biometrics and network authentication
DESCRIPTION
BIOMETRICS AND NETWORK AUTHENTICATION. Security Innovators. Identification Methods. Traditional identification Something that you have E ntrance permit, key Something that you know U ser-id and password, PIN Problem s Unauthorized person takes control of these traditional identification - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: BIOMETRICS AND NETWORK AUTHENTICATION](https://reader036.vdocuments.us/reader036/viewer/2022062321/5681326a550346895d99059e/html5/thumbnails/1.jpg)
BIOMETRICS AND NETWORK
AUTHENTICATION
Security Innovators
![Page 2: BIOMETRICS AND NETWORK AUTHENTICATION](https://reader036.vdocuments.us/reader036/viewer/2022062321/5681326a550346895d99059e/html5/thumbnails/2.jpg)
Identification Methods
Traditional identification Something that you have
Entrance permit, key Something that you know
User-id and password, PIN
Problems Unauthorized person takes control of
these traditional identification Difficult to remember password and PIN
![Page 3: BIOMETRICS AND NETWORK AUTHENTICATION](https://reader036.vdocuments.us/reader036/viewer/2022062321/5681326a550346895d99059e/html5/thumbnails/3.jpg)
Secure Authentication In a PKI world:
Cryptographic key pair (private and public key)
If someone gains access to the password that secures the cryptographic keys, he also gains access to every cryptographically protected application.
Solution Something that you are
Biometric
![Page 4: BIOMETRICS AND NETWORK AUTHENTICATION](https://reader036.vdocuments.us/reader036/viewer/2022062321/5681326a550346895d99059e/html5/thumbnails/4.jpg)
What is Biometrics? Biometric technology uses a physical or
psychological trait for identification and authentication
Key properties: Universal - common characteristic Unique - no two persons is the same in term
of characteristic Permanent - time invariant Collectable - quantitatively measurable
![Page 5: BIOMETRICS AND NETWORK AUTHENTICATION](https://reader036.vdocuments.us/reader036/viewer/2022062321/5681326a550346895d99059e/html5/thumbnails/5.jpg)
Why Biometrics? Enhance security
"Who you claim to be" NOT "what you know"
Convenient Fast, easy-to-use, reliable, and less
expensive authentication Avoid
Lost, stolen, duplicated, or left at home Forgotten, shared, or observed
![Page 6: BIOMETRICS AND NETWORK AUTHENTICATION](https://reader036.vdocuments.us/reader036/viewer/2022062321/5681326a550346895d99059e/html5/thumbnails/6.jpg)
How Does Biometrics Work?
•Signal processing•Minutia extraction•Representation
•Compression•Encryption•Transmission•Decryption•Decompress
•Template generation
![Page 7: BIOMETRICS AND NETWORK AUTHENTICATION](https://reader036.vdocuments.us/reader036/viewer/2022062321/5681326a550346895d99059e/html5/thumbnails/7.jpg)
If Match… Smart card data converted into a number
Used as a symmetric cryptographic key to decrypt the private key
A nonce passed from the computer application to smart card
Private key on smart card encrypted nonce.
The application verifies: certified public key obtained from the
network-based directory service decrypt the encrypted message from the card
![Page 8: BIOMETRICS AND NETWORK AUTHENTICATION](https://reader036.vdocuments.us/reader036/viewer/2022062321/5681326a550346895d99059e/html5/thumbnails/8.jpg)
Types of Biometrics Fingerprint Face Pattern Voice Pattern Retina Identification Hand DNA Signature Etc…
![Page 9: BIOMETRICS AND NETWORK AUTHENTICATION](https://reader036.vdocuments.us/reader036/viewer/2022062321/5681326a550346895d99059e/html5/thumbnails/9.jpg)
Fingerprint Reasons to use
100 to 600 bytes of data size can easily be fitted into the smart cards
It cannot be easily reproduced from the templates
Possible Attack Surgery to alter print Latex finger
Solution Monitor pulse, sweat, temperature and more Best solution: Measure the amount of
oxygenated hemoglobin in the blood
![Page 10: BIOMETRICS AND NETWORK AUTHENTICATION](https://reader036.vdocuments.us/reader036/viewer/2022062321/5681326a550346895d99059e/html5/thumbnails/10.jpg)
Fingerprint Matching Algorithm
Three types of minutia features: Ridge Ending, Bifurcation, and Short Ridge
mi = (type, xi, yi, θi, W) where
mi is the minutia vector type is the type of feature (ridge ending, bifurcation, short
ridge) xi is the x-coordinate of the location yi is the y-coordinate of the location θi is the angle of orientation of the minutia W is a weight based on the quality of the image at that
location
![Page 11: BIOMETRICS AND NETWORK AUTHENTICATION](https://reader036.vdocuments.us/reader036/viewer/2022062321/5681326a550346895d99059e/html5/thumbnails/11.jpg)
Face Pattern Face recognition algorithms create a
numerical code from facial measurements called “face print”
Possible Attack Surgery Artificial mask If only 2-D scan,
duplication of photo Protection
3-D images from variesviewing angle
![Page 12: BIOMETRICS AND NETWORK AUTHENTICATION](https://reader036.vdocuments.us/reader036/viewer/2022062321/5681326a550346895d99059e/html5/thumbnails/12.jpg)
Retina Identification
Based on the unique configuration of blood vessels 360 degree circular scan in the retina
Most accurate Possible attack
Surgery prosthetic eye
![Page 13: BIOMETRICS AND NETWORK AUTHENTICATION](https://reader036.vdocuments.us/reader036/viewer/2022062321/5681326a550346895d99059e/html5/thumbnails/13.jpg)
Eye Scan
![Page 14: BIOMETRICS AND NETWORK AUTHENTICATION](https://reader036.vdocuments.us/reader036/viewer/2022062321/5681326a550346895d99059e/html5/thumbnails/14.jpg)
Voice Pattern
Automatic speaker recognition and verification system
Possible attack DAT voice recording Sound-alike voice
![Page 15: BIOMETRICS AND NETWORK AUTHENTICATION](https://reader036.vdocuments.us/reader036/viewer/2022062321/5681326a550346895d99059e/html5/thumbnails/15.jpg)
How Biometrics Applies to Network Security? Authentication
Biometrics technology replace Username and Password
Can be used on Workstation and network access Single sign-on Application logon Data Protection Remote access to resources Transaction security Web security Encrypt sensitive data transmitted over the internet
![Page 16: BIOMETRICS AND NETWORK AUTHENTICATION](https://reader036.vdocuments.us/reader036/viewer/2022062321/5681326a550346895d99059e/html5/thumbnails/16.jpg)
Biometric Authentication for J2EE Architecture
![Page 17: BIOMETRICS AND NETWORK AUTHENTICATION](https://reader036.vdocuments.us/reader036/viewer/2022062321/5681326a550346895d99059e/html5/thumbnails/17.jpg)
![Page 18: BIOMETRICS AND NETWORK AUTHENTICATION](https://reader036.vdocuments.us/reader036/viewer/2022062321/5681326a550346895d99059e/html5/thumbnails/18.jpg)
Issues and Concerns Accuracy
False acceptance rate (FAR) and False Rejection Rate (FRR)
Tradeoff between security and convenience Stability Suitability Difficulty of usage Availability Comparison failure
![Page 19: BIOMETRICS AND NETWORK AUTHENTICATION](https://reader036.vdocuments.us/reader036/viewer/2022062321/5681326a550346895d99059e/html5/thumbnails/19.jpg)
Summary Biometric is one more layer on top
of PIN, physical token, and it makes them more secure
Highest level of security is the combination of: Something you know Something you have Something you are
![Page 20: BIOMETRICS AND NETWORK AUTHENTICATION](https://reader036.vdocuments.us/reader036/viewer/2022062321/5681326a550346895d99059e/html5/thumbnails/20.jpg)
Reference [1] David Corcoran, "Smart Cards and
Biometrics: Your Key to PKI” [2] Paul Reid, “Biometrics for Network
Security,” Prentice Hall PTR, December 30, 2003.
[3] “Smart Cards and Biometrics in Privacy-Sensitive Secure Personal Identification Systems,” A Smart Card Alliance White Paper, May 2002.
[4] Anil Jain, “BIOMETRICS Personal Identification in Networked Society,” Kluwer Academic Publishers, 2002