Transcript
1 Ministry of Education of the Republic of Belarus Educational institution "Belarusian State University of Informatics and Radioelectronics" Department of Information Security A. M. Prudnik, G. A. Vlasova, Ya. V. Roshchupkin BIOMETRIC METHODS OF PROTECTING INFORMATION study guide for the specialty "Information Security in Telecommunications" Minsk BSUIR 2014
2 UDC: (076) BBK 5ya y73 P85 References: Department of automated control systems of troops of the educational institution "Military Academy of the Republic of Belarus" (minutes 11 of); Dean of the Faculty of Telecommunications of the Higher State College of Communications, Candidate of Technical Sciences, Associate Professor S. M. Dzherzhinsky Prudnik, A. M. P85 Biometric methods of information security: study-method. allowance / A. M. Prudnik, G. A. Vlasova, Ya. V. Roshchupkin. Minsk: BSUIR, p. : ill. ISBN The issues of access control and information protection using biometric methods and means, general concepts and definitions of biometrics are considered. The classification, as well as a comparative analysis of the main (fingerprints, hand geometry, iris of the eye, face image, signature, voice) and additional biometric parameters (DNA, retina, etc.), their information signs, stages of comparison. The types of errors of authentication systems are considered. The principles of choosing biometric parameters for access control systems, as well as the types of attacks on biometric systems are analyzed. The presented teaching aid will be very useful for students of telecommunication specialties and specialists in the field of access control and information protection. UDC: (076) BBK 5ya y73 ISBN A. M. Prudnik, G. A. Vlasova, Ya. V. Roshchupkin, 2014 Belarusian State University of Informatics and Radioelectronics, 2014
3 CONTENTS 1. AUTHENTICATION AND BIOMETRIC PARAMETERS General concepts of authentication and biometric parameters Authentication protocols Peculiarities of authentication methods Hybrid authentication methods Requirements for biometric authentication BASIC BIOMETRIC PARAMETERS Fingerprint recognition Human recognition by the iris of the eye geometry ADDITIONAL BIOMETRIC PARAMETERS Identification by DNA Recognition of the retina of the eye Recognition by thermograms Recognition by gait Recognition by keyboard handwriting Recognition of the shape of the ears Recognition by skin reflection Recognition by lip movement Identification by body odor BASIC ERRORS of the characteristics of the device AONOMETRIC SYMPTOMS biometrics-specific Negative authentication Tradeoffs ATTACK ON B IOMETRIC SYSTEMS Pattern Recognition Model Attacks on Biometric Identifiers
4 5.3. Frontal attacks Deception Internal attacks Other attacks Combination of smart cards and biometric parameters "Challenge-response" Abbreviated biometric parameters SELECTION OF BIOMETRIC PARAMETER Properties of biometric parameters Application properties Evaluation methods Affordability and price Advantages and disadvantages of biometric parameters Biometric myths and misconceptions CONCLUSION REFERENCES
5 1. AUTHENTICATION AND BIOMETRIC PARAMETERS Reliable authentication, that is, determining the identity of the applicant, is becoming a necessary attribute of everyday life. Today, people use it when performing the most common actions: when boarding an airplane, conducting financial transactions, etc. There are three traditional methods of authentication (and / or authorization, that is, allowing access to a resource): 1) by ownership of physical objects such as keys, passport and smart cards; 2) knowledge of information that must be kept secret and which can only be known by a certain person, for example, a password or passphrase. Knowledge may be relatively confidential information that may or may not be secret, such as the mother's maiden name or favorite color; 3) by biometric parameters, physiological or behavioral characteristics, by which you can distinguish people from each other. The three authentication methods can be used in combination, especially with automatic authentication. For example, a bank card as property requires knowledge (password) to perform transactions, a passport is property with a face image and a signature that refers to biometric parameters. Since objects can be lost or tampered with, and knowledge can be forgotten or transferred to another person, methods of identifying and accessing resources based on knowledge and property are unreliable. Biometric parameters should be used for reliable identity authentication and secure exchange of information between parties. A person cannot fake, lose, steal or transfer biometric parameters to another person without causing injury. At present, biometric technologies provide the greatest guarantee of identification and form the basis of security where accurate authentication and protection against unauthorized access to objects or data are extremely important General concepts of authentication and biometric parameters Biometric authentication, or biometrics, is the science of personality authentication based on physiological or behavioral distinctive characteristics. Physiological biometric parameters such as fingerprints or hand geometry are physical characteristics that are usually measured at a given point in time. Behavioral biometrics, such as signature or voice, are sequences of actions and last over a period of time. 6
6 Physiological biometric parameters are quite diverse and one sample is usually sufficient for comparison. As for the behavioral biometric parameters, a separate sample may not provide sufficient information to identify a person, but the temporary change in the signal (under the influence of behavior) itself contains the necessary information. Physiological (static) and behavioral (dynamic) biometric parameters complement each other. The main advantage of static biometrics is relative independence from the psychological state of users, low costs of their efforts and, consequently, the possibility of organizing biometric identification of large flows of people. Today, six biometric parameters are most commonly used in automatic authentication systems (Table 1.1). Basic biometric parameters Physiological Fingerprints Iris Hand geometry Face Signature Voice Behavioral Table 1.1 Work is also underway to use additional biometric parameters (Table 1.2). Additional biometric parameters Physiological DNA Ear shape Odor Retina Skin reflection Thermogram Gait Behavioral Keyboard handwriting Table 1.2 Biometric parameters have properties that allow them to be applied in practice: 1) universality: every person has biometric characteristics; 2) uniqueness: for biometrics, no two people have the same biometric characteristics; 3) constancy: biometric characteristics must be stable over time; 4) measurability: biometric characteristics must be measurable by some physical reading device; 7
7 5) acceptability: the population of users and society as a whole should not object to the measurement / collection of biometric parameters. The combination of these properties determines the effectiveness of the use of biometrics in order to protect information. However, there are no biometric parameters that absolutely satisfy any of these properties, as well as parameters that would combine all these properties at the same time, especially if we take into account the fifth property of acceptability. This means that there is no universal biometric parameter, and the use of any biometric method of protection is determined by the purpose and required characteristics of the information system. An information security system based on biometric authentication must meet requirements that are often incompatible with each other. On the one hand, it must guarantee security, which implies high authentication accuracy and low error rates. On the other hand, the system must be user-friendly and provide the required computation speed. Confidentiality requirements must be met at the same time. At the same time, the cost of the system should allow for the possibility of its application in practice. The difficulties encountered in the development and application of biometric systems also include the legal aspects of the use of biometrics, as well as problems of physical security and data protection, access rights management and system recovery in case of breakdown. Therefore, any biometric authentication method is the result of many trade-offs. In all biometric authentication systems, two subsystems can be distinguished (Fig. 1.1): 1) object registration (using several measurements from the reader, a digital model of the biometric characteristic (biometric template) is formed); 2) object recognition (measurements taken during an authentication attempt are converted into digital form, which is then compared with the form obtained during registration). There are two biometric comparison methods: 1) verification comparison with a single template selected on the basis of a specific unique identifier that identifies a specific person (for example, an identification number or code), i.e., one-to-one comparison of two biometric templates (1: 1); 2) identification - comparison of measured parameters (biometric template of a person) with all records from the database of registered users, and not with one of them, selected on the basis of some identifier, i.e. That is, unlike verification, identification is a one-to-many comparison (1: m). eight
8 Fig Biometric Authentication System Biometric registration (Fig. 1.2) is the process of registering objects in a biometric database. During registration, the biometric parameters of the object are recorded, meaningful information is collected by the property extractor and stored in the database. Using a specific identification number (a unique combination of numbers), the machine representation of a biometric parameter is linked to other data, such as a person's name. This piece of information can be placed on any object, such as a bank card. Fig Biometric registration Positive registration registration for verification and positive identification. The purpose of such registration is to create a database of legitimate objects. When registering, the object is given an identifier. Negative registration registration for negative identification is a collection of data about objects that are not allowed in any applications. The databases are centralized. Biometrics - 9
9th samples and other credentials are stored in the negative identity database. This can be done forcibly or secretly, without the assistance of the object itself and its consent. Registration is based on information about the user in the form of "reliable data", that is, from official documents or other reliable sources such as birth certificates, passports, previously created databases and government databases of criminals. Establishing similarity is done by a person, which is a potential source of error. The task of the authentication module is to recognize an object at a later stage and to identify one person among many others, or to verify a person by determining the coincidence of its biometric parameters with the given ones. For identification, the system receives a biometric sample from an object, extracts meaningful information from it, and searches the database for records that match it. For biometric identification, only biometric characteristics are used. In fig. 1.3 shows the basic blocks that make up a biometric identification system. The templates from the database are compared against the provided sample one by one. At the end of the procedure, the system issues a list of identifiers that are similar to the entered biometric parameter. Fig Biometric identification The identification system can operate in two different modes: 1) positive identification (the system determines whether a given person is registered in the database. In this case, false access errors or false access denials can be made. Similar to verification); 2) negative identification (the system checks the absence of an object in some negative database. This can be, for example, a database of wanted criminals. Similarity omission errors, false negation, and errors of false identification of similarity, false recognition may occur). Biometric verification differs from identification in that the submitted biometric samples are compared with one registered 10
10 record in the database. The user provides some property that points to a single biometric template from the database. Fig Biometric verification For verification, an object presents an identifier (identification number, bank card) and biometric parameters. The system reads biometric indicators, highlights certain parameters, compares them with the parameters registered in the database under the number of this user. After that, the system determines whether the user is really who he claims to be or not. A presentation of the unique identifier in Fig. 1.1 is shown with a dashed arrow. Distinguish between centralized and distributed databases. The centralized database stores biometric information of all registered objects. A distributed database stores biometric information in a distributed form (for example, on smart cards). The object provides the system with one biometric template recorded on some medium, such as a smart card. The biometric system compares this template with a biometric sample provided by the person. In practice, many systems use both types of databases, distributed for daily offline verification and centralized for online verification or for reissuing cards in case of loss without re-measuring biometric parameters. The vast majority of people believe that the database contains samples of a fingerprint, a person's voice, or a picture of their iris. But in fact, in most modern systems, this is not the case. A digital code is stored in a special database that is associated with a specific person who has the right to access. A scanner or any other device used in the system reads a specific biological parameter of a person. Next, he processes the resulting image or sound, converting them into a digital code. It is this key that is compared with the contents of a special database for personal identification. eleven
11 Thus, any biometric system is based on reading (unique information is taken out of the physical and / or behavioral sample and a biometric sample is compiled), comparison (the submitted sample is compared with a saved sample from the database) and decision-making (the system determines whether the biometric samples and makes a decision on repeating, ending or changing the authentication process) Authentication protocols The operation of any authentication system is implemented according to a specific protocol. A protocol is a certain sequence of steps of two or more parties who are going to solve a problem. The order of the steps is very important, so the protocol governs the behavior of both parties. All parties agree with the protocol, or at least understand it. Take a telephone conversation as an example. After dialing the number, the caller hears beeps and then a click when the other end picks up the phone. According to the protocol, the person answering the call must speak first, saying "Hello!" or calling yourself somehow. After that, the initiator calls himself. Only after completing all the actions in this sequence, you can start a conversation. If you just pick up the phone and do not answer, the conversation may not take place at all, since the generally accepted procedure will be violated. Even if the caller hears a click, without verbal confirmation of the connection, he cannot start the conversation first. The standard start of a telephone conversation is an example of a protocol. An authentication protocol is the (automated) process of deciding whether an entity's credentials are sufficient to prove its identity to allow it access based on that credential or other token. Any authentication protocol that uses different methods (and different biometric identifiers) can be determined and executed based on the credentials provided. The authentication protocol must be: established in advance (the protocol is fully defined and developed prior to its application. The sequence of the protocol and the rules governing the operation must be determined. The criteria by which the coincidence of authentication credentials will be determined); mutually agreed (all parties involved must agree with the protocol and follow the established procedure); unambiguous (neither side can violate the sequence of steps due to their misunderstanding); detailed (for any situation, the order of actions must be determined. This means, for example, that the protocol provides for the handling of exceptional cases).
12 In today's world, computers and communications are used as a means of gaining access to services, privileges and various applications. The operators of such systems are usually unfamiliar with the users, and the decision to grant or deny access should be largely made without human intervention. The user cannot trust the operators and other users of the system due to the anonymity of registration and remoteness, therefore, protocols are needed through which two parties that do not trust each other can interact. These protocols, in essence, will regulate behavior. Authentication will then be carried out according to the protocol between the user and the system, the user will be able to log in and access the application. The protocol itself does not guarantee security. For example, a protocol that controls access in an organization may dictate opening hours, but will not improve security. Cryptosystems can be used to provide reliable authentication and to ensure the protection of information exchange on the basis of agreements between the two parties. Features of authentication methods Traditional methods of authentication (by property, by knowledge and by biometric parameters) were used long before automatic electronic authentication was required. These techniques have evolved with advances in printing, photography, and automation technology. P by property. Anyone with a specific object, such as a key or a magnetic stripe card, can access the application (i.e. be authorized). For example, anyone with the keys to a car can drive it. K by knowledge. People with certain knowledge are entitled to access. Authentication here is based on secret knowledge such as a password, a lock code, and answers to questions. The important word in this definition is "secret": knowledge must be kept secret to ensure the security of authentication. You can highlight unclassified information that is important for authentication. A computer user ID or bank account is often requested for authentication, and since they are not secret, this does not prevent attempts to impersonate their master to gain access. B by biometric parameter. It is a human characteristic that can somehow be measured (or sampled from it) in the form of a biometric identifier and that distinguishes a person from all other people. It is difficult to exchange, it is difficult to steal or counterfeit, unlike property and knowledge, it cannot be changed. Property and knowledge in the form (account number, password) = (property, knowledge) = (P, K), are the most common authentication method (protocol). This method is used to control access to a computer, the Internet, a local network, to e-mail and voice mail, etc. When using 13
13 authentication methods P and K, the information is compared, while the user (real person) is not associated with a more or less established "personality". But the identity, identified by the ownership of the property P, is associated with the anonymous password K, and not with the real registered person. Biometric authentication method B provides additional security due to the impossibility of replacing biometric parameters, therefore this method, namely the authentication of users, is more reliable. Table 1.3 shows four methods of user authentication that are widely used today. Since biometric parameters are inalienable properties of a person, it is very difficult to fake them without his knowledge, and even more so it is impossible to exchange them; in addition, a person's biometric characteristics can only change in the event of serious injury, certain disease, or tissue destruction. Therefore, biometric identifiers can confirm the identity of a user in an authentication protocol, which other authentication methods that use property and knowledge cannot do. When combining the last method (B) in table. 1.3 with the P and / or K method, we get additional biometric methods such as (P, B) (for example, passport, smart card and biometric template); for credit cards, a combination is often used: P, K, B P credit card, K mother's maiden name, B signature. Existing authentication methods and their properties Table 1.3 Method Examples Properties Can be exchanged, Credit cards, badges, duplicate, What we have (P) keys can be stolen or lost What we know (K) Password, PIN, Most passwords it is not difficult to guess the mother's maiden name, to guess, they can be passed on personal information to others and forgotten Can be passed on to others, What we have and the fact that the Credit card and PIN PIN can be recognized (we often know (P and K) write on the card) fingers, Impossible to pass on to others, Unique face characteristics, disclaimer unlikely, user (B) iris, very difficult to counterfeit, voice recording cannot be lost or stolen The boundaries between property and knowledge may be blurry. For example, identifying parts of an object (property) can be digitized and stored in a compressed form, like a series of notches on a key. This, in a sense, converts property into knowledge. 14
14 However, this method of identification is physical because authentication is done with a physical object and not with information itself, even if instantiated from information. The credit card number (which can be used both online and over the phone) is knowledge, but the credit card (which is used at the ATM) is property. In addition, secret knowledge can also be attributed to biometrics, since it is measurable and is a unique property of a person. A signature as a biometric parameter (and to a lesser extent a voice) includes knowledge. This means that the signature can be changed at will, but it will also be easier to forge it. This prompts researchers working on automatic signature recognition to look at examples of fraudulent attackers. The fundamental difference between biometric authentication and other authentication methods is the concept of the degree of similarity, the basis of the comparison technology. An authentication protocol using a password always gives the exact result: if the password is correct, the system allows access, if not, it denies. Thus, there is no concept of likelihood of similarity here. Consequently, there is no problem of precisely determining the similarity. Biometric technologies are always probabilistic and use statistical methods to analyze the likelihood of similarities. There is always a small, sometimes extremely small chance that two people will have the same biometric samples being compared. This is expressed in terms of error rates (false access and false access denial rates) and internal error rates (minimum achievable error rates for a given biometric) that are associated with biometric authentication systems and biometric identifiers. The advantage of passwords over biometrics is the ability to change them. If the password is stolen or lost, it can be canceled and replaced with a new version. This becomes impossible with some biometrics options. If the parameters of someone's face have been stolen from the database, then they cannot be canceled or new ones issued. Several methods of revocable biometrics have been developed. Cancellation biometrics is the distortion of the biometric image or properties prior to matching. One of the particular solutions may be, for example, the use of not all biometric parameters. For example, for identification, a drawing of papillary lines of only two fingers is used (for example, the thumbs of the right and left hand). If necessary (for example, if the pads of two "key" fingers are burned), the data in the system can be corrected so that from a certain moment an acceptable combination will be the index finger of the left hand and the little finger of the right be compromised). 15
15 Hybrid Authentication Methods One of the important problems of biometric authentication is the ability to compare different parameters, for example, passwords and knowledge, and biometric identifiers. For authentication using the hybrid method, one or more methods or signs T = (P (by property), K (by knowledge), B (by biometric parameters)) are used. For personal authentication, each attribute provided by the user must be compared with the one stored during registration. To make a decision on the similarity of these features, it is necessary to integrate the results of the comparison of different comparators that verify the features. Comparison of ownership or simple knowledge such as a password is made by exact comparison. Two issues should be considered: 1) combining credentials (the best option would be to combine two or more authentication methods. Correlation of property P or knowledge K with biometric parameters B reduces the problem of biometric identification to biometric verification, i.e. reduces it to comparison 1: 1 instead of matching 1: t); 2) combining biometric parameters (the requested credentials may include different biometric parameters, ie (B1, B2), where B1 is a finger and B2 is a face. The possibility of combining several biometric parameters is an object of increased attention of researchers and designers). Thus, the use of any of the listed methods P, K or B means that it should be possible to match by verifying ownership and knowledge and comparing the biometric parameter. Ownership and lore marks require an exact match. Biometric matching can be approximate to a certain extent. Requirements for Biometric Authentication Biometric authentication of a person becomes a difficult task when high accuracy is required, that is, a low probability of errors. In addition, the user should not be able to subsequently deny the operation he performed and at the same time experience as little inconvenience as possible when going through the authentication procedure (contactless reading, user-friendliness of the interface, size of the template file (the larger the image size, the slower the recognition process), etc. etc.). In this case, the authentication system must also comply with the confidentiality requirements and be resistant to counterfeiting (unauthorized access). Consideration should also be given to the environmental resistance of biometric authentication systems (performance may become unstable depending on environmental conditions).
16 Thus, the main requirements for biometric systems are as follows: 1) accuracy (does the system always make the right decision about an object); 2) the speed of calculation and the ability to scale databases; 3) handling exceptional cases when the biometric parameters of an object cannot be registered (for example, as a result of illness or injury); 4) cost (including the cost of training users and personnel); 5) confidentiality (ensuring anonymity; data obtained during biometric registration should not be used for purposes for which the registered individual did not consent); 6) security (protecting the system from threats and attacks). It is known that the weakest point of biometric technologies is the existing probability of deceiving the authentication system using imitation. The security of a biometric authentication system depends on the strength of the links between registered entities and more accurate “verified data” such as a passport. It also depends on the quality of the verified data itself. For authentication, you need to use biometric parameters that will not create new vulnerabilities and loopholes in the security system. If a biometric authentication system is to guarantee a high level of security, the choice of biometric parameter must be taken seriously. Biometric authentication should be part of a comprehensive security system, which includes, among other things, the means of protecting the biometric system. System security is ensured by eliminating vulnerabilities at attack points, that is, to protect the "valuable assets" of the application, for example, by preventing information interception. 17
17 2. BASIC BIOMETRIC PARAMETERS There are six most commonly used (basic) biometric parameters. These include: fingers, face, voice (speaker recognition), hand geometry, iris, signature. Fingerprint recognition Fingerprinting is the identification of a person by fingerprints, or rather, by the so-called papillary pattern. Fingerprinting is based on the fact that, firstly, the fingerprint is unique (in the entire history of fingerprinting, no two matching fingerprints belonging to different persons have been found), and secondly, the papillary pattern does not change throughout a person's life. The skin of the fingers has a complex relief pattern (papillary pattern), formed by alternating ridges (0.1–0.4 mm high and 0.2–0.7 mm wide) and grooves-depressions (0.1–0.3 mm wide). The papillary pattern is fully formed in the seventh month of fetal development. Moreover, as a result of the studies carried out, it was found that fingerprints are different even in identical twins, although their DNA indicators are identical. In addition, it is impossible to modify the papillary pattern, neither cuts, nor burns, nor other mechanical damage to the skin are of fundamental importance, because the stability of the papillary pattern is ensured by the regenerative ability of the main layer of the skin epidermis. Therefore, it can be argued that today fingerprinting is the most reliable way of identifying a person Methods for comparing fingerprints Despite the diversity of the structure of papillary patterns, they lend themselves to a clear classification, which ensures the process of their individualization and identification. In each fingerprint, you can define two types of attributes, global and local. Global signs are those that can be seen with the naked eye. Another type of signs is local. They are called minutiae, features unique for each imprint that determine the points of change in the structure of papillary lines (ending, bifurcation, rupture, etc.), the orientation of the papillary lines and coordinates at these points. Practice shows that fingerprints of different people can have the same global features, but it is absolutely impossible to have the same micro-patterns of minutiae. Therefore, global features are used to divide the database into classes and at the authentication stage. At the second stage of recognition, local features are used. eighteen
18 Principles of comparing fingerprints by local characteristics Steps for comparing two fingerprints: Step 1. Improving the quality of the original image of the fingerprint. The sharpness of the borders of papillary lines increases. Stage 2. Calculation of the field of orientation of the papillary lines of the print. The image is divided into square blocks with a side of more than 4 pixels, and the angle t of the orientation of the lines for a fragment of the print is calculated from the brightness gradients. Stage 3. Binarization of the fingerprint image. Thresholding to black and white image (1 bit). Stage 4. Thinning of the print image lines. Thinning is done until the lines are 1 px wide (Fig. 2.1). Fig. Thinning of the lines of the image of the imprint. Stage 5. Highlighting the minutiae (Fig. 2.2). The image is divided into blocks of 9 by 9 pixels. After that, the number of black (non-zero) pixels around the center is counted. A pixel in the center is considered a minutia if it is itself non-zero and there are one (end-minus) or two (split-minus) adjacent non-zero pixels. Fig Highlighting minutiae The coordinates of the detected minutiae and their orientation angles are written into a vector: W (p) = [(x 1, y 1, t 1), (x 2, y 2, t 2) (xp, yp, tp)], where p is the number of minutiae. nineteen
19 During user registration, this vector is considered a reference and is recorded in the database. During recognition, the vector determines the current fingerprint (which is quite logical). Stage 6. Comparison of Minutes. Two prints of the same finger will differ from each other in rotation, offset, zoom and / or area of contact depending on how the user places his finger on the scanner. Therefore, it is impossible to say whether an imprint belongs to a person or not based on a simple comparison (the vectors of the reference and the current imprint may differ in length, contain inappropriate minutiae, etc.). Because of this, the matching process must be implemented for each minutia separately. Comparison steps: data logging; search for pairs of corresponding minutiae; conformity assessment of prints. When registering, the parameters of affine transformations (angle of rotation, scale and shift) are determined, in which a certain minutia from one vector corresponds to a certain minutia from the second. When searching for each minutia, you need to enumerate up to 30 rotation values (from 15 to +15), 500 offset values (for example, from 250 px to +250 px) and 10 scale values (from 0.5 to 1.5 with a step of 0, one). Total up to steps for each of the 70 possible minutiae. (In practice, all possible options are not sorted out after the selection of the necessary values for one minutia, they are also trying to substitute for other minutiae, otherwise it would be possible to compare almost any prints to each other). Evaluation of the conformity of prints is performed according to the formula K = (D D 100%) / (p q), where D is the number of matching minutiae, p is the number of standard minutiae, q is the number of minutiae of the identified print. If the result exceeds 65%, the prints are considered identical (the threshold can be lowered by setting a different vigilance level). If authentication was performed, then that's where it ends. For identification, you need to repeat this process for all fingerprints in the database. Then the user is selected with the highest match rate (of course, his result should be above the 65% threshold). eg AFIS (Automated fingerprint identification systems). In the Republic of Belarus, ADIS (automatic fingerprint identification system). The principle of operation of the system: according to the form, a fingerprint card, personal information, fingerprints and palmprints are "clogged". Integral characteristics are placed (you still have to manually edit bad responses).
20 signs, the system arranges good ones itself), a "skeleton" is drawn, that is, the system as if outlines the papillary lines, which allows it to determine the signs very accurately in the future. The fingerprint card goes to the server, where it will be stored all the time. "Pathfinder" and "trace". "Trace" fingerprint taken from the scene. "Pathfinder" database of footprints. As well as fingerprints, so the traces are sent to the server, and it is automatically compared with the dactocards, both existing and newly introduced. The trail is in search until a suitable fingerprint card is found. Method based on global features. Detection of global features (loop head, delta) is performed. The number of these features and their relative position allows you to classify the type of pattern. The final recognition is performed based on local features (the number of comparisons is several orders of magnitude lower for a large database). It is believed that the type of pattern can determine the character, temperament and abilities of a person, so this method can be used for purposes other than identification / authentication. Graph based method. The original image (Fig. 2.3) of the print (1) is converted into an image of the orientation field of the papillary lines (2). In the field, you can see areas with the same orientation of the lines, so you can draw boundaries between these areas (3). Then the centers of these areas are determined and the graph (4) is obtained. The dashed arrow d marks the entry into the database during user registration. Determination of the similarity of prints is implemented in the square (5). Further actions are similar to the previous method. Comparison by local characteristics. Fingerprint scanners Fig. Method of comparison of fingerprints based on graphs. Types and principle of operation. Fingerprint readers are now widely used. They are installed on laptops, in mice, keyboards, flash drives, and are also used as separate external devices and terminals sold together with AFIS systems. 21
21 Despite the external differences, all scanners can be divided into several types: 1. Optical: FTIR scanners; fiber; optical lingering; roller; contactless. 2. Semiconductor (semiconductors change properties at the points of contact): capacitive; pressure sensitive; thermal scanners; radio frequency; lingering thermal scanners; capacitive lingering; radio frequency lingering. 3. Ultrasonic (ultrasound returns at various intervals, reflected from grooves or lines). The principle of operation of a fingerprint scanner, like any other biometric verification device, is quite simple and includes four basic stages: recording (scanning) biometric characteristics (in this case, fingers); highlighting the details of the papillary pattern at several points; transformation of the recorded characteristics into the appropriate form; comparison of the recorded biometric characteristics with the template; making a decision on the coincidence or non-coincidence of the recorded biometric sample with the template. Capacitive sensors (Figure 2.4) consist of an array of capacitors, each of which consists of two connected plates. The capacitance of a capacitor depends on the applied voltage and on the dielectric constant of the medium. When a finger is brought to such an array of capacitors, both the dielectric constant of the medium and the capacitance of each capacitor depend on the configuration of the papillary pattern at a local point. Thus, the papillary pattern can be uniquely identified by the capacity of each capacitor in the array. The principle of operation of optical sensors (Fig. 2.5) is similar to that used in household scanners. Such sensors consist of LEDs and CCD sensors: LEDs illuminate the scanned surface, and the light, reflected, is focused on the CCD sensors. Since the light reflectance depends on the structure of the papillary pattern at a particular point, optical sensors allow you to record an image of a fingerprint. 22
22 Fig. The structure of the capacitive sensor Fig. The structure of the optical sensor Thermal sensors (Fig. 2.6) are an array of pyroelectrics. This is a kind of dielectrics, on the surface of which, when the temperature changes, electric charges arise due to a change in spontaneous polarization. The temperature in the interpapillary cavities is lower than on the surface of the papillary line ridge, as a result of which the array of pyroelectrics makes it possible to accurately reproduce the papillary pattern. In the electromagnetic field sensors (Fig. 2.7) there are generators of an alternating electric field of radio frequency and an array of receiving antennas. When a finger is brought to the sensor, the lines of force of the generated electromagnetic field exactly follow the contour of the papillary lines, which allows the array of receiving antennas to capture the structure of the fingerprint. Let us consider in more detail the principle of operation of broaching thermal scanners, the most popular in our time. They implement the thermal method of reading fingerprints, based on the property of pyroelectric materials to convert the temperature difference into voltage. The temperature difference is created between the cells of the sensing element under the papillary ridges and grooves. The grooves do not come into contact with the sensing element, so the temperature of the sensing element under the grooves remains equal to the ambient temperature. A feature of the temperature method is that after a while (about 0.1 s) the image disappears, since the finger and the sensor come to temperature equilibrium. 23
23 Fig Structure of electromagnetic field sensors The rapid disappearance of the temperature pattern is one of the reasons for the application of scanning technology. To obtain a print, you need to slide your finger across the rectangular sensitive element (0.4 14 mm or 0.4 11.6 mm). When you move your finger, the scan speed must exceed 500 frames / s (set by the clock frequency). The result is a sequence of frames, each of which contains a part of the overall picture. Next, the fingerprint is reconstructed programmatically: in each frame, several lines of pixels are selected and identical lines are looked for in other frames, the full image of the fingerprint is obtained by combining frames based on these lines (Fig. 2.8). Fig Frame-by-frame reading of a fingerprint pattern and its reconstruction The frame-by-frame reading method does not require calculating the speed of movement of a finger across the reader and allows reducing the area of the silicon matrix substrate by more than 5 times, which reduces its cost by the same amount. The resulting image is nevertheless high resolution. An additional advantage of scanning is that the reading window is self-cleaning and does not leave fingerprints on it after reading. Usually the reconstructed image has dimensions in mm, which corresponds to the points. At eight bits per point, bmp storage requires 140KB of memory per image. For security reasons, as well as to reduce the amount of memory occupied in the recognition system, not an image of a fingerprint is stored, but a reference, which is obtained from a fingerprint by extracting characteristic details. Identification algorithms are based on comparing the presented samples with standards. During the initial user registration, a fingerprint is read and a template is allocated, which is stored in the system memory (multiple templates can be stored). In the future, when identifying from 24 readable
24 fingerprints are also extracted sets of parts, which in this case are called samples. The samples are compared with a plurality of stored standards, and if a match is found, then the person is considered identified. When a sample is compared against a single standard, for example, to confirm the identity of the owner of a smart card, this process is called authentication, or validation. The process of comparing a sample and a reference (identification, or authentication) is performed programmatically and does not depend on the technology with which the image of the fingerprint was obtained. The software for the reconstruction of a fingerprint is supplied in a sequence of frames (Fig. 2.9). Allocation of a standard, verification and identification are carried out using third-party software or using independently developed programs. The thermal method of reading provides high quality of the fingerprint image in various conditions of the finger's surface: it does not matter if it is dry, frayed, with a slight difference in levels between ridges and grooves, etc. The FingerChip reader successfully functions in harsh conditions, with large fluctuations in temperature, high humidity , with various contamination (including oil). In operating mode, the sensor is completely passive. If the temperature difference between the finger and the sensor becomes negligible (less than one degree), a temperature stabilization circuit is activated, which changes the temperature of the reader and restores the temperature contrast. Fig FingerChip software Another advantage of the thermal technique compared to other methods, especially capacitive ones, is that there is no need for tight contact between the finger and the reader, which made it possible to use a special coating that provides protection against impact, abrasion, moisture and other environmental factors. Fingertips are now mainly used by ANSI and the US FBI standards. They define the following requirements for the footprint image: each image is presented in uncompressed TIF format; the image must have a resolution of at least 500 dpi; the image should be grayscale with 256 levels of brightness; the maximum angle of rotation of the print from the vertical is no more than 15; the main types of minutiae are ending and bifurcation. 25
25 Usually, more than one image is stored in the database, which improves the quality of recognition. Images can be shifted and rotated differently. The scale does not change, since all prints are obtained from one device Recognition by the iris of the eye What is the iris The iris is shaped like a circle with a hole inside (pupil). The iris is made up of muscles that, when contracted and relaxed, change the size of the pupil. It enters the choroid (Fig. 2.10). The iris is responsible for the color of the eyes (if it is blue, it means there are few pigment cells in it, if there are a lot of brown). Performs the same function as the aperture in a camera by adjusting the light flux. The iris is part of the eye. It is located behind the cornea and the aqueous humor of the anterior chamber. The unique structures of the iris are due to the radial trabecular meshwork; its composition: depressions (crypts, lacunae), comb screeds, grooves, rings, wrinkles, freckles, crowns, sometimes specks, vessels and other features. The iris pattern is highly random, and the greater the degree of randomness, the more likely it is that a particular pattern will be unique. Mathematically, randomness is described by the degree of freedom. Studies have shown that the texture of the iris has a degree of freedom of 250, which is much higher than the degree of freedom of fingerprints (35) and facial images (20). Average dimensions of the iris: horizontal R 6.25 mm, vertical R 5.9 mm; pupil size is 0.2 0.7R. The inner radius of the iris depends on age, health, lighting, etc. It changes rapidly. Its shape can be quite different from a circle. The center of the pupil, as a rule, is displaced relative to the center of the iris towards the tip of the nose Iris as a biometric parameter Fig. The structure of the human eye First, the shell has a very complex pattern, it contains many different elements. Therefore, even a not very high-quality picture of it allows you to accurately determine the personality of a person. 26
Second, the iris is a fairly simple object (almost a flat circle). So during identification it is very easy to take into account all possible image distortions arising from different shooting conditions. Thirdly, the iris of a person's eye does not change throughout his life from birth. More precisely, its shape remains unchanged (with the exception of injuries and some serious eye diseases), while the color may change over time. This gives identification by the iris of the eye an additional plus compared to many biometric technologies that use relatively short-lived parameters, such as the geometry of the face or hand. The iris begins to form in the 3rd month of intrauterine development. On the 8th month, it is a practically formed structure. In addition, it is formed by chance, even in identical twins, and a person's genes do not affect its structure. The iris is stable after 1 year of life the iris is finally formed and practically does not change until death, if there are no injuries or pathologies of the eye Iris as an identifier Properties of the iris as an identifier: isolation and protection from the external environment; impossibility of change without visual impairment; reaction to light and pupil pulsation is used to protect against counterfeiting; an unobtrusive, non-contact and secretive method of obtaining images is possible; high density of unique structures 3.2 bits / mm 2 or about 250 independent characteristics (other methods have about 50), 30% of the parameters are enough to make a decision about the coincidence with a probability of no more Advantages and disadvantages of the technology another major advantage. The fact is that some biometric technologies suffer from the following disadvantage. When a high degree of protection against errors of the first kind is set in the settings of the identification system (the probability of a false admission FAR), the likelihood of errors of the second kind (a false rejection in the FRR system) increases to unacceptably high values of several tens of percent, while identification by the iris of the eye is completely is devoid of this drawback. In it, the ratio of errors of the first and second kind is one of the best today. For example, you can give a few numbers. Studies have shown that with a 0.001% probability of a Type I error (excellent level of reliability), the probability of a Type II error is only 1%. 27
DV Sokolov THE CONCEPT OF "BIOMETRY". BIOMETRIC AUTHENTICATION PROTOCOLS Biometrics is a complex of constantly evolving technologies that gave rise to a new promising science. In the same source
UDC 681.3.016: 681.325.5-181.48 A.O. Piavchenko, E.A. Vakulenko, E.S. Kachanova DISTRIBUTED SYSTEM OF IDENTIFICATION AND ACCESS CONTROL Biometrics at the present stage can solve problems associated with the restriction
Passwords are used to protect against unauthorized access to programs and data stored on your computer. The computer allows access to its resources only to those users who are registered
Biometric information security systems Author: teacher of computer science and mathematics Milkhina OV Biometrics: How It's Done Biometric systems are made up of two parts: hardware and specialized
Biometric readers Application of biometric readers Unlike passwords or ID cards, biometric characteristics uniquely identify a specific person, in addition,
ZKTECO Fundamental Concepts of Fingerprint Recognition Technology What is Fingerprint? Fingerprints are tiny ridges, curls, and depressions at the tip of each finger. They are formed
N.N. Alekseeva, A.S. Irgit, A.A. Kurtova, Sh.Sh. Mongush Application of Image Processing Methods to the Problem of Vascular Palm Pattern Recognition The requirements for security systems are increasing every year.
Bulletin of RAU. Series Physics, Mathematics and Natural Sciences 2 2006 85-91 85 UDC 517. 8 COMPARISON OF FINGERPRINTS BY LOCAL SIGNS А.V. Gasparyan A.A. Kirakosyan Russian-Armenian (Slavic)
Contents: Biometrics: Current Technologies Challenges of Classical Biometrics Behavioral Biometrics Benefits of Behavioral Biometrics Applications of Behavioral Biometrics The New Reality of Security
Kashkin Evgeniy Vladimirovich Cand. tech. sciences, associate professor Merkulov Aleksey Andreevich postgraduate student Vasiliev Dmitry Olegovich master student of the Federal State Budgetary Educational Institution of Higher Education "Moscow Technological University", Moscow IDENTIFICATION SPECIFICATIONS
ZKTECO BASIC CONCEPTS FOR RECOGNIZING FINGER VEINS What are finger veins? Veins are vessels that are present throughout the body and carry blood back to the heart. As the name suggests, veins
106 UDC 519.68: 681.513.7 S. A. Puchinin, postgraduate student of the Department of Applied Mathematics and Informatics, Izhevsk State Technical University 1 REVIEW OF MATHEMATICAL METHODS FOR IMAGE RECOGNITION
September 27, 2018 Attribute Management System Requirements Relying Party Assessed Risk Levels Identity Management Identity Policy Verifier Identity
Secure Authentication Network security is a key challenge facing IT services. The solution is formed from a set of elements, one of them is secure authentication An important issue is to ensure
Fujitsu World Tour 15 1. IR image of the palm 2. Blood hemoglobin in the veins absorbs more radiation 3. Veins in the image are darker Comparative characteristics of biometric technologies: Having carried out a serious comparative
EDUCATIONAL ENVIRONMENT OF A HIGHER EDUCATIONAL INSTITUTION Usatov Alexey Gennadievich Student Gosudarev Ilya Borisovich Cand. ped. Sci., Associate Professor FGBOU VPO "Russian State Pedagogical University named after
О b (D2 (q (z) q (z)) q \ z)) + D ^ q "(z)]. The obtained equations allow synthesizing quasi-optimal non-stationary receivers of PEMI signals for assessing the potential security of computer facilities
Identification and Authentication. Review of existing methods. Asmandiyarova Z.Z. Bashkir State University Ufa, Russia Identification and authentication. Review of existing authentication methods.
Biometric time tracking Kairos LLC Integrated security systems from Kairos LLC When implementing the system, you get an increase in the efficiency of the company; Strengthening labor
Biometric readers Biometric identification The most convenient and reliable technology: the identifier is always with you - it cannot be forgotten, lost or transferred to another: unambiguous identification of a specific
Using a picture password in Windows 8 Windows password protection has long been a source of criticism. How to be? In Windows 8, especially considering that this OS will be installed on tablet
What is biometrics? More recently, this term had a wide meaning and was used mainly where it was about the methods of mathematical statistics applicable to any biological phenomenon. Now
Information protection module against unauthorized access "IRTech Security" Manual on KSZ 2 ABSTRACT This document is a guide to a set of built-in information security tools (KSZ)
264 Section 4. DOCUMENTATION SUPPORT OF MANAGEMENT Bobyleva MP Effective document flow: from traditional to electronic. M.: MEI, 2009.172s. Information and analytical system “BARS. Monitoring-Education "
April 12, 2018 GOST R XXX.XX-2018 Identification and authentication. General Requirements of the management system for identification attributes Relying party Assessed levels of risk Management
Information Properties Confidentiality Integrity Availability Vulnerability Classification Design Vulnerability Implementation Vulnerability Exploitation Classification Attack Classification Local Remote Malicious
FEDERAL STATE UNITARY ENTERPRISE "RESEARCH INSTITUTE" VOSKHOD "On the verge of introducing a citizen's identity card: balance between opportunities and security Speaker:
Annual international scientific and practical conference "RusCrypto 2019" Methods for assessing confidence in the results of primary identification Alexey Sabanov, Ph.D. N.E. Bauman, Deputy General
Biometric identification systems Speaker: Kleschev Maxim Viktorovich Biometric identification technologies Fingerprint Iris of the eye Face geometry Hand geometry Subcutaneous veins Structure
Ministry of Education and Science of the Russian Federation FEDERAL STATE BUDGETARY EDUCATIONAL INSTITUTION OF HIGHER EDUCATION "SARATOV NATIONAL RESEARCH STATE UNIVERSITY
Tatarchenko Nikolay Valentinovich Timoshenko Svetlana Vyacheslavovna BIOMETRIC IDENTIFICATION IN THE INTEGRATED SECURITY SYSTEMS Everyone is well aware of scenes from science fiction films: the hero fits
113 UDC 004.93 D.I. Trifonov Personal identification by fractal dimension of fingerprints and access control systems The presented article is devoted to a new method of identification,
UDC 57.087.1 APPLICATION OF BIOMETRIC IDENTIFICATION IN FITNESS CENTERS Erturk Ya., Medvedeva MV FSBEI HPE "PRUE them. G.V. Plekhanov ”E-mail: [email protected] This article describes how to use
UDC 59.6 DA Mon'kin ESTIMATION OF PARAMETERS OF QUASI-HARMONIC PROCESSES IN BIOMETRIC SYSTEMS Wave processes are often encountered in technology. A significant part of mechanical movements, movement is intermittent
Laboratory work 8 Comparative analysis of general-purpose and specialized computers Program topic: Classification by the level of specialization. Purpose of work: to analyze universal and specialized
Biometric technologies in the "Post Bank" Gurin P.А. Advisor to the President-Chairman of the Management Board 1. MAIN TYPES OF BIOMETRY International classification of human identification methods: Fingerprints
Shutte rst ock We usually recognize people we know by their face, sometimes by their voice or handwriting, or by the way they move. In the past, the only way to establish the identity of travelers traveling
Personal Data Protection Policy This Personal Data Protection Policy (hereinafter the "Policy") applies to information received through this site, other sites and other used interactive
FAL / 12-WP / 39 20/11/03 TWELFTH SPECIALIZED MEETING ON FACILITATION (FAL) Cairo, Egypt, 22 March 2 April 2004 Agenda item 2. Facilitation of formalities, protection of travel passes
Rules for ensuring information security at the workplace 1. Introduction These rules are intended for mandatory familiarization with the organization's designated employee responsible for information
PROSPECTS FOR THE SECURE INTEGRATION OF RESOURCES IN THE DIGITAL SPACE In my speech, I would like to consider the problem of the authorized use of electronic digital resources in the process of their integration
Biometric technologies: a new level of protection for banking applications Rushkevich Arkady product manager ABOUT THE COMPANY More than 20 years of history Cooperation with the largest companies and law enforcement agencies
Regulations on the accounting, storage and use of key information carriers, cryptographic means and electronic signature 1. Normative documents Federal Law of April 6, 2011 N 63-FZ "On
UDC 004.932 Algorithm for the classification of fingerprints Lomov DS, student Russia, 105005, Moscow, MSTU im. N.E. Bauman, Department "Computer software and information technologies" Scientific adviser:
Estimation of parameters 30 5. EVALUATION OF GENERAL PARAMETERS 5 .. Introduction The material contained in the previous chapters can be considered as the minimum set of information necessary to use the basic
57 E.E. KANUNOVA, A.YU. NAUMOVA Review of methods of digital image processing for the purpose of isolating and eliminating defects in archival documents UDC 004.92.4: 004.65 Murom Institute
UDC 004.932 + 57.087.1 Shvets V.A., Ph.D., associate professor, Vasyanovich V.V., postgraduate student (National Aviation University, Kiev, Ukraine) Elimination of the lack of false identity recognition of control and management systems
How secure are ekey fingerprint access solutions? Answers to frequently asked questions SECURITY of ekey fingerprint access solutions ekey products guarantee a very high level
Purpose Subsystem of the Intellect software package, which implements the functions of detecting a face on the received video image, processing images in order to identify biometric characteristics of a face, storing and comparing
Laboratory work 2. Remote authentication protocols 1. The concept of authentication Authentication is the process of verifying the authenticity of an identifier presented by a user. Given the degree of trust and
September 2 0 1 7 OVERVIEW OF ECONOMIC REFORMS OF AZERBAIJAN The procedure for issuing electronic signature certificates to non-residents through diplomatic missions and consulates of the Republic of Azerbaijan
Authentication methods STUDENT OF BIB1101 GROUP PONOMAREVA YULIA A little about the role of IP in modern life Basic concepts Information system Subject has an Identifier Provides an identifier Provides
Personal Data Protection Policy This Personal Data Protection Policy (hereinafter the "Policy") applies to information received through this site, other sites and other interactive
Guidance document Computer facilities Protection against unauthorized access to information Indicators of protection against unauthorized access to information Approved by the decision of the chairman
APPROVED BY PFNA.501410.003 34-LU TRUSTED DOWNLOADER Dallas Lock Operator's (user) manual PFNA.501410.003 34 Sheets 12 2016 Contents INTRODUCTION ... 3 1 PURPOSE OF DALLAS LOCK ...
Biometric security systems basically mean technical devices that can be used to establish and carefully study the personality or unique characteristics of each person individually, both physical and behavioral, with the aim of their further recognition and research. There are many recognizable characteristics such as facial features, fingerprints, irises, or DNA. The uniqueness of a person's personality may lie in his gait, in the way he sits or stands, his voice, hair length, facial expressions, unconscious movements. All this can be used in . Advantages when using biometric systems, compared to traditional (mechanical keys, , ), is that the system accurately identifies the subject or its characteristics, the subject will not be able to lose or transfer to third parties a means of identification, deep behavioral analytics. In terms of ensuring security, distribution of access rights and time tracking in the enterprise, such systems are gradually beginning to survive the traditional .
Today biometric security systems are developing quite rapidly. Some of them are - the use of high quality IP video cameras, which are able to give the desired result when connecting additional software for video analytics, such as , gender recognition, etc. It implies that even if has filmed an incident occurring very far, even at a distance of 200 meters, and faces may not be suitable for recognition by a conventional camera or the human eye, the face recognition program will be able to accurately capture and identify a face, without missing even tiny details.
Not so long ago, a new technology has appeared that allows you to bind the DNA of people with their fingerprints, that is, the program used, having received DNA data, will be able to perform actions on the fingerprints associated with this DNA, and vice versa. This will make the work of government services much easier, as they will be able to create databases in which all information about a person will be collected. The biometric information found in the databases will include fingerprints and palm prints, information about the retina and iris, DNA, and the face. Of course, this will require the creation of large data warehouses.
Biometric methods of protection - section Informatics, Information and Informatics Most Clearly Provide Protection Of Personal Identification Means, I Use ...
Biometric systems make it possible to identify a person by his inherent specific features, that is, by his static (fingerprints, cornea of the eye, the shape of the hand and face, genetic code, smell, etc.) and dynamic (voice, handwriting, behavior, etc.) characteristics. Unique biological, physiological and behavioral characteristics, individual for each person. They're called human biological code.
The first biometric systems used drawing (print) of a finger. About one thousand years BC in China and Babylon knew about the uniqueness of fingerprints. They were put under legal documents. However, fingerprinting began to be used in England since 1897, and in the United States since 1903. An example of a modern fingerprint reader is shown in Fig. 5.6.
The advantage of biological identification systems, in comparison with traditional ones (for example, PIN-codes, password access), lies in the identification not of external objects belonging to a person, but of the person himself. The analyzed characteristics of a person cannot be lost, transmitted, forgotten, and extremely difficult to forge. They are virtually indestructible and require no replacement or refurbishment. Therefore, in various countries (including Russia), biometric signs are included in foreign passports and other identifying documents.
With the help of biometric systems:
1) limiting access to information and ensuring personal responsibility for its safety;
2) ensuring the admission of certified specialists;
3) preventing intruders from entering protected areas and premises due to counterfeiting and (or) theft of documents (cards, passwords);
4) organization of accounting of access and attendance of employees, as well as solving a number of other problems.
One of the most reliable methods is considered human eye identification(Fig. 5.7): iris pattern identification or fundus (retina) scanning. This is due to the excellent balance of identification accuracy and equipment ease of use. The iris image is digitized and stored in the system as a code. The code obtained as a result of reading the biometric parameters of a person is compared with the one registered in the system. If they match, the system releases the access lock. Scanning time does not exceed two seconds.
New biometric technologies include three-dimensional identification of the person using three-dimensional personal identification scanners with a parallax method for registering object images and television systems for recording images with an extra-large angular field of view. It is assumed that such systems will be used to identify individuals whose three-dimensional images will be included in identity cards and other documents.
End of work -
This topic belongs to the section:
Information and informatics
Information technology .. Results of mastering the topic .. Studying this topic you will know the basic terms associated with the definition of information and information ..
If you need additional material on this topic, or you did not find what you were looking for, we recommend using the search in our base of works:
What will we do with the received material:
If this material turned out to be useful for you, you can save it to your page on social networks:
| Tweet |
All topics in this section:
Information, data, intelligence, messages and knowledge
As soon as people appeared on Earth, they began to collect, comprehend, process, store and transmit a variety of information. Humanity (society) constantly deals with information.
Information properties
Information has various properties. For their systematization, different variants of its division (classification) are used. Classification - dividing objects into classes
Informatics
The centuries-old communication of people with information, the study of its types, properties and application possibilities led to the creation of science - informatics. The term "informatics" (French "informatique"
Information Technology
The abilities and capabilities of people to process information are limited, especially in the context of ever-increasing arrays (volumes) of information. Therefore, it became necessary to use storage methods
Evolution of information technology
Although information technologies have existed since the formation of human mental and physical activity, the evolution of information technologies is usually considered from the moment of invention in Ge
Information technology platform
This term does not have an unambiguous definition. A platform is a functional block, the interface and service of which is defined by some standard. To the platform (English "Platform") or ba
The role of information technology in the development of the economy and society
The development of the economy is closely related to the development of any society because it is impossible to consider any economic tasks and problems outside of society. In any society, it is simultaneously created and
Information life cycle. Information sphere
Information can exist for a short time (for example, in the memory of the calculator in the process of calculations carried out on it), for some time (for example, when preparing a certificate), or
The negative consequences of the introduction of information technology
Along with the “digital divide” and “virtual barrier”, changes in the information technology of the work performed can often have a negative impact on people (information noise, etc.), participation
Types of information technology
Any information technology is usually needed so that users can get the information they need on a certain data carrier. When considering information technology, you
Information retrieval technology
Search is an important information process. The ability to organize and conduct a search depends on the availability of information, its availability, as well as on the means and skills of organizing the search. The purpose of any search
Types of information technologies used in various subject areas
Technology as a process is ubiquitous in our life. Modern information technologies are used in almost all spheres, environments and areas of human life. About
Information technology management
In most cases, information technology is in one way or another associated with the provision of management and management decision-making in various subject areas.
Information technology expert systems
Solving special problems requires special knowledge. Technologies, including expert information systems, allow specialists to quickly receive expert advice on the problems that
Implementation of information technologies in various subject areas
The first historically developed information technology to use a computer was centralized information processing carried out in computer centers. For its implementation, cereals were created
Electronic documents
Electronic document - a document presented in electronic form (digitized or prepared on a computer), which has an electronic signature that identifies (confirms
E-books
An electronic book is a type of book stored in electronic form on any machine-readable electronic medium and including special navigation tools in it.
Electronic Libraries
Electronic library (from the English "digital library" - "digital library") - a type, as a rule, of a publicly available automated information system
Electronic office
Practically in any organization, enterprise, institution, department, firm, educational institution, etc. various information streams function. If the activities of such organizations mean
Information model and modeling of information processes
The model is one of the main categories of the theory of knowledge. In a broad sense, a model is any image (image, map, description, diagram, drawing, graph, plan, etc.) of an object, process or phenomenon.
A systematic approach to solving functional problems
The most effective modeling is carried out using the general principles of the systems approach that underlies the theory of systems. It arose in the process of studying various objects
Life cycle of information products and services
The concept of the life cycle of a product or service implies that they are limited, at least in time. The product life cycle is defined as a movement pattern
Information technology life cycle
The life cycle of information technologies is a model of their creation and use, reflecting the various states of information technologies, starting from the moment
Results of mastering the topic
By studying this topic, you will know: basic terms in this area; what security and protection are and how they are implemented; what are the unauthorized
General information protection provisions
Almost all modern information is prepared or can be easily converted into a machine-readable form. A characteristic feature of such information is the possibility of unauthorized persons
The main types and causes of unauthorized influences on information, buildings, premises and people
Unauthorized actions on information, buildings, premises and people can be caused by various reasons and carried out using various methods of influence. Similar actions can be about
Impacts on information, buildings, premises, personal safety of the user and service personnel
Typical reasons for security breaches at the facility are: 1) individual errors or inaccurate actions; 2) malfunction and (or) failure of the equipment used;
Basic means and methods of information protection
Means and methods of information protection are usually divided into two large groups: organizational and technical. Sub-organizational means legislative, administrative
Cryptographic information security methods
Cryptography is a secret writing, a system for changing information in order to protect it from unauthorized influences, as well as to ensure the reliability of the transmitted data.
Network protection methods
To protect information in information computer networks, special software, hardware and software and hardware are used. In order to protect networks and control access, they use
Safety and security measures
Complex measures to ensure the safety and protection of information, objects and people include organizational, physical, social and psychological measures and engineering and technical means
Application of information technology
Let's highlight the most important areas of application of information technologies: 1. Orientation on the active and effective use of information resources of society, which are important with
Text processing
Text information can arise from various sources and have varying degrees of complexity in terms of presentation. Depending on the form of presentation for processing text messages, use
Processing tabular data
In the process of work, users often have to deal with tabular data when creating and maintaining accounting books, bank accounts, estimates, statements, when making plans and distributed
Processing of economic and statistical information
Economic information is used primarily in the area of material production. It serves as a production management tool and, according to management functions, is subdivided into: predictive,
Office equipment and printing tools for copying and duplicating information
A kind of information technology is the copying and replication of information, including the production and processing, copying and circulation of information. Since ancient times
Methods for copying and duplicating information
The widely used KMT tools use the methods of reprography and operational printing, the composition of which is shown in Fig. 7.1. The reprography method is intended for direct
Screen, offset and hectographic printing
In printing (including operational), equipment and methods are used that ensure high quality printing and significant circulation of issued documents through the use of printing forms - stencils.
Duplicating equipment
According to the principle of operation, KMT is divided into: photocopier, electrographic, thermographic; using screen and offset printing methods with wet, semi-dry and dry methods of forming
Office equipment
Office equipment used at a specific workplace is called “small office equipment”. In addition to the so-called "office stuff" (pencils, pens, erasers, hole punches, sticks, glue, paper clips
Document processing tools
Document processing facilities consist of: folding, creasing and paper cutting machines (folders); collating and sorting machines and devices;
Paper Cutting Equipment
Paper cutters (cutters) are used at any stage of work, for example, cutting roll or other paper. With their help, they cut printed sheets before stitching or circulation, if each
Results of mastering the topic
Studying this topic, you will know: what a computer program is and what computer programs are for; what is the software of computer information
Information technology software
The set of programs used when working on a computer is its software. Software (SW) -
Open systems
Computing technology has developed rapidly. As a result, many devices and programs for them were created. Such an abundance of various software and hardware tools and systems has led to incompatible
Distributed databases
Distributed databases (English "Distributed DataBase", DDB) represent in a certain way interconnected databases, dispersed over some ter
Results of mastering the topic
Studying this topic, you will know: who are the users (consumers) of information technologies and resources; what the user interface is for; how do you rate
User interface
By interacting with computer devices, users seem to talk to them (conduct a dialogue). The reaction of computers to user requests and commands is formal. Therefore prog
Results of mastering the topic
By studying this topic, you will know: how graphical information is displayed on a computer display screen and what a graphical user interface is; what is
Results of mastering the topic
Studying this topic, you will know: what is hypertext and hypertext information technologies; how and what languages are used for hypertext markup of documents;
Multimedia technologies
Multimedia (English "multimedia" from Latin "multum" - a lot and "media", "medium" - focus; means) - this is elec
Projection equipment. Multimedia projectors Means of information Results of mastering the topic Results of mastering the topic Usually they are divided according to the territorial principle into regional and global networks. The rules for working with data packets are called TCP Web technologies
Results of mastering the topic Results of mastering the topic Remark 1 Biometric principle is one of the most secure ways to authenticate a user. This principle uses some stable biometric indicators of a person, for example, the rhythm of pressing keyboard keys, drawing of the lens of the eye, fingerprints, etc. To take biometric indicators, it is necessary to use special devices that must be installed on computers of the highest security levels. Checking the rhythm of work on the keyboard when entering information is carried out on a conventional computer keyboard and, according to the results of experiments carried out in this area, is quite stable and reliable. Even when spying on the work of a user who is typing a passphrase, the identification of an attacker will not be guaranteed when he tries to copy all actions when typing a passphrase. Today, to protect against tampering with information, they increasingly use biometric identification systems. The characteristics that are used in biometric systems are inherent qualities of every user and therefore cannot be lost or tampered with. Biometric information security systems are based on the identification of the following characteristics: A unique biometric characteristic of each user is the iris of the eye. A special barcode mask is applied to the eye image that stands out from the face image. As a result, a matrix is obtained that is individual for each person. Special scanners for recognition by the iris of the eye are connected to the computer. A person's face is identified at a distance. When identifying by face, its shape, color and hair color are taken into account. Important features also include the coordinates of the points of the face in places that correspond to the change in contrast (nose, eyes, eyebrows, mouth, ears and oval). Remark 2 At this stage of development of information technologies, they are experimenting with issuing new passports, the microcircuit of which stores a digital photograph of the owner. When identifying by the palm of the hand, biometric characteristics of the simple geometry of the hand are used - sizes and shapes, as well as some information signs on the back of the hand are controlled (patterns of the location of blood vessels, folds in the folds between the phalanges of the fingers). Palm ID scanners are installed in some banks, airports and nuclear power plants. The presentation for this lecture can be downloaded. Simple identification of the person. Combination of face, voice and gesture parameters for more accurate identification. Integration of the capabilities of the Intel Perceptual Computing SDK modules for the implementation of a multi-level information security system based on biometric information. This lecture provides an introduction to the subject of biometric information security systems, examines the principle of operation, methods and application in practice. Review of ready-made solutions and their comparison. The main algorithms for personal identification are considered. SDK capabilities for creating biometric information security methods. There are a wide variety of identification methods, and many of them are widely used commercially. Today, the most common verification and identification technologies are based on the use of passwords and personal identification numbers (PIN) or documents such as a passport, driver's license. However, such systems are too vulnerable and can easily suffer from counterfeiting, theft and other factors. Therefore, more and more interest is aroused by the methods of biometric identification, which make it possible to determine the personality of a person by his physiological characteristics by recognition by previously saved samples. The range of problems that can be solved using new technologies is extremely wide: In addition, an important factor in reliability is that it is completely independent of the user. When using password protection, a person can use a short keyword or hold a piece of paper with a hint under the computer keyboard. When using hardware keys, an unscrupulous user will not strictly monitor his token, as a result of which the device may fall into the hands of an attacker. In biometric systems, on the other hand, nothing depends on a person. Another factor that has a positive effect on the reliability of biometric systems is the ease of identification for the user. The fact is that, for example, scanning a fingerprint requires less labor from a person than entering a password. And therefore, this procedure can be carried out not only before starting work, but also during its implementation, which, of course, increases the reliability of protection. It is especially important in this case to use scanners combined with computer devices. So, for example, there are mice, when using which the user's thumb always rests on the scanner. Therefore, the system can constantly carry out identification, and the person not only will not suspend work, but also will not notice anything at all. In the modern world, unfortunately, almost everything is sold, including access to confidential information. Moreover, the person who transmitted the identification data to the attacker practically does not risk anything. About the password, we can say that it was picked up, but about the smart card that it was pulled out of the pocket. In the case of using biometric security, a similar situation will no longer occur. The choice of industries that are most promising for the introduction of biometrics, from the point of view of analysts, depends, first of all, on a combination of two parameters: security (or security) and the expediency of using this particular control or protection means. The main place in compliance with these parameters, undoubtedly, is occupied by the financial and industrial sectors, government and military institutions, the medical and aviation industries, and closed strategic facilities. For this group of consumers of biometric security systems, it is primarily important to prevent an unauthorized user from among their employees from performing an operation that is not permitted for him, and it is also important to constantly confirm the authorship of each operation. A modern security system can no longer do not only without the usual means that guarantee the security of the object, but also without biometrics. Also, biometric technologies are used to control access in computer, network systems, various information storages, data banks, etc. Biometric methods of information protection are becoming more relevant every year. With the development of technology: scanners, photo and video cameras, the range of tasks solved using biometrics is expanding, and the use of biometric methods is becoming more popular. For example, banks, credit and other financial institutions serve as a symbol of reliability and trust for their clients. To meet these expectations, financial institutions are paying more and more attention to the identification of users and personnel, actively using biometric technologies. Some use cases for biometric methods: Biometric information security systems are access control systems based on identification and authentication of a person based on biological characteristics, such as DNA structure, iris pattern, retina, face geometry and temperature map, fingerprint, palm geometry. Also, these methods of human authentication are called statistical methods, since they are based on the physiological characteristics of a person, present from birth to death, which are with him throughout his life, and which cannot be lost or stolen. Unique dynamic biometric authentication methods are often used - signature, keyboard handwriting, voice and gait, which are based on the behavioral characteristics of people. The concept of "biometrics" appeared at the end of the nineteenth century. The development of technologies for pattern recognition based on various biometric characteristics began to be dealt with for a long time, the beginning was laid in the 60s of the last century. Our compatriots have made significant progress in developing the theoretical foundations of these technologies. However, practical results have been obtained mainly in the west and more recently. At the end of the twentieth century, interest in biometrics has grown significantly due to the fact that the power of modern computers and improved algorithms have made it possible to create products that, in terms of their characteristics and ratio, have become available and interesting to a wide range of users. The branch of science has found its application in the development of new security technologies. For example, a biometric system can control access to information and storage in banks, it can be used in enterprises that process valuable information, to protect computers, communications, etc. The essence of biometric systems boils down to the use of computer systems for personality recognition based on a person's unique genetic code. Biometric security systems make it possible to automatically recognize a person by their physiological or behavioral characteristics.
Description of the work of biometric systems: All biometric systems work in the same way. First, the recording process takes place, as a result of which the system memorizes a sample of the biometric characteristic. Some biometric systems take multiple samples to capture biometric characteristics in more detail. The information received is processed and converted into mathematical code. Biometric information security systems use biometric methods to identify and authenticate users. Biometric identification takes place in four stages: The conclusion about the coincidence / mismatch of identifiers can then be broadcast to other systems (access control, information security, etc.), which then act on the basis of the information received. One of the most important characteristics of information security systems based on biometric technologies is high reliability, that is, the ability of the system to reliably distinguish between biometric characteristics belonging to different people and reliably find matches. In biometrics, these parameters are referred to as Type I Errors (False Reject Rate, FRR) and Type II Errors (False Accept Rate, FAR). The first number characterizes the probability of denial of access to a person with access, the second - the probability of a false coincidence of the biometric characteristics of two people. It is very difficult to fake the papillary pattern of a person's finger or the iris of the eye. So the occurrence of "errors of the second kind" (that is, granting access to a person who does not have the right to do so) is practically out of the question. However, under the influence of some factors, the biological characteristics by which a person is identified may change. For example, a person may catch a cold, as a result of which his voice will change beyond recognition. Therefore, the frequency of occurrence of "errors of the first kind" (denial of access to a person who has the right to do so) in biometric systems is quite high. The system is better, the lower the FRR value for the same FAR values. Sometimes the comparative characteristic EER (Equal Error Rate) is also used, which determines the point at which the FRR and FAR graphs intersect. But it is not always representative. When using biometric systems, especially face recognition systems, even with the introduction of correct biometric characteristics, the decision on authentication is not always correct. This is due to a number of features and, first of all, to the fact that many biometric characteristics can change. There is a certain degree of probability of system error. Moreover, when using different technologies, the error can differ significantly. For access control systems when using biometric technologies, it is necessary to determine what is more important not to miss a "stranger" or to miss all "friends". Not only FAR and FRR determine the quality of a biometric system. If this were the only way, then the leading technology would be the recognition of people by DNA, for which FAR and FRR tend to zero. But it is obvious that this technology is not applicable at the current stage of human development. Therefore, an important characteristic is the resistance to dummy, the speed of work and the cost of the system. Do not forget that a person's biometric characteristics can change over time, so if it is unstable, this is a significant disadvantage. Ease of use is also an important factor for users of biometric technology in security systems. The person whose characteristics are being scanned should not experience any inconvenience. In this regard, the most interesting method is, of course, face recognition technology. True, in this case, other problems arise, primarily related to the accuracy of the system. Typically, a biometric system consists of two modules: an enrollment module and an identification module. Registration module"trains" the system to identify a specific person. At the registration stage, a video camera or other sensors scan a person in order to create a digital representation of his appearance. As a result of scanning, several images are formed. Ideally, these images will have slightly different angles and facial expressions for more accurate data. A special software module processes this representation and identifies personality traits, then creates a template. There are some parts of the face that hardly change over time, such as the upper outline of the eye sockets, the areas around the cheekbones, and the edges of the mouth. Most of the algorithms developed for biometric technologies allow one to take into account possible changes in a person's hairstyle, since they do not use for the analysis of the facial area above the hairline. Each user's image template is stored in the biometric database. Identity module receives an image of a person from a camcorder and converts it to the same digital format in which the template is stored. The resulting data is compared with a template stored in the database in order to determine if the images match each other. The degree of similarity required for verification is a certain threshold that can be adjusted for different types of personnel, PC power, time of day, and a number of other factors. Identification can be performed in the form of verification, authentication, or recognition. During verification, the identity of the received data and the template stored in the database is confirmed. Authentication - confirms that the image received from the video camera matches one of the templates stored in the database. During recognition, if the obtained characteristics and one of the stored templates are the same, then the system identifies the person with the corresponding template. The IKAR Lab hardware and software complex is designed to solve a wide range of tasks for analyzing sound information that is in demand in specialized law enforcement units, laboratories and forensic centers, flight accident investigation services, research and training centers. The first version of the product was released in 1993 and was the result of collaboration between leading audio experts and software developers. The specialized software tools included in the complex provide high quality visual presentation of speech phonograms. Modern algorithms of voice biometrics and powerful automation tools for all types of speech phonogram research allow experts to significantly increase the reliability and efficiency of examinations. The SIS II program included in the complex has unique tools for identification research: a comparative study of a speaker whose voice and speech recordings were submitted for examination and samples of the suspect's voice and speech. Phonoscopic identification expertise is based on the theory of the uniqueness of the voice and speech of each person. Anatomical factors: the structure of the organs of articulation, the shape of the vocal tract and the oral cavity, as well as external factors: speech skills, regional characteristics, defects, etc. Biometric algorithms and expert modules make it possible to automate and formalize many processes of phonoscopic identification research, such as searching for identical words, searching for identical sounds, selecting compared sound and melodic fragments, comparing speakers by formants and pitch, auditive and linguistic types of analysis. The results for each research method are presented in the form of numerical indicators of the general identification solution. The program consists of a number of modules with the help of which one-to-one comparison is performed. The "Formant Comparison" module is based on the term phonetics - formant, which denotes the acoustic characteristic of speech sounds (primarily vowels) associated with the level of the frequency of the voice tone and forming the timbre of the sound. The identification process using the "Comparison of Formants" module can be divided into two stages: first, the expert searches and selects the reference sound fragments, and after the reference fragments for the known and unknown speakers have been typed, the expert can start the comparison. The module automatically calculates the intra-speaker and inter-speaker variability of the formant paths for the selected sounds and makes a decision on positive / negative identification or an undefined result. The module also allows you to visually compare the distribution of selected sounds on the scatterogram. The "Fundamental Tone Comparison" module allows you to automate the process of speaker identification using the melodic contour analysis method. The method is intended for comparing speech samples based on the implementation parameters of the same type of melodic contour structure elements. For analysis, 18 types of contour fragments and 15 parameters of their description are provided, including the values of the minimum, average, maximum, rate of change of tone, kurtosis, bevel, etc. The module returns the comparison results as a percentage match for each of the parameters and decides on a positive / negative identification or undefined result. All data can be exported to a text report. The automatic identification module allows one-to-one comparison using the following algorithms: The probabilities of coincidence and differences of speakers are calculated not only for each of the methods, but also for their combination. All the results of comparing speech signals in two files, obtained in the automatic identification module, are based on the selection of identifying significant features in them and the calculation of a measure of proximity between the obtained sets of features and calculations of a measure of proximity of the obtained sets of features to each other. For each value of this measure of proximity, during the training period of the automatic comparison module, the probabilities of coincidence and difference of the speakers whose speech was contained in the compared files were obtained. These probabilities were obtained by the developers on a large training sample of phonograms: tens of thousands of speakers, various sound recording channels, many sound recording sessions, and various types of speech material. The application of statistical data to a single case of file-to-file comparison requires taking into account the possible spread of the obtained values of the measure of proximity of two files and the corresponding probability of coincidence / difference of speakers, depending on various details of the situation of speech delivery. For such values in mathematical statistics, it is proposed to use the concept of a confidence interval. The automatic comparison module displays numerical results taking into account confidence intervals of various levels, which allows the user to see not only the average reliability of the method, but also the worst result obtained on the training base. The high reliability of the biometric engine developed by the CRT company has been confirmed by tests by NIST (National Institute of Standards and Technology)
In general
The main means of information are various answering machines, stands and scoreboards. The simplest answering machines are audio-reproducing devices (tape recorders-set-top boxes) connected
Studying this topic, you will know: about automated systems and automated information systems, their types; information on the basic principles of automation
Studying this topic, you will know: what network information technologies include; what are the types of network information technologies; as a collective slave
Regional networks usually cover the administrative territory of a city, region, etc., as well as production and other associations located in several districts
TCP (Transmission Control Protocol) is used to organize reliable full-duplex communication between end points (nodes) of information exchange on the Internet. It converts messages
"Web" (hereinafter - the web) is built on the basis of the use of hypertext. It creates web pages that are posted on websites. Thus, web technologies are largely
Bulletin Board System (BBS). Commonly referred to as small dial-up systems intended for local users.
Studying this topic, you will know: what the integration of information technologies is for; how it is carried out and what is its base; about corporate information
Studying this topic, you will know: what a geographic information system is and how it is built; what technologies of information dissemination exist; about methods addressFingerprint identification
Iris identification
Face identification
Palm identification
4.1. Description of the subject area
4.2. Biometric information security systems
Rice. 4.1.
Rice. 4.2.4.3. Overview of ready-made solutions
4.3.1. IKAR Lab: a complex of forensic research of phonograms of speech
