telebiometric - شرکت ارتباطات زیرساخت sarafi-telebiometric1_… · • the...
TRANSCRIPT
TeleBiometric
آبادی سهراب صرافی
۱۷دبیر گروه
کارشناس دفتر نظارت و ارزیابی فنی
Introduction
• With the growing use of applications(e-commerce, e-
voting and e-banking) involving the transfer of personal
data make it essential to provide reliable systems that are
user-friendly and generally acceptable.
• Biometric seems to provide a way of overcoming some of
conventional systems drawbacks, by basing verification on
aspects that are specific to each individuals.
Biometric Information
• Biometric Information is recorded from many biological
sources by sensors.
• Biometric Elements may be categorized as unique
processed complex signals
When it comes to working biometric identification technologies,
it’s not only our fingerprints that do the talking. Now, our eyes,
hands,
signature, speech, and even facial temperature can ID us.
Biometric Information Protection
• analysis of the threats to and countermeasures inherent in
biometric system application models;
• security requirements for securely binding a biometric
reference with an identity reference
• biometric system application models with different
scenarios for the storage of biometric references and
comparison;
Biometric Standards
Biometric reference: one or more stored biometric
samples, biometric templates or biometric models
attributed to a biometric data subject and used for
comparison
Identity reference: an identifier with a value that remains
the same for the duration of the existence of the entity in
a domain• Name
• Social Security
• Etc.
• Finger Print image
• Face image
• Etc.
Security Requirements
• Confidentiality: protect biometric information againstunauthorized access or disclosure.
• Integrity: safeguard the accuracy and completeness ofbiometric information
• Renewability :property of a transform or process to createmultiple, independent transformed biometric references derivedfrom one or more biometric samples while not revealinginformation about the original reference.
• revocability: ability to prevent future successful verification of a specific biometric reference and the corresponding identity reference
Technical Challenge
• There are two phases in a biometric system :
1. Learning phase
2. Recognition phase
Traditional Techniques
use something you have to make a
personal identification, such as a passport, driver’s license, ID
card, credit card, or key
use something you know to make a
personal identification, such as a password or a personal
identification number (PIN)
these traditional approaches are not based on any inherent
attributes of an individual to make a personal identification
Disadvantages of Traditional
Techniques
• Tokens may be lost, stolen, forgotten, or misplaced
• PIN may be forgotten by a valid user or guessed by an impostor
• Approximately 25% of the people appear to write their PIN ontheir ATM card, thus defeating the protection offered by PINwhen ATM cards are stolen.
• Unable to differentiate between an authorized person and animpostor who fraudulently acquires the token or knowledge ofthe authorized person
Biometric systems
• A biometric system is essentially a pattern recognition
system that makes a personal identification by establishing
the authenticity of a specific physiological or behavioral
characteristic possessed by the user.
Biometric Technologies
Approaches to facerecognition aretypically based onlocation andshape of facialattributes,
The underlying vascular system in the human face produces a unique facial signature when heat passes through the facial tissue andis emitted from the skin
Humans have used
fingerprints for
personal identification
for centuries and the
validity of fingerprint
identification has been
well-established.
A variety of
measurements of the
human hand,
including its shape,
and lengths and widths
of the fingers, can be
used as biometric char.
The pattern formed byveins beneath theretinal surface in an eyeis stable and uniqueand is, therefore, anaccurate and feasiblecharacteristic forrecognition.
Each person has a uniquestyle of handwriting.However, no twosignatures of a personare exactly identical; thevariations from a typicalsignature also dependupon the physical andemotional state of aperson.
A voice biometric is anumericalrepresentation of thesound, pattern andrhythm of anindividual’s voice. Theadvantage of usingvoice pattern is theability to partner withtelephone to deliveraccurate remoteauthentication
The visual texture of the iris stabilizes during the first two years of life and its complexstructure carries very distinctive informationuseful for identification of individuals..
Fingerprint Recognition
• Fingerprint is, up to now, the modality that allows the best
compromise between price, acceptability and accuracy and a
lot of systems based on this modality are already operational.
• The latest evaluation results show that the performance of
such a system deeply relies on the quality of the acquired
images, in particular during the enrolment phase.
• It seems that a not so negligible part of the population cannot
be enrolled through fingerprints (manual workers, persons with
too wet or too dry hands etc.);.
Steps in fingerprint
Face Recognition
• Face recognition is not efficient enough at this moment to deal with Large ScaleIdentification but it can be useful in the context of verification or limited accesscontrol with constrained acquisition conditions.
• During enrolment, the person must face the camera at a fixed distance and that thebackground is uniform. This will ease the verification process while remainingacceptable for the user.
• In the video context, no system can be considered as sufficiently developed but thereare promising new efforts using 3-D modeling in order to cope with the problem ofpose Of course this may mean the use of sophisticated 3-D scanners in place ofstandard medium cost cameras, therefore increasing the cost of the global systemwhich otherwise remain practicable.
Iris recognition
• The iris code obtained in the corresponding encoding process is the most precise .(thecamera must be infra-red, the eyes must be at a very precise distance from thecamera).
• These elements provide a very good quality of the initial image which is necessaryto ensure such a high level of performance.
• On the other hand they may generate a long time during the enrolment phase and thenecessity of personal assistance .
• This method also requires a relatively expensive acquisition system and necessarilyinvolves the scanning of the eye, which can initially prove offputting to users
Hand Geometry
• A variety of measurements of the human hand, including its shape, and lengths and widths of the fingers, can be used as Biometric characteristics .
• The technique is very simple, relatively easy to use, and inexpensive.
• Operational environmental factors such as dry weather, or individual anomalies such as dry skin, generally have no negative effects on identification accuracy.
• A main disadvantage of this technique is its low discriminative capability.
• Hand geometry information may not be invariant over the lifespan of an individual.
• because the physical size of a hand geometry-based system is large, it cannot be used in certain applications such as laptop computers
Measuring Performance
• The overall performance of a biometric system is assessedin terms of its accuracy, speed, and storage. Several otherfactors, like cost and ease-of-use, also affect efficacy.
• Biometric systems are not perfect, and will sometimes mistakenly accept an impostor as a valid individual (a false match) or conversely, reject a valid individual (a false nonmatch).
• The probability of committing these two types of errors are termed false nonmatch rate (FNR) and false match rate (FMR)
Other measurement
• The size of a template, the number of templates stored per individual, and the
availability of compression mechanisms determine the storage required per user.
• When template sizes are large and the templates are stored in a central
database, network bandwidth may become a system bottleneck for identification.
• For a typical access-control application, the system needs to make an
authentication decision in real-time.
• In an ATM application, for instance, it is desirable to accomplish the
authentication within about one second.
• For forensic applications, however, the time requirements may not be very
stringent.
Other Measure (Cont.)
• Some sensors, such as microphones, are already very
inexpensive, while others, such as CCD cameras, are now
becoming standard peripherals in a personal computing
environment. With the recent advances in solid-state
technology fingerprint sensors will become sufficiently
inexpensive in the next few years.
ITU-T X.1081
new security framework: Telebiometric
• A model for security and public safety in telebiometrics thatcan assist with the derivation of safe limits for the operation oftelecommunications systems and biometric devices.
• provide a framework for developing a taxonomy of biometricdevices; and
• facilitate the development of authentication mechanisms,based on both static (for example finger-prints) and dynamic(for example gait, or signature pressure variation) attributes ofa human being.
• The multimodal model covers both the physical and behavioralinteractions between a person and the environment
Telebiometric Multimodal Model:
A Three Layer Model
5 disciplines: physics, chemistry, biology, culturology, psychology
• video (sight), audio (sound), chemo (smell, taste), tango (touch);radio (radiation)- each with an out (emitted) and in (received) state
• behavioral, perceptual, conceptual
• postural, gestural, facial, verbal,, not-a-sign
• 7 SI base units (m, kg, s, A, K, mol, cd)
Flow of biometric information on
telecommunication
Summary
Biometrics refers to automatic identification of a person
based on his or her physiological or behavioral
characteristics.
It provides a better solution for the increased security
requirements of our information society than traditional
identification methods such as passwords and PINs.
As biometric sensors become less expensive and
miniaturized, and as the public realizes that biometrics is
actually an effective strategy for protection of privacy and
from fraud, this technology is likely to be used in almost
every transaction needing authentication of personal
identity.
Summary (Cont.)
Telebiometrics gained importance over the past decade, when
identification and authentication was made a central issue in
anti-terrorism system requirements.
Telebiometrics enables a reliable from of identification and
can provide a more robust fraud and identity theft protection
than other methods.
Reference
[1] Phillip H. Griffin, CISM,” TELEBIOMETRIC INFORMATION SECURITY AND SAFETY MANAGEMENT”, Building Sustainable Communities,2012
[2] Imad F. Alshaikhli, Mohammad A. AlAhmad,’Security Threats of Finger Print Biometric in Network System Environment’Journal of Advanced Computer Science and Technology Research 1 (2011)
[3] Recommendation ITU-T X.1081 (2011). The telebiometric multimodal model – A framework for the specification of security and safety aspects of telebiometrics.
[4] Dent, Alexander W. (2004). Hybrid cryptography, Cryptology ePrint Archive Report 2004/210. Retrieved November 21, 2012, from http://www.signcryption.org/ publications/pdffiles/Dent-survey-eprint-04-210.pdf
[5] Biometrics and Standards. ITU-T Technology Watch Report #12, December 2009 fromhttp://www.itu.int/oth/T230100000D/en
[6] Griffin, Phillip H., Protecting Biometrics Using Signcryption. Proceedings of ID360: The Global Forum on Identity, the Center for Identity, University of Texas at Austin, 2012.
END