SlideShare ist ein Scribd-Unternehmen logo

biometrics and cyber security

Karthiga Manisekaran
Karthiga Manisekaran
BildungTechnologieBusiness
1 von 25
© Copyright Daon, 2009 1 Biometrics and Cyber SecurityBiometrics and Cyber Security Key Considerations in Protecting CriticalKey Considerations in Protecting Critical InfrastructureInfrastructure –– Now and In The FutureNow and In The Future Conor White, Chief Technology Officer, Daon
© Copyright Daon, 2009 2 Why is Cyber Security Important in the Context of Biometric Systems?
© Copyright Daon, 2009 3 Cyber Security & Biometrics  On the Internet, nobody knows you are a dog…. Or a terrorist …Or a student … Or a spy…
© Copyright Daon, 2009 4 Identity is More Valuable than Money! “I can’t think of a single piece of information more critical to our ultimate security and prosperity, both as individuals and as a country, than our personal identity. The ability of an individual to establish identity, to verify “you are who you claim to be”, is critical to the many transactions that occur in a single day. As the world becomes more interdependent, as transactions become more global, and as the world embraces identity management and assurance as an element of conducting business, personal identities will become a form of global currency. Whether you are crossing a border, seeking employment, applying for a public benefit, opening a bank account, combating crime, making a purchase, enforcing immigration policy, granting access to public and private spaces, detecting terrorists ---- identity verification has limitless value.” Governor Tom Ridge Former Secretary, Department of Homeland Security
© Copyright Daon, 2009 5 Identity Management is Fundamental to Cyber Security  Cyber Security is about establishing trust in entities accessing your networks and ensuring that they perform functions consistent with the role you define for them.  The fundamental capability necessary for any cyber security solution is Identity Management. • Biometrics is a key enabling technology in the fight to strengthen the security of systems against cyber crime  However…
© Copyright Daon, 2009 6 …Biometric Identity Systems Will Be Attacked!  In this session we will discuss (briefly) the following cyber security topics as they relate to Biometric Systems: 1. System Level Perspective 2. Person Level Perspective 3. Independence, Flexibility, Ongoing Analysis and Adaptation
© Copyright Daon, 2009 7 Attacks on Biometric Systems Consider the following:  Don’t have to duplicate to spoof – you just need to alter to ensure no 1:1 or 1:N match (negative identification scenarios)  As our databases grow, we struggle to achieve universality  As we seek to automate, unattended acquisition and authentication creates risk  As more systems are deployed, frequency and sophistication of attacks will increase • Microsoft OS virus vs Apple OS virus  No Biometric modality is perfect – don’t believe anybody who tells you otherwise  No silver bullet - lots of papers & patents but few commercial offerings  Industry starting to look more seriously at liveness detection – e.g. LivDet 2009 Biometrics provide a clear benefit to counteracting cyber security threats – but biometric systems can themselves be a source of weakness
© Copyright Daon, 2009 8 How Do We Compete?  Countermeasures are required: • Enhanced Capture Software • Secured Systems • New Capture Devices • Multi-factor • Multi-modal • Supervision & Oversight – guiding standard and principles • Ability to react through flexible technology and process  Biometric matching has been a technology- and tool-centric field.  A Defense-in-Depth method of dealing with biometric & identity-related concerns takes a more holistic approach: People Technology Operations
© Copyright Daon, 2009 9 Biometric System Threats & Countermeasures
© Copyright Daon, 2009 10 Biometric System Vulnerabilities Key Considerations: • There is no perfect identity authentication method – every form of authentication has vulnerabilities • The entire identity eco-system is vulnerable to attack • Don’t just secure the point of authentication • Consider systemic weaknesses as well • Must provide a defense-in-depth strategy Signal Processing Data Collection Matching Storage Decision Verifier 1 2 3 4 5 6 7 8 9 10 11 Person Perspective System Perspective Source: Study report on Biometrics and E-Authentication
© Copyright Daon, 2009 11 First Principle of Cyber Security Security by Design  Security should be designed into a solution and not “bolted on” after the fact  All solutions MUST be designed using industry-best security principles • Encryption of data – both in transit and at rest • Use of strong cryptographic techniques (e.g. HSMs) • Robust key management • Non-repudiation of events • Authorization of function • Integrity protection – data and system • Uses industry proven techniques – no “security by obscurity” Biometrics systems are vulnerable to attack at several points in the process: data collection, signal processing, data storage, and decision/action point
© Copyright Daon, 2009 12 Location Threats Example Countermeasures 1 – Data Collection Spoofing Liveness detection - Challenge/response Multi-modal, policy-based Device substitution Mutually authenticate device Vendor agnostic architecture 2 – Raw Data Transmission Replay attack Sign data, timestamp, session tokens/nonces, HSM, FIPS 3 – Signal Processing (Software) Component replacement Sign components 5 – Matching Manipulation of match scores Debugger hostile environment Hill climbing Coarse scoring, trusted sensor, secure channel, limit attempts 7 - Storage Database compromise (reading/replacing template, changing bindings) DB access controls, sign/encrypt templates, store on secure token Audit, digital signature 9 – Decision Threshold manipulation Protected function, data protection Signal Processing Data Collection Matching Storage Decision Verifier 1 2 3 4 5 6 7 8 9 10 11 Person Perspective System PerspectiveDefense in Depth So How do We Design in the Countermeasures?
© Copyright Daon, 2009 13 And Don’t Forget about Data Security  Provide an authentication framework that • Securely manages sensitive biometric data. • Ensures the privacy of users’ personal (e.g. biometric) data. • Resists attacks launched by insiders/outsiders. • Provides for non-repudiation of activities. • Integrates with 3rd party applications. • Scales to enterprise-wide deployments. • Is biometric-agnostic by design.  Biometric data must be stored securely • Privacy concerns (legislation) • Risk of legal challenges to signatures if stolen  Assume a hostile network • Eavesdropping on sensitive traffic. • Injection/deletion of messages  Assume a hostile environment • Database may be compromised. • Machines may be physically attacked. • Attacks launched against OS or Daon software.
© Copyright Daon, 2009 14 In Summary  Biometrics enable stronger defense against cyber security attacks but biometric systems need to ensure that they don’t become a platform for launching an attack themselves  Design Security In – Don’t just bolt it on • Protect biometric systems using a holistic approach • Ensure all data is encrypted (in motion and at rest) • Ensure robust key management and distribution • Signing of all parties in a transaction • Tamper evidence and integrity checks throughout system • Audit trails and non-repudiation • Consider all points in a solution and look for vulnerabilities  Its NOT just about the matching algorithm!
© Copyright Daon, 2009 15 Person-Oriented Attacks & Countermeasures
© Copyright Daon, 2009 16 Person Oriented Attacks  Historically the focus has been finger, face, and iris however, there are several modes being refined: vein, voice, iris on the move,….  To defeat a biometric system, sometimes it is sufficient to cause distortion (i.e. to not match). • Example, distortion of fingerprints to avoid watchlist hits  Universality/Inclusivity becomes a major issue for large populations  Multi-Modal solutions work best  Systems need an adaptive architecture that can incorporate these new modes and leverage technology improvements over time The most progressive, modern systems begin as a multi-biometric platform with built in systemic security & privacy safeguards and add different biometric capabilities as needed over time!
© Copyright Daon, 2009 17 Multi-biometric Fusion  Use fusion to improve accuracy and robustness • Increase accuracy beyond single biometric matching • Reduce FTE (broaden population) • Spoof/denial resistance • Cope with poor quality data • Sensor/user fault tolerance  Fusion performance depends on: • Input data available • Comparison algorithm accuracy • Correlations between different matcher scores • Fusion technique • Training data
© Copyright Daon, 2009 18 Multi-Biometric Fusion in Action  Choose a platform that enables multiple biometrics to ensure optimized performance  Multi-biometric systems provide key advantages: • Increased accuracy (noise reduction) • Enhanced Usability • Greater Universality • Improved Security • Improved performance (FMR, FNMR)  As enrollment populations grow dramatically, multi- modal solutions are inevitable. Performance of large scale identity programs can be significantly improved through the use of multiple biometrics. Large scale systems should establish a core multi-biometric platform first and then choose the most applicable algorithms to suit their population, commercial and performance needs 0.1000% 1.0000% 10.0000% 100.0000% 0.0001% 0.0010% 0.0100% 0.1000% 1.0000% 10.0000% 100.0000% False Match Rate (FMR) FalseNon-MatchRate(FNMR) Face Finger Sum fusion Product fusion
© Copyright Daon, 2009 19 In Summary  There is NO perfect biometric type  There is NO perfect biometric device or algorithm  Biometric performance will continue to increase over time, costs will decrease  Spoofing attacks will continue and gain in frequency and complexity  A flexible framework is needed to counteract these attacks  Multi-biometric systems provide best defense – with ability to continually add new technology components  Policy based normalization and fusion should be kept independent of biometric matching algorithms  Adopt a platform that enables you to take advantage of technological improvements over time
© Copyright Daon, 2009 20 Technology Flexibility, Ongoing Analysis and Adaptation
© Copyright Daon, 2009 21 Analysis and Adaptation  Question: How do you react to: • Biometric technologies continuously changing • Weaknesses identified in specific algorithms or devices • Spoofing techniques continuously improving • New normalization and fusion techniques emerging • Throughput and performance models emerging • …  Answer: Deploy an analysis and adaptation engine that enables you to do “what-if analysis” and understand consequences of changes ahead of implementation  Identify and correct weak points ahead of cyber attackers  Automate performance analysis of what-if scenarios: • Algorithms: Matching, Quality, Fusion • Devices/sensors • Interoperability: Cross-device analysis, multi-algorithm scenarios • Protocols e.g. 1:1, 1:N, #attempts, preferred sample types
© Copyright Daon, 2009 22 Which Fusion? DETs 1.0E-03 1.0E-02 1.0E-01 1.0E+00 1.0E-06 1.0E-05 1.0E-04 1.0E-03 1.0E-02 1.0E-01 1.0E+00 False Match Rate (FMR) FalseNon-MatchRate(FNMR) 517_Face_C 517_Finger_LI SUM: MinMax SUM: Zscore SUM: MAD SUM: TanH PROD: FNMR PROD: Liklihood
© Copyright Daon, 2009 23 Self Optimizing Framework for Analysis and Adaptation Biometric Performance Analysis Engine Results Analysis Policy Based Biometric Platform Biometric Performance Analysis Engine
© Copyright Daon, 2009 24 In Summary  Vendor independence provides both a monetary ROI and a cyber- threat risk mitigation  Leverage concept of master broker to orchestrate operations of biometric components  Ensure a vendor independent framework is put in place  Ensure (i.e. prove positively) that your solution is independent of any single biometric technology provider  Maintain strict data independence from underlying device or matcher technology  Large scale programs can clearly benefit for performance analysis tools to ensure optimum use of biometrics  Deploying a system that leverages synergies between an identification broker and analysis tools enables systems to be self optimizing over time yielding better performance and mitigating against cyber security threats
© Copyright Daon, 2009 25 Thank You – Questions? Conor White Email: conor.white@daon.com Direct: 703 984 4010

Empfohlen

Biometric Security Systems ppt
Biometric Security Systems pptBiometric Security Systems ppt
Biometric Security Systems pptOECLIB Odisha Electronics Control Library
 
Biometric's final ppt
Biometric's final pptBiometric's final ppt
Biometric's final pptAnkita Vanage
 
Bio-metrics Authentication Technique
Bio-metrics Authentication TechniqueBio-metrics Authentication Technique
Bio-metrics Authentication TechniqueRekha Yadav
 
Biometrics security
Biometrics securityBiometrics security
Biometrics securityVuda Sreenivasarao
 
Biometrics
BiometricsBiometrics
Biometricsshweta-sharma99
 
Biometrics Technology Intresting PPT
Biometrics Technology Intresting PPT Biometrics Technology Intresting PPT
Biometrics Technology Intresting PPT preeti tripathi
 
Biometric Systems and Security
Biometric Systems and SecurityBiometric Systems and Security
Biometric Systems and SecurityShreyans Jain
 
Biometrics Technology In the 21st Century
Biometrics Technology In the 21st CenturyBiometrics Technology In the 21st Century
Biometrics Technology In the 21st CenturyStar Link Communication Pvt Ltd
 

Empfohlen

Biometric Security Systems ppt
Biometric Security Systems pptBiometric Security Systems ppt
Biometric Security Systems pptOECLIB Odisha Electronics Control Library
 
Biometric's final ppt
Biometric's final pptBiometric's final ppt
Biometric's final pptAnkita Vanage
 
Bio-metrics Authentication Technique
Bio-metrics Authentication TechniqueBio-metrics Authentication Technique
Bio-metrics Authentication TechniqueRekha Yadav
 
Biometrics security
Biometrics securityBiometrics security
Biometrics securityVuda Sreenivasarao
 
Biometrics
BiometricsBiometrics
Biometricsshweta-sharma99
 
Biometrics Technology Intresting PPT
Biometrics Technology Intresting PPT Biometrics Technology Intresting PPT
Biometrics Technology Intresting PPT preeti tripathi
 
Biometric Systems and Security
Biometric Systems and SecurityBiometric Systems and Security
Biometric Systems and SecurityShreyans Jain
 
Biometrics Technology In the 21st Century
Biometrics Technology In the 21st CenturyBiometrics Technology In the 21st Century
Biometrics Technology In the 21st CenturyStar Link Communication Pvt Ltd
 
Digital Forensic
Digital ForensicDigital Forensic
Digital ForensicCleverence Kombe
 
Biometric security Presentation
Biometric security PresentationBiometric security Presentation
Biometric security PresentationPrabh Jeet
 
Biometrics Technology
Biometrics TechnologyBiometrics Technology
Biometrics Technologylole2
 
Signature verification in biometrics
Signature verification in biometricsSignature verification in biometrics
Signature verification in biometricsSwapnil Bangera
 
Palm vein Technology
Palm vein TechnologyPalm vein Technology
Palm vein TechnologySrinivasa Rao Gurram
 
Biometric Presentation
Biometric PresentationBiometric Presentation
Biometric Presentationrs2003
 
Biometric slideshare
Biometric slideshareBiometric slideshare
Biometric slideshareprachi
 
Biometrics Security System
Biometrics Security SystemBiometrics Security System
Biometrics Security SystemShalika Dissanayaka
 
Biometric technology
Biometric technologyBiometric technology
Biometric technologySudip Sadhukhan
 
Biometric security system
Biometric security systemBiometric security system
Biometric security systemMithun Paul
 
biometric technology
biometric technologybiometric technology
biometric technologyAnmol Bagga
 
User authentication
User authenticationUser authentication
User authenticationCAS
 
Cyber security standards
Cyber security standardsCyber security standards
Cyber security standardsVaughan Olufemi ACIB, AICEN, ANIM
 
Presentation Fingervein Authentication
Presentation Fingervein AuthenticationPresentation Fingervein Authentication
Presentation Fingervein AuthenticationANEESH SASIDHARAN
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider ThreatPECB
 
Biometrics Technology Seminar Report.
Biometrics Technology Seminar Report.Biometrics Technology Seminar Report.
Biometrics Technology Seminar Report.Pavan Kumar MT
 
Face Recognition Technology by Vishal Garg
Face Recognition Technology by Vishal GargFace Recognition Technology by Vishal Garg
Face Recognition Technology by Vishal GargIBNC India - India's Biggest Networking Championship
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and SecurityNoushad Hasan
 
Biometrics technology
Biometrics technology Biometrics technology
Biometrics technology Niharika Gupta
 
palm vein technology and its applications
palm vein technology and its applicationspalm vein technology and its applications
palm vein technology and its applicationsAkhil Kumar
 
Slide-show on Biometrics
Slide-show on BiometricsSlide-show on Biometrics
Slide-show on BiometricsPathik504
 
Bio-metrics Technology
Bio-metrics TechnologyBio-metrics Technology
Bio-metrics TechnologyAvanitrambadiya
 

Weitere ähnliche Inhalte

Was ist angesagt?

Biometric security Presentation
Biometric security PresentationBiometric security Presentation
Biometric security PresentationPrabh Jeet
 
Biometrics Technology
Biometrics TechnologyBiometrics Technology
Biometrics Technologylole2
 
Signature verification in biometrics
Signature verification in biometricsSignature verification in biometrics
Signature verification in biometricsSwapnil Bangera
 
Biometric Presentation
Biometric PresentationBiometric Presentation
Biometric Presentationrs2003
 
Biometric slideshare
Biometric slideshareBiometric slideshare
Biometric slideshareprachi
 
Biometric security system
Biometric security systemBiometric security system
Biometric security systemMithun Paul
 
biometric technology
biometric technologybiometric technology
biometric technologyAnmol Bagga
 
User authentication
User authenticationUser authentication
User authenticationCAS
 
Presentation Fingervein Authentication
Presentation Fingervein AuthenticationPresentation Fingervein Authentication
Presentation Fingervein AuthenticationANEESH SASIDHARAN
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider ThreatPECB
 
Biometrics Technology Seminar Report.
Biometrics Technology Seminar Report.Biometrics Technology Seminar Report.
Biometrics Technology Seminar Report.Pavan Kumar MT
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and SecurityNoushad Hasan
 
Biometrics technology
Biometrics technology Biometrics technology
Biometrics technology Niharika Gupta
 
palm vein technology and its applications
palm vein technology and its applicationspalm vein technology and its applications
palm vein technology and its applicationsAkhil Kumar
 

Was ist angesagt? (20)

Digital Forensic
Digital ForensicDigital Forensic
Digital Forensic
 
Biometric security Presentation
Biometric security PresentationBiometric security Presentation
Biometric security Presentation
 
Biometrics Technology
Biometrics TechnologyBiometrics Technology
Biometrics Technology
 
Signature verification in biometrics
Signature verification in biometricsSignature verification in biometrics
Signature verification in biometrics
 
Palm vein Technology
Palm vein TechnologyPalm vein Technology
Palm vein Technology
 
Biometric Presentation
Biometric PresentationBiometric Presentation
Biometric Presentation
 
Biometric slideshare
Biometric slideshareBiometric slideshare
Biometric slideshare
 
Biometrics Security System
Biometrics Security SystemBiometrics Security System
Biometrics Security System
 
Biometric technology
Biometric technologyBiometric technology
Biometric technology
 
Biometric security system
Biometric security systemBiometric security system
Biometric security system
 
biometric technology
biometric technologybiometric technology
biometric technology
 
User authentication
User authenticationUser authentication
User authentication
 
Cyber security standards
Cyber security standardsCyber security standards
Cyber security standards
 
Presentation Fingervein Authentication
Presentation Fingervein AuthenticationPresentation Fingervein Authentication
Presentation Fingervein Authentication
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider Threat
 
Biometrics Technology Seminar Report.
Biometrics Technology Seminar Report.Biometrics Technology Seminar Report.
Biometrics Technology Seminar Report.
 
Face Recognition Technology by Vishal Garg
Face Recognition Technology by Vishal GargFace Recognition Technology by Vishal Garg
Face Recognition Technology by Vishal Garg
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and Security
 
Biometrics technology
Biometrics technology Biometrics technology
Biometrics technology
 
palm vein technology and its applications
palm vein technology and its applicationspalm vein technology and its applications
palm vein technology and its applications
 

Andere mochten auch

Slide-show on Biometrics
Slide-show on BiometricsSlide-show on Biometrics
Slide-show on BiometricsPathik504
 
Biometric Security advantages and disadvantages
Biometric Security advantages and disadvantagesBiometric Security advantages and disadvantages
Biometric Security advantages and disadvantagesPrabh Jeet
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentationBijay Bhandari
 
ISSA Web Conference - Biometric Information Security Management
ISSA Web Conference - Biometric Information Security ManagementISSA Web Conference - Biometric Information Security Management
ISSA Web Conference - Biometric Information Security ManagementPhil Griffin
 
Final Year Projects Computer Science (Information security) -2015
Final Year Projects Computer Science (Information security) -2015Final Year Projects Computer Science (Information security) -2015
Final Year Projects Computer Science (Information security) -2015Syed Ubaid Ali Jafri
 
Biometric security using cryptography
Biometric security using cryptographyBiometric security using cryptography
Biometric security using cryptographySampat Patnaik
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Imperva
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityDipesh Waghela
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security pptLipsita Behera
 

Andere mochten auch (13)

Slide-show on Biometrics
Slide-show on BiometricsSlide-show on Biometrics
Slide-show on Biometrics
 
Bio-metrics Technology
Bio-metrics TechnologyBio-metrics Technology
Bio-metrics Technology
 
Biometric Security advantages and disadvantages
Biometric Security advantages and disadvantagesBiometric Security advantages and disadvantages
Biometric Security advantages and disadvantages
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentation
 
ISSA Web Conference - Biometric Information Security Management
ISSA Web Conference - Biometric Information Security ManagementISSA Web Conference - Biometric Information Security Management
ISSA Web Conference - Biometric Information Security Management
 
Final Year Projects Computer Science (Information security) -2015
Final Year Projects Computer Science (Information security) -2015Final Year Projects Computer Science (Information security) -2015
Final Year Projects Computer Science (Information security) -2015
 
Biometric security using cryptography
Biometric security using cryptographyBiometric security using cryptography
Biometric security using cryptography
 
biometrics
biometricsbiometrics
biometrics
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
 
Iris recognition seminar
Iris recognition seminarIris recognition seminar
Iris recognition seminar
 
Cyber-crime PPT
Cyber-crime PPTCyber-crime PPT
Cyber-crime PPT
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security ppt
 

Ähnlich wie biometrics and cyber security

Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and riskEY
 
BYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, WestBYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, WestJay McLaughlin
 
Information Systems.pptx
Information Systems.pptxInformation Systems.pptx
Information Systems.pptxKnownId
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security BasicsMohan Jadhav
 
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdfCYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdfJenna Murray
 
Certes webinar securing the frictionless enterprise
Certes webinar securing the frictionless enterpriseCertes webinar securing the frictionless enterprise
Certes webinar securing the frictionless enterpriseJason Bloomberg
 
Applied mobile chaos theory
Applied mobile chaos theoryApplied mobile chaos theory
Applied mobile chaos theorySecureITExperts
 
Zero Trust: Redefining Security in the Digital Age
Zero Trust: Redefining Security in the Digital AgeZero Trust: Redefining Security in the Digital Age
Zero Trust: Redefining Security in the Digital AgeArnold Antoo
 
Ethics, Professionalism and Other Emerging Technologies
Ethics, Professionalism and Other Emerging TechnologiesEthics, Professionalism and Other Emerging Technologies
Ethics, Professionalism and Other Emerging TechnologiesPrakhyath Rai
 
Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02
Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02
Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02anjalee990
 
Network Security-Module_1.pdf
Network Security-Module_1.pdfNetwork Security-Module_1.pdf
Network Security-Module_1.pdfDr. Shivashankar
 
Information Security Management System in the Banking Sector
Information Security Management System in the Banking SectorInformation Security Management System in the Banking Sector
Information Security Management System in the Banking SectorSamvel Gevorgyan
 
The myth of secure computing; management information system; MIS
The myth of secure computing; management information system; MISThe myth of secure computing; management information system; MIS
The myth of secure computing; management information system; MISSaazan Shrestha
 
SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4Rodrigo Piovesana
 
The 5 ws of Cyber Security
The 5 ws of Cyber SecurityThe 5 ws of Cyber Security
The 5 ws of Cyber SecurityMisha Hanin
 
Automation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formattedAutomation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formattedMatthew Moldvan
 

Ähnlich wie biometrics and cyber security (20)

Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and risk
 
BYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, WestBYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, West
 
Portable Biometrics (1)
Portable Biometrics (1)Portable Biometrics (1)
Portable Biometrics (1)
 
Information Systems.pptx
Information Systems.pptxInformation Systems.pptx
Information Systems.pptx
 
Nonprofit IT Trends 2018
Nonprofit IT Trends 2018Nonprofit IT Trends 2018
Nonprofit IT Trends 2018
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security Basics
 
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdfCYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
 
I0516064
I0516064I0516064
I0516064
 
Certes webinar securing the frictionless enterprise
Certes webinar securing the frictionless enterpriseCertes webinar securing the frictionless enterprise
Certes webinar securing the frictionless enterprise
 
Applied mobile chaos theory
Applied mobile chaos theoryApplied mobile chaos theory
Applied mobile chaos theory
 
Zero Trust: Redefining Security in the Digital Age
Zero Trust: Redefining Security in the Digital AgeZero Trust: Redefining Security in the Digital Age
Zero Trust: Redefining Security in the Digital Age
 
Ethics, Professionalism and Other Emerging Technologies
Ethics, Professionalism and Other Emerging TechnologiesEthics, Professionalism and Other Emerging Technologies
Ethics, Professionalism and Other Emerging Technologies
 
Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02
Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02
Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02
 
Network Security-Module_1.pdf
Network Security-Module_1.pdfNetwork Security-Module_1.pdf
Network Security-Module_1.pdf
 
Information Security Management System in the Banking Sector
Information Security Management System in the Banking SectorInformation Security Management System in the Banking Sector
Information Security Management System in the Banking Sector
 
The myth of secure computing; management information system; MIS
The myth of secure computing; management information system; MISThe myth of secure computing; management information system; MIS
The myth of secure computing; management information system; MIS
 
U nit 4
U nit 4U nit 4
U nit 4
 
SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4
 
The 5 ws of Cyber Security
The 5 ws of Cyber SecurityThe 5 ws of Cyber Security
The 5 ws of Cyber Security
 
Automation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formattedAutomation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formatted
 

Kürzlich hochgeladen

Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSCeline George
 
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdfVishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdfssuserdda66b
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxVishalSingh1417
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfNirmal Dwivedi
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...pradhanghanshyam7136
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...ZurliaSoop
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxheathfieldcps1
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsMebane Rash
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfSherif Taha
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Jisc
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfPoh-Sun Goh
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsKarakKing
 
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxSKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxAmanpreet Kaur
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomPooky Knightsmith
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxEsquimalt MFRC
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseAnaAcapella
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibitjbellavia9
 

Kürzlich hochgeladen (20)

Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdfVishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdf
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
 
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxSKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please Practise
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 

biometrics and cyber security

  • 1. © Copyright Daon, 2009 1 Biometrics and Cyber SecurityBiometrics and Cyber Security Key Considerations in Protecting CriticalKey Considerations in Protecting Critical InfrastructureInfrastructure –– Now and In The FutureNow and In The Future Conor White, Chief Technology Officer, Daon
  • 2. © Copyright Daon, 2009 2 Why is Cyber Security Important in the Context of Biometric Systems?
  • 3. © Copyright Daon, 2009 3 Cyber Security & Biometrics  On the Internet, nobody knows you are a dog…. Or a terrorist …Or a student … Or a spy…
  • 4. © Copyright Daon, 2009 4 Identity is More Valuable than Money! “I can’t think of a single piece of information more critical to our ultimate security and prosperity, both as individuals and as a country, than our personal identity. The ability of an individual to establish identity, to verify “you are who you claim to be”, is critical to the many transactions that occur in a single day. As the world becomes more interdependent, as transactions become more global, and as the world embraces identity management and assurance as an element of conducting business, personal identities will become a form of global currency. Whether you are crossing a border, seeking employment, applying for a public benefit, opening a bank account, combating crime, making a purchase, enforcing immigration policy, granting access to public and private spaces, detecting terrorists ---- identity verification has limitless value.” Governor Tom Ridge Former Secretary, Department of Homeland Security
  • 5. © Copyright Daon, 2009 5 Identity Management is Fundamental to Cyber Security  Cyber Security is about establishing trust in entities accessing your networks and ensuring that they perform functions consistent with the role you define for them.  The fundamental capability necessary for any cyber security solution is Identity Management. • Biometrics is a key enabling technology in the fight to strengthen the security of systems against cyber crime  However…
  • 6. © Copyright Daon, 2009 6 …Biometric Identity Systems Will Be Attacked!  In this session we will discuss (briefly) the following cyber security topics as they relate to Biometric Systems: 1. System Level Perspective 2. Person Level Perspective 3. Independence, Flexibility, Ongoing Analysis and Adaptation
  • 7. © Copyright Daon, 2009 7 Attacks on Biometric Systems Consider the following:  Don’t have to duplicate to spoof – you just need to alter to ensure no 1:1 or 1:N match (negative identification scenarios)  As our databases grow, we struggle to achieve universality  As we seek to automate, unattended acquisition and authentication creates risk  As more systems are deployed, frequency and sophistication of attacks will increase • Microsoft OS virus vs Apple OS virus  No Biometric modality is perfect – don’t believe anybody who tells you otherwise  No silver bullet - lots of papers & patents but few commercial offerings  Industry starting to look more seriously at liveness detection – e.g. LivDet 2009 Biometrics provide a clear benefit to counteracting cyber security threats – but biometric systems can themselves be a source of weakness
  • 8. © Copyright Daon, 2009 8 How Do We Compete?  Countermeasures are required: • Enhanced Capture Software • Secured Systems • New Capture Devices • Multi-factor • Multi-modal • Supervision & Oversight – guiding standard and principles • Ability to react through flexible technology and process  Biometric matching has been a technology- and tool-centric field.  A Defense-in-Depth method of dealing with biometric & identity-related concerns takes a more holistic approach: People Technology Operations
  • 9. © Copyright Daon, 2009 9 Biometric System Threats & Countermeasures
  • 10. © Copyright Daon, 2009 10 Biometric System Vulnerabilities Key Considerations: • There is no perfect identity authentication method – every form of authentication has vulnerabilities • The entire identity eco-system is vulnerable to attack • Don’t just secure the point of authentication • Consider systemic weaknesses as well • Must provide a defense-in-depth strategy Signal Processing Data Collection Matching Storage Decision Verifier 1 2 3 4 5 6 7 8 9 10 11 Person Perspective System Perspective Source: Study report on Biometrics and E-Authentication
  • 11. © Copyright Daon, 2009 11 First Principle of Cyber Security Security by Design  Security should be designed into a solution and not “bolted on” after the fact  All solutions MUST be designed using industry-best security principles • Encryption of data – both in transit and at rest • Use of strong cryptographic techniques (e.g. HSMs) • Robust key management • Non-repudiation of events • Authorization of function • Integrity protection – data and system • Uses industry proven techniques – no “security by obscurity” Biometrics systems are vulnerable to attack at several points in the process: data collection, signal processing, data storage, and decision/action point
  • 12. © Copyright Daon, 2009 12 Location Threats Example Countermeasures 1 – Data Collection Spoofing Liveness detection - Challenge/response Multi-modal, policy-based Device substitution Mutually authenticate device Vendor agnostic architecture 2 – Raw Data Transmission Replay attack Sign data, timestamp, session tokens/nonces, HSM, FIPS 3 – Signal Processing (Software) Component replacement Sign components 5 – Matching Manipulation of match scores Debugger hostile environment Hill climbing Coarse scoring, trusted sensor, secure channel, limit attempts 7 - Storage Database compromise (reading/replacing template, changing bindings) DB access controls, sign/encrypt templates, store on secure token Audit, digital signature 9 – Decision Threshold manipulation Protected function, data protection Signal Processing Data Collection Matching Storage Decision Verifier 1 2 3 4 5 6 7 8 9 10 11 Person Perspective System PerspectiveDefense in Depth So How do We Design in the Countermeasures?
  • 13. © Copyright Daon, 2009 13 And Don’t Forget about Data Security  Provide an authentication framework that • Securely manages sensitive biometric data. • Ensures the privacy of users’ personal (e.g. biometric) data. • Resists attacks launched by insiders/outsiders. • Provides for non-repudiation of activities. • Integrates with 3rd party applications. • Scales to enterprise-wide deployments. • Is biometric-agnostic by design.  Biometric data must be stored securely • Privacy concerns (legislation) • Risk of legal challenges to signatures if stolen  Assume a hostile network • Eavesdropping on sensitive traffic. • Injection/deletion of messages  Assume a hostile environment • Database may be compromised. • Machines may be physically attacked. • Attacks launched against OS or Daon software.
  • 14. © Copyright Daon, 2009 14 In Summary  Biometrics enable stronger defense against cyber security attacks but biometric systems need to ensure that they don’t become a platform for launching an attack themselves  Design Security In – Don’t just bolt it on • Protect biometric systems using a holistic approach • Ensure all data is encrypted (in motion and at rest) • Ensure robust key management and distribution • Signing of all parties in a transaction • Tamper evidence and integrity checks throughout system • Audit trails and non-repudiation • Consider all points in a solution and look for vulnerabilities  Its NOT just about the matching algorithm!
  • 15. © Copyright Daon, 2009 15 Person-Oriented Attacks & Countermeasures
  • 16. © Copyright Daon, 2009 16 Person Oriented Attacks  Historically the focus has been finger, face, and iris however, there are several modes being refined: vein, voice, iris on the move,….  To defeat a biometric system, sometimes it is sufficient to cause distortion (i.e. to not match). • Example, distortion of fingerprints to avoid watchlist hits  Universality/Inclusivity becomes a major issue for large populations  Multi-Modal solutions work best  Systems need an adaptive architecture that can incorporate these new modes and leverage technology improvements over time The most progressive, modern systems begin as a multi-biometric platform with built in systemic security & privacy safeguards and add different biometric capabilities as needed over time!
  • 17. © Copyright Daon, 2009 17 Multi-biometric Fusion  Use fusion to improve accuracy and robustness • Increase accuracy beyond single biometric matching • Reduce FTE (broaden population) • Spoof/denial resistance • Cope with poor quality data • Sensor/user fault tolerance  Fusion performance depends on: • Input data available • Comparison algorithm accuracy • Correlations between different matcher scores • Fusion technique • Training data
  • 18. © Copyright Daon, 2009 18 Multi-Biometric Fusion in Action  Choose a platform that enables multiple biometrics to ensure optimized performance  Multi-biometric systems provide key advantages: • Increased accuracy (noise reduction) • Enhanced Usability • Greater Universality • Improved Security • Improved performance (FMR, FNMR)  As enrollment populations grow dramatically, multi- modal solutions are inevitable. Performance of large scale identity programs can be significantly improved through the use of multiple biometrics. Large scale systems should establish a core multi-biometric platform first and then choose the most applicable algorithms to suit their population, commercial and performance needs 0.1000% 1.0000% 10.0000% 100.0000% 0.0001% 0.0010% 0.0100% 0.1000% 1.0000% 10.0000% 100.0000% False Match Rate (FMR) FalseNon-MatchRate(FNMR) Face Finger Sum fusion Product fusion
  • 19. © Copyright Daon, 2009 19 In Summary  There is NO perfect biometric type  There is NO perfect biometric device or algorithm  Biometric performance will continue to increase over time, costs will decrease  Spoofing attacks will continue and gain in frequency and complexity  A flexible framework is needed to counteract these attacks  Multi-biometric systems provide best defense – with ability to continually add new technology components  Policy based normalization and fusion should be kept independent of biometric matching algorithms  Adopt a platform that enables you to take advantage of technological improvements over time
  • 20. © Copyright Daon, 2009 20 Technology Flexibility, Ongoing Analysis and Adaptation
  • 21. © Copyright Daon, 2009 21 Analysis and Adaptation  Question: How do you react to: • Biometric technologies continuously changing • Weaknesses identified in specific algorithms or devices • Spoofing techniques continuously improving • New normalization and fusion techniques emerging • Throughput and performance models emerging • …  Answer: Deploy an analysis and adaptation engine that enables you to do “what-if analysis” and understand consequences of changes ahead of implementation  Identify and correct weak points ahead of cyber attackers  Automate performance analysis of what-if scenarios: • Algorithms: Matching, Quality, Fusion • Devices/sensors • Interoperability: Cross-device analysis, multi-algorithm scenarios • Protocols e.g. 1:1, 1:N, #attempts, preferred sample types
  • 22. © Copyright Daon, 2009 22 Which Fusion? DETs 1.0E-03 1.0E-02 1.0E-01 1.0E+00 1.0E-06 1.0E-05 1.0E-04 1.0E-03 1.0E-02 1.0E-01 1.0E+00 False Match Rate (FMR) FalseNon-MatchRate(FNMR) 517_Face_C 517_Finger_LI SUM: MinMax SUM: Zscore SUM: MAD SUM: TanH PROD: FNMR PROD: Liklihood
  • 23. © Copyright Daon, 2009 23 Self Optimizing Framework for Analysis and Adaptation Biometric Performance Analysis Engine Results Analysis Policy Based Biometric Platform Biometric Performance Analysis Engine
  • 24. © Copyright Daon, 2009 24 In Summary  Vendor independence provides both a monetary ROI and a cyber- threat risk mitigation  Leverage concept of master broker to orchestrate operations of biometric components  Ensure a vendor independent framework is put in place  Ensure (i.e. prove positively) that your solution is independent of any single biometric technology provider  Maintain strict data independence from underlying device or matcher technology  Large scale programs can clearly benefit for performance analysis tools to ensure optimum use of biometrics  Deploying a system that leverages synergies between an identification broker and analysis tools enables systems to be self optimizing over time yielding better performance and mitigating against cyber security threats
  • 25. © Copyright Daon, 2009 25 Thank You – Questions? Conor White Email: conor.white@daon.com Direct: 703 984 4010