Future of Biometrics

1
Future of Biometrics

• Marina Gavrilova

2
Biometric model validation
3
Biometric data model validation

• Scientific question
• If a person's photo in the system's database was
  taken 10 years ago, is it possible to
• identify the person today?
• Answer can be provided by next generation face
  reconstruction engines.

4
Biometric fusion
5
Fusion

• Biometric Fusion means integration of
• biometric information.
• The goal of fusion scheme is to devise an
  appropriate
• function that can optimally combine the
  information
• rendered by the biometric subsystems.
• Broadly classified as
• Prior-to-matching fusion and
• After-matching fusion

6
Biometric and robotics
7
Humanoid robots

• Humanoid robots are anthropomorphic robots (have
  human-like shape)
• that include also human-like behavioral traits.
  The field of humanoid
• robotics includes various challenging direct and
  inverse biometrics.
• On the other hand, in relation to inverse
  biometrics, robots attempt
• to generate postures, poses, face expressions to
  better communicate
• their human masters (or to each other) the
  internal states 49).
• Robots such as Kismet express calm, interest,
  disgust, happiness,
• surprise, etc (see (MIT projects).
• More advanced aspects include dialogue and
  logical reasoning similar to those of humans. As
  more robots would enter our society it will
  become useful to distinguish them among each
  other by robotic biometrics.

8
Robot reasoning

• More advanced aspects include dialogue and
• logical reasoning similar to those of humans.
• As more robots would enter our society it will
  become useful to distinguish them among each
  other by robotic biometrics.
• Asimo (Honda) humanoid robot
• http//en.wikipedia.org/wiki/ASIMO

9
Biometric Privacy and Security
10
(No Transcript)
11
(No Transcript)
12
(No Transcript)
13
(No Transcript)
14
(No Transcript)
15
(No Transcript)
16
(No Transcript)
17
Secure Email with Fingerprint Recognition
17
18

• Email
• Changed the way we communicate in todays highly
  technical world
• What's wrong with the app of the Internet?
• Hard to know who sent an email
• Spam
• Unsolicited email
• Offensive
• Fraudulent (phishing)
• Malicious (viruses, worms, spyware, exploits,
  DoS)

18
19
Related work
Email (E)
If H(E) H(E) then message is authentic
Hash H (MD5, SHA-1, etc)
H(E)
H(E)
Signing Algorithm
Private key D
Public key E
Signature (D(H(E)))
D(H(E))
Hash H
E
19
20
Some works on this field

• PEM (Privacy Enhanced Mail) 3 mid 1980
• ASCII email messages
• No centralized public key directory
• Single root to issue CAs (Certificate Authority)
• S/MIME (Secure Multipurpose Internet Mail
  Extension) 4
• Accommodate any number of trusted CAs
• PGP (Pretty Good Privacy) 5
• Web of trust
• Widely used

20
21
Some works on this field

• Garfinkel 6 presented a new approach to solve
  most of the usability issues
• Used only for encryption
• Outgoing email
• Looks up users public keys in a local database
• Appends the users public key to the email header
• Incoming email
• Stores public keys found in the email header
• Vulnerable to man-in-the-middle attacks

21
22
Some works on this field

• Brown and Snow 7 presented a similar approach
  but adds digital signatures
• Proxy-based approach sitting between the mail
  client and mail server
• Encrypts and signs all outgoing emails
• Decrypts and verifies all incoming emails

22
23
Another approach

• Idea
• Use fingerprints instead of private keys
• Primary goals
• Secure access to email accounts
• Provide an easier way to sign and verify emails
• Solve the usability issues
• Implemented as an email client called SEFR
• SEFR asks you to present your fingerprint
• When you access it and try to view your inbox
• When you try to send an email

23
24
Another approach

• Components
• Database used to store users fingerprints and
  account information
• dbs2.cpsc.ucalgary.ca
• Enroller used to enroll new users
• Receiver used to download the users inbox
• Using POP (Post Office Protocol) 1
• Gmails POP server pop.gmail.com
• Port 995
• Sender used to send emails
• Using SMTP (Simple Mail Transfer Protocol) 2
• Gmails SMTP server smtp.gmail.com
• Port 465

24
25
Another approach

• Accounts on Gmail
• Two accounts were created for testing and
  experimentation purposes
• amaobied
• sefr.obied
• Issues
• Gmail servers requires the use of SSL
• OpenSSL
• Base 64 encoding
• Fingerprint scanner in the BT lab
• No API
• Used fingerprint image paths

25
26
Another approach

• Signing messages
• When a user tries to send an email, SEFR asks the
  user to present his/her fingerprint. If the
  fingerprint is stored in the database, SEFR does
  the following
• Transforms the email message (e.g., get rid of
  newlines, tabs, spaces, etc)
• Create a hash using SHA-1 of the transformed
  message
• Store the senders email address, receivers
  email address and hash in the database

26
27
Another approach

• Verifying messages
• When SEFR tries to verify an email, SEFR
  automatically does the following
• Transforms the messages (e.g., get rid of
  newlines, tabs, spaces, etc)
• Creates a hash using SHA-1 of the transformed
  message
• Extracts the senders email address, receivers
  email address from the email header
• Checks if the senders email address is
  associated with the receivers email address and
  hash value in the database

27
28
Future Research Direction

• Using biometric authentication to access
  Web-based system
• Online banking
• Defeating Spam
• Bill Gates said Two years from now, spam will be
  solved

28
29
Cancelable biometrics
30
Cancelable biometrics

• The issue of protecting privacy in biometric
  systems has inspired the area of so-called
  cancelable biometrics. It was first initiated by
  The Exploratory Computer Vision Group at IBM T.J.
  Watson Research Center and published in 2.
• Cancelable biometrics aim to enhance the security
  and privacy of biometric authentication through
  generation of deformed biometric data, i.e.
  synthetic biometrics.
• Instead of using a true object (finger, face),
  the
• fingerprint or face image is intentionally
  distorted in a repeatable manner, and this new
  print or image is used.

31
Biometric encription
32
(No Transcript)
33
(No Transcript)
34
(No Transcript)
35
(No Transcript)
36
(No Transcript)
37
Biometric lie detectors
38
Synthetic biometric data in the development of a
new generation of lie detectors

• The features of the new generation of lie
  detectors include
• (a) Architectural characteristics (highly
  parallel configuration),
• (b) Artificial intelligence support of decision
  making, and
• (c) New paradigms (non-contact testing scenario,
  controlled dialogue
• scenarios, flexible source use, and the
  possibility of interaction through an artificial
  intelligence supported machine-human interface).

39
Synthetic biometric data in early warning and
detection system design

• The idea of modeling biometric data for decision
  making support
• enhancement at checkpoints is explored, in
  particular, at the
• Biometric Technologies Laboratory at the
  University of Calgary
• (http//enel.btlab.ucalgary.ca).
• Simulators of biometric data are emerging
  technologies for
• educational and training purposes (immigration
  control, banking
• service, police, justice, etc.). They emphasize
  decision-making skills
• in non-standard and extreme situations.

40
Thank You