Pages

Wednesday, July 4, 2012

Biometric Techniques - enhancing protection Standards In High performance firm

###Biometric Techniques - enhancing protection Standards In High performance firm###

Sponser Links

Introduction:

Disney Pin

In today's digital economy, where many important activities are carried out with the help of computer, the need for reliable, simple, flexible and collect system is a great concern and a provocative issue for the organisation. Day by day security breaches and transaction fraud increases, the need for collect identification and personal verification technologies is becoming a great concern to the organisation. By measuring something unique about an personel and using that to identify, an organisation can dramatically heighten their security measures. Awareness of security issues is rapidly expanding among enterprise how they want to safe the data which is a most asset that the enterprise possesses. The organisation wants to safe this data from whether internal or external threat. security plays a very important role in the society and to make computer system secure, discrete biometric techniques have been developed. Today biometric techniques are a reliable recipe of recognising the identity of a someone based on physiological or behavioral characteristics. Biometrics techniques exploit human's unique corporeal or behavioral traits in order to authenticate people. The features measured are face, fingerprints, hand geometry, iris, retinal, voice etc. Biometric authentication is increasingly being used in areas like banking, retailing, defense, manufacturing, health industry, stock exchange, social sector, airport security, internet security etc. Biometric technologies are providing a highly-secure identification and personal verification solutions. Biometric techniques are an endeavor in providing a robust clarification to many provocative problems in security. Biometrics focuses on the diagnosis of corporeal or behavioral traits that resolve personel identity. Biometrics can he used to verify the identity of an personel based on the determination and diagnosis of unique corporeal and behavioral data. Indeed, biometrics techniques increasingly are being viewed as the beloved means to confirm an individual's identity accurately.

The history of biometric techniques is not new, it trace its origin from the past. The antique biometric technique which was practiced was a form of finger printing being used in China in the 14th century, as reported by the Portuguese historian Joao de Barros. The Chinese merchants were stamping children's palm and footprints on paper with ink to distinguish the babies from one another. Biometrics the antique Greek word is the compound of two words -bio means life, metric means measurement.It is the study of methods for uniquely recognizing humans based upon corporeal or behavioral characterstics. The physiological characterstics are fingerprint, face, hand geometry, Dna and iris recognition. Behavioral are related to the behavior of a someone like signature, study of keystroke, voice etc. Thus a biometric system is essentially a pattern recognition system which makes a personal identification by determining the authenticity of a specific physiological or behavioral characteristic possessed by the user. Biometric characteristics are collected using a gismo called a sensor. These sensors are used to collect the data needed for verification or identification and to convert the data to a digital code. The ability of the gismo chosen to capture data has a valuable impact on the recognition results. The devices could be digital cameras for face recognition, ear recognition etc or a telephone for voice recognition etc. A biometric system operates in verification mode or identification mode. In verification mode the system validates a someone identity by comparing the captured biometric data with the biometric template stored in the database and is in general used for unavoidable recognition. In the identification mode the system captures the biometric data of an personel and searches the biometric template of all users in the database till a match is not found.

Different Types Of Biometric Techniques

o Face Recognition

The biometric system can automatically recognize a someone by the face. This technology works by analyzing specific features in the face like - the distance in the middle of the eyes, width of the nose, position of cheekbones, jaw line, chin ,unique shape, pattern etc. These systems involve determination of the eyes, nose, mouth, and other facial features for identification. To growth accuracy these systems also may part mouth and lip movement.Face recognition captures characteristics of a face whether from video or still image and translates unique characteristics of a face into a set of numbers. These data collected from the face are combined in a particular unit that uniquely identifies each person. Sometime the features of the face are analyzed like the ongoing changes in the face while smiling or crying or reacting to distinct situation etc.The whole face of the someone is taken into consideration or the distinct part of the face is taken into consideration for the identity of a person. It is highly complex technology. The data capture by using video or thermal imaging. The user identity is confirmed by looking at the screen. The primary advantage to using facial recognition as a biometric authenticator is that citizen are accustomed to presenting their faces for identification and instead of Id card or photo identity card this technique will be useful in identifying a person. As the someone faces changes by the age or someone goes for plastic surgery, in this case the facial recognition algorithm should part the relative position of ears, noses, eyes and other facial features.

o Hand Geometry:

Hand geometry is techniques that capture the corporeal characteristics of a user's hand and fingers. It analyses finger image ridge endings, bifurcations or branches made by ridges. These systems part and description the length, width, thickness, and face area of an individual's hand. It is used in applications like access control and time and attendance etc. It is easy to use, relatively cheap and widely accepted. A camera captures a 3 dimensional image of the hand. A verification template is created and stored in the database and is compared to the template at the time of verification of a person. Fingerprint identification.Currently fingerprint readers are being built into computer memory cards for use with laptops or Pcs and also in cellular telephones, and personal digital assistants. It is successfully implemented in the area of corporeal access control.

o Eye Recognition:

This technique involves scanning of retina and iris in eye. Retina scan technology maps the capillary pattern of the retina, a thin nerve on the back of the eye. A retina scan measures patterns at over 400 points. It analyses the iris of the eye, which is the colored ring of tissue that surrounds the pupil of the eye. This is a highly mature technology with a proven track description in a number of application areas. Retina scanning captures unique pattern of blood vessels where the iris scanning captures the iris. The user must focus on a point and when it is in that position the system uses a beam of light to capture the unique retina characterstics.It is highly collect and exact and used heavily in controlled environment. However, it is expensive, collect and requires excellent alignment and commonly the user must look in to the gismo with proper concentration. Iris recognition is one of the most reliable biometric identification and verification methods. It is used in airports for travellers.Retina scan is used in forces and government organization. Organizations use retina scans primarily for authentication in high-end security applications to control access, for example, in government buildings, forces operations or other restricted quarters, to authorized personnel only. The unique pattern and characteristics in the human iris remain unchanged throughout one's lifetime and no two persons in the world can have the same iris pattern.

o Voice Biometrics

Voice biometrics, uses the person's voice to verify or recognize the person. It verifies as well as identifies the speaker. A microphone on a approved Pc with software is required to analyze the unique characteristics of the person. Mostly used in telephone-based applications. Voice verification is easy to use and does not require a great deal of user education. To enroll, the user speaks a given pass phrase into a microphone or telephone handset. The system then creates a template based on numerous characteristics, along with pitch, tone, and shape of larynx. Typically, the enrollment process takes less than a miniature for the user to complete. Voice verification is one of the least intrusive of all biometric methods. Furthermore, voice verification is easy to use and does not require a great deal of user education.

o Signature Verification

Signature verification technology is the diagnosis of an individual's written signature, along with the speed, acceleration rate, stroke distance and pressure applied while the signature. There are distinct ways to capture data for diagnosis i.e. A special pen can be used to recognize and analyze distinct movements when writing a signature, the data will then be captured within the pen. data can also be captured within a special tablet that measures time, pressure, acceleration and the period the pen touches it .As the user writes on the tablet, the movement of the pen generates sound against paper an is used for verification. An individual's signature can convert over time, however, which can result in the system not recognizing authorized users. Signature systems rely on the gismo like special tablet, a special pen etc. When the user signs his name on an electronic pad, rather than merely comparing signatures, the gismo instead compares the direction, speed and pressure of the writing instrument as it moves over the pad.

o Keystroke

This recipe relies on the fact that every someone has her/his own keyboard-melody, which is analysed when the user types. It measures the time taken by a user in pressing a particular key or searching for a particular key.

Other Biometric Techniques Are
o Vein/vascular patterns: Analyses the

veins in, for example, the hand and the face.

o Nail identification: Analyses the tracks in the nails.

o Dna patterns: it is a very high-priced technique and it takes a long time for verification/identification of a person

o Sweat pore analysis: Analyses the way pores on a finger are located.

o Ear recognition: Shape and size of an ear are unique for every person.

o Odour detection: someone is verified or identified by their smell.

o Walking recognition: It analyses the way the someone walks.

Methods Of Biometric Authentication:

o Verification : is the process of verifying the user is who they claim to be.

o Identification : is the process of identifying the user from a set of known users.

Working Of Biometrics:

All biometric systems works in a four-stage process that consists of the following steps.

o Capture: A biometric system captures the sample of biometric characteristics like fingerprint, voice etc of the someone who wants to login to the system.

o Extraction: Unique data are extracted from the sample and a template is created. Unique features are then extracted by the system and converted into a digital biometric code. This sample is then stored as the biometric template for that individual.

o Comparison: The template is then compared with a new sample. The biometric data are then stored as the biometric template or template or reference template for that person.

o Match/non-match: The system then decides whether the features extracted from the new sample are a match or a non-match with the template. When identity needs checking, the someone interacts with the biometric system, a new biometric sample is taken and compared with the template. If the template and the new sample match, the person's identity is confirmed else a non-match is confirmed.

[Biometric Authentication system and its functional components]

The Biometric authentication system includes three layered architecture:

o Enroll: A sample is captured from a device, processed into a usable form from which a template is constructed, and returned to the application.

o Verify: One or more samples are captured, processed into a usable form, and then matched against an input template. The results of the comparison are returned.

o Identify: One or more samples are captured, processed into a usable form, and matched against a set of templates. A list is generated to show how close the samples correlate against the top candidates in the set.

A biometric template is an individual's sample, a reference data, which is first captured from the excellent biometric device. Later, the individual's identity is verified by comparing the subsequent collected data against the individual's biometric template stored in the system. Typically, while the enrollment process, three to four samples may be captured to arrive at a representative template. The resultant biometric templates, as well as the farranging enrollment process, are key for the farranging success of the biometric application. If the ability of the template is poor, the user will need to go straight through re-enrollment again. The template may be stored, within the biometric device, remotely in a central repository or on a movable card.

Storing the template on the biometric gismo has the advantage of fast access to the data. There is no dependency on the network or an additional one system to access the template. This recipe applies well in situations when there are few users of the application. Storing the template in a central repository is a good selection in a high-performance, collect environment. Keep in mind that the size of the biometric template varies from one seller stock to the next and is typically in the middle of 9 bytes and 1.5k. For example, as a fingerprint is scanned, up to 100 minutia points are captured and run against an algorithm to create a 256-byte binary template. An ideal configuration could be one in which copies of templates related to users are stored locally for fast access, while others are downloaded from the system if the template cannot be found locally.

Storing the template on a card or a token has the advantage that the user carries his or her template with them and can use it at any authorized reader position. Users might prefer this recipe because they vocalize control and proprietary of their template. However, if the token is lost or damaged, the user would need to re-enroll. If the user base does not object to warehouse of the templates on the network, then an ideal clarification would be to store the template on the token as well as the network. If the token is lost or damaged, the user can supply approved identity data to access the data based on the template that can be accessed on the network. The enrollment time is the time it takes to enroll or register a user to the biometric system. The enrollment time depends on a number of variables such as: users' feel with the gismo or use of convention software or type of data collected at the time of enrollment

Biometric operation Measures:

o False acceptance rate (Far) or False match rate (Fmr): the probability that the system incorrectly declares a thriving match in the middle of the input pattern and a non-matching pattern in the database. It measures the percent of invalid matches. These systems are valuable since they are generally used to forbid unavoidable actions by disallowed people.

o False reject rate (Frr) or False non-match rate (Fnmr): the probability that the system incorrectly declares failure of match in the middle of the input pattern and the matching template in the database. It measures the percent of valid inputs being rejected.

o Receiver (or relative) operating characteristic (Roc): In general, the matching algorithm performs a decision using some parameters (e.g. A threshold). In biometric systems the Far and Frr can typically be traded off against each other by changing those parameters. The Roc plot is obtained by graphing the values of Far and Frr, changing the variables implicitly. A base inequity is the Detection error trade-off (Det), which is obtained using general deviate scales on both axes.

o Equal error rate (Eer): The rates at which both accept and reject errors are equal. Roc or Det plotting is used because how Far and Frr can be changed, is shown clearly. When quick comparison of two systems is required, the Err is generally used. Obtained from the Roc plot by taking the point where Far and Frr have the same value. The lower the Eer, the more exact the system is considered to be.

o Failure to enroll rate (Fte or Fer): the percentage of data input is considered invalid and fails to input into the system. Failure to enroll happens when the data obtained by the sensor are considered invalid or of poor quality.

o Failure to capture rate (Ftc): Within self-acting systems, the probability that the system fails to detect a biometric characteristic when presented correctly.

o Template capacity: the maximum number of sets of data which can be input in to the system.

For example, operation parameters related with the fingerprint reader may be:

o a false acceptance rate of less than or equal to 0.01 percent

o a false rejection rate of less than 1.4 percent

o the image capture area is 26×14 mm.

Obviously, these two measures should be as low as potential to avoid authorized user rejection but keep out unauthorized users. In applications with medium security level a 10% False Rejection Error will be unacceptable, where false acceptance rate error of 5% is acceptable.

False Acceptance When a biometric system incorrectly identifies an personel or incorrectly verifies an impostor against a claimed identity. Also known as a Type Ii error. False Acceptance Rate/Far

The probability that a biometric system will incorrectly recognize an personel or will fail to reject an impostor. Also known as the Type Ii error rate.

It is stated as follows:

Far = Nfa / Niia or Far = Nfa / Niva

where Far is the false acceptance rate

Nfa is the number of false acceptances

Niia is the number of impostor identification attempts

Niva is the number of impostor verification attempts

False Rejection Rate/Frr The probability that a biometric system will fail to recognize an enrollee, or verify the legitimate claimed identity of an enrollee. Also known as a Type I error rate.

It is stated as follows:

Frr = Nfr / Neia or Frr = Nfr / Neva

where Frr is the false rejection rate

Nfr is the number of false rejections

Neia is the number of enrollee identification attempts

Neva is the number of enrollee verification attempts

Crossover Error Rate (Cer)

Represents the point at which the false reject rate = the false acceptance rate.

Stated in percentage

Good for comparing distinct biometrics systems

A system with a Cer of 3 will be more exact than a system with a Cer of 4

Biometrics Use In Industry

Punjab National Bank (Pnb) installed its first biometric Atm at a settlement in Gautam Budh Nagar (Up) to spread financial inclusion. "The move would help illiterate and semi-literate customers to do banking transaction any time.

Union Bank of India biometric smart cards launched. Hawkers and small traders could avail loan from the bank using the card.

In Coca-Cola Co., hand-scanning machines are used to replace the time card monitoring for the workers. In New Jersey and six other states, fingerprint scanners are now used to crack down on citizen claiming welfare benefits under two distinct names.

In Cook County, Illinois, a sophisticated camera that analyzes the iris patterns of an individual's eyeball is helping ensure that the right citizen are released from jail. At Purdue University in Indiana, the campus prestige union is installing self-acting teller machines with a finger scanner that will eliminate the need for plastic bankcards and personal identification numbers.

MasterCard International Inc. And Visa Usa Inc., the world's two largest prestige card companies, have begun to study the feasibility of using finger-scanning devices at the point of sale to verify that the card user is verily the card holder. The scanners would correlate fingerprints with biometric data stored on a microchip embedded in the prestige card.
Walt Disney World in Orlando has started taking hand scans of citizen who buy every year passes. These visitors now must pass straight through a scanner when entering the park preventing them from lending their passes to other people.

The technology also received farranging attention at summer's Olympic Games Atlanta, where 65,000 athletes, coaches and officials used a hand-scanning system to enter the Olympic Village.

Selection of Biometric Techniques:

There are a lot of decision factors for selecting a particular biometric technology for a specific application.

1. Economic Feasibility or Cost:-The cost of biometric system implementation has decreased recently; it is still a major barricade for many companies. primary authentication systems, such as passwords and Pin, require relatively miniature training, but this is not the case with the most generally used biometric systems. Level operation of those systems requires training for both systems administrators and users.

2. Risk Analysis:-Error rates and the types of errors vary with the biometrics deployed and the circumstances of deployment. unavoidable types of errors, such as false matches, may pose basal risks to enterprise security, while other types of errors may sell out productivity and growth costs. Businesses planning biometrics implementation will need to think the approved error threshold.

3. Perception of Users:-Users generally view behavior-based biometrics such as voice recognition and signature verification as less intrusive and less privacy-threatening than physiology-based biometrics.

4. TechnoSocio Feasibility:-Organizations should focus on the user-technology interface and the conditions in the organizational environment that may work on the technology's performance. The society should create awareness among the users how to use the techniques and should overcome the psychological factors as user fears about the technology. society has to also think the privacy proprietary of users while implementing the biometric techniques.

5. Security: Biometric techniques should have high security standards if they will be implemented in high collect environment. The biometric techniques should be evaluated on the basis of their features, potential risk and area of application, and subjected to a farranging risk analysis.

6. User cordial and social acceptability -Biometric techniques should be robust and user cordial to use and they should function reliably for a long period of time. The techniques should not divide the society into two group i.e. Digital and non digital society.

7. Legal Feasibility-Government has to form a regulatory statutory framework for the use of biometric techniques in discrete market applications. It should form a approved regulatory framework for use of these techniques in market applications or transactions. If required the framework has to be regulated and changed time to time.

8. Privacy-As biometric techniques rely on personal corporeal characteristics, an act has to be made to safe the individual's privacy data not to be used by other. A data security law has to be created in order to safe the person's privacy data.
Criteria for evaluating biometric technologies.

The reliability and acceptance of a system depends on the effectiveness of the system, how the system is protected against unauthorized modification, knowledge or use, how the systems supply solutions to the threats and its ability and effectiveness to recognize system's abuses.

These biometric methods use data compression algorithms, protocols and codes. These algorithms can be classified in three categories:

o Statistical modeling methods,

o Dynamic programming,

o Neural networks.

The mathematical tools used in biometric procedure need to be evaluated. Mathematical diagnosis and proofs of the algorithms need to be evaluated by experts on the particular fields. If algorithms implement "wrong" mathematics then the algorithms are wrong and the systems based on these algorithms are vulnerable. If the algorithms used in the biometric methods have "leaks", or if sufficient decoding algorithms can be found then the biometric methods themselves are vulnerable and thus the systems based on these methods come to be unsafe.

Different algorithms offer distinct degrees of security, it depends on how hard they are to break. If the cost required to break an algorithm is greater than the value of the data then we are probably safe. In our case where biometric methods are used in financial transactions where a lot of money is complex it makes it worth it for an intruder to spend the money for cryptanalysis.

The cryptographic algorithms or techniques used to implement the algorithms and protocols can be vulnerable to attacks. Attacks can also be conceived against the protocols themselves or aged approved algorithms. Thus criteria should be set for the proper appraisal of the biometric methods addressing these theoretical concerns.

The appraisal of the biometric systems is based on their implementation. There are four basic steps in the implementation of the biometric systems which impose the formation of evaluative criteria.

o Capture of the users attribute.

o Template generation of the users attribute.

o Comparison of the input with the stored template for the authorized user.

o Decision on access acceptance or rejection.

Applications of biometric techniques

Biometrics is an emerging technology which has been widely used in distinct society for the security purpose. Biometrics can be used to forestall unauthorized access to Atms, cellular phones, smart cards, desktop Pcs, workstations, and computer networks. It can be used while transactions conducted via telephone and Internet (electronic manufactures and electronic banking). Due to increased security threats, many countries have started using biometrics for border control and national Id cards. The use of biometric identification or verification systems are widely used in distinct clubs as well as the government agencies. The applications where biometric technique has its presence are

o Identity cards and passports.

o Banking, using Atms, Accessing Network Resource

o Physical access control of buildings, areas, doors and cars.

o Personal identification

o Equipment access control

o Electronic access to services (e-banking, e-commerce)

o Travel and Transportation, Sporting Event

o Border control

o Banking and finance, Shopping Mall

o Airport security

o Cyber security

o Time supervision in Organization

o Voice Recognition(Telebanking)

o Prison visitor monitoring system.

o Voting System

Prospects of Biometric Techniques:

The biometric manufactures is at an infancy stage in India, but is growing fast to capture the whole market. This technique is expanding both into inexpressive and social areas of application. Biometric applications need to interconnect to manifold devices and patrimony applications. The manufactures market and consumer markets are adopting biometric technologies for increased security and convenience. With the decreasing price of biometric solutions and improved technology, more society is arrival send to implement this technology. The lack of a approved regulatory framework is a major drawback in implementing biometrics in organisation.It is not widely approved by the users because some society and society have the concept that this technology is inappropriate and the privacy data of the users are lost. If proper regulatory framework is not established it will not be approved by the society as well as by the user. The devices manufactured for biometric techniques has to comply with standards Increased It spending in the government and financial sector offers better opportunities for such deployments. Even though there are no global mandated or regulatory frame works as of now, they are imaginable to arrive very soon.
Standarad law and regulation will open a wide market for biometrics in electronic legal and market transactions.

The anti-terrorism act has introduced has a wide scope for the biometric techniques to be implemented.

Consumer privacy data has to be protected in order to be widely approved by the user.
Integration of biometric with distinct patrimony application and hardware.

Biometric technique has a great query in the telecommunication domain.

The notebook and laptop manufacturer has already implemented the biometric techniques like finger printing for the enhancement of the security.

The biometric manufactures must address major challenges related to performance, real-world utility, and potential privacy impact in order for biometrics to reach their full potential
Many clubs are also implementing biometric technologies to collect areas, vocalize time records, and heighten user convenience.

An provocative biometric application is linking biometrics to prestige cards.

Other financial transactions could advantage from biometrics, e.g., voice verification when banking by phone, fingerprint validation for e-commerce, etc. The market is huge, and covers a very wide range of hardware, applications and services.

Conclusion:

The future of this technology is booming. With the rapid growth of fraud and theft in market transaction; it is a great concern for the society to use biometric as key instrument in eliminating the fraud and flaws in the primary security approach. Both businesses and consumers are anxious for greater security in market transactions. The technology is increasingly reliable and affordable, and the query of the legal enforceability of electronic contracts is settled. While consumers recognize the benefits of biometric authentication, they are reluctant to fully accept the technology without adequate assurances that clubs will keep their biometric data confidential and branch to discrete safeguards and the existing law provides a miniature part of security for biometric data so greater security should be offered to consumers so that their personal data is not misused. Biometrics will play vital roles in the next generation of self-acting identification system. Biometric identifiers must be considered when implementing a biometric-based identification system. The applicability of specific biometric techniques depends heavily on the application domain. Biometrics must be implemented properly to be sufficient and the consequences considered. Biometrics will come to be increasingly prevalent in day-to-day activities where proper identification is required. The real future of the technology lies in creating a biometric trust infrastructure that allows inexpressive sector and the social sector to cope security needs. Ultimately, such an infrastructure would allow citizen to move to discrete locations worldwide while maintaining their security clearance as defined by their physiological and behavioral identities.

Biometric Techniques - enhancing protection Standards In High performance firm


0 comments:

Post a Comment