Biometric Authentication - Essay Example

Biometric Authentication Use Context Provided people require security for their critical assets, which has proven to be an uphill task in the contemporary society, dedicated biometric solution (DBS) will play a vital role in ensuring the same. DBS is essential in the enforcement of law, monetary services, provision of healthcare, as well as boundary management operations. DBS remains a complex system of identification that utilizes diverse methods of authentication, including fingerprint, hand, and face, in provision of the highest security levels without requisition of one’s PIN (personal identification number) or ID (identity card). One’s fingerprint, hand, or face recognition senses such specific details as ridges, orientation, as well as other features of the fingerprint. DBS is thus an effective technology offering optimal solutions towards the safety of responsive areas, thereby meeting the demands of the clients for high security whilst maintaining litheness (Nanavati et al 2002). According to Jain et al (1996), a number of factors underscore the inevitability of a DBS. First, DBS requires that a recognition trait must be universal. This implies that all people must possess a chosen biometric, with each person having a distinctive one. Secondly, the chosen biometric, in every human being, must be stable. Role-based admission management is a fundamental concept with two limits: simple and complex extremes. Ferraiolo et al (2007) postulate that there exists four chronological role-based authentication approaches as elucidated by the NIST model. The order is arranged in growing functional capacities. The “Flat Role-Based Access Control” comes first and exemplifies the basic role-based access management aspects. This approach stipulates that roles be assigned to users and permissions, thereby necessitating one to be considered in a role to gain access or permission. Importantly, a number of roles can be alloted to an individual user while multiple users can be alloted a solitary, common role. “Hierarchical Role-Based Management Control” (HRBMC) comes second in the sequence. This stage adjoins a constraint that shores up the ranking via allowing consent of the juniors by the senior staff. The HRBMC approach consists of two phases; universal hierarchical and controlled hierarchical role-based verification. The universal hierarchical role-based certification supports a capricious fractional order for helping the role ladder. On the other hand, the controlled hierarchical role-based verification entails the imposition of limits upon the role ladder by the system. Constrained RBAC comes third in the sequence. Duties’ partition, a mechanism that prevailed prior to the computers for accidental damage and fraud possibility reduction, is added as an obligation within this approach. The implication of duties’ separation takes two approaches: dynamic and static duties’ separation. Symmetric RBAC is the fourth and final approach of this sequence, which assists in the recognition of the roles towards which a specific permission has been alloted, and vice versa (Lin & Fan 2004). In the above situation and approach of use, XACML (Crampton) is the substitute applicable solution. The dissimilarity between rule-based substantiation techniques and the NIST model is the reality that the policies of rule-based verification integrate attribute-based provisions that establish the permitted protocols, as well as recognize source while the policies of the RBAC establish the organisational roles and permissions ascribed to the roles, as well as the persons, executing such roles (Jain & Uludag 2003). Strengths and Weaknesses of the PALM Biometrics and Reliability and Authentication of this Mechanism PALM biometrics systems are used interchangeably with palm vein biometric method. According to Sarkar et al (2010), the operations of the PALM biometrics vary when compared with such other biometric systems as fingerprint scan system. It compares the stored templates of an individual with his or her physical attributes of the palm. PALM vein biometrics uses the Far-Infrared directly in recognition of the vein patterns of one’s geometric shapes. While it remains unfeasible to capture the entire palm’s vascular network, the information included, possessed by the phony pattern of the vein is adequate to execute the tasks of personal authentication for a sound-sized user faction. Each biometric substantiation device has its advantages, as well as limitations. This section examines these aspects of the PALM biometrics. Strengths: PALM biometric method has a number of advantages over the other biometric methods. First, the vascular patterns of each person are distinct. Consequently, they offer large, stable, hidden, as well as robust biometric attributes. The blood vessels’ outline of each human being is structured into his or her body at birth. These remains considerably unaffected by the aging factor save for conventional growth as with the fingerprints. Since one’s blood vessels are well hidden in the body, intruders find it difficult to falsify the vascular patterns of another person. Besides, one’s skin surface may become dry or rough, but this does not affect vein pattern authentication’s accuracy. In a Japanese test, in which seventy thousand people were used, it was established that PALM biometric method has a FAR (false acceptance rate) of below 0.00008% and a FRR (false rejection rate) of about 0.01% (Wong et al 2007). Undeniably, it is hard to effortlessly dent, observe, alter, or mask vein patterns. Vein patterns need only low-resolution infrared imaging linked to straightforward image processing. Lastly, vein structures offer the chance for inexpensive individual abridged biometric keys. Weaknesses: Interestingly, the only weakness associated with PALM biometric system is the varied factors affecting the captured image’s quality. Such factors consist of ambient moisture and temperature, bodily temperature, emission of warmth, uneven heat circulation, focus, and calibration of the camera, and vein’s proximity to the exterior. Evidently, majority of these dynamics are natural hence hard to surmount (Jain & Uludag 2003). Existing Alternatives to the Dedicated Solution Applicable to the MOD Case and Analysis of their Effectiveness, Shortfalls, and Risks While biometric verification has been demonstrated as a dependable means of protecting crucial data, scholars have advanced a number of ways of protecting biometric models from divulging vital information. Consequently, this section looks at the diverse alternative approaches applicable to the MOD case. According to (Uludag 2003), steganography principles (SP) could be applied in hiding biometric information in such host images as faces. SP is exceedingly handy in distributed systems in which raw biometric information may require being transmitted via an unsafe channel of communication. Embedment of biometric information in a bland host image proscribes a spy from accessing susceptible model information. A second alternative is embedment of a vibrant signature algorithm features into the face images on one’s ID card. Such features, after compression, are converted into a twofold brook. Afterwards, a virtual hologram transforms the stream into essential data, ultimately entrenched into the face image’s blue channel. When authenticating an individual, the signature attributes, concealed in the image’s face, are convalesced and compared against online-obtained signature. According to Jain and Uludag (2004), any face image modification is easily detected, hence barring the application of phony ID cards. Any case of compromised templates would translate into the user’s identity loss simply because an individual’s personal attributes cannot be replaced easily unlike PIN and passwords. Ratha et al (2001) recommend the employment of distortion functions, applicable in generation of biometric information, which can be done away with if indispensable. Distortion functions employ non-invertible functions of conversion, which disfigures input biometric pointers. For instance, face image alters the extorted set of attributes, such as minutiae points, before extraction of feature. Generation of a novel template occurs when the stored one is compromised. In such a scenario, a novel function must substitute the present function of conversion, thereby disqualifying the compromised stencil. Biometric crytosystems are increasingly gaining popularity in the contemporary template alteration realm. Such systems facilitate the combination of crytography and biometrics at an advanced stage, which fosters biometric toning in order to occupy the crytographic domain successfully. This helps in exploitation of the connected advanced security. However, the main weakness of employment of thes alternatives is that the implementation of most is a costly initiative in comparison to the DBS used by the MOD. Security Maximization at the MOD Cae End-Points Arguably, it remains impractical to bar the total digital data replication, especially in the contemporary digital era. This is accredited to the simplicity of convenience of digital data. Moreover, once released, digital data becomes so public, implying that replication is inevitable. Consequently, entities will be required to use DRMS (digital rights management systems) in protection of their digital data from breach or piracy. According to Jain and Uludag (2003), DRMS use measures of technical copyright protection in order to secure information. The DRMS is associated with three vital objectives: content data acessibility, monitoring approved utilization, as well as detection and prosecution of copyright contraventions. The realization of these objectives calls for inclusion and amalgamation of such core precautions tools as encryption and watermarking mechanisms, by the systems. Both hardware and software DRMSs have a vivid peculiarity when differentiating on grounds of protection and security. The software-based DRMSs differ from the hardware ones since they utilize exceptional front-end players or browsers in rendering the user’s client content, normally general-purpose PCs. Media firms require the execution of in-house related back-end architecture in order to facilitate seamless rights, as well as content delivery with clients’ front-end (Wong et al 2007). Nevertheless, software-based DRMSs front-ends remain easy to evade with unique disassembler and debugger software. Morover, proprietary hardware-based DRMSs provide a relatively stronger protection level, since the execution of both decryptiona nd encryption processes occur in closed hardware environments. However, it is exceedingly hard for accessment of the decrypted flows of information, obligatory in fabrication of pirate copies (Jain & Uludag 2004). According to Ferraiolo et al (2007), there exist several other optimal mechanisms of safeguarding end-user level data. Cache cleaner is an essential approach, which uses a secure function of deletion in ensuring a comprehensive and complete data cleanup. This fosters security against malevolent endeavors of recovering any erased information from disks. Second is “Secure Virtual Workspace.” This approach offers a packed control over downloaded corporate information into the public machines during consumption sessions. Bibliography Ferraiolo, D., Chandramouli, R., & Kuhn, D. R. (2007). Role-Based Access Control. Boston [u.a.], Artech House. Jain, A. K., Bolle, R., & Pankanti, S. (1996). Biometrics: Personal Identification in Networked Society, New York, Springer. Jain, A.K. & Uludag, U. (2003). Hiding Biometric Data, IEEE Trans. Pattern Anal. Mach Intell, Vol. 25, pp. 1494-1498. Jain, A.K. & Uludag, U. (2004). Fingerprint Minutiae Attack System, The Biometric Consortium Conference. VA, Arlington. Lin, C.L. & Fan, K.C. (2004). The Use of Thermal Images of Palm-Dorsa Vein-Patterns for Biometric Verification, Proceedings of the17th International Conference Pattern on Recognition, Vol. 4, pp. 450-453. Nanavati, S., Thieme, M., & Nanavati, R. (2002). Biometrics Identity Verification in a Networked World. New York, John Wiley & Sons. Ratha, N., Connell, J., & Bolle, R. (2001). Enhancing Security and Privacy in Biometrics-Based Authentication Systems, IBM Systems Journal, vol. 40, no. 3, pp. 614–634. Sarkar, I., Alisherov, F., Kim, T., & Bhattacharyya, D. (2010). Palm Vein Authentication System: A Review. International Journal of Control and Automation, Vol. 3, No. 1, pp. 27-34. Uludag, U., Pankanti, S., & Jain, A., K. (July 2005). “Fuzzy Vault for Fingerprints,” To Appear in Proc. Audio- and Videobased Biometric Person Authentication (AVBPA). New York, Rye Brook. Wong, K., Lai, T., Lee, B., & Shum, F. (2007). Analysis of Palm Vein Biometric System. Viewed 29 March 2013, Read More