Another way to block access to a computer is
through biometrics, which identifies authorized users through
their unique fingerprints, retina scans, voices, or other physiological
or behavioral features. Hackers can always steal or guess obvious passwords
like sex or password,
but it's much more difficult to steal—and nearly impossible to guess—someone else's fingerprint pattern.
Biometrics works on the principle that every person has
unique characteristics that are impossible to duplicate; even identical twins
have different sets of fingerprints.
Typically, a biometric security system works by comparing
data collected from someone attempting to gain access to the system with a
database of authorized data patterns. First, therefore, every authorized user's biometric data must be stored in a database
against which the biometric device can check to decide who to accept and
who to reject.
Fingerprint scanners are the most widely used form of
personal biometric today, due largely to their small size
and ease of use. A person simply places his finger on the reader, and he is
either granted or denied access. In this section, we will examine the operation
of the fingerprint scanner at the device and analysis levels so that technology
selection and implementation decisions can be made with better awareness of possible
limitations.
At the very beginning, the reader needs to be cautioned that the
degree to which a person's fingerprint templates (the recorded characteristics
of the finger) are protected while being stored by the operating system may
create an easier attack point than trying to break the system by creating a
fake fingerprint. These biometric fingerprint scanners should be used with careful
attention paid to encryption and protection of the user fingerprint templates. Failure to do so will
directly affect the strength of protection offered by the system.
Fingerprint-analysis
algorithms used by scanner systems are designed to capture and recognize the same
basic features that have been employed by fingerprint-analysis
experts for decades. At its core, fingerprint analysis seeks to identify specific minute
features (minutiae) within the fingerprint structure and compare them to others
in a database. Digital fingerprint scanners
can also add other information, such as specific distances between minutiae and
the direction of whorls in the fingerprint structure, to further increase the
uniqueness of the measurement and thereby decrease FAR and FRR numbers.
In both the classic “ink” type of fingerprint recording and in the digital capture
of a fingerprint using one of the technologies listed
above, the fingerprint friction ridge, the raised portion
that contacts the glass surface of the scanner, is recorded as black, and the fingerprint valley, which is filled with air, is
recorded as white. Keeping these in mind, fingerprint experts
have developed a list of minutiae that can be found in most fingerprints. The primary
minutiae that are employed in fingerprint characterization include:
Iris scanners
capture the minute patterns in the iris, the colored region between the pupil
and the sclera, and compare these patterns to previously stored iris scans. Iris
scans have the advantage that eyeglasses and contact lenses need not be removed
for the system to operate properly.
The first step in the process is the isolated capture of the iris,
without the sclera, pupil, and any light reflections that might be present. This
is usually accomplished by smoothing (averaging) the picture so that the disk
of the pupil can be more easily identified by software. Next, software locates
the best fit circle that just inscribes the pupil and the best circle that
captures the outer edge of the iris.
No comments:
Post a Comment