1

Biometrics Systems

Adapted from B. Cukic

2 - 2

Biometric Systems Segment Organization Introduction System architecture

2 - 3

Biometrics Engineering Definition and Approaches Definition, Criteria for Selection Survey of Current Biometrics and Relative Properties Introduction to socio-legal implications and issues

Introduction

2 - 4

Recap – Identification in the 21st Century

Dispersion of people from their “Natural ID Centers”

Social units have grown to tens of thousands or millions/billions.

Need to assure associations of identity with end-to-end transactions without physical presence

Project your presence (ID) instantly, accurately, and securely across any distance

2 - 5

Identification Methods We need to achieve this recognition

automatically in order to authenticate our identity.

Identity is not a passive thing, but associated with an act or intent involving the person with that identity

Seek a manageable engineering definition.

2 - 6

Biometric Identification Pervasive use of biometric ID is enabled by

automated systems Enabled by inexpensive embedded computing and

sensing. Computer controlled acquisition, processing, storage,

and matching using biometrics. Biometric systems are one solution to

increasing demand for strong authentication of actions in a global environment.

Biometrics tightly binds an event to an individual A biometric can not be lost or forgotten,

however a biometric must be enrolled.

2 - 7

What is an Automated Biometric System?

An automated biometric system uses biological, physiological or behavioral characteristics to automatically authenticate the identity of an individual based on a previous enrollment event.

For the purposes of this course, human identity authentication is the focus. But in general, this need not necessarily be the case.

2 - 8

Characteristics of a Useful Biometric

If a biological, physiological, or behavioral characteristic has the following properties… Universality Uniqueness Permanence Collectability

….then it can potentially serve as a biometric for a given application.

2 - 9

Useful Biometrics 1. Universality

Universality: Every person should possess this characteristic

In practice, this may not be the case Otherwise, population of

nonuniversality must be small < 1%

2 - 10

Useful Biometrics 2. Uniqueness

Uniqueness: No two individuals possess the same characteristic.

Genotypical – Genetically linked (e.g. identical twins will have same biometric)

Phenotypical – Non-genetically linked, different perhaps even on same individual

Establishing uniqueness is difficult to prove analytically

May be unique, but “uniqueness” must be distinguishable

2 - 11

Useful Biometrics 3. Permanence

Permanence: The characteristic does not change in time, that is, it is time invariant

At best this is an approximation Degree of permanence has a major impact on the

system design and long term operation of biometrics. (e.g. enrollment, adaptive matching design, etc.)

Long vs. short-term stability

2 - 12

Useful Biometrics 4. Collectability

Collectability: The characteristic can be quantitatively measured.

In practice, the biometric collection must be: Non-intrusive Reliable and robust Cost effective for a given application

2 - 13

Current/Potential Biometrics

Voice Infrared facial

thermography Fingerprints Face Iris Ear EKG, EEG Odor

Gait Keystroke dynamics DNA Signature Retinal scan Hand & finger geometry Subcutaneous blood

vessel imaging

What is consensus evaluation of current biometrics based on these four criteria?

2 - 14

System-Level Criteria Our four criteria were for evaluation of the

viability of a chosen characteristic for use as a biometric

Once incorporated within a system the following criteria are key to assessment of a given biometric for a specific application: Performance User Acceptance Resistance to Circumvention

2 - 15

Central Privacy, Sociological, and Legal Issues/Concerns

System Design and Implementation must adequately address these issues to the satisfaction of the user, the law, and society. Is the biometric data like personal information (e.g.

such as medical information) ? Can medical information be derived from the

biometric data? Does the biometric system store information

enabling a person’s “identity” to be reconstructed or stolen?

Is permission received for any third party use of biometric information?

2 - 16

Central Privacy, Sociological, and Legal Issues/Concerns (2) Continued:

What happens to the biometric data after the intended use is over?

Is the security of the biometric data assured during transmission and storage?

Contrast process of password loss or theft with that of a biometric.

How is a theft detected and “new” biometric recognized?

Notice of Biometric Use. Is the public aware a biometric system is being employed?

2 - 17

Biometric System Design Target Design/Selection of Systems for:

Acceptable overall performance for a given application

Acceptable impact from a socio-legal perspective Examine the architecture of a biometric

system, its subsystems, and their interaction Develop an understanding of design choices

and tradeoffs in existing systems Build a framework to understand and quantify

performance

2 - 18

Automated Biometric Identification: A Comprehensive Automated Biometric Identification: A Comprehensive ViewView

BiometricSignature

Acquisition

Camera(s),

Si CMOS System-on-

a- chip

Lab on a chip, Implantable

med. device…

Data ReductionClassification

Processing

0.0 0.5 1.0 1.5 2.0 2.5

Minutia extractio

n

Filtering, FFT,

wavelets,

Fractals…

Template StorageDatabase SearchMatch, Retrieval

Databases,

Time series data

Data Mining

Statistical Modeling…

Arrhythmia,

SIDS,

Identity

Biological Agents,

Microbial pathogens..

.

MATCH?

Action… Logical/Phys. Access (IA,

medical, bio)

Biometric SignatureSelection

Iris, Hand, Face, …

Voice, Electro-

physiological

Musculo-skeletal,

Molecular, DNA

Microbial …

Identification Process

2 - 19

Biometric Systems Segment Organization Introduction System Architecture

20

System Architecture

Application Authentication Vs. Identification Enrollment, Verification Modules Architecture Subsystems

2 - 21

Biometric Applications

Four general classes: Access (Cooperative, known subject)

Logical Access (Access to computer networks, systems, or files)

Physical Access (access to physical places or resources)

Transaction Logging Surveillance (Non-cooperative, known subject)

Forensics (Non-cooperative or unknown subject)

2 - 22

Biometric Applications (2) Transactions via e-commerce Search of digital libraries Computer logins Access to internet and local networks Document encryption Credit cards and ATM cards Access to office buildings and homes Protecting personal property Tracking and storing time and attendance Law enforcement and prison management Automated medical diagnostics Access to medical and official records.

2 - 23

System Architecture Architecture Dependent on Application:

Identification: Who are you? One to Many (millions) match (1:Many) One to “few” (less than 500) (1:Few) Cooperative and Non-cooperative subjects

Authentication: Are you who you say you are?

One to One Match (1:1) Typically assume cooperative subject

Enrollment and Verification Stages common to both.

2 - 24

System Architecture (2)Enrollment : Capture and processing of user biometric data for use by system in subsequent authentication operations.

Acquire and DigitizeBiometric Data

ExtractHigh Quality Biometric

Features/Representation

Formulate Biometric

Feature/Rep TemplateDatabaseTemplate Repository

Authentication/Verification : Capture and processing of user biometric data in order to render an authentication decision based on the outcome of a matching process of the stored to current template.

Acquire and DigitizeBiometric Data

ExtractHigh Quality Biometric

Features/Representation

Formulate Biometric

Feature/Rep Template

Template Matcher

Decision

Output

2 - 25

System Architecture (3) Authentication Application:

Enrollment Mode/Stage Architecture

BiometricData Collection Transmission

Signal Processing, Feature Extraction,

Representation

Quality Sufficient?

Yes

No

Database Generate Template

Additional image preprocessing, adaptive

extraction or representation

Require new acquisition of biometric

Approx 512 bytes of data per template

2 - 26

System Architecture (4) Authentication Application:

Verification/Authentication Mode/Stage Architecture

BiometricData Collection

TransmissionQuality

Sufficient?

Yes

Template Match

DecisionConfidence?

Signal Processing, Feature Extraction,

Representation

No

Database

Generate Template

Additional image preprocessing, adaptive

extraction/representation

Require new acquisition of biometric

Approx 512 bytes of data per template

NoYes

2 - 27

Architecture Subsystems

Data Collection Transmission Signal Processing/Pattern Matching Database/Storage Decision

What comprises these subsystems and how do they interact with other elements (what are their interface and performance specifications?)

2 - 28

Architecture Subsystems (2) Data Collection Module

Biometric choice, presentation of biometric, biometric data collection by sensor and its digitization.

Biometric Data Collection

TransmissionBiometricPresentation Sensor

Recollect

Signal Processing Feature Extraction

Representation

2 - 29

Architecture Subsystems (3) Transmission Module

Compress and encrypt sensor digital data, reverse process.

Recollect

Biometric Data Collection Transmission

BiometricPresentation Sensor

Com

pre

ssio

n

Tra

nsm

issi

on

Deco

mpre

ss

Encr

ypti

on

Decr

ypti

on

Signal Processing,Feature Extraction,

Representation

2 - 30

Architecture Subsystems (4) Signal Processing/Matching Module

Be aware of potential transmission prior to match

TransmissionSignal Processing

Feature Extraction,Representation

Com

pre

ssio

n

Tra

nsm

issi

on

Deco

mpre

ss

Encr

ypti

on

Decr

ypti

on

Yes

No

Template MatchDatabase

Generate Template

Reprocess

Quality Control

Recollect

DecisionConfidence?

NoYes

2 - 31

Architecture Subsystems Database module

In what form is biometric stored? Template or raw data?

TransmissionSignal Processing

Feature Extraction,Representation

Com

pre

ssio

n

Tra

nsm

issi

on

Expansi

on

Encr

ypti

on

Decr

ypti

on

Yes

No

Template Match

Generate Template

Reprocess

DecisionConfidence?

Quality Control

Recollect

Biometric Template: A file holding a mathematical representation of the identifying features extracted from the raw biometric data.

DatabaseTemplates

Images

NoYes

2 - 32

Architecture Subsystems Decision module

Is there enough similarity to the stored information to declare a match with a certain confidence ?

TransmissionSignal Processing

Feature Extraction,Representation

Com

pres

sion

Tran

smiss

ion

Deco

mpr

ess

Encr

yptio

n

Decr

yptio

n

Reprocess

DecisionConfidence?Decision

Confidence?

Quality Control

Recollect

DatabaseTemplates

Images

Template Match

Generate Template

No

No

Yes

Yes