BioSecBiometrics & Security IST-2002-001766
© 2005 BIOSEC Consortium 1 May 2005
BioSecBiometrics & Security
Orestes Sanchez BioSec Coordinator Telefónica I+D, S.A.U.
BioSec: Biometrics and Security in the 6th Framework Programme
Porvoo Group 7th meetingReykjavik, Iceland
BioSecBiometrics & Security IST-2002-001766
© 2005 BIOSEC Consortium 2 May 2005
Biometrics: Open issues
• Biometrics is a key technology for improving security and trust Privacy enhancing Ambient intelligence Space
• Open Issues: Unsatisfactory level of performance for some biometrics Lacking reliability and security of sensor technology Inapplicability of unimodal biometric systems on very large databases Performance evaluation of biometric systems changes from method to method Knowledge production is not coordinated Research/market fragmentation as a result of missing coordinated actions. Lack of interoperable and reliable biometric data storage Establishing standards in biometric systems in all system components Reluctance of users to accept biometry as a trustable, reliable technology Biometric systems are lacking user point of view, both in ergonomics and in usability Legal issues concerning the protection of user privacy and rights on biometric data
BioSecBiometrics & Security IST-2002-001766
© 2005 BIOSEC Consortium 3 May 2005
BioSec
• BioSec: Biometrics and Security FP6 IST Integrated Project IST-2002-001766:
Towards a global dependability and security framework Starting activities 1st December, 2003 for two years.
• Security in BioSec means improvements in the following areas: Usability and acceptance security perception Designing for Trust and Confidence Robustness and Performance Physical and logical security Law fulfilment
• Multidisciplinary approach across the elements of the biometric authentication chain: devices, systems and scenarios implementation
BioSecBiometrics & Security IST-2002-001766
© 2005 BIOSEC Consortium 4 May 2005
BioSec Objectives
• Enable new technology development in basic biometric technologies to leverage security, across biometric authentication chain
• Put the technology to work and to meet requirements of real world applications Contribute to definition and adoption of standard and interoperable
solutions in biometrics and ID Tokens. Develop effective solutions for secure biometric template storage and
match-on-tokens Two selected scenarios:
physical Access remote access
Performance, usability and acceptability evaluation with sound and scientific procedures.
Collection of Multiple-biometrics database
BioSecBiometrics & Security IST-2002-001766
© 2005 BIOSEC Consortium 5 May 2005
BioSec Consortium
• Project Coordinator is Telefonica I+D
• Industrial partners: Siemens AG, Germany (SIEMENS) Atmel Grenoble, S.A., France (ATMEL) Finnair Oy, Finland (FINNAIR) Giesecke and Devrient GmbH, Germany (GandD) VCON Telecommunications Ltd., Israel (VCON)
• Companies Biometrika SRL, Italy (BIOK) Etra I+D, S.A, Spain (ETRA) Ibermatica, S.A. Spain (IBERMATICA) MediaScore GmbH, Germany Expertnet A.E., Greece (EXPERTNET) Naukowa i Akademicka Sieć Komputerowa, Poland
(NASK)
BioSecBiometrics & Security IST-2002-001766
© 2005 BIOSEC Consortium 6 May 2005
BioSec Consortium II
• Government Bodies Sisäasiainministeriö, Ministry of the Interior Finland (MIFIN)
• Research Centres Valtion Teknillinen Tutkimuskeskus, Finland (VTT) Centre for Research and Technology Hellas, Greece (ITI-
CERTH)
• Academic centres Tampereen Yliopisto (University of Tampere), Finland (UTA) Alma Mater Studiorum – Universita Di Bologna, Italy (UNIBO) Univ Carlos III de Madrid, Spain (UC3M) Univ Politecnica de Madrid, Spain (UPM) Univ Politecnica de Catalunya, Spain (UPC) Universität zu Köln, Germany (UCOL) Aristotle University Of Thessaloniki, Greece (AUTH) Katholieke Universiteit Leuven, Belgium (KULRD)
University of CologneDepartment of Psychology
BioLabBioLabUniversity University
of of BolognaBologna
BioSecBiometrics & Security IST-2002-001766
© 2005 BIOSEC Consortium 7 May 2005
BioSec WorkflowReview
Scenarios and applications
Prototypes withBioSec technology
BioSec Technology
BioSec interfaces
BioSec technology
Scenarios and
applications
Biometric technologiesSpecs
Current Technology
BioSec interfaces
State-of-the-art technology
First Prototypes
First year
BioSec Results
BioSecBiometrics & Security IST-2002-001766
© 2005 BIOSEC Consortium 8 May 2005
BioSec Interoperability Framework
• Interoperability framework Vertical and horizontal integration
• Three components: Sensor API
Capture Low-level BioAPI compliant: Lighter and object-oriented
Token API APDU formats Security Mechanisms: Confidentiality,
Authenticity and Integrity Services offered by the card and the terminal Biometric Match-on-Token Java Classes Specification for Terminal
Programming Biometric API
Integrated approach to matching Logic and Biometric algorithms
Sensor X Sensor Y Token B Token A
BioSec sensor API BioSec Token API
Application and services
Protocols and network security
BioSec API
BioSecBiometrics & Security IST-2002-001766
© 2005 BIOSEC Consortium 9 May 2005
Template storage and match-on-token
• Leverage the use of secure personal biometric storage and providing solutions to overcome the need of centralized biometric databases Put biometrics under user control. Enabling privacy preserving scenarios
• Develop Biometric ID Tokens: Smart Cards and USB-Tokens Interoperable Token Application Program
Interface. Explore the integration of biometric template data
formats Robust and secure template storage and
transmission in and out Integrate Matching Algorithms on the Token
• Strong liaison with eEPOCH (FP5-IST) partners
BioSecBiometrics & Security IST-2002-001766
© 2005 BIOSEC Consortium 10 May 2005
Personal storage for biometric data
• Main Target: Develop new means to personal ID Token
able to perform Biometric Authentication Increase the use of personal ID Tokens among European Society
• ID Tokens Requirements: Secure storage, communication and processing Comfortable for the user Suitable for different environments Interoperable
• Technologies under study JavaCards Tokens: USB – or suitable to be adapted to other interfaces. New Microelectronic Designs for future smart cards
BioSecBiometrics & Security IST-2002-001766
© 2005 BIOSEC Consortium 11 May 2005
Biometric ID TokensCarried-on activities
• Definition of the storage format for Biometric Templates Current standardization specifications: ISO SC37 drafts
• Development of an API for Biometric ID Tokens 1st version of specifications available at BioSec web site.
• Development of Match-on-Token Solutions Currently with Iris Biometrics on JavaCard, and Fingerprint on
native code By the end of Q1 2005, prototypes with USB-Tokens and Match-
on-Token
• USB Token Development Platform and Microelectronic Development Platform completed
BioSecBiometrics & Security IST-2002-001766
© 2005 BIOSEC Consortium 12 May 2005
First phase studies on acceptance and usability of biometric technology
• Cross cultural study (Finland, Spain, Germany) Crucial result: German participants are better acquainted with biometric
security systems than Finnish and Spanish participants, also they express less concerns with regard to centralised data storage
• Field study (Vantaan Airport) Crucial result: Usability and acceptance of the fingerprint system was high,
perceived drawbacks are slowness and low reliability during first trial
• Laboratory study (Mediascore Lab Cologne) Crucial result: participants´ acceptance increases after first usage, a number
of variables (gender, age, expertise) mediate the evaluation of biometrics
Acceptance and Usability
BioSecBiometrics & Security IST-2002-001766
© 2005 BIOSEC Consortium 13 May 2005
Current status
• Sucessfull first year.• Technical achievements:
Specification of interoperability framework: sensors and storage. First prototypes:
aliveness detection in fingerprint, 3D recognition, Voice noise models, Iris recognition. Match-on-Token
Multiple-biometrics database acquisition tools. Two scenario setups:
Network access with remote authentication. Physical access: Helsinki airport.
First results on usability and acceptance
BioSecBiometrics & Security IST-2002-001766
© 2005 BIOSEC Consortium 14 May 2005
Steps for 2nd year
• Proof of concept of BioSec technologies• Evolve prototypes of sensors and biometric storage.• Comparative study with first stage results:
Usability and acceptance Interoperability: final version of BioSec API. Performance evaluation.
• Improve tools for multiple-biometrics algorithms research• Physical access:
Interoperation of components and systems in real usage situation
• Remote access: Biometric authentication in new applications and security
vulnerabilities
• Standardisation
BioSecBiometrics & Security IST-2002-001766
© 2005 BIOSEC Consortium 15 May 2005
Challenges ahead
• User-centred issues: Education. Legal framework. Identify acceptance barriers. Cross-European studies.
• Technical: Fusion of multimodal
biometrics. Aliveness detection. Robustness. Storage.
• Certification: Evaluation of performance. Interoperability. Security.
• Applications: verification of identity in new
areas: e-Government, e-Health, e-Everything.
Scenarios for AmI Space Networked applications Every-day applications:
private identification Biometric in electronic
signature Biometric encryption ROI and cost estimation
BioSecBiometrics & Security IST-2002-001766
© 2005 BIOSEC Consortium 16 May 2005
Further contacts
• Coordinator Orestes Sanchez
Telefónica I+D, S.A.U. E-mail: [email protected]
• BioSec 3rd workshop: 16th and 17th June, Helsinki, Finland
• Website: www.biosec.org Biometrics Standard Observatory BioSec Office: [email protected] BioSec Interest Group Public results of the project BioSec Newsletters
Top Related