bio metrics sree students 2

8/2/2019 Bio Metrics Sree Students 2

1/18

1

1. INTRODUCTION

Biometrics is an advanced technology for superb security and authentication .Thevery term "biometric it represent that "bio" means related to the biological study and "metric "

means something, which is related to measurement. In network environment security is a crucial

factor. Provide security to pages in the network is to difficulty. Password is not a good

measurement for security. Good security mechanism is necessary on the Internet. Security in

different levels applies to various documents. Security is depends how security assign to

documents. Security depends on following categories.

1. Confidential2. Secret3. Non-secret4. Public

Confidential pages over the network provide full security. No way to tamper data in the

page by third party. In this case biometrics are more useful and no way to disturb the page

contents. First of all store all data about biometrics in database after that tally with this data. If

tally satisfies with backend then provide access to the user. Collecting information is too difficult

and store in database also need more space.

There are two security methodologies in Biometrics, they are

1. Token-based security:

It relies on the users special item -token like card-id.

2. Secret based security:

It relies on an individual secret id number like password. Neither of the two can

accurately determine whether the password that posses a token nor knows some secret

information of the individual it represents. Tokens can be stolen and information can be guessed

or fraudulently obtained.

Biometric is a technology where the password for entry is you, which identifies your

psychological and behavioral characteristics


2/18

2

2. SECURITY AND AUTHENTICATION

Web-Based Enterprise Management (WBEM) supports a limited form of security for the

Microsoft Windows 98 platform that involves validating a user's logon for the local machine

and for remote access. A validated user is granted access to the entire Common Information

Model (CIM) schema. WBEM does not secure system resources, such as individual classes,

instances, and namespaces. Security is limited because Windows 98 is not a secure operating

system and does not support file system or registry security.

All security-related information is represented by instances of WBEM system classes

located in the Root\Security namespace. These classes and instances can only appear in the

Root\Security namespace and must remain there permanently.

The WBEM Administrator application can be used to set permissions for WBEM users. It

is similar to the User Manager application supplied with Microsoft Windows NT.

In WBEM, all security accounts are referred to as subjects. There are two types of

subjects: user and group. Users are represented by instances of the NTLMUser system class,

which describes individual users. Groups are represented by instances of the NTLMGroup

system class, which describes multiple users. Both the NTLMUser and NTLMGroup classes

derive indirectly from the subject systemclass, an abstract class that is not intended to be used

for instantiation. More directly, NTLMUser derives from the generic User class and

NTLMGroup derives from the generic Group class.

Permissions:

Microsoft SQL Server uses permissions to enforce database security. The SQL Server

permissions system specifies which users are authorized to use which Transact-SQL statements,

views, and stored procedures. The ability to assign permissions is determined by each

user's status (as SA, database owner, or database object owner). Permissions are set

on database users or groups, not on login IDs.


3/18

3

Permission Hierarchy:

SQL Server's permissions system recognizes four types of users: the SA, database

owners, database object owners, and other users of the database.

The different types of users exist in a hierarchy (explained in the following sections and

illustrated below).

Only the SA and database owners can grant statement permissions to other users.

Different Security Mechanisms:

To help you understand the information presented in this chapter, we begin by definingsome security-related terms. This brief list of definitions is not intended to serve as a

comprehensive SQL Server glossary. It is provided as a quick reference to help you understand

some of the security elements discussed throughout this chapter. You may find it useful to refer

back to this list of security definitions as you read through this chapter and through Chapter 9,

"Managing Security."

Database owners

Database object owners

Database users

System Administrator


4/18

4

Alias

An alias is a database username that is shared by several login ids. A database alias

allows you to treat more than one person as the same user

Inside a database, giving all of them the same permissions. Any username in a database can also

serve as an alias.

Aliases are often used so that several users can assume the role of database owner.

Database object owner

Database objects are tables, indexes, views, defaults, triggers, rules, and procedures. The

user who creates a database object is the database object owner and is automatically granted all

permissions on it. The database object owner can grant permission to other users to use that

object. Database object ownership cannot be transferred.

Database owner

The database owner (DBO) is the creator of a database. There is only one DBO. The

DBO has full privileges inside the database that he or she owns, and determines the access and

capabilities provided to other users.

In his or her own database, the user is recognized as DBO; in other databases, the

database owner is known by his or her database username.

DBO status can be reassigned to a different user. Only one login ID can be DBO,

although other login ids can be aliased to DBO.

Domain

In Windows NT security, a domain is a collection of computers that are grouped for

viewing and administrative purposes, and that share a common security database.

Group

In SQL Server, a database group is a collection of database users. The users receive the

database permissions granted to the group. Using groups simplifies management of a large

number of database users, because groups provide a convenient way to grant and revoke

permissions to more than one user at the same time.


5/18

5

In Windows NT, a group is a collection of Windows NT users. The users received the

Windows NT rights and permissions granted to the group. Groups provide a convenient way to

manage the capabilities of a large number of users with similar needs, within the security scope

of a domain or a computer.

Integrated security

Integrated security allows a SQL Server to use Windows NT authentication mechanisms

to validate logins for all connections. Only trusted (multi-protocol or named pipes) connections

are allowed.

Login ID

A login ID is a name by which a user is known to SQL Server. Login IDs are also

referred to as logins.

To log in to a SQL Server that is running standard security, a user must provide a valid

login ID and password.

Login security modeThe login security mode determines the manner in which a SQL Server validates a login

request. There are three types of login security: integrated, standard, and mixed.

Mixed security

Mixed security allows login requests to be validated using either integrated or standard

security. Trusted connections (as used by integrated security) and nontrusted connections (as

used by standard security) can be established.

Object permissions

Object permissions regulate the use of certain statements on certain database objects.

They are granted and revoked by the owner of the object.


6/18

6

Permissions

Microsoft SQL Server uses permissions to enforce database security. The SQL Server

permissions system specifies which users are authorized to use which Transact-SQL statements,

views, and stored procedures. TheAbility to assign permissions is determined by each user's

status (as SA, database owner, or database object owner).

There are two types: objectpermissions and statementpermissions.

Standard security

Standard security uses SQL Server's own login validation process for all connections. To

log in to a SQL Server, each user must provide a valid login ID and password.

Statement permissions

Statement permissions provide the privilege to issue certain Transact-SQL statements.

Statement permissions are not object-specific. They can be granted only by the SA or the

database owner.

Statement permissions apply to these statements: CREATE DATABASE, CREATE

DEFAULT, CREATE PROCEDURE, CREATE RULE, CREATE TABLE, CREATE VIEW,

DUMP DATABASE, and DUMP TRANSACTION.

Statement permissions are also called commandpermissions.

System administrator

The system administrator (SA) is the person responsible for the administrative and

operational functions that are independent of any particular application, and is likely to be a

person with a comprehensive overview of SQL Server and all its applications.

Administering SQL Server typically includes such tasks as installing SQL Server;

configuring servers and clients; managing and monitoring the use of disk space, memory, and

connections; creating devices and databases; authorizing SQL Server users and granting them

permissions; transferring data in and out of SQL Server databases; backing up and restoring


7/18

7

databases; implementing and maintaining replication; scheduling unattended operations;

monitoring and tuning SQL Server performance; and diagnosing system problems. The system

administrator may also adviseapplication designers about the data that already exists on SQL

Server, make recommendations about standardizing data definitions across applications, and so

The system administrator operates outside the protection system, which means that SQL

Server does no permission checking for the system administrator. The system administrator is

also treated as the owner of whatever database he or she is using. Anyone who knows the SA

password can log in and act as system administrator (unless the server is running in integrated

login security mode).

Trusted connections

Integrated security requires network protocols that support authenticated connections

between clients and servers. These are referred to as trustedconnections. The multi-protocol and

named pipe protocols provide trusted connections.

Note that non trusted connections (connections over other network protocols that do not

support authenticated connections) must be handled by using SQL Server standard security.

Username

In SQL Server, a database username is a name assigned to a login ID for the purpose of

allowing a user to have access to a database. The abilities a user has within a database depend on

the permissions granted to the username (and to any groups the username is a member of).

In Windows NT, a username is the name by which the user is known to the domain, or to

an individual Windows NT computer. A user logs on to a domain or computer by providing avalid username and password. The abilities of the user depend on the Windows NT rights and

permissions granted to that username and to any Windows NT groups the username is a member

of.


8/18

8

3. METHOD OF VERIFICATION

a) PSYCHOLOGICAL VERIFICATIONPsychological Verification involves in the verification of the organs of the human

being, which will have unique identification and does not match with others.

There are five types of verifications. These are:

I. Fingerprint.II. Handprint.

III. Face measurement.IV. Retinal scans.V. DNA analysis.

I. Finger print:

It involves the user placing his finger over a glass-plate, which resides over a high-

resolution camera, which uses optical or electromagnetic means to take its snapshot. The

software analysis your finger for pattern such as loops, worls and arches.

Advantages:

a. This technology is neither too expensive nor does it require extensive user training.

b. It also simple to implement.

c. Finger print system has FAR


9/18

9

In US super market, customers give their credit card information and other personal

details to store and tie it with their fingerprint data. The next time, he can pay for purchases

without a fingerprint

Disadvantages:

1. Any injures of fingers effect more.

II. Hand print:

It compares a 3D image of the users hand to that present in the system database. It is

somewhat similar to finger print verification.

Advantage:

a. Accuracy is better than fingerprint.b. Cheap and easy to deploy.

Disadvantage:

a. Complex in usage.b. Implementation is expensive.c. Any damages to hand effect more.


10/18

10

III. Face measurement:

Measuring this is as simple as taking a picture and analyzing the image from a security

video capture. This technique enables the computer to use your face as your password and

matching these to an existing database.

Advantage:

a. Most continents at public places.

b. Less expensive.

Disadvantage:

a. Inaccurate is affected by changes in lighting, age, and movement, glass.b. Face creams also effect the measurements.


11/18

11

IV. Retinal scans:

It involves imaging of the blood vessels in the retina of the eye when infrared light of a

certain frequency and wavelength is incident upon it.this energy is absorbed by the blood vessels

is different in different individuals. The retinal iris patterns are unique to individuals than any

biometric yet devised.

The retina is an internal part of the eye located at the back of the eye and is get of thin

nerve which sense the light coming through a camera, pupil, eye lenses.

The pattern of blood vessels which makeup retina are unique to each individual i.e.,


12/18

12

V. DNA Analysis:

It involves in checking the DNA pattern of a human used when physical characteristics

are unrecognizable. It is used to identify people, who are died, to find out the relationship like

identifying Childs natural parents.

This is one Biometric that is judicially accepted. No human have identified DNA patterns

except in twins.

Advantages:

a. DNA samples can be collected from toothbrush, clothes.

Disadvantages:

e. DNA testing takes longer time than other methods.f. Twins have same DNA.g. Researchers produce same DNA.

b)BEHAVOURAL VERIFICATIONThis involves in oral thing done by the individual. There are 3 types of behavioral

verifications,

1. Typing2. Signature3. Voice

1. Typing:

Some systems measure things you do in addition to the things you are, you will notice

that your typing has a certain pattern. Some letters follow others in quick succession, while

others take longer.

Software called Bio password is available for less than $100.It integrates with Windows

2000.Windows NT.Login to provide this authentication without the need for any additional

software. This measure is a behavioral characteristic of a person


13/18

13

2. Signature:

Some qualities looked into include acceleration rates, direction, and pressure and stroke

length. Here mainly concentrate on pressures. This pressure stored in back end for future

significations.

Disadvantages:

A. The disadvantage with the technology lies in the randomness or the consistency with

which a user makes his signature. If pressures are not tally with stored pressure in the database.

3. Voice:

It involves in the recognition of the voice of the individual.

Advantages:

1) It is inexpensive.2) It also works through telephone.3) Some person mimicry with other person voices

Disadvantages:a. One can mimic the voice of the individual.

Biometric does not guarantee security. It simply offers ore convenient and reliable means

of identification and authentication


14/18

14

4. MIXED FORM BIOMETRICS

Sometimes use more than one form biometrics. This mixed form provides more security.

Here combine more than one type. Even 80% equals with database then access provide to user.


15/18

15

5. IDENTIFICATION

It is a process of recognition and involves taking the biometric data and searching for the

match in the database asking it a slow process that it is more prone to errors.

Authentication:

It involves confirming your identity and the biometric systems have to match your data

with only one, single record.

Depending on the technique used, Biometric have varying levels of accuracy .The system

might let you pass in one attempt on Monday and require five on Tuesday.The accuracy of any biometric system is measured in terms of FAR and FRR.

FAR (False Acceptance Rates):

Where an imposer is accepted as a match. It is a probability of falsely accepting a metric

as a match.

FRR (False Rejection Rates):Where a legal match is denied. Where the system sails to recognize an authentic Bio-

signature.

As FRR increases, the FAR goes down and vice versa.

Almost all biometric systems can be adjusted to varying levels of strictness to create a variation

in FAR and FRR. For a system to be successful, both have to be with in acceptable low limits.


16/18

16

6. ADVANTAGES

It provide good security mechanism than all other security methods It never fails in security constraints. In public locations such as banks and airports a large number of

people transit every day including known criminals. Face recognition

systems attached to video surveillance systems are supposed to help catch

them.

A professor recently published his techniques for fooling finger printscanners. He found that Optical finger print scanners can be fooled by

silicon rubber. However electromagnetic scanners would reject those,

because electrical characteristics are different from that of a live finger.

7. LIMITATIONS

It needs high memory space in the back end. Collect data for security is difficult Sometimes fails the security with right users Any time data loose in database high effect for security mechanism. So many equipments are needed for provide this technology. It highly expensive


17/18

17

CONCLUSION

Security is not just about putting big locks on the front door; it also involves

making sure all the windows are shut. Each one can be individually fooled, but the comparison

makes the system more secure as a whole. Biometrics are have its own advantages and

disadvantages. It high expensive but it provide good security. Money is not important than

security. It is more useful for confidential maters.


18/18

18

bio metrics sree students 2

Documents