Biometric security systems: finally, a friend?

Information systems security has broadened its meaning and significance and has started to affect our lives and behaviours. The research literature identifies five related research domains: information systems, security policies, security technologies, security assurance, and security interfaces. This paper discusses some aspects of user acceptance of biometrical measurements for the purposes of authentication and access control and concludes that initial user rejection of the commonly implemented biometrics and fear of privacy abuse have been replaced by a de facto user acceptance. It hypothesizes that there is correlation between users’ awareness of the broader consequences of a particular biometric system and the level of their acceptance of the system

Automatic Signature Verification (ASV) in e-commerce

In the offline world, payments are often made over the counter with some levels of human inspections. However,such inspection does not exist in the online world. Online transactions are carried out virtually on a remote application server. Though other technical security measures have been introduced for online transactions such as the use of encryption, digital signatures and digital certificates, the issue of trust is still largely a major problem in e-commerce since actual authentication of users is not often established. A solution to this is to use biometrics Automatic Signature Verification (ASV) systems where human identification is carried out automatically based on their signatures.The main advantage of ASV over other biometrics technologies is that its applications are widely accepted and generally acknowledged by the public due to the fact that signatures have long been used as proof of identity in legal documents and financial transactions.Additionally, the ASV system allows the extraction of dynamic information that describes the way a signature is actually executed in terms of velocity, acceleration, pen pressure, pen inclination, etc. Many signature experts believe the dynamic information of the signing operation is generally consistent and stable throughout one’s lifetime.This in turn is more secure simply because it is harder to imitate human signing operation than to reproduce signature images of another person.Since ASV allows for remote networked authentication, it appears promising to most e-commerce applications. This paper generally describes the ASV potentials, its current applications and impediments in e-commerce related activities.It also addresses areas for ASV improvements

Sistemas biométricos multimodales que emplean rasgos audio-visuales

Se observa en la actualidad una tendencia muy marcada al empleo de técnicas biométricas (las que incluyen rostro, huellas digitales, geometría de la mano, iris, patrones de retina, firma y voz, entre los más destacados) en los sistemas de identificación/autenticación de personas. Todas estas técnicas presentan diferentes grados de singularidad, permanencia, mensurabilidad, desempeño, aceptacción del usuario y robustez. Por otra parte, diferentes investigaciones sobre sistemas biométricos multimodales han demostrado que mediante su empleo es posible mejorar la carencias de cualquier sistema biométrico unimodal, por lo que desde hace algunos años, proliferan las propuestas para el empleo de dos o más métodos biométricos independientes. En el presente trabajo se analizan aspectos significativos de estos métodos y aproximaciones y se desarrollan breves reseñas, a partir de la búsqueda bibliográfica. Los aspectos abordados incluyen la fusión de información (poniendo el acento especialmente en la identificación y verificación audio-visual de personas), y las técnicas adaptativas y no-adaptativas para la decisión de verificación (utilizando información de habla y de rostro) en condiciones de audio con ruido.Workshop de Arquitecturas, Redes y Sistemas Operativos (WARSO)Red de Universidades con Carreras en Informática (RedUNCI

Sistemas biométricos multimodales que emplean rasgos audio-visuales

Se observa en la actualidad una tendencia muy marcada al empleo de técnicas biométricas (las que incluyen rostro, huellas digitales, geometría de la mano, iris, patrones de retina, firma y voz, entre los más destacados) en los sistemas de identificación/autenticación de personas. Todas estas técnicas presentan diferentes grados de singularidad, permanencia, mensurabilidad, desempeño, aceptacción del usuario y robustez. Por otra parte, diferentes investigaciones sobre sistemas biométricos multimodales han demostrado que mediante su empleo es posible mejorar la carencias de cualquier sistema biométrico unimodal, por lo que desde hace algunos años, proliferan las propuestas para el empleo de dos o más métodos biométricos independientes. En el presente trabajo se analizan aspectos significativos de estos métodos y aproximaciones y se desarrollan breves reseñas, a partir de la búsqueda bibliográfica. Los aspectos abordados incluyen la fusión de información (poniendo el acento especialmente en la identificación y verificación audio-visual de personas), y las técnicas adaptativas y no-adaptativas para la decisión de verificación (utilizando información de habla y de rostro) en condiciones de audio con ruido.Workshop de Arquitecturas, Redes y Sistemas Operativos (WARSO)Red de Universidades con Carreras en Informática (RedUNCI

Distributed authentication to preserve privacy through smart card based biometric matching

Bibliography: pages 135-139.This thesis focuses on privacy concerns, specifically those relating to the storage and use of biometrics. These concerns result from the fact that biometric information is unique. This uniqueness makes the biometric a very strong identifier increasing the possibility that it could be used to monitor an individual's activities. An expert can extract considerable information from a biometric scan, ranging from the age or gender to whether the individual has certain diseases

Integrating biometric authentication into multiple applications

The Internet has grown from its modest academic beginnings into an important, global communication medium. It has become a significant, intrinsic part of our lives, how we distribute information and how we transact. It is used for a variety of purposes, including: banking; home shopping; commercial trade - using EDI (Electronic Data Interchange); and to gather information for market research and other activities. Owing to its academic origins, the early developers of the Internet did not focus on security. However, now that it has rapidly evolved into an extensively used, global commercial transaction and distribution channel, security has become a big concern. Fortunately, the field of information security has started to evolve in response and is fast becoming an important discipline with a sound theoretical basis. The discipline views the twin processes of identification and authentication as crucial aspects of information security. An individual access attempt must be identifiable prior to access being authorised otherwise system confidentiality cannot be enforced nor integrity safeguarded. Similarly, non-denial becomes impossible to instigate since the system is unable to log an identity against specific transactions. Consequently, identification and authentication should always be viewed as the first step to successfully enforcing information security. The process of identification and authorisation is, in essence, the ability to prove or verify an identity. This is usually accomplished using either one or a combination of the following three traditional identification techniques: something you possess; something you know; or something you are. A critical consideration when designing an application is which identification method, or combination of methods, from the three described above to use. Each method offers its own pros and cons and there are many ways to compare and contrast them. The comparison made in this study identifies biometrics as the best solution in a distributed application environment. There are, however, two over-arching hindrances to its widespread adoption. The first is the environment’s complexity - with multiple applications being accessed by both the public and the private sectors - and the second is that not all biometrics are popular and no single method has universe appeal. The more significant hindrance of the two is the latter, that of acceptance and trust, because it matters little how good or efficient a system is if nobody is willing to use it. This observation suggests that the identification system needs to be made as flexible as possible. In a democratic society, it could be argued that the best way of ensuring the successful adoption of a biometric system would be to allow maximum freedom of choice and let users decide which biometric method they would like to use. Although this approach is likely to go a long way towards solving the acceptance issue, it increases the complexity of the environment significantly. This study attempts to solve this problem by reducing the environment’s complexity while simultaneously ensuring the user retains maximum biometric freedom of choice. This can be achieved by creating a number of central biometric repositories. Each repository would be responsible for maintaining a biometric template data store for a type of biometric. These repositories or “Biometric Authorities” would act as authentication facilitators for a wide variety of applications and free them from that responsibility.Dissertation (MSc (Computer Engineering))--University of Pretoria, 2005.Electrical, Electronic and Computer EngineeringMScunrestricte