Biometry: Difference between revisions
(Introduction) |
(modes of operation) |
||
| Line 1: | Line 1: | ||
=Introduction= |
|||
'''Biometry''' is the statistical analysis of biological observations and phenomena([http://www.m-w.com/cgi-bin/dictionary?va=biometry]). Biometry is coupled with the measurement of '''biometric'''s: measurable, physical characteristic or personal behavioral traits used to recognize the identity, or verify the claimed identity of a person. |
'''Biometry''' is the statistical analysis of biological observations and phenomena([http://www.m-w.com/cgi-bin/dictionary?va=biometry]). Biometry is coupled with the measurement of '''biometric'''s: measurable, physical characteristic or personal behavioral traits used to recognize the identity, or verify the claimed identity of a person. |
||
| Line 5: | Line 4: | ||
* Something I know ([[Passwords]]) |
* Something I know ([[Passwords]]) |
||
* Something I have (tokens) |
* Something I have (tokens) |
||
With biometry it should —in theory— possible to establish a third link: |
With biometry it should —in theory— be possible to establish a third link: |
||
* Something I am |
* Something I am |
||
Therefore biometric systems can play an important role in [[Wikipedia:Authentication|authenticating]] a user. |
Therefore biometric systems can play an important role in [[Wikipedia:Authentication|authenticating]] a user. |
||
==Modes of Operation== |
|||
Two different modes must be distinguished: |
|||
;Identification: “Who is it?” |
|||
;Authentication: “Is it her?” |
|||
Not all biometric systems can feasibly operate in both modes. For example if it takes a given system 1 second to authenticate a given user this would generally be deemed acceptable. If however the same system should be used to identify a user in a database of 10.000 users by simply trying the authentication on each database record in turn this would take 10.000 seconds or more than 2 hours and 46 minutes. In almost all but very few scenarios this will be completely unacceptable. |
|||
On the other hand some identification systems simply return the record that best matches the query. So when the person that is to be identified is not part of the database some —more or less— random record is returned. For that reason a common design for an identification system is to chain a '''indexing''' system which returns the <math>n</math> best matches and a authentication system. |
|||
=References= |
=References= |
||
Revision as of 10:41, 21 February 2005
Biometry is the statistical analysis of biological observations and phenomena([1]). Biometry is coupled with the measurement of biometrics: measurable, physical characteristic or personal behavioral traits used to recognize the identity, or verify the claimed identity of a person.
In the context of Security Engineering there are traditionally two links between a person and her identity:
- Something I know (Passwords)
- Something I have (tokens)
With biometry it should —in theory— be possible to establish a third link:
- Something I am
Therefore biometric systems can play an important role in authenticating a user.
Modes of Operation
Two different modes must be distinguished:
- Identification
- “Who is it?”
- Authentication
- “Is it her?”
Not all biometric systems can feasibly operate in both modes. For example if it takes a given system 1 second to authenticate a given user this would generally be deemed acceptable. If however the same system should be used to identify a user in a database of 10.000 users by simply trying the authentication on each database record in turn this would take 10.000 seconds or more than 2 hours and 46 minutes. In almost all but very few scenarios this will be completely unacceptable.
On the other hand some identification systems simply return the record that best matches the query. So when the person that is to be identified is not part of the database some —more or less— random record is returned. For that reason a common design for an identification system is to chain a indexing system which returns the best matches and a authentication system.
References
- Ashbourn, J. (2000). Biometrics: Advanced identity verification: The complete guide. London: Springer.
- Bhanu, B., & Tan, X. (2004). Computational algorithms for fingerprint recognition. Boston / Dordrecht/ London: Kluwer Academic Publishers.
- Thalheim, L., Krissler, J., & Ziegler, P.-M. (2002). Koerperkontrolle [Body check]. In c’t 11/2002. Hannover: Heise. (English version at heise online)
Also see the slides at [2] (PDF format, 5.5 MB).