G.

PULLAIAH COLLEGE
OF ENGINEERING
AND TECNOLOGY
KURNOOL.

Seminar on
4G Technology
By C.MOUNIKA
2nd CSE
Privacy & Identity.
Security and Usability:
The viability of Password.
Biometrics .
Introduction

 Name: Orville Wilson.

 Alumni at DePaul University.
 Doctoral Student.
 Currently work for an Information
Security and Managed Services firm,
Fortrex Technologies, located in
DC/Baltimore area.
 Agenda
 Statistical Research
 Background on Passwords
& Biometrics
 Overview of Biometrics
 How they work
 Strengths, Weakness and
Usability of Biometrics
 Conclusion
Empirical Data

 Yearly cyber crime cost in the US is over

$377 million and rising – CSI/FBI Study
 Federal Trade Commission found that
identity theft accounted for $48 billion in
losses to business over the past five
years
Background on Passwords &
Biometrics
 Passwords
 Ubiquitous Technology
 Passwords are one of the oldest authentication methods.
 Many organizations and institutions have used passwords for
computer access since 1963 when Fernando J. Corbato added
private codes to the CTSS at MIT
 Biometrics
 First introduced in the 1970s and early 1980s
 This technology gathers unique physiological or behavioral
attributes of a person for storing it in a database or comparing
it with one already found in a database.
 Reason for biometrics include the positive authentication and
verification of a person and ensuring confidentiality of
information in storage or in transit
Biometrics

 2 Categories of Biometrics
 Physiological – also known as static biometrics:
Biometrics based on data derived from the
measurement of a part of a person’s anatomy. For
example, fingerprints and iris patterns, as well as
facial features, hand geometry and retinal blood
vessels
 Behavioral – biometrics based on data derived
from measurement of an action performed by a
person and, distinctively, incorporating time as a
metric, that is, the measured action. For example,
voice (speaker verification)
 Biometrics – How do they
work?
 Although biometric technologies
differ, they all work in a similar
fashion:
 The user submits a sample that is
an identifiable, unprocessed
image or recording of the
physiological or behavioral
biometric via an acquisition
device (for example, a scanner or
camera)
 This biometric is then processed
to extract information about
distinctive features to create a
trial template or verification
template
 Templates are large number
sequences. The trial template is
the user’s “password.”
Overview of Biometrics
Biometric Acquisition Device Sample Feature Extracted
Iris Infrared-enabled video Black and white iris image Furrows and striations of
camera, PC iris
camera
Fingerprint Desktop peripheral, PC Fingerprint image (optical, Location and direction of
card, mouse chip silicon, ultrasound or ridge endings and
or reader touchless) bifurcations on
embedded in fingerprint, minutiae
keyboard
Voice Microphone, telephone Voice Recording Frequency, cadence and
duration of vocal
pattern
Signature Signature Tablet, Image of Signature and Speed, stroke order,
Motion-sensitive record of related pressure and
stylus dynamics appearance of
measurement signature
Face Video Camera, PC Facial image (optical or Relative position and shape
camera, single- thermal) of nose, position of
image camera cheekbones
Hand Proprietary Wall- 3-D image of top and sides Height and width of bones
mounted unit of hand and joints in hands
and fingers
Retina Proprietary desktop or Retina Image Blood vessel patterns and
wall mountable retina
unit
 Strengths, Weaknesses and
Usability of Biometrics
Biometric Strengths Weakness Usability
Iris  Very stable over time  Potential user resistance  Information security
 Uniqueness  Requires user training access control,
 Dependant on a single especially for
vendor’s technology Federal Institutions and
government agencies
 Physical access control
(FIs and government)
 Kiosks (ATMs and
airline tickets)

Fingerprint  Most mature biometric  Physical contact required (a  IS access control

technology problem in some cultures)  Physical access control
 Accepted reliability  Association with  Automotive
 Many vendors criminal justice
 Small template (less than
 Vendor incompatibility
500 bytes)
 Hampered by temporary
 Small sensors that can be
physical injury
built into mice, keyboards
or portable devices

Optical  Most proven over time  Large physical size

 Temperature stable  Latent prints
 CCD coating erodes with age
 Durability unproven
 Strengths, Weaknesses and
Usability of Biometrics
Biometrics Strengths Weakness Usability

Silicon  Small physical size  Requires careful enrollment

 Cost is declining  Unproven in sub optimal
conditions

Ultrasound  Most accurate in sub optimal  New technology, few

conditions implementations
 Unproven long term
performance

Voice  Good user acceptance  Unstable over time  Mobile phones

 Low training  Changes with time, illness stress  Telephone banking and
 Microphone can be built into or injury other automated call
PC or mobile device  Different microphones generate centers
different samples
 Large template unsuitable for
recognition

Signatures  High user acceptance  Unstable over time  Portable devices with
 Minimal training  Occasional erratic variability stylus input
 Changes with illness, stress or  Applications where a “wet
injury signature” ordinarily
 Enrollment takes times would be used.
 Strengths, Weaknesses and
Usability of Biometrics
Biometrics Strengths Weakness Usability

Face  Universally present  Cannot distinguish identical  Physical access control

siblings
 Religious or cultural prohibitions

Hand  Small template (approximately  Physical size of acquisition device  Physical access control
10 bytes)  Physical contact required  Time and attendance
 Low failure to enroll rate  Juvenile finger growth
 Unaffected by skin condition  Hampered by temporary physical
injury

Retina  Stable over time  Requires user training and  IS access control,
 Uniqueness cooperation especially for high security
 High user resistance government agencies
 Slow read time  Physical access control
 Dependent on a single vendor’s (same as IS access control)
technology
Comparison of Different
Biometrics Technology
Promise that Biometrics hold
for Privacy
 Increased Security
 Biometric cannot be lost, stolen or
forgotten; it cannot be written down and
stolen by social re-engineering
 By implementing biometrics organizations
can positively verify users’ identities,
improving personal accountability
 In conjunction with smart cards biometrics
can provide strong security for Public Key
Infrastructure (PKI)
Perils that Biometrics hold for
Privacy
 Privacy is one of the leading inhibitor for
biometrics technology. Main issues:
 Misuse of Data
 Health/Lifestyle – Specific biometric data has been
linked with the information beyond which it is set out
to be used for such as AIDS. Is a person able to
control the information gathered on himself/herself?
 Function Creep
 Law Enforcement – The template database may be
available for law enforcement
 Credit Reporting – The template database may be
cross referenced against other databases including
those held in hospitals and the police departments,
by a credit reporting agency
Future Trends in Biometrics

 Body Odor – Body odor can be digitally

recorded for identification. A British company,
Mastiff Electronic System Ltd. Is working on
such a system
 DNA Matching – The is the ultimate biometric
technology that can produce proof positive
identification of an individual
 Keystroke Dynamics – Keystroke dynamics,
also referred to as typing rhythms, is an
innovative biometric technology
Conclusion
1. All authentication methods are prone to errors.
Nevertheless, reliable user authentication must ensure
that an attacker cannot masquerade as a legitimate
user
2. Biometrics is uniquely bound to individuals and may
offer organizations a stronger method of authentication
3. Biometric systems are not foolproof; they can be
compromised by:
 Submission of another person’s biometric
 Submission of enrollee’s biometric with the user under duress or incapacitated

4. A prudent balance between Security and Privacy

needs to be achieved
   NAC-3000 Fingerprint/Smart Attendance and Access Control Terminal

NAC-3000 is an advanced product, which core technologies of NITGEN® recognized worldwide such as fingerprint recognition algorithm, optical sensors, embedded de sign technology, and software
application technology are organically combined and optimized. In addition, until other existing acce ss control systems that use passwords of ID cards only, It is free from such risks as loss of
password and abuse or duplication of card, prov iding excellent convenience and security. This software solution is designe d to maximize operational efficiency, enabling integrated monitoring and
systematic management of terminals which hav e been operated independently on a remote location via the network.

View Catalogue...

  NAC-2500 Fingerprint/Smart Attendance and Access Control Terminal

This fully automated system has been designed and produced with the sensor and algorithm that only NITGEN® outstanding fingerprint recognition technology has made possible, this fingerprint
recognition access control system is capable of speedy authentication using fingerprint data. With this biometric security software solution, we have made it possible for you to build a more improv ed
and efficient security system at a lower installation cost. In addition, this biometric security system offers you ente rprise level entry / exit and employees work hour Time & Attendance management
systems with its LAN communication-based network structure, and enhanced server management program.

View Catalogue...

  Bio-Access V2 Fingerprint/Smart/Proximity Attendance and Access Control Terminal

BioAccess v2 is a High Quality Biometrics Fingerprint Based Time Attendance System. It has got TCP/IP (Ethernet) connectivity with USB Disk for easy data download. With a capacity of storing 2000
fingerprint, it's use ful for 500 users.

View Catalogue...

  T7 Fingerprint/Smart/ Proximity Attendance and Access Control Terminal

Features:
• 2,000 fingerprint/ 50,000 Transactions;  
• 1:1 Authentication and 1:N Identification;  
• Standalone / Network communication via Rs232 / Rs485 (max. 32 ch) TCP/IP & USB  
• Up to 3 fingerprint Templates per registration;  
• Password Entry Available;  
• Protection from Scratch and ESD (Electro Static Discharge);  
• High Quality Optical Sensor

View Catalogue...

 
   
  Features T10 Fingerprint Access Control

• 2,000 users and 50,000 log records

• Specially designed Optical Scanner with toughened glass
•  Light sensitive Optical scanner, to provide perfect reading in all lighting conditions.
•  Provision for connecting an 26 bit weigand output card reader (EM or Mifare) to make the reader provide Card or Pin or Finger option
•  C an provide super efficient 1:1 and 1 :N Fingerprint matching, card or password
•  Super fast verification algorithm, with voice support. Verification time of less than 1.5 seconds, even when 2000 users are stored
 
View Catalogue...

  FRT Fingerprint Terminal

WIN-S-5000 Finge rprint R ecognition Terminal (FRT) Is a standalone Biometrics Finge rprint recognition base d Time Attendance system with TCP/IP networking capabilities. FR T consists of a robust
standalone Fingerprint terminal with LCD, Keypad, Fingerprint scanner, 800MHz processor, memory, communication and storage capabilities. BioEnable FRT does not depend on computer or external
resources for Its operations though It can work together with multiple FRTs to provide centralized database and management capabilities.

View Catalogue...

  AFD-500 Fingerprint Attendance and Access Control Terminal

AFD 500 supports up to 500 fingerprints enrolled in a device and authenticating fingerprints takes less than a couple of seconds. The system is highly accurate and has less than one in a million
chance of incorrectly accepting a fingerprint that is not authorized.

  Fingerprint Hamster

Fingerprint Recognition Hamster is a fingering scanner for a computer Security featuring superior performance, accuracy, durability based on unique NITGEN Fingerprint Biometric Technology, It can be
plugged into a computer separately with your mouse It is very safe and convenient device for security instead of password that IE vulne rable to fraud and is hard to remember.

View Catalogue...

  Fingerprint Door Lock

Door watch is a state of the art finger print identification door lock and after the extreme security and user convenience by adopting superior biometric technology instead of password, card, key
method that is vulnerable to fraud and is hard to remember,

View Catalogue...

  Fingerprint Car Security System

SecuOn - Auto is a security device installed inside the car, which does not allow your car to be started without fingerprint verification eve n if right key is used. It immobilize your car in your absence
and prevent it from theft or use by unauthorized person.

You can register yourself (Fingerprint) as master and can also register Fingerprints of your family, friends who are authorized to use your car. SecuOn can store upto 100 Fingerprints

View Catalogue...
 ? ??
S ?
R I E
UE
? ? Q
??
Thank you