18-08-2012, 03:28 PM
Biometrics
Biometrics.docx (Size: 730.89 KB / Downloads: 36)
Introduction to Biometrics
The use of biometrics in remote authentication systems has become more and more popular. Biometrics are comfortable to use, provide uniqueness for free, can not be transferred and, unlike passwords, they do not suffer from being either insecure or hard to remember. While a lot of work considering the security of biometric based in remote authentication systems has already been published, the privacy issues of such systems are not so well researched yet. This is surprising because privacy is an important issue and as our world gets more and more connected and thus control over private data becomes difficult, privacy cautions become even more important, especially with biometrics which can not be exchanged or revoked easily in case of data leakage. The paper [1] from Q. Tang, J. Bringer, H. Chabanne and D. Pointcheval, which my seminarpresentation and this report are based on, declares to be one of the first which provides some formal study about the privacy concerns in biometric based remote authentication systems. The nice thing about formal studies is that they may provide formal proofs that certain achievements can be guarantied by the system. First we will see a very basic overview over the system described in [1], then the privacy concerns to be achieved by the system will be defined, assumption about the system will be explained, next there is a description of the system procedures and finally we will see whether one can proof some privacy properties under the assumptions made.
A biometric system is a recognition system, which makes a personal identification by determining the authenticity of a specific physiological or behavioral characteristic possessed by the user. This method of identification is preferred over traditional methods involving passwords and PIN numbers for various reasons:
. The person to be identified is required to be physically present at the point of identification.
. Identification based on biometric techniques eliminates the need to remember a password or carry an identity.
Depending on the context on which a biometric system works, it can be Either classified as an identification system or a verification (authentication) system identification involves in establishing a person’s identify whereas in verification involves confirming or denying a person’s claiming identity A multi-biometrics system is obtained by the integration of multiple individual biometrics models. A numbers of models integrating hand geometry, keystroke dynamics, face and iris recognition system have flooded the markets in recent years. Here we present a multimodal system that can be embedded in a mobile phone, which integrates fingerprint, voice and facial scanning. It shuts down the problem of high False Rejection Rate of facial scanners, eliminates the fooling of fingerprint scanners and overshadows the disadvantage of voice recognition models. Mobile phones have ceased to be exclusive status of the high class and, today has become an indispensable electronic gadget in the life of many. The main reason for their higher market penetrations in recent days is their incredible array of functions at an affordable cost. Apart from setting remainders and sending e-mails, they are also used in
• SMS messaging
• e-business
History of biometrics
People have long recognized that some personal traits are distinct to each individual and have long identified the basis of their physical characteristics. Such recognition is not limited to faces. For example, friends or relatives talking on the telephone recognize one another’s voices. Scientists know from a number of archaeological artifacts that ancient civilizations, such as those of Babylonia and China, recognized the individuality of fingerprint impressions. Even today, in countries such as India, where a large segment of the population is illiterate and cannot sign their names, thumbprint impression is considered a legal signature. In 1882 Alphonse Bertillon, chief of the criminal identification division of the police department in Paris, France, developed a detailed method of identification based on certain bodily measurements, physical descriptions, and photographs. The Bertillon System of Anthropometric Identification gained wide acceptance before fingerprint identification superseded it. Biometric characteristics such as signatures, fingerprints, and DNA samples have legal status throughout the world. In most countries these characteristics can be used as evidence in a court of law to establish proof of identity. Researchers have developed elaborate systems of rules, based on indexing of characteristics, for the appropriate use of these biometrics in establishing identity. These rules are used to help decide whether a pair of biometric measurements belongs to the same person and for determining whether a particular person is already included in a biometric database Cost of implementation is the single most important factor in the widespread adoption of biometrics. Some biometric sensors, such as microphones for speech input, are already inexpensive. Other types of sensors, such as digital cameras for facial imaging, are becoming more common. Still others, such as fingerprint sensors, remain extremely expensive. The cost of storing biometric templates and of the computing power required to process and match biometric measurements continues to decrease with advances in technology. Another factor that could affect the adoption of biometrics is the negative perception of biometrics as related to privacy. If that negative perception diminishes sufficiently, the public may accept biometrics as an effective means of privacy protection and as a means of protection from fraud.
Biometric measurements belongs to the same person and for determining whether a particular person is already included in a biometric database.
System Structure
The system Q. Tang, J. Bringer, H. Chabanne and D. Pointcheval propose, mainly consists of four components: A User who wants to use some service that needs authentication. A Sensor Client which captures raw biometric data and extracts some template information. The system design is not restricted to some specific kind of biometric data, the biometrics used only have to comply with the assumptions described below. Furthermore there is one or more serviceprovider which offers some service to the user, and in case of a authentication request queries the 4th component, a database which stores the biometric information. Q. Tang, J. Bringer, H. Chabanne and D. Pointcheval tried to use as few components as possible while still keeping certain information separated in different locations. This separation of information is one of their main design ideas to provide the privacy desired and the way it is done strongly relates to the trust relationships which will be discussed in chapter assumptions.
Biometrics.docx (Size: 730.89 KB / Downloads: 36)
Introduction to Biometrics
The use of biometrics in remote authentication systems has become more and more popular. Biometrics are comfortable to use, provide uniqueness for free, can not be transferred and, unlike passwords, they do not suffer from being either insecure or hard to remember. While a lot of work considering the security of biometric based in remote authentication systems has already been published, the privacy issues of such systems are not so well researched yet. This is surprising because privacy is an important issue and as our world gets more and more connected and thus control over private data becomes difficult, privacy cautions become even more important, especially with biometrics which can not be exchanged or revoked easily in case of data leakage. The paper [1] from Q. Tang, J. Bringer, H. Chabanne and D. Pointcheval, which my seminarpresentation and this report are based on, declares to be one of the first which provides some formal study about the privacy concerns in biometric based remote authentication systems. The nice thing about formal studies is that they may provide formal proofs that certain achievements can be guarantied by the system. First we will see a very basic overview over the system described in [1], then the privacy concerns to be achieved by the system will be defined, assumption about the system will be explained, next there is a description of the system procedures and finally we will see whether one can proof some privacy properties under the assumptions made.
A biometric system is a recognition system, which makes a personal identification by determining the authenticity of a specific physiological or behavioral characteristic possessed by the user. This method of identification is preferred over traditional methods involving passwords and PIN numbers for various reasons:
. The person to be identified is required to be physically present at the point of identification.
. Identification based on biometric techniques eliminates the need to remember a password or carry an identity.
Depending on the context on which a biometric system works, it can be Either classified as an identification system or a verification (authentication) system identification involves in establishing a person’s identify whereas in verification involves confirming or denying a person’s claiming identity A multi-biometrics system is obtained by the integration of multiple individual biometrics models. A numbers of models integrating hand geometry, keystroke dynamics, face and iris recognition system have flooded the markets in recent years. Here we present a multimodal system that can be embedded in a mobile phone, which integrates fingerprint, voice and facial scanning. It shuts down the problem of high False Rejection Rate of facial scanners, eliminates the fooling of fingerprint scanners and overshadows the disadvantage of voice recognition models. Mobile phones have ceased to be exclusive status of the high class and, today has become an indispensable electronic gadget in the life of many. The main reason for their higher market penetrations in recent days is their incredible array of functions at an affordable cost. Apart from setting remainders and sending e-mails, they are also used in
• SMS messaging
• e-business
History of biometrics
People have long recognized that some personal traits are distinct to each individual and have long identified the basis of their physical characteristics. Such recognition is not limited to faces. For example, friends or relatives talking on the telephone recognize one another’s voices. Scientists know from a number of archaeological artifacts that ancient civilizations, such as those of Babylonia and China, recognized the individuality of fingerprint impressions. Even today, in countries such as India, where a large segment of the population is illiterate and cannot sign their names, thumbprint impression is considered a legal signature. In 1882 Alphonse Bertillon, chief of the criminal identification division of the police department in Paris, France, developed a detailed method of identification based on certain bodily measurements, physical descriptions, and photographs. The Bertillon System of Anthropometric Identification gained wide acceptance before fingerprint identification superseded it. Biometric characteristics such as signatures, fingerprints, and DNA samples have legal status throughout the world. In most countries these characteristics can be used as evidence in a court of law to establish proof of identity. Researchers have developed elaborate systems of rules, based on indexing of characteristics, for the appropriate use of these biometrics in establishing identity. These rules are used to help decide whether a pair of biometric measurements belongs to the same person and for determining whether a particular person is already included in a biometric database Cost of implementation is the single most important factor in the widespread adoption of biometrics. Some biometric sensors, such as microphones for speech input, are already inexpensive. Other types of sensors, such as digital cameras for facial imaging, are becoming more common. Still others, such as fingerprint sensors, remain extremely expensive. The cost of storing biometric templates and of the computing power required to process and match biometric measurements continues to decrease with advances in technology. Another factor that could affect the adoption of biometrics is the negative perception of biometrics as related to privacy. If that negative perception diminishes sufficiently, the public may accept biometrics as an effective means of privacy protection and as a means of protection from fraud.
Biometric measurements belongs to the same person and for determining whether a particular person is already included in a biometric database.
System Structure
The system Q. Tang, J. Bringer, H. Chabanne and D. Pointcheval propose, mainly consists of four components: A User who wants to use some service that needs authentication. A Sensor Client which captures raw biometric data and extracts some template information. The system design is not restricted to some specific kind of biometric data, the biometrics used only have to comply with the assumptions described below. Furthermore there is one or more serviceprovider which offers some service to the user, and in case of a authentication request queries the 4th component, a database which stores the biometric information. Q. Tang, J. Bringer, H. Chabanne and D. Pointcheval tried to use as few components as possible while still keeping certain information separated in different locations. This separation of information is one of their main design ideas to provide the privacy desired and the way it is done strongly relates to the trust relationships which will be discussed in chapter assumptions.