No. Definition PO1 Apply soft skills in work and career related activities PO2 Demonstrate knowledge and understanding of fundamental concepts, principles and best practices PO3 Analyse the requirements to address problems or opportunities in relevant domains or organisations PO4 Recognise and pursue continued life-long learning throughout their career PO5 Blend innovative mind and entrepreneurial skills PO6 Relate moral and ethical values to the practice of a professional PO7 Demonstrate knowledge and understanding of essential facts, concepts, principles, and theories relating to security technology PO8 Apply principles and knowledge of security technology in relevant areas PO9 Design, integrate, implement and manage information technology solutions and resources, and recognise the impact of technology on individuals, organisations and society Learning Outcomes LO1: Describe the various techniques and algorithms underlying password authentication and biometric technology (Cognitive, Level 1) LO2: Identify the advantages and disadvantages of applying password authentication and biometrics in different security systems (Cognitive, Level 4) LO3: Plan and design the practical security solutions for real- world applications using password authentication and biometrics (Cognitive, Level 5) LO4: Evaluate the various industry standards available for biometric implementation (Cognitive, Level 6) Course Information Lecturer: Dr. Ong Thian Song (tsong@mmu.edu.my) Consultation: Tuesday 1pm-3pm / Wednesday 10am-12pm
Books: Security and Access Control Using Biometric Technologies , Robert Newman (author) ISBN-10: 1435441052 | ISBN-13: 9781435441057 | 456 Pages | Paperbound | 2010 | Published
Security and Access Control Using Biometric Technologies Lecture 1 Access Control Using Biometrics 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Objectives Become familiar with biometric and security terms Look at various security concepts and processes Identify environments where biometric systems are viable Identify various usage, verification, identification, and screening techniques Describe access control security issues Review various cost parameters for asset security Establish a basic understanding of the biometrics environment 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Why Biometrics? Biometrics is a general term used alternatively to describe a characteristic or a process. As a characteristic, it is a measurable biological (anatomical and physiological) and behavioral characteristic that can be used for automated recognition. As a process, it is an automated method of recognizing an individual based on measurable biological (anatomical and physiological) and behavioral characteristics. 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Reasons The person to be identified is required to be physically present at the point of identification. Identification based on biometric techniques obviates the need to remember a password or carry a token. 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Biometrics Fundamentals The term biometrics has two distinct meanings: bio, meaning living creature metrics, meaning the ability to measure an object quantitatively 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Automatic Identification and Data Capture (AIDC) AIDC describes data collection by means other than manual notation or keyboard input. The family of AIDC technologies can be broken down into six categories: biometrics electromagnetics magnetics optical smart cards touch
2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Biometric System Usage Management information departments Government agencies ATMs or banks Law enforcement Prisons International border control Military agencies
2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Automated Methods Provide a mechanism to scan and capture a digital or analog image of a living personal characteristic. Utilize compression, processing, and comparison of the image to a database of stored images. Interface with applications systems. 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Biometric Perceptions Widespread usage, implementation, and public acceptance of biometric technology have not established a foothold in corporate America. The general populations perceptions of biometrics have been altered by false claims and data. The fundamental fear behind biometrics is the fear of the unknown.
2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Using Biometrics Identity verification techniques: Possession-based: security is based on a "token" the user has, such as a credit card or a document. If it is lost, somebody else can use it to falsify his/her identity. Knowledge-based: security is based on using a password. Even if one uses the best encrypting algorithm, the whole security system is based on a key. If the password is too short, it is simple to guess it or crack it after several attempts. 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Biometric Advantages Biometric traits can not be lost or forgotten. Biometric traits are difficult to copy, share, and distribute They require the person being authenticated to be present at the time and point of authentication. Biometric systems can be used in conjunction with passwords or tokens, thus improving the security of existing systems without replacing them.
2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Biometric Methods Finger scanning Finger and hand geometry Iris and palm imaging Face, retina, and voice recognition Signature verification 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Table 1.1 Comparative Accuracy Technique Comparative Accuracy Finger scanning 1:500 Hand geometry 1:500 Iris imaging 1:131,000 Retina recognition 1:10,000,000 Signature verification 1:50 Speech recognition 1:50 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Finger Scanning The users finger is placed on a reader where a picture is taken of the fingerprint. The system then converts this picture into a map of minutiae points, which is then input into an algorithm for creating a binary template. This binary template is stored and compared during the authentication and verification process. 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Finger Geometry The user inserts the index and middle finger into a reader, and a camera takes a three- dimensional image, or inserts a finger into a tunnel, where sensors take three-dimensional measurements. 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Hand Geometry Users place their hand on a reader, aligning their fingers with specially positioned guides, and a camera captures an image. Measurements center on finger length and the shape of the fingers and knuckles. 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Palm Imaging A scanner shaped to accommodate the palm scans the ridges, valleys, and minutiae data found on the palm. Alternatively, latent or ink images of the palm can be scanned, and the minutiae data is extracted, processed, and stored in the system. 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Iris Imaging A black-and-white video camera can be used to capture an image of the iris. Unique features of the iris are extracted from the captured image by the recognition system. These features are converted into a unique iris code, which is compared to previously stored iris codes for user recognition. 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Retina Recognition The user views a green dot for a few seconds until the eye is sufficiently focused for a scanner to capture the blood vessel pattern. The retina pattern is captured by the scanner and then compared to previously stored patterns for identification. 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Face Recognition The camera captures a face image and a number of points on the face are mapped by the system. From these measurements, a unique representation of the individuals face is created. A complete map of the entire face can be created. 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Voice Recognition Speaker recognition uses the acoustic features of speech that have been found to differ between individuals. 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Signature Verification The system examines the dynamics of the signing process, rather than the signature. Extracted characteristics may include: the angle at which the pen is held the time taken to sign velocity and acceleration of the signing process the number of times the pen is lifted from the document during the signing process 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Figure 1.1 Biometric Access Signature verification Face Recognition Hand and palm scanning Finger scanning Biometrics Computer System Iris and retina scanning Secure Facility Authorized person 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Biometric Security Environment Trusted systems Access control CIA Using biometric systems Biometric identification advantages 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. CIA Confidentiality has been defined by the International Organization for Standardization (ISO) as "ensuring that information is accessible only to those authorized to have access" and is one of the cornerstones of information security. Integrity implies protection against unauthorized modification or destruction of information. This defines a state in which information has remained unaltered from the point it was produced by a source, during transmission, storage, and eventual receipt by the destination. Accessibility is an aggregate measure of how reachable locations are from a given location. Common measures of accessibility are distance and cost. There are also new laws that define accessibility for handicapped individuals.
2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Biometric Identification Advantages Biometric identification can provide extremely accurate, secured access to information; fingerprints, and retinal and iris scans produce absolutely unique data sets when done properly. Current methods, like password verification, have many problems (people write them down, they forget them, they make up easy-to-hack passwords). Automated biometric identification can be done very rapidly and uniformly, with a minimum of training. Identities can be verified without resorting to documents that may be stolen, lost, or altered.
2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Access Control for Physical Facilities and Resources Access security Access control for internal personnel Access control for: contractors maintenance vendors suppliers Access control for visitors 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Techniques for Preventing Theft and Destruction Intrusion detection Intrusion prevention 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Computer Authentication and Authorization Authentication is the process of validating the claimed identity of an end computer or network user or a device, such as: a host computer a router some other physical element Authorization is the act of granting access rights to a user, groups of users, system, or program. 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Figure 1.2 Flow User enters logon and password Security Database Authenticated? No Yes User enters logon and password Authorized? No Yes User accesses the application and databases 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Table 1.2 Three Factor Examples Something you are Biometric techniques Something you have RFD card, smart card, chip Something you know Password, logon 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Biometric Terms and Concepts Continuity of identity is concerned with human physical continuity. Identification is the one-to-many process of comparing a submitted biometric sample against all biometric reference templates on file. Biometric verification is the process of establishing the validity of a claimed identity by comparing a verification template to an enrollment template. 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Biometric Terms and Concepts A template consists of data that represents the biometric measurement of an enrollee, used by a biometric system for comparison against subsequently submitted biometric samples. A token is a physical device that carries an individual's credentials. Matching is the process of comparing a biometric sample against a previously stored template and scoring the level of similarity. 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Biometric Terms and Concepts Pattern recognition is a subtopic of machine learning. It can be defined as the act of inputting raw data and taking an action based on the category of the data. Pattern matching is the act of checking for the presence of the constituents of a given pattern. Covert screening occurs in situations where biometric samples are being collected at a location that is not known to bystanders. 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Biometric Terms and Concepts Enrollment is the process of collecting a biometric sample from an end user, converting it into a biometric reference, and storing it in the biometric systems database for later comparison. Extraction is the process by which the biometric sample captured is transformed into an electronic representation. 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Major Issues and Concerns Biometric technology is inherently individuating and interfaces readily to database technology, making privacy violations easier and more damaging. Privacy must be designed into systems from the beginning, as it is difficult to retrofit complex systems for privacy functions. 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Major Issues and Concerns Biometrics is no substitute for quality data about potential risks. Biometric identification is only as good as the initial ID. Biometric identification is often overkill for the task at hand. 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Major Issues and Concerns Some biometric technologies are discriminatory. Biometric systems' accuracy is impossible to assess before deployment. The cost of failure is high. 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Security Cost Justification One method of determining the degree of security needed is to assess the value of the database element that may be placed at risk. This value would include the cost of collecting the data and re-creating the database. The proper location for implementing asset security is the organization itself, starting with the employees who need access to computer and networking resources in order to perform their functions. 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved. Summary Biometric methods can include finger scanning; finger and hand geometry; iris and palm imaging; face, retina, and voice recognition; and signature verification biometric techniques. Each of these methods has advantages and disadvantages. Access to computer and network facilities, buildings, and other assets must be protected from unauthorized personnel and nonemployees. 2010 Course Technology, A Part of Cengage Learning. All Rights Reserved.