N Stage Authentication with Biometric Devices Presented by: Nate Rotschafer Sophomore Peter Kiewit Institute Revised: July 8, 2002.

Slides:

Advertisements

Similar presentations

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

Advertisements

TERMINAL SERVER DEPLOYMENT PLAN. STEP 1: PREPARATION  UTILIZE THE CURRENT SERVER FOR: ACTIVE DIRECTORY (AD) ACTIVE DIRECTORY (AD) NEEDED FOR STORAGE.

AFCEA TechNet Europe Identity and Authentication Management Systems for Access Control Security IDENTITY MANAGEMENT Good Afternoon! Since Yesterday we.

Lecture 6 User Authentication (cont)

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Computer Security Biometric authentication Based on a talk by Dr J.J. Atick, Identix, “Biometrics in the Decade of Security”, CNSS 2003.

Development of Fingerprint and Iris Authentication Systems in Thailand Dr. Sarun Sumriddetchkajorn Electro-Optics Section, NECTEC Dr. Vutipong Areekul.

BTC - 1 Biometrics Technology Centre (BTC) Biometrics Solution for Authentication Prof. David Zhang Director Biometrics Technology Centre (UGC/CRC) Department.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

By: Monika Achury and Shuchita Singh

CSA 223 network and web security Chapter one

Security Awareness: Applying Practical Security in Your World

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

1 November Applicability of Biometrics As a Means of Authentication Scholarship for Service William Kwan.

George Turner Effectiveness of Biometric Security CS591 Semester Project

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Biometrics and Authentication Shivani Kirubanandan.

Biometric Authentication Presenter: Yaoyu, Zhang Presenter: Yaoyu, Zhang.

Geoff Lacy. Outline  Definition  Technology  Types of biometrics Fingerprints Iris Retina Face Other ○ Voice, handwriting, DNA  As an SA.

Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.

Zachary Olson and Yukari Hagio CIS 4360 Computer Security November 19, 2008.

Biometrics. Outline What is Biometrics? Why Biometrics? Physiological Behavioral Applications Concerns / Issues 2.

E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.

Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) = * 5, = $ What happens to the.004? =

Chapter 13 Security Strategies and Systems. Security Issues The Internet has opened up many new frontiers for everyone, including con artists and computer.

BUSINESS B1 Information Security.

Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?

Chapter 12 by Lisa Reeves Bertin Securing Information in a Network.

Troubleshooting Windows Vista Security Chapter 4.

 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.

Center of Excellence for IT at Bellevue College. Cyber security and information assurance refer to measures for protecting computer systems, networks,

Caring for Technology Malware. Malware In this Topic we examine: v Viruses (or Malware) v Virus Detection Techniques v When a Virus is Detected v Updating.

Geneva, Switzerland, September 2014 Identity Based Attestation and Open Exchange Protocol (IBOPS) Scott Streit Chief Scientist.

Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.

G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.

Security Issues and Strategies Chapter 8 – Computers: Understanding Technology (Third edition)

Lecture 7 Page 1 CS 236, Spring 2008 Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know.

McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved INFORMATION SECURITY SECTION 4.2.

UNIT 19 Data Security 2.

COEN 350: Network Security Authentication. Between human and machine Between machine and machine.

 Biometrics refers to the identification of humans by their characteristics or traits. Biometrics is used in computer science as a form of identification.

Biometrics: A Tool for Information Security 1 Authors: Anil K. Jain, Arun Ross, Sharath Pankanti IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY,

Access Control / Authenticity Michael Sheppard 11/10/10.

Biometric Devices Biometric devices use secure identification and authentication in order for someone to use the device. These devices use automated.

COEN 351 Authentication. Authentication is based on What you know Passwords, Pins, Answers to questions, … What you have (Physical) keys, tokens, smart-card.

Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.

Biometrics and Security Colin Soutar, CTO Bioscrypt Inc. 10th CACR Information Security Workshop May 8th, 2002.

Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.

LEARNING AREA 1 : INFORMATION AND COMMUNICATION TECHNOLOGY PRIVACY AUTHENTICATION VERIFICATION.

Unit 32 – Networked Systems Security

Managing Secure Biometric Systems Meghan Armes IA Management April 24, 2007.

Information Systems Design and Development Security Precautions Computing Science.

DEFEATING BIOMETRIC AUTHENTICATION SYSTEMS Colin O’Hanlon COSC 480 April 11, 2012.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

An Introduction to Biometrics

7/10/20161 Computer Security Protection in general purpose Operating Systems.

UNIT V Security Management of Information Technology.

Challenge/Response Authentication

Biometrics Security in Banking Systems Image processing in ATM

Diane DiLorenzo Cosc 101 section 7

Challenge/Response Authentication

INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.

Biometrics Reg: AMP/HNDIT/F/F/E/2013/067.

Call to Fix QuickBooks Error

برنامج أمن أنظمة الحاسب

Biometric technology.

Computer Security Protection in general purpose Operating Systems

Presentation transcript:

N Stage Authentication with Biometric Devices Presented by: Nate Rotschafer Sophomore Peter Kiewit Institute Revised: July 8, 2002

N Stage Authentication n Outline –Background on Authentication –General Network Security –Need for High Grade Authentication –Need for Multiple Factor Authentication –Background on Error Types –Forms of Biometric Authentication –Pros and Cons of Each Biometric Technology –What’s Hot? What’s Not? –Major Players –Network Management with Biometric Devices –Problems –Proper Network Security with Biometric Devices –Demos and Discussion –Prognosis

Background on Authentication

Identification n The method used by a system (not necessarily a computer) to uniquely identify an individual or group. Examples: User names, Driver’s License, School ID, Security Badge, Passport

Authentication n The method(s) used to verify the given identification against a database of known information. Examples: Passwords, Fingerprints, Iris Prints, Negotiation

Development of Authentication n What you know… n What you have… n What you are… n Future Development: How you are...

General Network Security

Security is NOT n Installing a firewall n A product or Service n Running an audit and shutting things off

Security IS n Working productively and without interruptions n Only as good as the weakest link n Risk management of resources (equipment, people) n Physical security n A process, methodology, policies and people n Is 24x7x365

General Network Security n No silver bullet to network security n Replay attacks n Denial of Service ((D)DoS) n Spoofing n Users n Dictionary Attacks

Security Thoughts n 80-90% are internal issues n Hard drive crash (what did you loose, and how long to get back up?) n Firewall penetration (what can they do, what do they see?) n Internet failed (how much lost productivity/revenue, backup net connection?) n Some can always get in

General Network Security Conclusion n Biometrics will help but will not solve all problems n Users are the “weakest link” n Proactive security plan

Need for High Grade Authentication

n High Security Areas n Multiple Factor Authentication n Challenge and Response Authentication n High Assurance of Proper Identification n Data Retrieval Based on the Person

Background on Error Types

Type I Error --- Accept in Error n Balance Between Type I and Type II Error n Most Dangerous n High Exposure n Preventable n Need for Additional Security Measures

Type II --- Deny in Error n Balance Between Type I and Type II Error n Only an Inconvenience n Prventable n Established by a High Security Policy

Forms of Biometric Authentication

Forms of Biometric Devices n Fingerprint Scanners n Retina Scanners n Iris Scanners n Voice Print Scanners n Handwriting Recognition n Face Recognition n Personal Geometry n DNA

Pros and Cons of Each Biometric Technology

Fingerprint Scanners n Pros n Cons

Retina Scanners n Pros n Cons

Iris Scanners n Pros n Cons

Voice Print Scanners n Pros n Cons

Handwriting Recognition n Pros n Cons

Personal Geometry n Pros n Cons

Face Recognition n Pros n Cons

DNA n Pros n Cons

What’s Hot? What’s Not?

What’s Hot? n Fingerprint Scanners n Iris Scanners n N Stage Authentication n Interoperability n Interchangeability n Standards n Server Signature Storage

What’s Not? n Retina Scanners n DNA n 1 or 2 Stage Authentication

Major Players

n Most ISP NOCs n Healthcare Organizations n Banking Industry n Military/Government Agencies n Department of Defense n Schools?

Network Management with Biometric Devices

Cost n Fingerprint Scanner --- $ n Retina Scanner --- $ n Iris Scanner --- $ n Voice Print Scanner --- $ n Face Recognition --- $

Ease of Deployment n Fingerprint Scanner --- Easy n Retina Scanner --- Hard n Iris Scanner --- Hard n Voice Print Scanner --- Medium n Face Recognition --- Easy

Ease of Management n Fingerprint Scanner --- Easy n Retina Scanner --- Medium n Iris Scanner --- Medium n Voice Print Scanner --- Easy n Face Recognition --- Medium

User Effects n Fingerprint Scanner --- Medium n Retina Scanner --- Medium n Iris Scanner --- Medium n Voice Print Scanner --- High n Face Recognition --- Medium

Problems

Proper Network Security With Biometric Devices

Securing Biometric Signatures n Tamper resistant storage n Protection from corruption n Secure signature changes n Secure backups n Stop signature interception n Protect latent signatures

Logon Security n Trusted Path to the authentication device n Tamper resistance n Clear or encrypted transmission n Continuous monitoring n What “goes down the wire”? n Real biometric?

Bypass Prevention n Tamper resistance at the local machine n Enhanced biometrics to tell a real biometric from a fake biometric n Both biometrics and passwords needed

Consistency n Environmental effects n All network users adhere to the same policy n All network machines configured identically

Can Biometrics be Bypassed? n How they are connected n The device can be fooled n Consistency

Demos and Discussion

Demo of Fingerprint Scanner Authentication

Demo of Iris Scanner Authentication

Wire Capture Analysis

Recent Bypassing Methods

How to Bypass

Question and Answer

Thanks To: n Dr. Blaine Burnham, Director of NUCIA n Defcon 10 n Peter Kiewit Institute n Dan Devries

Contact Info n n Slides: –Goto the :. Talks.: section and then to the “Biometrics” folder then to the “Defcon” folder and download the.ppt slides of the presentation.

Links n n n n n n n