Biometric systems for access control

a. Different types of biometric systems for access-control systems:-

Biometric system for access control can be classified as follows:-.

Physiological Biometrics:-They are as follows.

1) Fingerprint Recognition:- In this system, the image of fingerprint of a person is taken and other characteristics of fingerprint such as loops, whorls and arches along with outlines of furrows, minutiae and edges are recorded. Fingerprints are captured using optical sensor or image sensor (Sousedik & Busch, 2014).

2) Face Recognition:- Face recognition system identifies or verifies a person from the digital image of the person’s face by analysing and comparing patterns. In this system, the data associated with nodal points or end points on the digital image of a person’s face is captured and stored as a face print (Bhatia, 2013).

3) Hand Geometry:- This system is based on geometric shape of the hand and the system reads fingers, sides of the hands and the palm and uses metrics such as knuckles’ shape, the height of the fingers or distance between joints for identification (Zhang, Wang & Xi, 2015).

4) Iris Recognition:- In this system, a person is identified based on single patterns in the surrounding region of the pupil of the eye. Normally, the iris has a brown, grey, green or blue, colour with difficult patterns, which are noticeable upon close inspection (Saini & Rana, 2014).

Behavioural Biometrics:-They are as follows.

1) Voice Recognition:- In this system, speech technology is processed to capture the behavioural and physiological factors which are then combined to produce speech patterns (Frank et al., 2013).

2) Keystroke Recognition:- In this process, an individual’s identity is verified or confirmed on the basis of the rhythm and style of keyboard typing (Dholi & Chaudhari, 2013).

3) Signature Recognition:- In this system, the physical activities of signature process such as the speed rate, sequence of stroke order and pressure applied are measured and analysed (Galbally et al., 2015).

Advantages of fingerprint biometric system:-

• Fingerprint biometric system is extremely secure as identity point is captured in such a way that it quite difficult to fake.
• Fingerprint recognition software allows electronic way of record-keeping data.

Disadvantages of fingerprint biometric system:-

• Implementation of fingerprint biometric system is quite expensive.
• The reading of only one section of a person’s finger by fingerprint biometric system is susceptible to error. Moreover, manual repositioning of fingers for correct reading is also time-consuming.

Advantages of hand geometry biometric system:-

• It is inexpensive, simple and relatively user friendly.
• It is generally considered less intruding compared to fingerprints biometrics, retinal biometrics and so on.

Disadvantages of hand geometry biometric system:-

• Hand geometry is not at all unique and hence not suitable for identification systems
• Jewellery (rings), limited dexterity (arthritis) may create a problem regarding extraction of hand geometry information.

Advantages of iris recognition biometric system:-

• A person’s Iris patterns remains unchanged throughout life, as it is being protected by the person’s own body mechanism.
• Iris recognition biometric system is similar to plug and play feature and the process is similar to taking a normal photo from the regular distance, and thus it is comfortable and easy to use.

Disadvantages of iris recognition biometric system:-

• Regular use of this system harmful to the iris due to constant scanning of the iris with infrared light.
• The system may not be effective, as it may be obscured by reflections, lenses and eyelashes, which often create a problem.

Example of fingerprint biometric system application:-

Fingerprint based access control is more effective than traditional identity card and thus it could be used in identity and access management.

Example of hand geometry biometric system application:-

Hand geometry biometric system is used for applications related to personal verification, physical access, attendance tracking.

Advantages and disadvantages of biometric systems

Example of iris recognition biometric system application:-

Due to its high accuracy and ease of use, iris recognition technology could be used in healthcare system as it faces difficulties in establishing accurate patient identification.

Software PET:- It is implement by most users on their systems based on anonymous web browsers such as Internet Explorer (IE) 8 or Google Chrome or, encryption or anti-virus software. Data in motion, in use, and at rest capabilities are deployed by new technologies such as Data Leak Prevention (DLP), also called Information Leak Prevention (ILP) (Koops & Leenes, 2014).

Hardware PET:- It is implemented through firewalls, routers, biometric scanners (fingerprint) and smart cards, such as Common Authentication Card (CAC) normally used by the military. Though most of today’s encryption systems are software-based, still hardware encryption is gaining since in such encryption there is no impact to performance due to automatic encryption/decryption of data (Büscher & Katzenbeisser, 2017).

User Actions PET:- This category requires the user to perform some action in order to enhance the level of privacy such as opt-in (authorizing) to some service such as behavioral targeting or opt-out as in Do Not Call/Track registries.  Users have the ability to delete cookies, logs, and visited sites from their browsers and systems (Agir et al., 2014). 

Example:-Wardriving is the practice of driving around with a wireless (Wi-Fi) detector looking for unprotected networks.  Once unprotected networks are identified, their bandwidth can be hijacked for other purposes.  Anti-wardriving is as simple as ensuring a router or gateway is password protected.  Setting up a home modem with WPA (Wi-Fi Protected Access) and a good password/passphrase will block wardriving attempts (Agir et al., 2014).

1) Hello Flood:- Normally, in WSN some routing protocols need to broadcast hello messages to their neighbour. A recipient node of such messages may assume it within the sender’s radio range. Here arises the possibility of hello flood attack as the mentioned assumption in some cases may be false due to the fact sometimes a laptop-class attacker with sufficient transmission power broadcast routing as well as other data or information and convince itself as neighbour to all nodes of network. As a result, the messages that are sent by a large number of nodes to this imaginary neighbour is far away from the adversary and thus those nodes would be sending the messages into oblivion. Such attacks can be avoided or counteracted by verification of the link’s bi-directionality before taking action based on the received message received over that link (Singh, Ukey & Jain, 2013).

Example applications of biometric systems

2) Selective Forwarding / Black Hole Attack:- In WSN, it is presumed that the participating nodes will conscientiously forward the messages. However, routing of certain messages are refused and dropped by the attacking or malicious nodes. Black hole attack occurs if all the messages are dropped through them. However, selective forwarding occurs if the attacking nodes selectively forward the packets. This situation can be avoided by utilising multi-path routing with combination with random selection of paths to destination or by using paths that do not have two consecutive common nodes or any common link to ensure that packets are forwarded as they were sent (Gondwal & Diwaker, 2013).

3) Sybil Attack:- In this attack, a single node mislead other nodes by presenting multiple identities to all other nodes in the network. As a result, routes that are believed to be disconnected with respect to node can have the same adversary node. Such attack can be avoided or counter measured if for each node with the base station a unique shared symmetric key could be used (Jan et al., 2018).

References:-

Agir, B., Papaioannou, T. G., Narendula, R., Aberer, K., & Hubaux, J. P. (2014). User-side adaptive protection of location privacy in participatory sensing. GeoInformatica, 18(1), 165-191.

Bhatia, R. (2013). Biometrics and face recognition techniques. International Journal of Advanced Research in Computer Science and Software Engineering, 3(5).

Büscher, N., & Katzenbeisser, S. (2017). Introduction. In Compilation for Secure Multi-party Computation (pp. 1-4). Springer, Cham.

Frank, M., Biedert, R., Ma, E., Martinovic, I., & Song, D. (2013). Touchalytics: On the applicability of touchscreen input as a behavioral biometric for continuous authentication. IEEE transactions on information forensics and security, 8(1), 136-148.

Galbally, J., Diaz-Cabrera, M., Ferrer, M. A., Gomez-Barrero, M., Morales, A., & Fierrez, J. (2015). On-line signature recognition through the combination of real dynamic data and synthetically generated static data. Pattern Recognition, 48(9), 2921-2934.

Gondwal, N., & Diwaker, C. (2013). Detecting blackhole attack in WSN by check agent using multiple base stations. American International Journal of Research in Science, Technology, Engineering & Mathematics, 3(2), 149-152.

Jan, M. A., Nanda, P., He, X., & Liu, R. P. (2018). A Sybil attack detection scheme for a forest wildfire monitoring application. Future Generation Computer Systems, 80, 613-626.

Koops, B. J., & Leenes, R. (2014). Privacy regulation cannot be hardcoded. A critical comment on the ‘privacy by design’provision in data-protection law. International Review of Law, Computers & Technology, 28(2), 159-171.

Saini, R., & Rana, N. (2014). Comparison of various biometric methods. International Journal of Advances in Science and Technology, 2(1), 2

Singh, V. P., Ukey, A. S. A., & Jain, S. (2013). Signal strength based hello flood attack detection and prevention in wireless sensor networks. International Journal of Computer Applications, 62(15).

Sousedik, C., & Busch, C. (2014). Presentation attack detection methods for fingerprint recognition systems: a survey. Iet Biometrics, 3(4), 219-233.

Zhang, W., Wang, C., & Xi, X. (2015). 3D Scan of Ornamental Column (huabiao) Using Terrestrial LiDAR and Hand-held Imager. The International Archives of Photogrammetry, Remote Sensing and Spatial Information Sciences, 40(5), 491.