1 russ ryan national biometric security project presentation sm03: biometrics & access control
TRANSCRIPT
1
Russ Ryan
National Biometric Security Project
Presentation SM03: Biometrics &Presentation SM03: Biometrics &Access Control Access Control
2
Biometrics for National Security (BiNS)
National Signatures Project
National Energy Technology Lab
(NETL)
NIST
Int’l Organization for Migration (IOM)
Office of Presidential Affairs (UAE)
International Labour Organization
BioAPI Consortium
State of West Virginia
National Biometric Security ProjectNational Biometric Security Project
3
• Transportation Systems:
• Economic Systems
• Energy Systems:
• Communications System:
• Internet availability and function
The Infrastructure ThreatThe Infrastructure Threat
4
• Easier to secure “front-end” – airline passengers, employees and baggage screeners
• Biggest threat is “back end” – transport of cargo, access to restricted areas, movements of outside suppliers
• Most active in protection of critical infrastructure– US-Visit Program
– TWIC
– TSA
• RFID and Biometric technologies
Transportation SectorTransportation Sector
5
• Potential for monetary gains and economic disruptions increase banking and finance attractiveness as a target
• Market consolidation and globalization of financial services have reduced number of key players
• Strong dependency on Information Technology and Telecommunications, Energy (Electric Power), Transportation and Public Safety sectors for continuity of operations heightens vulnerabilities
Economic SectorEconomic Sector
6
• Commodity on which all productive economic activity
is dependent
• Most vulnerable to outages
• Most likely to initiate cascading disruptions.
• Potential biometric applications:– limited ingress/egress - control access by authorized personnel
to sensitive locations.• not as vulnerable to exploitation at the site of delivery, but rather at
production sites and throughout the critical power distribution grids.
– cyber security scenario
Energy SectorEnergy Sector
7
• Includes voice, data, Internet and switching facilities• Reliance on information mgt. systems and interconnected
nets increase cascading potential • Economic activity and crisis response impaired (9/11)• Impairment of communications links can have cascading
effect throughout all infrastructure sectors– 9/11 impacted ability of Emergency Services to respond and
Banking/Finance Sector to function• Poor IT configuration leads to unnecessary services, with
unidentified vulnerabilities
Communications SectorCommunications Sector
8
Physical access control: border campus facility room container, etc
Logical or virtual access control distributed information systems local area networks stand alone systems or computers
Biometrics & Access ControlBiometrics & Access Control
9
….. the science of establishing the identity of an individual based on his/her physical or behavioral characteristics
BiometricsBiometrics
10
• FAR ►False Acceptance Rate
• FRR ►False Rejection Rate
• FTE ►Failure to Enroll
• FTA ►Failure to Acquire
• Match Threshold
• Throughput
Biometric DefinitionsBiometric Definitions
11
s
• Robust biometric passports• Financial and medical services
authorizations• Border and travel services • Drivers’ licenses• Physical and Logical access
Biometric ApplicationsBiometric Applications
12
• Biometric device typically replaces a non-biometric device controlling access to a room, building, campus, border, etc
• Architecturally, the primary security system design remains mostly unchanged
• Issues need to be resolved before design completion
Biometrics & Physical AccessBiometrics & Physical Access
13
Current Technology -- NowGrowth Technology – 2-5 Years
Technology Now 5 Years
Keypad 1
Magstripe Card & Reader 2
Smart Card ISO 7816 & Reader 3
Biometrics 1
Physical Access Control Physical Access Control TechnologiesTechnologies
1
14
• Logical access not as mature as physical access
• Most implementations are at the workstation level – biometric control is integrated into the physical case and electronics
of the workstation, whether a “desktop” system or a “laptop.”
• Other systems enable the use of a plug-in biometric device, typically a fingerprint system into a USB port.– suspected that the plug-in devices would not be able to satisfy the
higher levels of secure government computing protocols.
Biometrics & Logical AccessBiometrics & Logical Access
15
• Biometric device evaluates the presented biometric and, if identity is verified, enables operation of the workstation.
• The computing system and anyone at a remote terminal communicating with the “secured” workstation assumes keystrokes are the actions of the authenticated person.
• Some systems include a keystroke recognition sub-routine to verify the user as he/she types
• Constant video assessment confirming one person at the keyboard and that the person’s face or eye is recognized by a facial or iris recognition biometric respectively.
Biometrics & Logical AccessBiometrics & Logical Access
16
• Functional: Who will use the system, where it will be used, when and how often?
• Operational: What are the performance, reliability, facility and training requirements?
• Legal: what is needed to protect personal privacy during the acquisition, transmission and storage of biometric data?
• Social issues: What religious or cultural objections are there by users?
Design SpecificationsDesign Specifications
17
• Will the biometric device of choice operate in a stand-alone mode in which all users are enrolled at the device?– Does device enable access or send a signal to a separate access
control mechanism?
– Does device record each entry for subsequent downloading?
– What are power requirements /where are the power sources?
– What alarm reporting/response provisions does system offer?
– If enrollment is centralized and new enrollments are distributed through a network:
• Does data flow into the security system or directly to a proprietary access control?
Design IssuesDesign Issues
18
• New System vs Existing System– New systems allow a well-considered design using
current and cost-effective components
– …but…New system has no baseline of performance for comparison.
– Can require considerable troubleshooting
• Minimize the level of innovation throughout the system, avoiding reliance on new and unproven equipment and technologies without a sound and rational reason to embrace the new.
Facilities & Systems- Facilities & Systems- New SystemNew System
19
• Essential to have a comprehensive understanding of:– the system into which the biometric will be introduced
– operational attributes of the biometric
– Most often, compromises will be demanded and it will be the new, biometric addition that is expected to bend the most.
Facilities & Systems- Facilities & Systems- Legacy SystemLegacy System
20
• Three main alternatives for decision access venues: – at the portal
– at a central control point
– or intermediate location.
• Portal - authorized personnel are enrolled at the portal
• In some technologies, there is a nominal database that records who activated the device and at what time and date
• These data are downloaded periodically by a wire or wireless link between the device and a portable data collection platform
Distributed vs. CentralizedDistributed vs. Centralized
21
• Central control process– enrollment information is collected and stored at a central location
– massive databases can be maintained at the central location.
– biometric templates collected at portals are transmitted to this location for processing, image comparison, and decision-making.
• Improved degree of security / significant system oversight and overall awareness of activity
• Efficiency dependant upon sustained network communications
Distributed vs. CentralizedDistributed vs. Centralized
22
• Intermediate
• Remote door control units (DCU)
• Similar to central control but not affected by loss of power at the central control.
• When enrolled in the enterprise system, necessary template and administrative information is transmitted to each door in the enterprise through which that person is authorized to pass
• Main design consideration is the location of the DCU so that it is protected from outside attack and tampering.
•
Distributed vs. CentralizedDistributed vs. Centralized
23
• Security System choice of technology influenced by population of authorized persons it has to monitor and accommodate
• While the current population value must be known at the start of the design process, it is even more important to know what the projection is for future population expansion
• Resulting system design must account for this expansion to avoid costly retrofitting
Expansion RequirementsExpansion Requirements
24
• As the security system secures the enterprise, security planning must be applied to the security system itself
• As in the physical world, biometrics can play a significant role in safeguarding IT systems, providing protection of both the physical space (entry control to rooms containing vital IT technology) and the information system itself.
• Biometrics can also be incorporated with and contribute to effective encryption techniques
System IT Security DesignSystem IT Security Designphysical, electronic, encryptionphysical, electronic, encryption
25
•Universal
•Unique
•Permanence
•Collectable
•Performance
•Acceptance
•Spoof Resistance
Attributes of an Ideal BiometricAttributes of an Ideal Biometric
26
•Increasing reliance on biometrics to secure access, transactions & Id
•Equally increasing demand for accurate, unbiased evaluations
•Testing can provide accurate metrics on
how the technology will perform in the real world
Understanding Biometric Understanding Biometric PerformancePerformance
27
• Performance of biometric systems is a function of: strength of the underlying biometric. quality and information content of the input configuration and architecture of the system the relationship of accuracy and throughput error rates, the nature of failures and their cost, and system vulnerabilities which contribute to an overall assessment of system performance
• Increasingly, biometric devices are components of larger systems imposing external variables that impact biometric system performance in the field
Biometric Testing TodayBiometric Testing Today
28
• Technology Testing• Goal: Produce a repeatable and scalable assessment of an
algorithm/sensor using offline data processing
• Scenario Testing• Goal: Determine overall system performance (both algorithmic &
human factors performance measures)
• Operational Testing• Goal: Determine biometric system performance in a specific
environment with a specific target population
Types of Biometric TestsTypes of Biometric Tests
29
The performance of electromechanical devices begins to
deteriorate significantly in extreme cold or heat When cold, moving parts can slow down and critical
timings are often affected In extreme heat, electrical circuits begin to fail In desert environments, blowing sand will prematurely age
devices left exposed, as well as impair reader performance. Prolonged exposure to sunshine will result in the degradation and
ultimate disintegration of plastic cases and keypads Exposure to any sort of moisture accelerates the corrosion
External Performance FactorsExternal Performance Factors
30
• Requirements Definition
• Planning Considerations
• Life-cycle cost analysis
Deployment ConsiderationsDeployment Considerations
31
• Operational requirements surveys Vulnerability assessments
• Application impact studies Frame commercial/operational issues
• Statements of work/source selection Requirements – not technology – focused
• Systems design parameters Gap analyses, architecture evaluations
• Performance analyses
Requirements DefinitionRequirements Definition
32
• Education/awareness prior to roll out
• Privacy policy in place prior to roll out
• Need whole solution
• Early testing
• Manage expectations
• Know target environment
• Agreement from customer on requirements/design
• Enrollment plan
Planning RequirementsPlanning Requirements
33
HardwareHardware
Revocation Revocation CostsCosts
SoftwareSoftware
Enrollment Enrollment CostsCosts
Per-UsePer-UseCostsCosts
MaintenanceMaintenanceCostsCosts
Problem Problem RecoveryRecovery
System Availability System Availability Costs – Lost ServiceCosts – Lost Service
Life Cycle Cost AnalysisLife Cycle Cost Analysis
34
• Privacy• Will the personal information collected for
purposes of biometric identification will be
used for reasons other than the original intent
- What if the biometric data is compromised?
- Potential unauthorized third party use?
- What happens to biometric data after use is complete?
- Is the security assured during transmission and storage
• Religious, Personal, Cultural Resistance
Privacy & Social IssuesPrivacy & Social Issues
35
• Vulnerability assessment
• Technology evaluation
• Operational/application impact studies
• Cost Analysis
• Planning requirements• Education/awareness prior to roll out• Privacy policy in place prior to roll out
ChecklistChecklist
36
Russ Ryan
703-201-8179
www.nationalbiometric.org
Presentation SM03: Biometrics &Presentation SM03: Biometrics &Access Control Access Control