N Stage Authentication with Biometric Devices Presented by: Nate Rotschafer Sophomore Peter Kiewit Institute Revised: July 8, 2002
N Stage Authentication n Outline –Background on Authentication –General Network Security –Need for High Grade Authentication –Need for Multiple Factor Authentication –Background on Error Types –Forms of Biometric Authentication –Pros and Cons of Each Biometric Technology –What’s Hot? What’s Not? –Major Players –Network Management with Biometric Devices –Problems –Proper Network Security with Biometric Devices –Demos and Discussion –Prognosis
Background on Authentication
Identification n The method used by a system (not necessarily a computer) to uniquely identify an individual or group. Examples: User names, Driver’s License, School ID, Security Badge, Passport
Authentication n The method(s) used to verify the given identification against a database of known information. Examples: Passwords, Fingerprints, Iris Prints, Negotiation
Development of Authentication n What you know… n What you have… n What you are… n Future Development: How you are...
General Network Security
Security is NOT n Installing a firewall n A product or Service n Running an audit and shutting things off
Security IS n Working productively and without interruptions n Only as good as the weakest link n Risk management of resources (equipment, people) n Physical security n A process, methodology, policies and people n Is 24x7x365
General Network Security n No silver bullet to network security n Replay attacks n Denial of Service ((D)DoS) n Spoofing n Users n Dictionary Attacks
Security Thoughts n 80-90% are internal issues n Hard drive crash (what did you loose, and how long to get back up?) n Firewall penetration (what can they do, what do they see?) n Internet failed (how much lost productivity/revenue, backup net connection?) n Some can always get in
General Network Security Conclusion n Biometrics will help but will not solve all problems n Users are the “weakest link” n Proactive security plan
Need for High Grade Authentication
n High Security Areas n Multiple Factor Authentication n Challenge and Response Authentication n High Assurance of Proper Identification n Data Retrieval Based on the Person
Background on Error Types
Type I Error --- Accept in Error n Balance Between Type I and Type II Error n Most Dangerous n High Exposure n Preventable n Need for Additional Security Measures
Type II --- Deny in Error n Balance Between Type I and Type II Error n Only an Inconvenience n Prventable n Established by a High Security Policy
Forms of Biometric Authentication
Forms of Biometric Devices n Fingerprint Scanners n Retina Scanners n Iris Scanners n Voice Print Scanners n Handwriting Recognition n Face Recognition n Personal Geometry n DNA
Pros and Cons of Each Biometric Technology
Fingerprint Scanners n Pros n Cons
Retina Scanners n Pros n Cons
Iris Scanners n Pros n Cons
Voice Print Scanners n Pros n Cons
Handwriting Recognition n Pros n Cons
Personal Geometry n Pros n Cons
Face Recognition n Pros n Cons
DNA n Pros n Cons
What’s Hot? What’s Not?
What’s Hot? n Fingerprint Scanners n Iris Scanners n N Stage Authentication n Interoperability n Interchangeability n Standards n Server Signature Storage
What’s Not? n Retina Scanners n DNA n 1 or 2 Stage Authentication
Major Players
n Most ISP NOCs n Healthcare Organizations n Banking Industry n Military/Government Agencies n Department of Defense n Schools?
Network Management with Biometric Devices
Cost n Fingerprint Scanner --- $ n Retina Scanner --- $ n Iris Scanner --- $ n Voice Print Scanner --- $ n Face Recognition --- $
Ease of Deployment n Fingerprint Scanner --- Easy n Retina Scanner --- Hard n Iris Scanner --- Hard n Voice Print Scanner --- Medium n Face Recognition --- Easy
Ease of Management n Fingerprint Scanner --- Easy n Retina Scanner --- Medium n Iris Scanner --- Medium n Voice Print Scanner --- Easy n Face Recognition --- Medium
User Effects n Fingerprint Scanner --- Medium n Retina Scanner --- Medium n Iris Scanner --- Medium n Voice Print Scanner --- High n Face Recognition --- Medium
Problems
Proper Network Security With Biometric Devices
Securing Biometric Signatures n Tamper resistant storage n Protection from corruption n Secure signature changes n Secure backups n Stop signature interception n Protect latent signatures
Logon Security n Trusted Path to the authentication device n Tamper resistance n Clear or encrypted transmission n Continuous monitoring n What “goes down the wire”? n Real biometric?
Bypass Prevention n Tamper resistance at the local machine n Enhanced biometrics to tell a real biometric from a fake biometric n Both biometrics and passwords needed
Consistency n Environmental effects n All network users adhere to the same policy n All network machines configured identically
Can Biometrics be Bypassed? n How they are connected n The device can be fooled n Consistency
Demos and Discussion
Demo of Fingerprint Scanner Authentication
Demo of Iris Scanner Authentication
Wire Capture Analysis
Recent Bypassing Methods
How to Bypass
Question and Answer
Thanks To: n Dr. Blaine Burnham, Director of NUCIA n Defcon 10 n Peter Kiewit Institute n Dan Devries
Contact Info n n Slides: –Goto the :. Talks.: section and then to the “Biometrics” folder then to the “Defcon” folder and download the.ppt slides of the presentation.
Links n n n n n n n