SlideShare uma empresa Scribd logo

Biometrics - Basics

Franck Franchin
Franck Franchin

Biometrics - Basics - May 2013

EducaçãoTecnologiaNegócios
1 de 14
Franck Franchin 1
Franck Franchin - © 2013  Automated process to identity and authenticate humans based on one or more physical or behavioral traits  Based on assessment that each human being is unique and that this uniqueness allows identification 2
Franck Franchin - © 2013  You have to prove who you are ? ◦ Something you know: PIN, password... ◦ Something you have: key, token, card... ◦ Something you are: a biometric…  Biometrics encompass: ◦ Voice ◦ Fingerprint & Palmprint ◦ Facial Recognition ◦ Eye (iris, retinal patterns) ◦ Vein  Because it can be fooled, it should be implemented into 2-factor or 3-factor authentication 3
Franck Franchin - © 2013  Unique ID  Third Authentication Factor  Hard to forge by basic hackers  Forget, Loss, Stealth and Borrow most difficult…  Allows to know WHO did WHAT, WHERE and WHEN  Unequivocally link to acting person (accountability) 4
Franck Franchin - © 2013  Success Rate Issue (dirt for finger, diabete for eye, flu for voice)  Privacy  Revocation  Cost  Permanence risk (resistance to ageing)  Acceptability by people 5
Franck Franchin - © 2013  Physiological ◦ fingerprint recognition ◦ palm print recognition ◦ palm geometry ◦ facial recognition ◦ voice recognition ◦ retinal scans ◦ iris scans  Behavorial ◦ typing rhythm/patterns (keystroke) ◦ accents and speaking rhythms ◦ gait (locomotion behavior) ◦ writing speed and pressure (signature matching) 6
Franck Franchin - © 2013  Not two fingerprints are alike  High level of acceptance by people  Template easily generated from minutiae points and/or ridges and/or valleys  Different types of sensors : thermal, optical, capacitance, minutiae-based 7
Franck Franchin - © 2013  Ability of discriminating identical twins with same DNA  Low level of acceptance by people  Relatively expensive (processing power and storage) 8
Franck Franchin - © 2013  Police  Immigration  ATM  School (library, lunch, …)  Payment in Stores  Site Access Control 9
Franck Franchin - © 2013  Enrollment ◦ Samples of the biometric are captured and processed ◦ Unique features of these samples are extracted and computed which generates a ‘template’ ◦ From this template, it’s not possible to go back to the original biometric  Authentication or Identification ◦ The biometrics system captures the biometric of the ’live biometric’ and searches for a match against its database of templates  Revocation 10
Franck Franchin - © 2013  Biometrics matching process is based on threshold detection - False acceptances/rejections  Sensor tolerance  Anonymation information loss (for some algorythms)  Some people categories always rejected (twins, aged people) ?  Attended or unattended system (fake/dead finger) ? 11
Franck Franchin - © 2013  Aside IT regular vulnerabilities and risks, biometrics solutions are sensitive to specific threats : ◦ Attack to the biometric sensor ◦ Spoofing (cutoff finger, gummy finger, photography of iris pattern) ◦ Mimicry (signature and voice) ◦ Eavesdropping or man-in-the middle between the sensor and the template repository ◦ Template insertion using compromise IT or admin ! 12
Franck Franchin - © 2013  How to protect the biometric template ? ◦ Hashing : template are protected, revokable and rewable ◦ But one has to prove it’s impossible to get back to the original key (one-way function cyphering) ◦ The best solution : public-key encryption which cyphers templates and deciphers only during access control ◦ Mix architectures involve session keys too (public-key and private key schemes)  Innovative ways ◦ During the enrollment process, combining the biometric image with a digital key to create a secure block of data. Key can be then retrieved using the biometric ! (but the key is independent of the biometric, mathematically speaking !) 13
Franck Franchin - © 2013  Once compromise, a biometric trait wouldn’t be reused – hence if someone copy your finger, the only way to revoke your finger would be to cut it ? Hum…  Physical biometric is different from store template !  If your password is lost or compromised, you have to change your password AND the password access control storage…  In biometrics, you can’t change your ‘pwd’ (aka your biometric) but you can revoke the stored encrypted template 14

Recomendados

Cloud & Privacy - Lecture at University Paris Sud - March 18th, 2013
Cloud & Privacy - Lecture at University Paris Sud - March 18th, 2013Cloud & Privacy - Lecture at University Paris Sud - March 18th, 2013
Cloud & Privacy - Lecture at University Paris Sud - March 18th, 2013
Franck Franchin
 
Presentation deek-ige-original
Presentation deek-ige-originalPresentation deek-ige-original
Presentation deek-ige-original
Université Saint Joseph de Beyrouth
 
sorbonne entreprenariat
sorbonne entreprenariat sorbonne entreprenariat
sorbonne entreprenariat
Sacha Berenfus
 
Les agrégats de la comptabilité national
Les agrégats de la comptabilité nationalLes agrégats de la comptabilité national
Les agrégats de la comptabilité national
zaidmeziani
 
Cours comptabilite-gestion ahsan cours et exercices
Cours comptabilite-gestion ahsan cours et exercicesCours comptabilite-gestion ahsan cours et exercices
Cours comptabilite-gestion ahsan cours et exercices
nezha errechydy
 
Comptabilité nationale pratiques
Comptabilité nationale pratiquesComptabilité nationale pratiques
Comptabilité nationale pratiques
Abdelhak Essoulahi
 
Recherche cours de comptabilite analytique
Recherche cours de comptabilite analytiqueRecherche cours de comptabilite analytique
Recherche cours de comptabilite analytique
hassan1488
 
Mécanismes de transmission de la politique monétaire.
Mécanismes de transmission de la politique monétaire.Mécanismes de transmission de la politique monétaire.
Mécanismes de transmission de la politique monétaire.
bouchra elabbadi
 

Recomendados

Cloud & Privacy - Lecture at University Paris Sud - March 18th, 2013
Cloud & Privacy - Lecture at University Paris Sud - March 18th, 2013Cloud & Privacy - Lecture at University Paris Sud - March 18th, 2013
Cloud & Privacy - Lecture at University Paris Sud - March 18th, 2013
Franck Franchin
 
Presentation deek-ige-original
Presentation deek-ige-originalPresentation deek-ige-original
Presentation deek-ige-original
Université Saint Joseph de Beyrouth
 
sorbonne entreprenariat
sorbonne entreprenariat sorbonne entreprenariat
sorbonne entreprenariat
Sacha Berenfus
 
Les agrégats de la comptabilité national
Les agrégats de la comptabilité nationalLes agrégats de la comptabilité national
Les agrégats de la comptabilité national
zaidmeziani
 
Cours comptabilite-gestion ahsan cours et exercices
Cours comptabilite-gestion ahsan cours et exercicesCours comptabilite-gestion ahsan cours et exercices
Cours comptabilite-gestion ahsan cours et exercices
nezha errechydy
 
Comptabilité nationale pratiques
Comptabilité nationale pratiquesComptabilité nationale pratiques
Comptabilité nationale pratiques
Abdelhak Essoulahi
 
Recherche cours de comptabilite analytique
Recherche cours de comptabilite analytiqueRecherche cours de comptabilite analytique
Recherche cours de comptabilite analytique
hassan1488
 
Mécanismes de transmission de la politique monétaire.
Mécanismes de transmission de la politique monétaire.Mécanismes de transmission de la politique monétaire.
Mécanismes de transmission de la politique monétaire.
bouchra elabbadi
 
Cryptographie quantique
Cryptographie quantiqueCryptographie quantique
Cryptographie quantique
Franck Franchin
 
Cours CyberSécurité - Infrastructures Critiques
Cours CyberSécurité - Infrastructures CritiquesCours CyberSécurité - Infrastructures Critiques
Cours CyberSécurité - Infrastructures Critiques
Franck Franchin
 
les Formules de calcul des agrégats de la comptabilité nationale
les Formules de calcul des agrégats de la comptabilité nationaleles Formules de calcul des agrégats de la comptabilité nationale
les Formules de calcul des agrégats de la comptabilité nationale
cours fsjes
 
Monnaie
MonnaieMonnaie
Monnaie
bouchra elabbadi
 
Cours CyberSécurité - CyberGuerre & CyberTerrorisme
Cours CyberSécurité - CyberGuerre & CyberTerrorismeCours CyberSécurité - CyberGuerre & CyberTerrorisme
Cours CyberSécurité - CyberGuerre & CyberTerrorisme
Franck Franchin
 
Speak English
Speak EnglishSpeak English
Speak English
stephanie vincent
 
Intelligence Artificielle - Algorithmes de recherche
Intelligence Artificielle - Algorithmes de rechercheIntelligence Artificielle - Algorithmes de recherche
Intelligence Artificielle - Algorithmes de recherche
Mohamed Heny SELMI
 
Technique de Cryptographie AES, DES et RSA
Technique de Cryptographie AES, DES et RSATechnique de Cryptographie AES, DES et RSA
Technique de Cryptographie AES, DES et RSA
Houda Elmoutaoukil
 
Cours de-fiscalite-avec-exercices-corriges
Cours de-fiscalite-avec-exercices-corrigesCours de-fiscalite-avec-exercices-corriges
Cours de-fiscalite-avec-exercices-corriges
Habiba MEZYANI
 
Initiation à la comptabilité bancaire
Initiation à la comptabilité bancaireInitiation à la comptabilité bancaire
Initiation à la comptabilité bancaire
Actions-Finance
 
Comptabilite-analytique
Comptabilite-analytique Comptabilite-analytique
Comptabilite-analytique
Mejdoubi Amal
 
Cours de finances_publiques-1
Cours de finances_publiques-1Cours de finances_publiques-1
Cours de finances_publiques-1
rajaa224
 
Cours CyberSécurité - Concepts Clés
Cours CyberSécurité - Concepts ClésCours CyberSécurité - Concepts Clés
Cours CyberSécurité - Concepts Clés
Franck Franchin
 
Exercices d analyse financière
Exercices d analyse financièreExercices d analyse financière
Exercices d analyse financière
Abde LLatif
 
Audit sécurité des systèmes d’information
Audit sécurité des systèmes d’informationAudit sécurité des systèmes d’information
Audit sécurité des systèmes d’information
Abbes Rharrab
 
Le Controle De Gestion De L’Entreprise
Le Controle De Gestion De L’EntrepriseLe Controle De Gestion De L’Entreprise
Le Controle De Gestion De L’Entreprise
claude wastiaux
 
Sécurité des systèmes d'information
Sécurité des systèmes d'informationSécurité des systèmes d'information
Sécurité des systèmes d'information
Franck Franchin
 
Compta analyt cours exercices
Compta analyt cours exercicesCompta analyt cours exercices
Compta analyt cours exercices
GEANT_ATLAS
 
Analyse et conception des systèmes d’information (d’outils et modèles pour le...
Analyse et conception des systèmes d’information (d’outils et modèles pour le...Analyse et conception des systèmes d’information (d’outils et modèles pour le...
Analyse et conception des systèmes d’information (d’outils et modèles pour le...
HB1-Sela
 
Alphorm.com Formation PL/SQL
Alphorm.com Formation PL/SQLAlphorm.com Formation PL/SQL
Alphorm.com Formation PL/SQL
Alphorm
 
Biometrics
BiometricsBiometrics
Biometrics
shweta-sharma99
 
Biometrics
BiometricsBiometrics
Biometrics
shweta-sharma99
 

Mais conteúdo relacionado

Destaque

Technique de Cryptographie AES, DES et RSA
Technique de Cryptographie AES, DES et RSATechnique de Cryptographie AES, DES et RSA
Technique de Cryptographie AES, DES et RSA
Houda Elmoutaoukil
 
Initiation à la comptabilité bancaire
Initiation à la comptabilité bancaireInitiation à la comptabilité bancaire
Initiation à la comptabilité bancaire
Actions-Finance
 
Comptabilite-analytique
Comptabilite-analytique Comptabilite-analytique
Comptabilite-analytique
Mejdoubi Amal
 
Cours de finances_publiques-1
Cours de finances_publiques-1Cours de finances_publiques-1
Cours de finances_publiques-1
rajaa224
 
Compta analyt cours exercices
Compta analyt cours exercicesCompta analyt cours exercices
Compta analyt cours exercices
GEANT_ATLAS
 
Analyse et conception des systèmes d’information (d’outils et modèles pour le...
Analyse et conception des systèmes d’information (d’outils et modèles pour le...Analyse et conception des systèmes d’information (d’outils et modèles pour le...
Analyse et conception des systèmes d’information (d’outils et modèles pour le...
HB1-Sela
 

Destaque (20)

Cryptographie quantique
Cryptographie quantiqueCryptographie quantique
Cryptographie quantique
 
Cours CyberSécurité - Infrastructures Critiques
Cours CyberSécurité - Infrastructures CritiquesCours CyberSécurité - Infrastructures Critiques
Cours CyberSécurité - Infrastructures Critiques
 
les Formules de calcul des agrégats de la comptabilité nationale
les Formules de calcul des agrégats de la comptabilité nationaleles Formules de calcul des agrégats de la comptabilité nationale
les Formules de calcul des agrégats de la comptabilité nationale
 
Monnaie
MonnaieMonnaie
Monnaie
 
Cours CyberSécurité - CyberGuerre & CyberTerrorisme
Cours CyberSécurité - CyberGuerre & CyberTerrorismeCours CyberSécurité - CyberGuerre & CyberTerrorisme
Cours CyberSécurité - CyberGuerre & CyberTerrorisme
 
Speak English
Speak EnglishSpeak English
Speak English
 
Intelligence Artificielle - Algorithmes de recherche
Intelligence Artificielle - Algorithmes de rechercheIntelligence Artificielle - Algorithmes de recherche
Intelligence Artificielle - Algorithmes de recherche
 
Technique de Cryptographie AES, DES et RSA
Technique de Cryptographie AES, DES et RSATechnique de Cryptographie AES, DES et RSA
Technique de Cryptographie AES, DES et RSA
 
Cours de-fiscalite-avec-exercices-corriges
Cours de-fiscalite-avec-exercices-corrigesCours de-fiscalite-avec-exercices-corriges
Cours de-fiscalite-avec-exercices-corriges
 
Initiation à la comptabilité bancaire
Initiation à la comptabilité bancaireInitiation à la comptabilité bancaire
Initiation à la comptabilité bancaire
 
Comptabilite-analytique
Comptabilite-analytique Comptabilite-analytique
Comptabilite-analytique
 
Cours de finances_publiques-1
Cours de finances_publiques-1Cours de finances_publiques-1
Cours de finances_publiques-1
 
Cours CyberSécurité - Concepts Clés
Cours CyberSécurité - Concepts ClésCours CyberSécurité - Concepts Clés
Cours CyberSécurité - Concepts Clés
 
Exercices d analyse financière
Exercices d analyse financièreExercices d analyse financière
Exercices d analyse financière
 
Audit sécurité des systèmes d’information
Audit sécurité des systèmes d’informationAudit sécurité des systèmes d’information
Audit sécurité des systèmes d’information
 
Le Controle De Gestion De L’Entreprise
Le Controle De Gestion De L’EntrepriseLe Controle De Gestion De L’Entreprise
Le Controle De Gestion De L’Entreprise
 
Sécurité des systèmes d'information
Sécurité des systèmes d'informationSécurité des systèmes d'information
Sécurité des systèmes d'information
 
Compta analyt cours exercices
Compta analyt cours exercicesCompta analyt cours exercices
Compta analyt cours exercices
 
Analyse et conception des systèmes d’information (d’outils et modèles pour le...
Analyse et conception des systèmes d’information (d’outils et modèles pour le...Analyse et conception des systèmes d’information (d’outils et modèles pour le...
Analyse et conception des systèmes d’information (d’outils et modèles pour le...
 
Alphorm.com Formation PL/SQL
Alphorm.com Formation PL/SQLAlphorm.com Formation PL/SQL
Alphorm.com Formation PL/SQL
 

Semelhante a Biometrics - Basics

Fingerprint Authentication Using Biometric And Aadhar Card Fingerprint
Fingerprint Authentication Using Biometric And Aadhar Card FingerprintFingerprint Authentication Using Biometric And Aadhar Card Fingerprint
Fingerprint Authentication Using Biometric And Aadhar Card Fingerprint
SonuSawant
 
Biometrics Based Authentication AKASH
Biometrics Based Authentication AKASHBiometrics Based Authentication AKASH
Biometrics Based Authentication AKASH
Akash Deep Maurya
 
Biometric security using cryptography
Biometric security using cryptographyBiometric security using cryptography
Biometric security using cryptography
Sampat Patnaik
 
Palm Authentication using Biometrics system
Palm Authentication using Biometrics systemPalm Authentication using Biometrics system
Palm Authentication using Biometrics system
Darshan Parate
 
Biometric security system
Biometric security systemBiometric security system
Biometric security system
Mithun Paul
 
SEMINAR_BIOMETRIC of hand fingerprint,voice bsed biometric ,eye based biometric
SEMINAR_BIOMETRIC of hand fingerprint,voice bsed biometric ,eye based biometricSEMINAR_BIOMETRIC of hand fingerprint,voice bsed biometric ,eye based biometric
SEMINAR_BIOMETRIC of hand fingerprint,voice bsed biometric ,eye based biometric
AnkitaVerma776806
 

Semelhante a Biometrics - Basics (20)

Biometrics
BiometricsBiometrics
Biometrics
 
Biometrics
BiometricsBiometrics
Biometrics
 
Biometrics
BiometricsBiometrics
Biometrics
 
Fingerprint Authentication Using Biometric And Aadhar Card Fingerprint
Fingerprint Authentication Using Biometric And Aadhar Card FingerprintFingerprint Authentication Using Biometric And Aadhar Card Fingerprint
Fingerprint Authentication Using Biometric And Aadhar Card Fingerprint
 
Presentation Fingervein Authentication
Presentation Fingervein AuthenticationPresentation Fingervein Authentication
Presentation Fingervein Authentication
 
24708885 palm-vein-technology-abstract akmal
24708885 palm-vein-technology-abstract akmal24708885 palm-vein-technology-abstract akmal
24708885 palm-vein-technology-abstract akmal
 
Palm vein technology
Palm vein technologyPalm vein technology
Palm vein technology
 
Biometric
Biometric Biometric
Biometric
 
Biometrics
BiometricsBiometrics
Biometrics
 
palm vein technology
palm vein technologypalm vein technology
palm vein technology
 
Palm vein Technology
Palm vein TechnologyPalm vein Technology
Palm vein Technology
 
Biometrics Based Authentication AKASH
Biometrics Based Authentication AKASHBiometrics Based Authentication AKASH
Biometrics Based Authentication AKASH
 
Biometric security using cryptography
Biometric security using cryptographyBiometric security using cryptography
Biometric security using cryptography
 
Biometrics
BiometricsBiometrics
Biometrics
 
Palm Authentication using Biometrics system
Palm Authentication using Biometrics systemPalm Authentication using Biometrics system
Palm Authentication using Biometrics system
 
Biometrics/fingerprint sensors
Biometrics/fingerprint sensorsBiometrics/fingerprint sensors
Biometrics/fingerprint sensors
 
Biometric security system
Biometric security systemBiometric security system
Biometric security system
 
SEMINAR_BIOMETRIC of hand fingerprint,voice bsed biometric ,eye based biometric
SEMINAR_BIOMETRIC of hand fingerprint,voice bsed biometric ,eye based biometricSEMINAR_BIOMETRIC of hand fingerprint,voice bsed biometric ,eye based biometric
SEMINAR_BIOMETRIC of hand fingerprint,voice bsed biometric ,eye based biometric
 
Biometric
BiometricBiometric
Biometric
 
kiran's slide info
kiran's slide infokiran's slide info
kiran's slide info
 

Último

1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
QucHHunhnh
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
Chris Hunter
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
kauryashika82
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
heathfieldcps1
 

Último (20)

This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIFood Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 

Biometrics - Basics

  • 2. Franck Franchin - © 2013  Automated process to identity and authenticate humans based on one or more physical or behavioral traits  Based on assessment that each human being is unique and that this uniqueness allows identification 2
  • 3. Franck Franchin - © 2013  You have to prove who you are ? ◦ Something you know: PIN, password... ◦ Something you have: key, token, card... ◦ Something you are: a biometric…  Biometrics encompass: ◦ Voice ◦ Fingerprint & Palmprint ◦ Facial Recognition ◦ Eye (iris, retinal patterns) ◦ Vein  Because it can be fooled, it should be implemented into 2-factor or 3-factor authentication 3
  • 4. Franck Franchin - © 2013  Unique ID  Third Authentication Factor  Hard to forge by basic hackers  Forget, Loss, Stealth and Borrow most difficult…  Allows to know WHO did WHAT, WHERE and WHEN  Unequivocally link to acting person (accountability) 4
  • 5. Franck Franchin - © 2013  Success Rate Issue (dirt for finger, diabete for eye, flu for voice)  Privacy  Revocation  Cost  Permanence risk (resistance to ageing)  Acceptability by people 5
  • 6. Franck Franchin - © 2013  Physiological ◦ fingerprint recognition ◦ palm print recognition ◦ palm geometry ◦ facial recognition ◦ voice recognition ◦ retinal scans ◦ iris scans  Behavorial ◦ typing rhythm/patterns (keystroke) ◦ accents and speaking rhythms ◦ gait (locomotion behavior) ◦ writing speed and pressure (signature matching) 6
  • 7. Franck Franchin - © 2013  Not two fingerprints are alike  High level of acceptance by people  Template easily generated from minutiae points and/or ridges and/or valleys  Different types of sensors : thermal, optical, capacitance, minutiae-based 7
  • 8. Franck Franchin - © 2013  Ability of discriminating identical twins with same DNA  Low level of acceptance by people  Relatively expensive (processing power and storage) 8
  • 9. Franck Franchin - © 2013  Police  Immigration  ATM  School (library, lunch, …)  Payment in Stores  Site Access Control 9
  • 10. Franck Franchin - © 2013  Enrollment ◦ Samples of the biometric are captured and processed ◦ Unique features of these samples are extracted and computed which generates a ‘template’ ◦ From this template, it’s not possible to go back to the original biometric  Authentication or Identification ◦ The biometrics system captures the biometric of the ’live biometric’ and searches for a match against its database of templates  Revocation 10
  • 11. Franck Franchin - © 2013  Biometrics matching process is based on threshold detection - False acceptances/rejections  Sensor tolerance  Anonymation information loss (for some algorythms)  Some people categories always rejected (twins, aged people) ?  Attended or unattended system (fake/dead finger) ? 11
  • 12. Franck Franchin - © 2013  Aside IT regular vulnerabilities and risks, biometrics solutions are sensitive to specific threats : ◦ Attack to the biometric sensor ◦ Spoofing (cutoff finger, gummy finger, photography of iris pattern) ◦ Mimicry (signature and voice) ◦ Eavesdropping or man-in-the middle between the sensor and the template repository ◦ Template insertion using compromise IT or admin ! 12
  • 13. Franck Franchin - © 2013  How to protect the biometric template ? ◦ Hashing : template are protected, revokable and rewable ◦ But one has to prove it’s impossible to get back to the original key (one-way function cyphering) ◦ The best solution : public-key encryption which cyphers templates and deciphers only during access control ◦ Mix architectures involve session keys too (public-key and private key schemes)  Innovative ways ◦ During the enrollment process, combining the biometric image with a digital key to create a secure block of data. Key can be then retrieved using the biometric ! (but the key is independent of the biometric, mathematically speaking !) 13
  • 14. Franck Franchin - © 2013  Once compromise, a biometric trait wouldn’t be reused – hence if someone copy your finger, the only way to revoke your finger would be to cut it ? Hum…  Physical biometric is different from store template !  If your password is lost or compromised, you have to change your password AND the password access control storage…  In biometrics, you can’t change your ‘pwd’ (aka your biometric) but you can revoke the stored encrypted template 14