Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

biometrics and cyber security


Published on

Published in: Education, Technology, Business
  • BioSSL? is a unique 2nd generation fingerprint authentication security system for financial transactions in a global financial environment that deals with trillions of $$ transactions on an annual basis. Because the finger print images are not saved on the servers, the most required safety measure to safeguard the clients interests from the hackers, it becomes an unique product. BioSSL replaces the password with unique features of the user’s identity. * Only the user controls his password. * His unique biometric features are his password. * His password can never be revealed or re-engineered. * No hacker, phishing or web criminal behaviour can use the data.
    Are you sure you want to  Yes  No
    Your message goes here

biometrics and cyber security

  1. 1. © Copyright Daon, 2009 1Biometrics and Cyber SecurityBiometrics and Cyber SecurityKey Considerations in Protecting CriticalKey Considerations in Protecting CriticalInfrastructureInfrastructure –– Now and In The FutureNow and In The FutureConor White, Chief Technology Officer, Daon
  2. 2. © Copyright Daon, 2009 2Why is Cyber SecurityImportant in the Context ofBiometric Systems?
  3. 3. © Copyright Daon, 2009 3Cyber Security & Biometrics On the Internet, nobody knows you are a dog….Or a terrorist …Or a student … Or a spy…
  4. 4. © Copyright Daon, 2009 4Identity is More Valuable than Money!“I can’t think of a single piece of information more critical to our ultimatesecurity and prosperity, both as individuals and as a country, than our personalidentity. The ability of an individual to establish identity, to verify “you arewho you claim to be”, is critical to the many transactions that occur in a singleday. As the world becomes more interdependent, as transactions become moreglobal, and as the world embraces identity management and assurance as anelement of conducting business, personal identities will become a form ofglobal currency. Whether you are crossing a border, seeking employment,applying for a public benefit, opening a bank account, combating crime, makinga purchase, enforcing immigration policy, granting access to public and privatespaces, detecting terrorists ---- identity verification has limitless value.”Governor Tom RidgeFormer Secretary, Department of Homeland Security
  5. 5. © Copyright Daon, 2009 5Identity Management is Fundamental to CyberSecurity Cyber Security is about establishing trust inentities accessing your networks andensuring that they perform functionsconsistent with the role you define for them. The fundamental capability necessary forany cyber security solution is IdentityManagement.• Biometrics is a key enabling technology in thefight to strengthen the security of systems againstcyber crime However…
  6. 6. © Copyright Daon, 2009 6…Biometric Identity Systems Will Be Attacked! In this session we will discuss (briefly)the following cyber security topics asthey relate to Biometric Systems:1. System Level Perspective2. Person Level Perspective3. Independence, Flexibility, OngoingAnalysis and Adaptation
  7. 7. © Copyright Daon, 2009 7Attacks on Biometric SystemsConsider the following: Don’t have to duplicate to spoof – you just need to alter to ensure no 1:1 or 1:Nmatch (negative identification scenarios) As our databases grow, we struggle to achieve universality As we seek to automate, unattended acquisition and authentication creates risk As more systems are deployed, frequency and sophistication of attacks willincrease• Microsoft OS virus vs Apple OS virus No Biometric modality is perfect – don’t believe anybody who tells you otherwise No silver bullet - lots of papers & patents but few commercial offerings Industry starting to look more seriously at liveness detection – e.g. LivDet 2009Biometrics provide a clear benefit tocounteracting cyber security threats – butbiometric systems can themselves be asource of weakness
  8. 8. © Copyright Daon, 2009 8How Do We Compete? Countermeasures are required:• Enhanced Capture Software• Secured Systems• New Capture Devices• Multi-factor• Multi-modal• Supervision & Oversight – guiding standard and principles• Ability to react through flexible technology and process Biometric matching has been a technology- and tool-centric field. A Defense-in-Depth method of dealing with biometric & identity-relatedconcerns takes a more holistic approach:PeopleTechnology Operations
  9. 9. © Copyright Daon, 2009 9Biometric System Threats &Countermeasures
  10. 10. © Copyright Daon, 2009 10Biometric System VulnerabilitiesKey Considerations:• There is no perfect identity authentication method – every form ofauthentication has vulnerabilities• The entire identity eco-system is vulnerable to attack• Don’t just secure the point of authentication• Consider systemic weaknesses as well• Must provide a defense-in-depth strategySignalProcessingDataCollectionMatchingStorageDecisionVerifier1 2 3 4 5678 91011PersonPerspectiveSystemPerspectiveSource: Study report on Biometrics and E-Authentication
  11. 11. © Copyright Daon, 2009 11First Principle of Cyber SecuritySecurity by Design Security should be designed into a solution and not “bolted on” after the fact All solutions MUST be designed using industry-best security principles• Encryption of data – both in transit and at rest• Use of strong cryptographic techniques (e.g. HSMs)• Robust key management• Non-repudiation of events• Authorization of function• Integrity protection – data and system• Uses industry proven techniques – no “security by obscurity”Biometrics systems are vulnerable to attack at severalpoints in the process: data collection, signal processing,data storage, and decision/action point
  12. 12. © Copyright Daon, 2009 12Location Threats Example Countermeasures1 – Data Collection Spoofing Liveness detection - Challenge/responseMulti-modal, policy-basedDevice substitution Mutually authenticate deviceVendor agnostic architecture2 – Raw DataTransmissionReplay attack Sign data, timestamp, session tokens/nonces, HSM,FIPS3 – SignalProcessing(Software) ComponentreplacementSign components5 – Matching Manipulation of matchscoresDebugger hostile environmentHill climbing Coarse scoring, trusted sensor, secure channel, limitattempts7 - Storage Database compromise(reading/replacingtemplate, changingbindings)DB access controls, sign/encrypt templates, store onsecure tokenAudit, digital signature9 – Decision Threshold manipulation Protected function, data protectionSignalProcessingDataCollectionMatchingStorageDecisionVerifier1234567891011PersonPerspectiveSystemPerspectiveDefense in DepthSo How do We Design inthe Countermeasures?
  13. 13. © Copyright Daon, 2009 13And Don’t Forget about Data Security Provide an authenticationframework that• Securely manages sensitivebiometric data.• Ensures the privacy of users’personal (e.g. biometric) data.• Resists attacks launched byinsiders/outsiders.• Provides for non-repudiationof activities.• Integrates with 3rd partyapplications.• Scales to enterprise-widedeployments.• Is biometric-agnostic bydesign. Biometric data must be storedsecurely• Privacy concerns (legislation)• Risk of legal challenges tosignatures if stolen Assume a hostile network• Eavesdropping on sensitivetraffic.• Injection/deletion of messages Assume a hostile environment• Database may becompromised.• Machines may be physicallyattacked.• Attacks launched against OSor Daon software.
  14. 14. © Copyright Daon, 2009 14In Summary Biometrics enable stronger defense against cyber securityattacks but biometric systems need to ensure that theydon’t become a platform for launching an attackthemselves Design Security In – Don’t just bolt it on• Protect biometric systems using a holistic approach• Ensure all data is encrypted (in motion and at rest)• Ensure robust key management and distribution• Signing of all parties in a transaction• Tamper evidence and integrity checks throughout system• Audit trails and non-repudiation• Consider all points in a solution and look for vulnerabilities Its NOT just about the matching algorithm!
  15. 15. © Copyright Daon, 2009 15Person-Oriented Attacks &Countermeasures
  16. 16. © Copyright Daon, 2009 16Person Oriented Attacks Historically the focus has been finger, face, and iris however, there areseveral modes being refined: vein, voice, iris on the move,…. To defeat a biometric system, sometimes it is sufficient to causedistortion (i.e. to not match).• Example, distortion of fingerprints to avoid watchlist hits Universality/Inclusivity becomes a major issue for large populations Multi-Modal solutions work best Systems need an adaptive architecture that can incorporate these newmodes and leverage technology improvements over timeThe most progressive, modern systems begin as a multi-biometric platform withbuilt in systemic security & privacy safeguards andadd different biometric capabilities as needed over time!
  17. 17. © Copyright Daon, 2009 17Multi-biometric Fusion Use fusion to improve accuracy and robustness• Increase accuracy beyond single biometric matching• Reduce FTE (broaden population)• Spoof/denial resistance• Cope with poor quality data• Sensor/user fault tolerance Fusion performance depends on:• Input data available• Comparison algorithm accuracy• Correlations between different matcher scores• Fusion technique• Training data
  18. 18. © Copyright Daon, 2009 18Multi-Biometric Fusion in Action Choose a platform thatenables multiple biometricsto ensure optimizedperformance Multi-biometric systemsprovide key advantages:• Increased accuracy (noisereduction)• Enhanced Usability• Greater Universality• Improved Security• Improved performance(FMR, FNMR) As enrollment populationsgrow dramatically, multi-modal solutions areinevitable.Performance of large scale identity programs can be significantlyimproved through the use of multiple biometrics.Large scale systems should establish a core multi-biometric platformfirst and then choose the most applicable algorithms to suit theirpopulation, commercial and performance needs0.1000%1.0000%10.0000%100.0000%0.0001% 0.0010% 0.0100% 0.1000% 1.0000% 10.0000% 100.0000%False Match Rate (FMR)FalseNon-MatchRate(FNMR)FaceFingerSum fusionProduct fusion
  19. 19. © Copyright Daon, 2009 19In Summary There is NO perfect biometric type There is NO perfect biometric device or algorithm Biometric performance will continue to increase over time, costs willdecrease Spoofing attacks will continue and gain in frequency and complexity A flexible framework is needed to counteract these attacks Multi-biometric systems provide best defense – with ability tocontinually add new technology components Policy based normalization and fusion should be kept independent ofbiometric matching algorithms Adopt a platform that enables you to take advantage of technologicalimprovements over time
  20. 20. © Copyright Daon, 2009 20Technology Flexibility,Ongoing Analysis andAdaptation
  21. 21. © Copyright Daon, 2009 21Analysis and Adaptation Question: How do you react to:• Biometric technologies continuously changing• Weaknesses identified in specific algorithms or devices• Spoofing techniques continuously improving• New normalization and fusion techniques emerging• Throughput and performance models emerging• … Answer: Deploy an analysis and adaptation engine that enables youto do “what-if analysis” and understand consequences of changesahead of implementation Identify and correct weak points ahead of cyber attackers Automate performance analysis of what-if scenarios:• Algorithms: Matching, Quality, Fusion• Devices/sensors• Interoperability: Cross-device analysis, multi-algorithm scenarios• Protocols e.g. 1:1, 1:N, #attempts, preferred sample types
  22. 22. © Copyright Daon, 2009 22Which Fusion? DETs1.0E-031.0E-021.0E-011.0E+001.0E-06 1.0E-05 1.0E-04 1.0E-03 1.0E-02 1.0E-01 1.0E+00False Match Rate (FMR)FalseNon-MatchRate(FNMR)517_Face_C517_Finger_LISUM: MinMaxSUM: ZscoreSUM: MADSUM: TanHPROD: FNMRPROD: Liklihood
  23. 23. © Copyright Daon, 2009 23Self Optimizing Framework for Analysis andAdaptationBiometricPerformanceAnalysisEngineResultsAnalysisPolicy BasedBiometricPlatformBiometricPerformanceAnalysisEngine
  24. 24. © Copyright Daon, 2009 24In Summary Vendor independence provides both a monetary ROI and a cyber-threat risk mitigation Leverage concept of master broker to orchestrate operations ofbiometric components Ensure a vendor independent framework is put in place Ensure (i.e. prove positively) that your solution is independent of anysingle biometric technology provider Maintain strict data independence from underlying device or matchertechnology Large scale programs can clearly benefit for performance analysistools to ensure optimum use of biometrics Deploying a system that leverages synergies between an identificationbroker and analysis tools enables systems to be self optimizing overtime yielding better performance and mitigating against cyber securitythreats
  25. 25. © Copyright Daon, 2009 25Thank You – Questions?Conor WhiteEmail: conor.white@daon.comDirect: 703 984 4010