Biometric sensors keep a finger on security
InTech, Dec 2004 by Kulkarni, D B, Desai, Suhas A
Biometrics security with fingerprint matching involves protecting results-a user's template, fingerprint images, a fingerprint's features, and a user's finger. The simplest design solution for a client considering finger-print matching is to embed all functions and data in tamper-resistant smart cards. However, smart cards with a fingerprint scanner and high-powered processor for feature extraction and image processing may not be practical because of the cost of distributing the card to each user.
Biometrics authentication technology should be a promising means to confirm a cardholder's authenticity. With a Linux-based radio frequency (RF) personalizer that reads and writes in memory, the administrator can set various parameters of the smart security controller, such as real-time clock, personal identification number (PIN) option, alarm options, and reader delays. This protocol can upload card transaction data saved in the reader memory. It can also access key sets and other operational data to the reader.
A biometric template is an encrypted hash of the actual biometric itself. You can effectively combine smart cards and biometrics for personal authentication over the open source network. The combination is a two-step authentication in which you authenticate the smart card based on a public key infrastructure (PKI). Cardholder authentication occurs by using the template stored in the smart card based on the biometrics verification. Execution of the verification must occur in the card for security purposes.
The RF smart card and card reader/writer handle payment transactions for public transportation systems. Security features of these contactless cards include encrypted RF transmission, mutual authentication, and security keys. The card has up to 16 separate sectors, which you can configure as purses or for general data storage. You typically use the first sector as a directory for the rest of the card, leaving 15 segments available for data or purses. You can store up to 15 different applications on an RF smart card, and when you use unique keys for each sector, applications are separate and secure from one another.
Each sector has two keys-A and B keys-allowing different access privileges to that sector. You can designate these key pairs as read and read/write, or decrement and increment/decrement. This would allow turnstile readers with the A key to only deduct value from a card sector, while ticket booth readers with the B key could either add or subtract value. The card also has a 32-bit unique random number, and the manufacturer permanently encodes it into each chip. PKI-based systems construct a secure system achieving secure access conditions. They are consequently being used to carry keys and store personal information in applications such as student identification systems.
The user validation could still be security-hole with assumption of private keys. Decision parameters can statistically control penetration rate of biometrics, also known as the false match rate (FMR).
In an access control client-sever architecture, the client stores a user's certificate, including a public and a private key that a certification authority (CA) issues in advance. A private key in the client encrypts a random number (RN) the server generates, then validates the encrypted RN (ERN) in the server with both the CA and the user's certificate. In general, a smart card sees use as a client for security purposes. Definitions of these schemes appear in ISO/IECD9798-3 as a standard for entity authentication.
When embedding a fingerprint-matching function into the server, you need to transmit fingerprint images from the client to the server. This requirement means adding other transmission protocols specialized for user validation to the system. However, this is not desirable for standard entity authentication systems because of the prohibitive cost. Therefore, in this case, embedding the matching function in the client is necessary. For a similar reason, the templates must be stored in the client. Although there are actually many choices of connection between fingerprint matching and entity authentication, activation of the user's private key or the encryption function is appropriate. It depends on the result of the fingerprint matching.
You can use a biometric system to control users' access to determine places or services. Unfortunately, the user's template is a piece of sensible data they should store securely. Several systems exist today that use biometric identification. Some of these systems have the templates of all users stored in a secure central database. This leads to the need to apply an online communication from all points of service (PoS) to that central database server. When the system requires biometric identification, it reads the template from the smart card and then performs the matching inside the host. This process has two main weak points: the host should be highly protected against hacking and Trojans, and the services provided by the smart card, such as e-purse operations, are not biometrically secure. The main problem is the lack of an initial reference to sort the minutiae it finds. This weak point makes it necessary to perform an alignment between the template stored and the feature vector the captured sample obtains. Then it needs to convert both to polar coordinates.
- 5 Rules for Immediate Annuities
- Death in the Family: 12 Things to Do Now
- Dumbest Things You Do With Your Money
- 6 Online Networking Mistakes to Avoid
- 401(k) Mistakes to Avoid
- 5 Economic Scenarios to Keep You Up at Night
- The Real ‘Best Places to Retire’
- Best Credit Cards for You
- 12 Tough Questions to Ask Your Parents
- The Real ‘Best Colleges’
- Home Buyer Tax Credit: How to Cash In
- Why You Shouldn't Bash Cash
- 8 Phony 'Bargains' and Better Alternatives
- Danger: 3 Debit Card Scams to Avoid
- 6 Myths About Gas Mileage
- 29 Fees We Hate Most
- Quick and Easy Ways to Boost Returns
- Best Stocks to Buy Now
- Lower Your Taxes: 10 Moves to Make Now
- New Jobs: 8 Lessons from Real-Life Career Switchers
- The New Job Market: Who Wins and Who Loses?
- Health Care Reform's Public Option: Everything You Need to Know
- Volunteer Work When Unemployed: Should You Work for Free?
- Whose Recovery Is This?
- Long-Term-Care Insurance: 4 Biggest Risks to Avoid
Content provided in partnership with
Most Recent Technology Articles
- Verizon expands 3G network coverage in upstate New York
- PlasmaTech Inc names Alpha Security Systems Ltd as new platinum distributor
- ADC's GSM base station and switching product portfolio acquired by Altobridge
- Verizon expands 3G network coverage in upstate New York
- Partner Communications appoints Eli Glickman as Deputy CEO
Most Recent Technology Publications
Most Popular Technology Articles
- Building cost comparison between conventional and formwork system: a case study of four-storey school buildings in Malaysia
- Political stability and economic growth in Asia
- Failed businesses in Japan: a study of how different companies have failed, and tips on how to succeed, in the Japanese market
- What's the point of differential protection?
- Speed control of separately excited DC motor
