Presentation is loading. Please wait.

Presentation is loading. Please wait.

N Stage Authentication with Biometric Devices Presented by: Nate Rotschafer Sophomore Peter Kiewit Institute Revised: July 8, 2002.

Published byHomer Rodgers Modified over 9 years ago

Similar presentations

Presentation on theme: "N Stage Authentication with Biometric Devices Presented by: Nate Rotschafer Sophomore Peter Kiewit Institute Revised: July 8, 2002."— Presentation transcript:

1 N Stage Authentication with Biometric Devices Presented by: Nate Rotschafer Sophomore Peter Kiewit Institute Revised: July 8, 2002

2 N Stage Authentication n Outline –Background on Authentication –General Network Security –Need for High Grade Authentication –Need for Multiple Factor Authentication –Background on Error Types –Forms of Biometric Authentication –Pros and Cons of Each Biometric Technology –What’s Hot? What’s Not? –Major Players –Network Management with Biometric Devices –Problems –Proper Network Security with Biometric Devices –Demos and Discussion –Prognosis

3 Background on Authentication

4 Identification n The method used by a system (not necessarily a computer) to uniquely identify an individual or group. Examples: User names, Driver’s License, School ID, Security Badge, Passport

5 Authentication n The method(s) used to verify the given identification against a database of known information. Examples: Passwords, Fingerprints, Iris Prints, Negotiation

6 Development of Authentication n What you know… n What you have… n What you are… n Future Development: How you are...

7 General Network Security

8 Security is NOT n Installing a firewall n A product or Service n Running an audit and shutting things off

9 Security IS n Working productively and without interruptions n Only as good as the weakest link n Risk management of resources (equipment, people) n Physical security n A process, methodology, policies and people n Is 24x7x365

10 General Network Security n No silver bullet to network security n Replay attacks n Denial of Service ((D)DoS) n Spoofing n Users n Dictionary Attacks

11 Security Thoughts n 80-90% are internal issues n Hard drive crash (what did you loose, and how long to get back up?) n Firewall penetration (what can they do, what do they see?) n Internet failed (how much lost productivity/revenue, backup net connection?) n Some can always get in

12 General Network Security Conclusion n Biometrics will help but will not solve all problems n Users are the “weakest link” n Proactive security plan

13 Need for High Grade Authentication

14 n High Security Areas n Multiple Factor Authentication n Challenge and Response Authentication n High Assurance of Proper Identification n Data Retrieval Based on the Person

15 Background on Error Types

16 Type I Error --- Accept in Error n Balance Between Type I and Type II Error n Most Dangerous n High Exposure n Preventable n Need for Additional Security Measures

17 Type II --- Deny in Error n Balance Between Type I and Type II Error n Only an Inconvenience n Prventable n Established by a High Security Policy

18 Forms of Biometric Authentication

19 Forms of Biometric Devices n Fingerprint Scanners n Retina Scanners n Iris Scanners n Voice Print Scanners n Handwriting Recognition n Face Recognition n Personal Geometry n DNA

20 Pros and Cons of Each Biometric Technology

21 Fingerprint Scanners n Pros n Cons

22 Retina Scanners n Pros n Cons

23 Iris Scanners n Pros n Cons

24 Voice Print Scanners n Pros n Cons

25 Handwriting Recognition n Pros n Cons

26 Personal Geometry n Pros n Cons

27 Face Recognition n Pros n Cons

28 DNA n Pros n Cons

29 What’s Hot? What’s Not?

30 What’s Hot? n Fingerprint Scanners n Iris Scanners n N Stage Authentication n Interoperability n Interchangeability n Standards n Server Signature Storage

31 What’s Not? n Retina Scanners n DNA n 1 or 2 Stage Authentication

32 Major Players

33 n Most ISP NOCs n Healthcare Organizations n Banking Industry n Military/Government Agencies n Department of Defense n Schools?

34 Network Management with Biometric Devices

35 Cost n Fingerprint Scanner --- $100-150 n Retina Scanner --- $400-500 n Iris Scanner --- $200-300 n Voice Print Scanner --- $150-200 n Face Recognition --- $150-250

36 Ease of Deployment n Fingerprint Scanner --- Easy n Retina Scanner --- Hard n Iris Scanner --- Hard n Voice Print Scanner --- Medium n Face Recognition --- Easy

37 Ease of Management n Fingerprint Scanner --- Easy n Retina Scanner --- Medium n Iris Scanner --- Medium n Voice Print Scanner --- Easy n Face Recognition --- Medium

38 User Effects n Fingerprint Scanner --- Medium n Retina Scanner --- Medium n Iris Scanner --- Medium n Voice Print Scanner --- High n Face Recognition --- Medium

39 Problems

40

41 Proper Network Security With Biometric Devices

42 Securing Biometric Signatures n Tamper resistant storage n Protection from corruption n Secure signature changes n Secure backups n Stop signature interception n Protect latent signatures

43 Logon Security n Trusted Path to the authentication device n Tamper resistance n Clear or encrypted transmission n Continuous monitoring n What “goes down the wire”? n Real biometric?

44 Bypass Prevention n Tamper resistance at the local machine n Enhanced biometrics to tell a real biometric from a fake biometric n Both biometrics and passwords needed

45 Consistency n Environmental effects n All network users adhere to the same policy n All network machines configured identically

46 Can Biometrics be Bypassed? n How they are connected n The device can be fooled n Consistency

47 Demos and Discussion

48 Demo of Fingerprint Scanner Authentication

49 Demo of Iris Scanner Authentication

50 Wire Capture Analysis

51 Recent Bypassing Methods

52 How to Bypass

53 Question and Answer

54 Thanks To: n Dr. Blaine Burnham, Director of NUCIA n Defcon 10 n Peter Kiewit Institute n Dan Devries

55 Contact Info n E-Mail: nrotschafer@geniussystems.net n Slides: http://www.geniussystems.net –Goto the :. Talks.: section and then to the “Biometrics” folder then to the “Defcon” folder and download the.ppt slides of the presentation.

56 Links n http://www.theregus.com/content/55/24956.html http://www.theregus.com/content/55/24956.html n http://www.heise.de/ct/english/02/11/114/ http://www.heise.de/ct/english/02/11/114/ n http://www.precisebiometrics.com/ http://www.precisebiometrics.com/ n http://www.saflink.com/ http://www.saflink.com/ n http://stat.tamu.edu/Biometrics/ http://stat.tamu.edu/Biometrics/ n http://www.biometrics.org/ http://www.biometrics.org/ n http://biometrics.cse.msu.edu/ http://biometrics.cse.msu.edu/

Download ppt "N Stage Authentication with Biometric Devices Presented by: Nate Rotschafer Sophomore Peter Kiewit Institute Revised: July 8, 2002."

Similar presentations

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
TERMINAL SERVER DEPLOYMENT PLAN. STEP 1: PREPARATION  UTILIZE THE CURRENT SERVER FOR: ACTIVE DIRECTORY (AD) ACTIVE DIRECTORY (AD) NEEDED FOR STORAGE.

TERMINAL SERVER DEPLOYMENT PLAN. STEP 1: PREPARATION  UTILIZE THE CURRENT SERVER FOR: ACTIVE DIRECTORY (AD) ACTIVE DIRECTORY (AD) NEEDED FOR STORAGE.
AFCEA TechNet Europe Identity and Authentication Management Systems for Access Control Security IDENTITY MANAGEMENT Good Afternoon! Since Yesterday we.

AFCEA TechNet Europe Identity and Authentication Management Systems for Access Control Security IDENTITY MANAGEMENT Good Afternoon! Since Yesterday we.
Lecture 6 User Authentication (cont)

Lecture 6 User Authentication (cont)
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Computer Security Biometric authentication Based on a talk by Dr J.J. Atick, Identix, “Biometrics in the Decade of Security”, CNSS 2003.

Computer Security Biometric authentication Based on a talk by Dr J.J. Atick, Identix, “Biometrics in the Decade of Security”, CNSS 2003.
Development of Fingerprint and Iris Authentication Systems in Thailand Dr. Sarun Sumriddetchkajorn Electro-Optics Section, NECTEC Dr. Vutipong Areekul.

Development of Fingerprint and Iris Authentication Systems in Thailand Dr. Sarun Sumriddetchkajorn Electro-Optics Section, NECTEC Dr. Vutipong Areekul.
BTC - 1 Biometrics Technology Centre (BTC) Biometrics Solution for Authentication Prof. David Zhang Director Biometrics Technology Centre (UGC/CRC) Department.

BTC - 1 Biometrics Technology Centre (BTC) Biometrics Solution for Authentication Prof. David Zhang Director Biometrics Technology Centre (UGC/CRC) Department.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
By: Monika Achury and Shuchita Singh

By: Monika Achury and Shuchita Singh
CSA 223 network and web security Chapter one

CSA 223 network and web security Chapter one
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
1 November 2004 1 Applicability of Biometrics As a Means of Authentication Scholarship for Service William Kwan.

1 November Applicability of Biometrics As a Means of Authentication Scholarship for Service William Kwan.
George Turner Effectiveness of Biometric Security CS591 Semester Project 2010 1.

George Turner Effectiveness of Biometric Security CS591 Semester Project
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Biometrics and Authentication Shivani Kirubanandan.

Biometrics and Authentication Shivani Kirubanandan.
Biometric Authentication Presenter: Yaoyu, Zhang Presenter: Yaoyu, Zhang.

Biometric Authentication Presenter: Yaoyu, Zhang Presenter: Yaoyu, Zhang.
Geoff Lacy. Outline  Definition  Technology  Types of biometrics Fingerprints Iris Retina Face Other ○ Voice, handwriting, DNA  As an SA.

Geoff Lacy. Outline  Definition  Technology  Types of biometrics Fingerprints Iris Retina Face Other ○ Voice, handwriting, DNA  As an SA.
Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.

Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.

Similar presentations

Ads by Google