Year 13 Computer Science Lesson - Thanks for information shared by Philip Craiger Professor and Principal Investigator at Advanced Cyberforensics Education Consortium & Professor, Daytona State College
used for biometric authentication and identification • The automatic identification or identity verification of living, human individuals based on behavioural or physiological characteristics
two separate forms of ID • Something you have and something you know e.g.. bank card and PIN # • Username and password is NOT strong authentication • Just two things you know
what biometrics is a measurement of • In recent years biometrics has become an increasingly feasible solution • Avoids remembering masses of passwords • Reduced cost • Reduced size • Increased accuracy • Increased ease-of-use
one else knows it • Easy to remember passwords are easy to guess • Hard to guess passwords are hard to remember • Unless you write them down • They can be read by others
easily at least • Can’t be guessed or read by someone else • Though perhaps it can be duplicated (fingerprint impression, picture of a face, recording of a voice) • Difficult to uniquely identify
just like other forms of authentication • The key is where the problems can be addressed • It is out of the hands of the user and in the hands of the system developer • We have much more control at this level!
authentication and identification • Both uses present unique challenges • Iris scan for instance is expensive and a scan takes between 5-10 seconds • Different advantages arise form each use as well
identification • Enrollment • User provides biometric data to the system • Biometric system translate this to a template • This template is then stored http://youtu.be/JAKB6o17pfo
the distinctive features of a user’s biometric data • Used to perform biometric matches • Templates are often vendor specific, depends on the algorithm employed by the vendor
Template sizes differ from vendor to vendor • Fingerprint, iris, face etc., cant be reconstructed from a template • A unique template is generated every time a user presents biometric data! • An index of similarity must be calculated which must meet a threshold
• Correlation resulting from the match between two templates • Biometric apps use proprietary algorithms to generate scores (some better than others) • Biometric systems do not render an absolute match, only the probability of a match
to the system • Biometric system translates this to a template • The system begins comparing the template to stored templates • Templates will usually not match exactly • The score or ‘closeness’ of a match is given • If the score is above some threshold, the user is authenticated
data and converting it to a simplified form • Subsequent authentication is done against a template • User may be required to enroll several times to get a clean template • Presentation: process by which a user provides biometric data to an acquisition device
data, simplify to template • Match template against the template of the users ID in the system • 1:n Systems • Acquire biometric data, simplify to a template • Match template against all other templates, searching for the highest scoring template
level of accuracy • Range of deployment environments • Ergonomic, easy-to-use device • Weaknesses • Inability to enroll some users • Performance deterioration over time • Need to deploy specialised devices
a technique to defeat biometric fingerprint scanners used to authenticate electronic purchasing systems • Unlike an earlier fingerprint attack developed by the pair last year, this system creates latex fingertip patches designed to be used while under observation
adhesive tape to lift fingerprints off surfaces and fool scanners into accepting them as genuine • This new method involves taking a digital picture of the fingerprint image produced by the graphite powder and adhesive tape. This image is enhanced with special graphic filters– worked 80% of the time
a fingerprint recognition device using gelatine (as found in Haribo etc.) and a plastic mould to create a fake finger which he used to fool detectors 4 out of 5 times.
which he enhanced with cyanoacrylate adhesive (superglue fumes) and photographed with a digital camera. • Used Photoshop to enhance contrast of image • Etched fingerprint into copper using a photo-sensitive printed-circuit board • Made a gelatin finger using the print on the PCB • Worked approximately 80% of the time
points • There about 80 nodal points on a human face • Here are a few of the nodal points that are measured by software • Distance between the eyes • Width of nose • Cheekbones • Jaw line • Chin • Template created
equipment • Ability to operate without physical contact or user complicity • Ability to enroll static images • Weaknesses • Acquisition environment effect on matching accuracy – lighting etc. • Changes in physiological characteristics that reduce matching accuracy e.g.. facial hair • Potential for privacy abuse due to non-cooperative enrollment and identification
to quickly and securely verify identity, one of the most secure and robust internal biometrics currently available. • With ECG being an internal biometric to the body, dynamic, utilising a live signal for both liveness detection and accuracy and not requiring expensive equipment, ECG biometric authentication offers incredible flexibility and the opportunity for a highly-secure and cost-effective solution, to tackle the growing threat of cyber- crime in today’s world. • http://www.b-secur.com/
allenheard
yuko_yokouchi
matleenalaakso
codeforeveryone
2720japanoke
pokotyamu
takehikohashimoto
lsuzuki
masanari
signer
harunakano
yannickbaron
shpigford
eileencodes
thekraken
62gerente
moore
palkan
zenorocha
phodgson
scottboms
matthewcrist
reverentgeek
skipperchong
