Sunday, December 8, 2019
Biometrics for Authentication Information System â⬠Free Samples
Question: Discuss about the Biometrics for Authentication System. Answer: Introduction Biometric authentication is an information system that identifies the users identity. Since its introduction by the Apple Inc. in 2013, many other organizations have shown interest in the advancement of this technology. For example, MasterCard and Google Companies have been influenced to incorporate biometric in their operations and products respectively. However, there have been arguments whether the system is secure. For example, many scholars have argued that no human organ, for example, an eye or ear that resembles another person. Therefore, according to the populace biomimetic authentication is not a good approach of keeping person data. Additionally, it seems to infringe personal privacy and security. The arguments from the general public elaborate it clear that people are against biometric for the authentication system. However, this may be misinformed perception. Despite that biometric for authentication may negatively affect the social life of the public it may have benefits that can supersede the negatives it exhibits. This paper will discuss the key issues associated with biometric for authentication to determine the challenges and the benefits attributable to the system. Biometrics for Authentication Current Issues The contemporary world has a growing concern for identity theft, which is frequently reported as a common complaint of many innocent victims. Biometric authentication systems identify people based on their bodily characteristics such as the face, iris, palm print, voice, fingerprint or behavioral characteristics such as posture and signature since such features are physically connected to the user. Biometric authentication is a more dependable device for guaranteeing that only approved and authentic individuals are capable of accessing a facility, travel internationally, or use a computer system thus provides high security when properly incorporated into applications that require user authentication (Campisi, 2013). Even though biometric authentication procedures have been very successful, biometric authentication systems are susceptible to external and inherent failures that can affect security and compromise privacy or restrict authentic users from using a certain service. Biometric Authentication Technologies and Their Application Biometric authentication technologies and techniques are developed centered on biometric characteristics. These technologies include face recognition, fingerprint, hand geometry, iris, retina geometry, voice, signature verification, DNA sampling, thermal imaging, hand vein, and palm print technologies among others (Huang, et al., 2011). Biometric authentication applications include single sign in, network and workstation access, data protection, application login, transaction security, remote access to resources, and web security (Jain Nandakumar, 2012). Biometric authentication technologies are used in achieving e-government and e-commerce goals, in protecting electronic banking, retail sales, investing, social services, health services, and law enforcement (Bhattacharya, et al., 20090. These technologies also play a major part in individual authentication for extensive network verification environments, protection of digital content in healthcare applications and Points of sale. When used alone or combined with other technologies such as encryption keys, smart cards, and digital signatures, biometrics can encompass many aspects of peoples' daily activities. For example, biometrics authentication is used in schools' lunch programs, voice verification for television home shopping, amusement parks, social services and internet banking (Bemmel Mian, 2009). Security and Privacy Challenges Biometric authentication systems are susceptible to intrusion failures. An intrusion occurs when the system erroneously recognizes an impersonator as a legitimate user. While there are numerous potential causes of this failure, it can be categorized as an adversary and inherent problems (Simoens, et al., 2010). Inherent problems A biometric authentication system depends on the comparison between two biometric samples contrasting a password-dependent authentication system that relies on two alphanumeric sequences. The two biometric samples acquired through registration and verification are usually rarely identical and can cause a false match authentication error. A false match happens when two samples have a high resemblance, and the system mistakenly identifies them as a match and results in intrusion by an impersonator. This kind of security failure is known as a zero-effort attack since the impostor does not use any effort to manipulate the system (Kumar Zhang 2010). Adversary manipulation Adversaries can manipulate a biometric system and affect its proper functioning. These actions can be performed by a direct attack on the system, or by using insiders such as system managers. An impostor can bypass a biometric authentication system by compelling or conniving with insiders, manipulating their carelessness such as not logging out of a system, or illegally manipulating registration and exception processing procedures intended to assist legitimate users (Zhang, 2012). External impostors can also cause a biometric system failure using direct manipulations to the template database, matches and extractor modules, user interface, and the interconnections in the modules. Trojan horse, replay attacks, and man in the middle are examples of attacks directed to the system modules and their interconnections (Jain Nandakumar, 2012). However, many countermeasures such as mutual authentication, time stamps, and cryptography are used to restrict them or reduce their effect (Kumar Zh ang, 2010). Spoof attacks are also a key security problem in biometric systems and need enough attention. This attack encompasses presenting a fake biometric attribute from a dead person. Examples of these traits may include a photograph, gummy or mutilated finger from a real user. A successful spoof attack violates and greatly destabilizes the systems privacy and security (Biggio et al., 2012). Several scientists have invented many detection techniques that observe involuntary human features such as blinking of the eye or verify the physiological properties of human fingers to confirm that the biometric features captured originate from a live individual (Huang, et al., 2011). Other adversary manipulations include replay attacks where the impostor records a legitimate user's image and puts it back to the system, substitution attacks where the impostor accesses and overwrites or replaces a stored template with their template, tampering, and masquerade attacks (Awasthi Srivastava, 2013) Conclusion The likelihood of biometric authentication systems being compromised and affecting the users' privacy and security when using a service is true because it is considered as a key challenge as it can be used to produce a legitimate user's original image or its estimate. The protection of an individual's biometric traits cannot be canceled or reproduced, and therefore it is important that methods of protecting stored data are developed and implemented. Consequently, there has been a lot of research on countermeasures such as biometric cryptosystems, mutual authentication, time stamps, and cryptography, which are used to restrict these insecurities or reduce them. This paper has clearly shown that while biometric authentication provides enough security, they are not perfect and definite system engineering principles are needed to boost this security. The risk of manipulation of biometric data used in security applications through adversary manipulations and inherent problems is high main ly where individual privacy is concerned as shown by several types of research. References Awasthi, A. K., Srivastava, K. (2013). A biometric authentication scheme for telecare Medicine information systems with a nonce. Journal of medical systems, 37(5), 9964. Bemmel, V., Mian, S. (2009). U.S. Patent No. 7,512,567. Washington, DC: U.S. Patent and Trademark Office. Bhattacharyya, D., Ranjan, R., Alisherov, F., Choi, M. (2009). Biometric authentication:A review. International Journal of u-and e-Service, Science, and Technology, 2(3), 13-28. Biggio, B., Akhtar, Z., Fumera, G., Marcialis, G. L., Roli, F. (2012). Security evaluation of Biometric authentication systems under real spoofing attacks. IET Biometrics, 1(1), 11-24. Campisi, P. (2013). Security and Privacy in Biometrics (Vol. 24). London: Springer. Huang, X., Xiang, Y., Chonka, A., Zhou, J., Deng, R. H. (2011). A generic framework for Three-factor authentication: Preserving security and privacy in distributed systems. IEEE Transactions on Parallel and Distributed Systems, 22(8), 1390-1397. Jain, A. K., Nandakumar, K. (2012). Biometric Authentication: System Security and User Privacy. IEEE Computer, 45(11), 87-92. Kumar, A., Zhang, D. (2010). Improving biometric authentication performance from the user Quality. IEEE transactions on instrumentation and measurement, 59(3), 730-735. Simoens, K., Bringer, J., Chabanne, H., Seys, S. (2012). A framework for analyzing template Security and privacy in biometric authentication systems. IEEE Transactions on Information forensics and security, 7(2), 833-841. Zhang, D. D. (Ed.). (2012). Biometric solutions: For authentication in an e-world (Vol. 697). Springer Science Business Media.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.