Lec 1

Programme Outcomes
B.IT (Security Technology)

No. Definition
PO1 Apply soft skills in work and career related activities
PO2 Demonstrate knowledge and understanding of fundamental
concepts, principles and best practices
PO3 Analyse the requirements to address problems or opportunities in
relevant domains or organisations
PO4 Recognise and pursue continued life-long learning throughout their
career
PO5 Blend innovative mind and entrepreneurial skills
PO6 Relate moral and ethical values to the practice of a professional
PO7 Demonstrate knowledge and understanding of essential facts,
concepts, principles, and theories relating to security technology
PO8 Apply principles and knowledge of security technology in relevant
areas
PO9 Design, integrate, implement and manage information technology
solutions and resources, and recognise the impact of technology
on individuals, organisations and society
Learning Outcomes
LO1: Describe the various techniques and algorithms
underlying password authentication and biometric
technology (Cognitive, Level 1)
LO2: Identify the advantages and disadvantages of applying
password authentication and biometrics in different security
systems (Cognitive, Level 4)
LO3: Plan and design the practical security solutions for real-
world applications using password authentication and
biometrics (Cognitive, Level 5)
LO4: Evaluate the various industry standards available for
biometric implementation (Cognitive, Level 6)
Course Information
Lecturer: Dr. Ong Thian Song (tsong@mmu.edu.my)
Consultation: Tuesday 1pm-3pm / Wednesday 10am-12pm

Books:
Security and Access Control Using Biometric Technologies , Robert
Newman (author) ISBN-10: 1435441052 | ISBN-13: 9781435441057 | 456
Pages | Paperbound | 2010 | Published

Security and Access Control
Using Biometric Technologies
Lecture 1
Access Control Using Biometrics
2010 Course Technology, A Part of Cengage Learning. All Rights Reserved.
Objectives
Become familiar with biometric and security terms
Look at various security concepts and processes
Identify environments where biometric systems are viable
Identify various usage, verification, identification, and
screening techniques
Describe access control security issues
Review various cost parameters for asset security
Establish a basic understanding of the biometrics environment
Why Biometrics?
Biometrics is a general term used alternatively to
describe a characteristic or a process.
As a characteristic, it is a measurable biological
(anatomical and physiological) and behavioral
characteristic that can be used for automated
recognition.
As a process, it is an automated method of
recognizing an individual based on measurable
biological (anatomical and physiological) and
behavioral characteristics.
Reasons
The person to be identified is required to be
physically present at the point of
identification.
Identification based on biometric techniques
obviates the need to remember a password or
carry a token.
Biometrics Fundamentals
The term biometrics has two distinct
meanings:
bio, meaning living creature
metrics, meaning the ability to measure an
object quantitatively
Automatic Identification and Data
Capture (AIDC)
AIDC describes data collection by means other than
manual notation or keyboard input.
The family of AIDC technologies can be broken down
into six categories:
biometrics
electromagnetics
magnetics
optical
smart cards
touch

Biometric System Usage
Management information departments
Government agencies
ATMs or banks
Law enforcement
Prisons
International border control
Military agencies

Automated Methods
Provide a mechanism to scan and capture a
digital or analog image of a living personal
characteristic.
Utilize compression, processing, and
comparison of the image to a database of
stored images.
Interface with applications systems.
Biometric Perceptions
Widespread usage, implementation, and
public acceptance of biometric technology
have not established a foothold in corporate
America.
The general populations perceptions of
biometrics have been altered by false claims
and data.
The fundamental fear behind biometrics is the
fear of the unknown.

Using Biometrics
Identity verification techniques:
Possession-based: security is based on a "token"
the user has, such as a credit card or a document.
If it is lost, somebody else can use it to falsify
his/her identity.
Knowledge-based: security is based on using a
password. Even if one uses the best encrypting
algorithm, the whole security system is based on a
key. If the password is too short, it is simple to
guess it or crack it after several attempts.
Biometric Advantages
Biometric traits can not be lost or forgotten.
Biometric traits are difficult to copy, share,
and distribute They require the person being
authenticated to be present at the time and
point of authentication.
Biometric systems can be used in conjunction
with passwords or tokens, thus improving the
security of existing systems without replacing
them.

Biometric Methods
Finger scanning
Finger and hand geometry
Iris and palm imaging
Face, retina, and voice recognition
Signature verification
Table 1.1
Comparative Accuracy
Technique Comparative
Accuracy
Finger scanning 1:500
Hand geometry 1:500
Iris imaging 1:131,000
Retina recognition 1:10,000,000
Signature verification 1:50
Speech recognition 1:50
Finger Scanning
The users finger is placed on a reader where a
picture is taken of the fingerprint.
The system then converts this picture into a
map of minutiae points, which is then input
into an algorithm for creating a binary
template.
This binary template is stored and compared
during the authentication and verification
process.
Finger Geometry
The user inserts the index and middle finger
into a reader, and a camera takes a three-
dimensional image, or inserts a finger into a
tunnel, where sensors take three-dimensional
measurements.
Hand Geometry
Users place their hand on a reader, aligning
their fingers with specially positioned guides,
and a camera captures an image.
Measurements center on finger length and
the shape of the fingers and knuckles.
Palm Imaging
A scanner shaped to accommodate the palm
scans the ridges, valleys, and minutiae data
found on the palm.
Alternatively, latent or ink images of the palm
can be scanned, and the minutiae data is
extracted, processed, and stored in the
system.
Iris Imaging
A black-and-white video camera can be used to
capture an image of the iris.
Unique features of the iris are extracted from the
captured image by the recognition system.
These features are converted into a unique iris code,
which is compared to previously stored iris codes for
user recognition.
Retina Recognition
The user views a green dot for a few seconds
until the eye is sufficiently focused for a
scanner to capture the blood vessel pattern.
The retina pattern is captured by the scanner
and then compared to previously stored
patterns for identification.
Face Recognition
The camera captures a face image and a number of
points on the face are mapped by the system.
From these measurements, a unique representation
of the individuals face is created.
A complete map of the entire face can be created.
Voice Recognition
Speaker recognition uses the acoustic features
of speech that have been found to differ
between individuals.
Signature Verification
The system examines the dynamics of the
signing process, rather than the signature.
Extracted characteristics may include:
the angle at which the pen is held
the time taken to sign
velocity and acceleration of the signing process
the number of times the pen is lifted from the
document during the signing process
Figure 1.1
Biometric Access
Signature
verification
Face
Recognition
Hand and palm
scanning
Finger
scanning
Biometrics Computer
System
Iris and
retina scanning
Secure Facility
Authorized person
Biometric Security Environment
Trusted systems
Access control
CIA
Using biometric systems
Biometric identification advantages
CIA
Confidentiality has been defined by the International Organization for
Standardization (ISO) as "ensuring that information is accessible only to
those authorized to have access" and is one of the cornerstones of
information security.
Integrity implies protection against unauthorized modification or
destruction of information. This defines a state in which information has
remained unaltered from the point it was produced by a source, during
transmission, storage, and eventual receipt by the destination.
Accessibility is an aggregate measure of how reachable locations are from
a given location. Common measures of accessibility are distance and cost.
There are also new laws that define accessibility for handicapped
individuals.

Biometric Identification Advantages
Biometric identification can provide extremely accurate,
secured access to information; fingerprints, and retinal and
iris scans produce absolutely unique data sets when done
properly.
Current methods, like password verification, have many
problems (people write them down, they forget them, they
make up easy-to-hack passwords).
Automated biometric identification can be done very rapidly
and uniformly, with a minimum of training.
Identities can be verified without resorting to documents that
may be stolen, lost, or altered.

Access Control for Physical
Facilities and Resources
Access security
Access control for internal personnel
Access control for:
contractors
maintenance
vendors
suppliers
Access control for visitors
Techniques for Preventing
Theft and Destruction
Intrusion detection
Intrusion prevention
Computer Authentication
and Authorization
Authentication is the process of validating the
claimed identity of an end computer or network user
or a device, such as:
a host computer
a router
some other physical element
Authorization is the act of granting access rights to a
user, groups of users, system, or program.
Figure 1.2
Flow
User enters logon and
password
Security
Database
Authenticated?
No
Yes
User enters logon and
password
Authorized?
No
Yes
User accesses the
application and databases
Table 1.2
Three Factor Examples
Something you are Biometric techniques
Something you have RFD card, smart card, chip
Something you know Password, logon
Biometric Terms and Concepts
Continuity of identity is concerned with human
physical continuity.
Identification is the one-to-many process of
comparing a submitted biometric sample against all
biometric reference templates on file.
Biometric verification is the process of establishing
the validity of a claimed identity by comparing a
verification template to an enrollment template.
A template consists of data that represents the
biometric measurement of an enrollee, used by a
biometric system for comparison against
subsequently submitted biometric samples.
A token is a physical device that carries an
individual's credentials.
Matching is the process of comparing a biometric
sample against a previously stored template and
scoring the level of similarity.
Pattern recognition is a subtopic of machine
learning. It can be defined as the act of inputting raw
data and taking an action based on the category of
the data.
Pattern matching is the act of checking for the
presence of the constituents of a given pattern.
Covert screening occurs in situations where
biometric samples are being collected at a location
that is not known to bystanders.
Enrollment is the process of collecting a
biometric sample from an end user, converting
it into a biometric reference, and storing it in
the biometric systems database for later
comparison.
Extraction is the process by which the
biometric sample captured is transformed into
an electronic representation.
Major Issues and Concerns
Biometric technology is inherently
individuating and interfaces readily to
database technology, making privacy
violations easier and more damaging.
Privacy must be designed into systems from
the beginning, as it is difficult to retrofit
complex systems for privacy functions.
Biometrics is no substitute for quality data
about potential risks.
Biometric identification is only as good as the
initial ID.
Biometric identification is often overkill for the
task at hand.
Some biometric technologies are
discriminatory.
Biometric systems' accuracy is impossible to
assess before deployment.
The cost of failure is high.
Security Cost Justification
One method of determining the degree of security
needed is to assess the value of the database
element that may be placed at risk. This value would
include the cost of collecting the data and re-creating
the database.
The proper location for implementing asset security
is the organization itself, starting with the employees
who need access to computer and networking
resources in order to perform their functions.
Summary
Biometric methods can include finger scanning;
finger and hand geometry; iris and palm imaging;
face, retina, and voice recognition; and signature
verification biometric techniques. Each of these
methods has advantages and disadvantages.
Access to computer and network facilities, buildings,
and other assets must be protected from
unauthorized personnel and nonemployees.

Lec 1

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Lec 1

Încărcat de

Drepturi de autor:

Formate disponibile

Programme Outcomes

B.IT (Security Technology)

S-ar putea să vă placă și