that makes a personal identification by establishing

the authenticity of a specific physiological or behavioral

characteristic possessed by the user.

Biometric Technologies

Approaches to facerecognition aretypically based onlocation andshape of facialattributes,

The underlying vascular system in the human face produces a unique facial signature when heat passes through the facial tissue andis emitted from the skin

Humans have used

fingerprints for

personal identification

for centuries and the

validity of fingerprint

identification has been

well-established.

A variety of

measurements of the

human hand,

including its shape,

and lengths and widths

of the fingers, can be

used as biometric char.

The pattern formed byveins beneath theretinal surface in an eyeis stable and uniqueand is, therefore, anaccurate and feasiblecharacteristic forrecognition.

Each person has a uniquestyle of handwriting.However, no twosignatures of a personare exactly identical; thevariations from a typicalsignature also dependupon the physical andemotional state of aperson.

A voice biometric is anumericalrepresentation of thesound, pattern andrhythm of anindividual’s voice. Theadvantage of usingvoice pattern is theability to partner withtelephone to deliveraccurate remoteauthentication

The visual texture of the iris stabilizes during the first two years of life and its complexstructure carries very distinctive informationuseful for identification of individuals..

Fingerprint Recognition

• Fingerprint is, up to now, the modality that allows the best

compromise between price, acceptability and accuracy and a

lot of systems based on this modality are already operational.

• The latest evaluation results show that the performance of

such a system deeply relies on the quality of the acquired

images, in particular during the enrolment phase.

• It seems that a not so negligible part of the population cannot

be enrolled through fingerprints (manual workers, persons with

too wet or too dry hands etc.);.

Steps in fingerprint

Face Recognition

• Face recognition is not efficient enough at this moment to deal with Large ScaleIdentification but it can be useful in the context of verification or limited accesscontrol with constrained acquisition conditions.

• During enrolment, the person must face the camera at a fixed distance and that thebackground is uniform. This will ease the verification process while remainingacceptable for the user.

• In the video context, no system can be considered as sufficiently developed but thereare promising new efforts using 3-D modeling in order to cope with the problem ofpose Of course this may mean the use of sophisticated 3-D scanners in place ofstandard medium cost cameras, therefore increasing the cost of the global systemwhich otherwise remain practicable.

Iris recognition

• The iris code obtained in the corresponding encoding process is the most precise .(thecamera must be infra-red, the eyes must be at a very precise distance from thecamera).

• These elements provide a very good quality of the initial image which is necessaryto ensure such a high level of performance.

• On the other hand they may generate a long time during the enrolment phase and thenecessity of personal assistance .

• This method also requires a relatively expensive acquisition system and necessarilyinvolves the scanning of the eye, which can initially prove offputting to users

Hand Geometry

• A variety of measurements of the human hand, including its shape, and lengths and widths of the fingers, can be used as Biometric characteristics .

• The technique is very simple, relatively easy to use, and inexpensive.

• Operational environmental factors such as dry weather, or individual anomalies such as dry skin, generally have no negative effects on identification accuracy.

• A main disadvantage of this technique is its low discriminative capability.

• Hand geometry information may not be invariant over the lifespan of an individual.

• because the physical size of a hand geometry-based system is large, it cannot be used in certain applications such as laptop computers

Measuring Performance

• The overall performance of a biometric system is assessedin terms of its accuracy, speed, and storage. Several otherfactors, like cost and ease-of-use, also affect efficacy.

• Biometric systems are not perfect, and will sometimes mistakenly accept an impostor as a valid individual (a false match) or conversely, reject a valid individual (a false nonmatch).

• The probability of committing these two types of errors are termed false nonmatch rate (FNR) and false match rate (FMR)

Other measurement

• The size of a template, the number of templates stored per individual, and the

availability of compression mechanisms determine the storage required per user.

• When template sizes are large and the templates are stored in a central

database, network bandwidth may become a system bottleneck for identification.

• For a typical access-control application, the system needs to make an

authentication decision in real-time.

• In an ATM application, for instance, it is desirable to accomplish the

authentication within about one second.

• For forensic applications, however, the time requirements may not be very

stringent.

Other Measure (Cont.)

• Some sensors, such as microphones, are already very

inexpensive, while others, such as CCD cameras, are now

becoming standard peripherals in a personal computing

environment. With the recent advances in solid-state

technology fingerprint sensors will become sufficiently

inexpensive in the next few years.

ITU-T X.1081

new security framework: Telebiometric

• A model for security and public safety in telebiometrics thatcan assist with the derivation of safe limits for the operation oftelecommunications systems and biometric devices.

• provide a framework for developing a taxonomy of biometricdevices; and

• facilitate the development of authentication mechanisms,based on both static (for example finger-prints) and dynamic(for example gait, or signature pressure variation) attributes ofa human being.

• The multimodal model covers both the physical and behavioralinteractions between a person and the environment

Telebiometric Multimodal Model:

A Three Layer Model

5 disciplines: physics, chemistry, biology, culturology, psychology

• video (sight), audio (sound), chemo (smell, taste), tango (touch);radio (radiation)- each with an out (emitted) and in (received) state

• behavioral, perceptual, conceptual

• postural, gestural, facial, verbal,, not-a-sign

• 7 SI base units (m, kg, s, A, K, mol, cd)

Flow of biometric information on

telecommunication

Summary

Biometrics refers to automatic identification of a person

based on his or her physiological or behavioral

characteristics.

It provides a better solution for the increased security

requirements of our information society than traditional

identification methods such as passwords and PINs.

As biometric sensors become less expensive and

miniaturized, and as the public realizes that biometrics is

actually an effective strategy for protection of privacy and

from fraud, this technology is likely to be used in almost

every transaction needing authentication of personal

identity.

Summary (Cont.)

Telebiometrics gained importance over the past decade, when

identification and authentication was made a central issue in

anti-terrorism system requirements.

Telebiometrics enables a reliable from of identification and

can provide a more robust fraud and identity theft protection

than other methods.

Reference

[1] Phillip H. Griffin, CISM,” TELEBIOMETRIC INFORMATION SECURITY AND SAFETY MANAGEMENT”, Building Sustainable Communities,2012

[2] Imad F. Alshaikhli, Mohammad A. AlAhmad,’Security Threats of Finger Print Biometric in Network System Environment’Journal of Advanced Computer Science and Technology Research 1 (2011)

[3] Recommendation ITU-T X.1081 (2011). The telebiometric multimodal model – A framework for the specification of security and safety aspects of telebiometrics.

[4] Dent, Alexander W. (2004). Hybrid cryptography, Cryptology ePrint Archive Report 2004/210. Retrieved November 21, 2012, from http://www.signcryption.org/ publications/pdffiles/Dent-survey-eprint-04-210.pdf

[5] Biometrics and Standards. ITU-T Technology Watch Report #12, December 2009 fromhttp://www.itu.int/oth/T230100000D/en

[6] Griffin, Phillip H., Protecting Biometrics Using Signcryption. Proceedings of ID360: The Global Forum on Identity, the Center for Identity, University of Texas at Austin, 2012.

END