Biometry: Difference between revisions
(Course of Action) |
|||
(39 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
=Introduction= |
|||
'''Biometry''' is the statistical analysis of biological observations and phenomena([http://www.m-w.com/cgi-bin/dictionary?va=biometry]). Biometry is coupled with the measurement of '''biometric'''s: measurable, physical characteristics or personal behavioral traits used to recognize the identity, or verify the claimed identity of a person. |
|||
In the context of [[Security Engineering]] there are traditionally two links between a person and her identity: |
|||
* Something I know ([[Passwords]]) |
|||
* Something I have (tokens) |
|||
With biometry it should —in theory— be possible to establish a third link: |
|||
* Something I am |
|||
Therefore biometric systems can play an important role in [[Wikipedia:Authentication|authenticating]] a user. |
|||
=Overview= |
|||
*Broad Overview on Biometric Criteria |
|||
*Facial recognition |
|||
**Use, Scenario, Features |
|||
**General course |
|||
**Approaches |
|||
**Summary |
|||
*Insights on Fingerprints |
|||
**Features |
|||
**Acquisition |
|||
**Recognition |
|||
**Demonstration |
|||
**Problems |
|||
==Modes of Operation== |
|||
=Short Introduction= |
|||
Two different modes must be distinguished: |
|||
*I biometry: the statistical analysis of biological |
|||
; Identification : “Who is it?” |
|||
observations and phenomena (Merriam-Webster |
|||
; Authentication : “Is it her?” |
|||
Online Dictionary) |
|||
*I biometric: a measurable, physical characteristic or |
|||
personal behavioral trait used to recognize the |
|||
identity, or verify the claimed identity of a person |
|||
*I Three levels: |
|||
**1. I know something (passwords) |
|||
**2. I have something (tokens) |
|||
**3. I am something (biometry) |
|||
Not all biometric systems can feasibly operate in both modes. For example if it takes a given system 1 second to authenticate a given user this would generally be deemed acceptable. If however the same system should be used to identify a user in a database of 10.000 users by simply trying the authentication on each database record in turn this would take 10.000 seconds or more than 2 hours and 46 minutes. In almost all but very few scenarios this will be completely unacceptable. |
|||
=Classification= |
|||
Two diffent modes must be distinguished: |
|||
*Identification “Who is it?” |
|||
*Authentication “Is it her?” |
|||
On the other hand some identification systems simply return the record that best matches the query. So when the person that is to be identified is not part of the database some —more or less— random record is returned. For that reason a common design for an identification system is to chain a '''indexing''' system which returns the <math>n</math> best matches and an authentication system. |
|||
=Quality indices= |
|||
*False Rejection Rate (frr) |
|||
==Course of Action== |
|||
**Rate of authentication |
|||
Being [[Wikipedia:Pattern recognition|pattern recognition]] systems most biometric systems operate by first reducing the input (oftentimes an image) to a small set of features. Use of this set is twofold: |
|||
attempts from legitimate |
|||
# During the enrollment procedure, e.g. when the user is first introduced to the system, the set is transformed into a reference template which is then saved in a database. It is common to form the reference template by taking several measurements of the biometric and then averaging them. |
|||
users that are rejected. |
|||
# During regular use in identification or authentication systems the set of features is compared against the reference template(s) from the database. |
|||
*False Acceptance Rate (far) |
|||
**Rate of authentication |
|||
<center>[[Image:Biometric_flow_small.png|Typical biometric data flow for enrollment and authentication.]]<br> |
|||
attemps from illegitimate |
|||
Typical flow of biometric data for the enrollment and authentication in an authentication system. There is also a [[:Image:Biometric_flow.png|larger version]] available.</center> |
|||
users (e.g. attackers) that |
|||
are accepted. |
|||
==Quality indices== |
|||
*Equal Error Rate (eer) |
|||
Several quality indices are defined to compare different systems: |
|||
**The eer equals the far |
|||
; False Rejection Rate (FRR) : This is the rate of authentication attempts from legitimate users that are rejected. |
|||
and frr when the system |
|||
; False Acceptance Rate (FAR) : This is the rate of authentication attempts from illegitimate users (e.g. attackers) that are accepted. |
|||
is configured so that |
|||
; Equal Error Rate (EER) : This is the false acceptance rate (or the false rejection rate) when the system is set up so that the FRR equals the FAR. |
|||
far = frr. |
|||
; Failure to Enroll Rate (FER) : This is the rate of users that can't enroll into the system at all. |
|||
Quite naturally the first three only apply to authentication systems. |
|||
**Rate of users that can’t |
|||
enroll into the system at |
|||
In most real world systems a high FAR is worse than a high FRR: When a legitimate user is rejected she simply tries again causing only a slight comfort loss. Accepting a illegitimate user, though, compromises the system and would usually lead to a loss of whatever the system was meant to protect. |
|||
all. |
|||
As different environments have different requirements regarding the security of the system and the convenience of the users most systems have some sort of adjustment possibility, e.g. a threshold value for the number of matches features. This can usually be set to trade off a higher FAR in favor of a lower FRR or vice versa. To aid in comparison of biometric systems one then uses the equal error rate: The adjustment is set so that FRR=FAR which then gives the EER. The EER of different systems can then be compared. (In reality mostly no one would use a system configured this way, as detailed above.) |
|||
<center>[[Image:Frrfar.png|The graph shows some overly idealistic FRR and FAR curves depending on some sort of threshold and the EER point.]]<br> |
|||
FRR and FAR curves and the point of EER.</center> |
|||
A fundamental index in all systems that employ some sort of database of reference templates is the Failure to Enroll Rate, e.g. the rate of users that can't enroll into the system. In these systems a reference dataset must be aquired from each user prior to any operations (enrollment). This operation can fail, for example due to intrinsic properties of the person trying to enroll. E.g. it would be impossible to enroll into a system based on hand geometries for a person that has no hands. Similarly a mute person won't be able to enroll into a speech verification system, etc. And what use is a system with the best possible EER if two thirds of the prospective users can't enroll? |
|||
=Overview on Biometric Criteria= |
|||
There are several parts of the human anatomy that are sufficiently unique and stable during a long time and therefore suited for use as biometric criteria. The most common are: |
|||
* [[Fingerprint Matching|fingerprints]] |
|||
* [[Facial Recognition|faces]] |
|||
* [[Hand Geometry|hands]] |
|||
* [[Iris Scanning|irides]] |
|||
* [[Retina Scanning|retinae]] |
|||
* vein patterns |
|||
There are also some personal behaviors or similar habits that can be used as biometrics: |
|||
* signatures |
|||
* voices |
|||
* keystroke patterns |
|||
=References= |
|||
*Ashbourn, J. (2000). Biometrics: Advanced identity verification: The complete guide. London: Springer. |
|||
*Bhanu, B., & Tan, X. (2004). Computational algorithms for fingerprint recognition. Boston / Dordrecht/ London: Kluwer Academic Publishers. |
|||
*Thalheim, L., Krissler, J., & Ziegler, P.-M. (2002). Koerperkontrolle [Body check]. In c’t 11/2002. Hannover: Heise. (English version at [http://www.heise.de/ct/english/02/11/114/ heise online]) |
|||
Also see the slides at [http://www.informatik.hu-berlin.de/~ploetz/biometry] (PDF format, 5.5 MB). |
Latest revision as of 06:50, 23 February 2005
Introduction
Biometry is the statistical analysis of biological observations and phenomena([1]). Biometry is coupled with the measurement of biometrics: measurable, physical characteristics or personal behavioral traits used to recognize the identity, or verify the claimed identity of a person.
In the context of Security Engineering there are traditionally two links between a person and her identity:
- Something I know (Passwords)
- Something I have (tokens)
With biometry it should —in theory— be possible to establish a third link:
- Something I am
Therefore biometric systems can play an important role in authenticating a user.
Modes of Operation
Two different modes must be distinguished:
- Identification
- “Who is it?”
- Authentication
- “Is it her?”
Not all biometric systems can feasibly operate in both modes. For example if it takes a given system 1 second to authenticate a given user this would generally be deemed acceptable. If however the same system should be used to identify a user in a database of 10.000 users by simply trying the authentication on each database record in turn this would take 10.000 seconds or more than 2 hours and 46 minutes. In almost all but very few scenarios this will be completely unacceptable.
On the other hand some identification systems simply return the record that best matches the query. So when the person that is to be identified is not part of the database some —more or less— random record is returned. For that reason a common design for an identification system is to chain a indexing system which returns the best matches and an authentication system.
Course of Action
Being pattern recognition systems most biometric systems operate by first reducing the input (oftentimes an image) to a small set of features. Use of this set is twofold:
- During the enrollment procedure, e.g. when the user is first introduced to the system, the set is transformed into a reference template which is then saved in a database. It is common to form the reference template by taking several measurements of the biometric and then averaging them.
- During regular use in identification or authentication systems the set of features is compared against the reference template(s) from the database.
Typical flow of biometric data for the enrollment and authentication in an authentication system. There is also a larger version available.
Quality indices
Several quality indices are defined to compare different systems:
- False Rejection Rate (FRR)
- This is the rate of authentication attempts from legitimate users that are rejected.
- False Acceptance Rate (FAR)
- This is the rate of authentication attempts from illegitimate users (e.g. attackers) that are accepted.
- Equal Error Rate (EER)
- This is the false acceptance rate (or the false rejection rate) when the system is set up so that the FRR equals the FAR.
- Failure to Enroll Rate (FER)
- This is the rate of users that can't enroll into the system at all.
Quite naturally the first three only apply to authentication systems.
In most real world systems a high FAR is worse than a high FRR: When a legitimate user is rejected she simply tries again causing only a slight comfort loss. Accepting a illegitimate user, though, compromises the system and would usually lead to a loss of whatever the system was meant to protect.
As different environments have different requirements regarding the security of the system and the convenience of the users most systems have some sort of adjustment possibility, e.g. a threshold value for the number of matches features. This can usually be set to trade off a higher FAR in favor of a lower FRR or vice versa. To aid in comparison of biometric systems one then uses the equal error rate: The adjustment is set so that FRR=FAR which then gives the EER. The EER of different systems can then be compared. (In reality mostly no one would use a system configured this way, as detailed above.)
FRR and FAR curves and the point of EER.
A fundamental index in all systems that employ some sort of database of reference templates is the Failure to Enroll Rate, e.g. the rate of users that can't enroll into the system. In these systems a reference dataset must be aquired from each user prior to any operations (enrollment). This operation can fail, for example due to intrinsic properties of the person trying to enroll. E.g. it would be impossible to enroll into a system based on hand geometries for a person that has no hands. Similarly a mute person won't be able to enroll into a speech verification system, etc. And what use is a system with the best possible EER if two thirds of the prospective users can't enroll?
Overview on Biometric Criteria
There are several parts of the human anatomy that are sufficiently unique and stable during a long time and therefore suited for use as biometric criteria. The most common are:
- fingerprints
- faces
- hands
- irides
- retinae
- vein patterns
There are also some personal behaviors or similar habits that can be used as biometrics:
- signatures
- voices
- keystroke patterns
References
- Ashbourn, J. (2000). Biometrics: Advanced identity verification: The complete guide. London: Springer.
- Bhanu, B., & Tan, X. (2004). Computational algorithms for fingerprint recognition. Boston / Dordrecht/ London: Kluwer Academic Publishers.
- Thalheim, L., Krissler, J., & Ziegler, P.-M. (2002). Koerperkontrolle [Body check]. In c’t 11/2002. Hannover: Heise. (English version at heise online)
Also see the slides at [2] (PDF format, 5.5 MB).