Presented to: - PowerPoint PPT Presentation

Loading...

PPT – Presented to: PowerPoint presentation | free to download - id: 3b46d-Mjk3N



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Presented to:

Description:

... verification database does not communicate with other government systems. ... are?', Dr. Judith Markowitz, Speech Technology Magazine, November/December 2003. ... – PowerPoint PPT presentation

Number of Views:90
Avg rating:3.0/5.0
Slides: 38
Provided by: csis1
Learn more at: http://csis.pace.edu
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Presented to:


1
Presented to Pace University DPS 2005 Class
2
Conventional Identification Techniques
  • Value pair identification
  • User id with password
  • Email address with password
  • (Even with encryption technology this is
    Recognition, not Authentication)
  • Answers to predetermined questions
  • Mother's maiden name and favorite pet's name
  • (Security of this knowledge cannot be guaranteed)
  • RSA Key technology
  • System generated credential thats compared to
    stored credentials. (Recognition not
    Authentication)
  • Speech to text conversion and comparisons
  • Speech converted to an XML pattern and then
    compared to data in a database. (Recognition not
    Authentication)

3
The Biometrics Solution
What Is Biometrics? Mandy Andress Infoworld May
25, 2001JAMES BOND, Star Trek, and countless
other stories of intrigue and science fiction
have long heralded the use of biometrics. Now
we're finally getting a glimpse of how easy
advanced security can be when an individual's
unique physical characteristics are
electronically stored and scanned. Recent
advances have made biometrics more reliable,
accurate, scalable, and cost-effective for the
enterprise. Nevertheless, the technologies remain
too expensive for most organizations to deploy
widely, so biometrics are ideal only for
environments with the highest of security needs.
4
The Biometrics Solution
Is there a need for it in business? If you've
ever left your network password on a yello
Sticky stuck to your desk or computer, you
understand the need for biometrics.
  • Conventional schemes for uniquely identifying a
    user or shopper carries a very real and highly
    probable risk of that users identity being
    compromised.
  • Also users constantly forget their passwords as
    they typically have multiple passwords across
    multiple systems.
  • If remembering multiple passwords were not
    enough, then add to that the fact that the
    systems administrators require that these
    passwords expire on some schedule like every 30
    days.
  • Of course just when you have committed the
    passwords to memory, the system requires that you
    change your password. Basically, it does not work

5
The Biometrics Solution
Is there a need for it in business? Conventional
online CRM personalization techniques are not
very effective because the techniques do not
truly authenticate customers before making
recommendations. If you have ever gotten product
recommendations while shopping you understand the
problem. Most CRM targeting systems use
Collaborative Filtering, Click Stream and Path
Analysis to determing the level of
personalization for a customer at its
location. The reason Personalized service works
in the Bricks and Mortar world is because the
sales person visually authenticates you upon
entry to the store. Conventional online
personalization techniques assume that the person
at the machine must be you. Obviously this is
not good enough.
6
A Historical Context For Biometrics
Security Andre/Robert
7
The Biometrics Solution
  • Historical Context
  • Linking physical characteristics to identity is
    nothing new
  • Crime scene investigators have been dusting for
    fingerprints for more than a century.
  • Bartenders have depended on photo IDs to
    determine who's old enough to order a beer.
  • Archeologists piece together the remains from a
    dig to identify individuals who lived and died
    centuries ago.
  • Biometrics takes these ideas and adds
    sophisticated technology to enhance the
    identification process.
  • The use of an automated system to verify the
    identity of someone by looking at physiological
    or behavioral characteristics.

8
The History Of Biometrics Solutions
  • Chinese merchants in the 14th century produced
    hand and foot prints on paper with ink to
    distinguish young children from one another.
  • In the 1890s, an anthropologist and police desk
    clerk in Paris, Alphonse Bertillion, turned
    biometrics into a distinct field of study.
    Developed a method of identifying convicted
    criminals by body measurements (Bertillonage).
  • Bertillonage failed when it was discovered that
    different people could share the same
    measurements. Richard Henry of Scotland Yard
    developed the fingerprinting method reverting to
    the same methods originally used by the Chinese.
  • Over the past three decades biometrics has
    evolved from a single method, fingerprinting, to
    many discrete methods.
  • Physical Bertillonage Fingerprint Facial
    Recognition Hand Geometry Iris Scan
    Retinal Scan Vascular Patterns DNA
  • Behavioral Speaker Recognition Signature
    Keystroke

9
Voice Biometrics Authentication How Does It
Work? Roli
10
Overview
Voice Biometrics has its roots in two
areas Speech processing Biometric security It
is not important to understand what is said,
rather who said it. Need to determine the link to
the speaker. Like a signature in a bank, or a
finger print, a voice print has to be made and
saved ahead of time. At the time of
authentication, speech is compared to this voice
print. Main problems are Accepting a wrong
user (False Acceptance Rate) Invalidating a
correct user (False Reject Rate)
11
Enrollment Making a Voice Print
Each persons voice is unique. Voices differ due
to physiological characteristics such as the
vocal chords, trachea, nasal passages, and how
the tongue moves inside ones mouth to produce
certain sounds. Some pass-phrases spoken by the
person are analyzed. Each spoken word is broken
into segments sub-word syllables, phonemes, or
triphones. Each segment has three or four
dominant tones (called formants) that are
constant over the segment and can be captured in
digital form. This table of tones yields the
speaker's unique voice print. The voice print
is stored as a table of numbers, where the
presence of each dominant frequency in each
segment is expressed as a binary entry. It is not
a recording of a persons voice.
12
Authenticating the Speaker
During authentication, the users pass-phrase is
compared to the previously stored voice model,
and all other voice prints stored in the
database. First, some code words are extracted
from the pass-phrase. Each speech sound in the
code words is queried in an anti-speaker
database. Common features in the speech sample
and the anti-speaker database are eliminated.
The system is now left with only the unique
features of the user's voice. These unique
features are compared with the enrolled
pass-phrase voice print for authentication. A
threshold score of acceptability is maintained by
each organization. If the match score is higher
than the preset level, the user is accepted.
13
Verification Techniques
Speaker verification versus identification Verifi
cation Speaker identity has already been
revealed through other information, and is
verified with voice biometrics. Identification
Determining speaker identity from the voice
sample. Verification is used more commonly.
Identification is much more difficult. Text
dependent versus text independent
techniques Text dependent User repeats some
information such as name, address, account
number, mothers maiden name. Text prompted
System asks user to repeat some number sequences.
Used for high security applications. Text
independent Any speech is acceptable.
Unobtrusive but more difficult. All are
verification methods. They receive identity of
the speaker.
14
Smart Cards and Voice Biometrics Authentication
Two approaches Telephony and database oriented
expensive and less secure. Smart card based
cheaper and considered more secure. Usage is
increasing faster. Smart cards have enough
processor and memory capacity to implement
biometric verification. A self contained
biometric smart card offers substantial security
advantages because the voice print does not leave
the smart card. Smart cards can be used to
implement all three aspects of a secure system
what you are, what you have, and what you know.
15
Summary and Issues
Verification is done by analyzing dominant
frequency locations in voice tables. Approach is
similar to looking for minutiae in a finger
print. Voice biometrics authentication is
convenient. Can work over the telephone. Only
requires a microphone to get a sample. Voice is
affected by many things mood, being out of
breath, or being ill. Voice samples are affected
by background and channel noise. More likely to
be used for low security applications. At
present smart card approaches are cheaper and
likely to become more popular than database
oriented approaches.
16
Considerations In Evaluating Voice Biometrics
Security Cynthia
17
Considerations in the Selection of a Voice
Biometrics System
  • A New Set of Rules to meet existing security
    requirements.
  • Will the system reduce or eliminate fraud?
  • Will the system replace or eliminate existing
    systems?
  • If the system replace existing systems, will the
    required level of performance be outside the
    scope of existing technologies?
  • Could a voice biometrics system potentially
    affect personal privacy and/or freedom?
  • What accommodations, if any, will be made for
    accessibility options?

18
Considerations - continued
  • In an ideal system
  • All members of the population possess the
    characteristic that the
  • that the biometric identifies, like voice and
    speech pattern.
  • Each biometric signature differs from all others
    in
  • the controlled population
  • The biometric signatures dont vary under the
    conditions
  • in which they are collected.
  • The system resists countermeasures.

19
Considerations - continued
  • In considering performance statistics, there are
    two kinds of biometric systems identification
    and verification
  • In identification systems, a biometric signature
    of an unknown person is presented to a system.
  • Verification applications include those that
    authenticate identity during point-of-sale
    transactions or that control access to computers
    or secure buildings.

20
Considerations - continued
  • Performance measures for identification systems
  • Systems ability to identify a biometric
    signatures owner.
  • Performance measure equals the percentage of
    queries in which the correct answer can be found
    in the top few matches
  • Performance measures for verification systems
  • Traditionally characterized by two error
    statistics false-reject rate and false-alarm
    rate.
  • Error rates come in pairs for each false-reject
    rate there is a corresponding false alarm.
  • A false reject occurs when a system rejects a
    valid identity a false alarm.

21
Considerations - continued
  • Evaluation protocol
  • Determines how you test a system, select the
    data, and measure the performance.
  • Successful evaluations are administered by
    independent groups and tested on biometric
    signatures not previously seen by a system.
  • If you dont test with previously unseen
    biometric signatures, youre only testing the
    ability to tune a system to a particular data
    set.

22
Considerations - continued
  • Scenario evaluations
  • Measure overall system performance for a
    prototype scenario that models an application
    domain.
  • Test complete biometric systems under conditions
    that model real-world applications.
  • One scenario evaluation objective is to test
    combinations of sensors and algorithms.
  • Creating a well-designed test, which evaluates
    systems under the same conditions, requires that
    you collect biometric data as closely as possible
    in time.
  • To compensate for small differences in biometric
    signature readings taken over a given period, you
    can use multiple queries per person.

23
Considerations - continued
  • Speaker recognition suffers from several
    limitations.
  • Different people can have similar voices, and
    anybodys voice can vary over time because of
    changes in health, emotional state, and age.

24
Considerations - continued
  • NIST (National Institute of Standards and
    Technology - speaker recognition)
  • Speaker-recognition evaluations measured
    verification performance for conversational
    speech over telephone lines.
  • Data used consisted of speech segments for
    several hundred speakers.
  • Recognition systems were tested by attempting to
    verify speaker identities from the speech
    segments.
  • A false alarm percentage rate of up to 10 was
    computed depending on speaker device and
    connection.

25
Considerations - continued
  • Government Influence
  • Government services to citizens requires two
    types of human identification positive
    identification to prevent multiple persons from
    using a single identity, and negative
    identification to prevent a single person from
    using multiple identities.
  • The Immigration and Naturalization Service (INS)
    uses voice recognition and hand geometry to speed
    up border crossings.
  • Automated Permit Port (APP), is used after hours
    at small ports of entry along the Canadian
    border.
  • This positive identification system uses voice
    verification to confirm the claimed identities of
    those crossing the border.
  • The voice verification database does not
    communicate with other government systems.

26
Considerations - continued
  • Potential impact that government use of these
    technologies might have on personal freedoms
  • Biometric information is available to law
    enforcement agencies through the subpoena
    process.
  • Fear that government could use some unforeseen
    technological advances to compile biometric
    records for the real-time tracking of
    individuals.
  • Congress has passed a number of laws requiring,
    suggesting, or allowing the use of biometric
    measures to identify some citizens in specific
    circumstances including drivers licensing,
    immigration, social services, and airport
    security.

27
Considerations - continued
  • Voice biometrics security for persons with
    disabilities.
  • Speak - n See provides a voice actuated
    security camera system for a person restricted to
    bed.
  • National Science Foundation sponsored effort to
    have student engineers at universities throughout
    the US design and construct devices for persons
    with disabilities.
  • Enables a physically disabled individual to
    effortlessly view indoor and outdoor areas of her
    apartment from any location within the apartment.
  • The voice-controlled device consists of three
    video cameras and a wireless Display/Control
    Unit.
  • The Speak - n See device is a complete,
    portable, wireless video-surveillance system.

28
(No Transcript)
29
Market Acceptance Of Voice Biometrics Arthur/Adam

30
Market Acceptance Of Voice Biometrics
While the idea behind biometrics and voice
biometrics in particular, is a noble a plausible
one, the truth is that it follows the normal
acceptance curve of the typical emerging
technology. In other words, people arent
throwing out their yellow post-it with their
passwords written on them.
TRACKING OFFENDERS According to Dr. Judith
Markowitz, the corrections industry remains the
largest established market for speaker
authentication next to law enforcement and
intelligence. These tools verify that offenders
are abiding by court-ordered sentencing regarding
restrictions on their movements outside of their
homes. The systems are designed to call the
offender or receive calls from the offender at
scheduled times. For example An adult offender
may be required to be at a given work location
from 8 a.m. until 5 p.m., attend AA meetings from
6-8 p.m. on Tuesdays and Thursdays, and then
return home
31
Market Acceptance Of Voice Biometrics
PASSWORD RESET Password reset is a
fast-developing commercial market for speaker
authentication. Because it is an employee-facing
application, it allows the deploying organization
to test and evaluate the technology internally
and assess its benefits before making it
available to the market place for customer-facing
deployments. This application is simple and as
such has a low risk impact profile. The
implementation on the organizations computing
infrastructure can be phased and controlled and
deployment time can be relatively short. This
approach is not only useful for evaluation of
speaker authentication but they are also valuable
for building a business case for using the
technology in other domains.
32
Market Acceptance Of Voice Biometrics
CALL CENTER SPEAKER AUTHENTICATION There has
been a increase in the number of implementations
of Speaker authentication in call centers. As
with speech recognition, call-center deployments
have the potential for being a huge market. Call
centers are under increasing pressure to automate
as a way of reducing cost, and providing services
24/7. Usually speaker authentication is
partnered with speech recognition for
customer-facing and partner-facing applications.
Most often, speaker authentication is added to
existing speech-recognition applications but it
is an increasingly popular feature of new
deployments as well. By integrating the ACD and
CTI components of the call center telephony
infrastructure with Speech-To-Text translation, a
call could immediately be made to a CRM
data-store to retrieve pertinent context specific
information for that customer. This will
create an air of person specific personalization.
33
Market Acceptance Of Voice Biometrics
ANY DEVICE VOICE BIOMETRICS Many first-stage
Voice Web applications of today look beyond
standard telephones. In warehouses and factories,
speech I/O is done through wearable devices and
radio-frequency transmission. The voice
application network technology has already
extended the reach of those systems to support
just-in-time and e-commerce ordering systems.
In-vehicle systems, such as the OnStar Virtual
Advisor, utilize embedded far-field microphones
to provide many of the same services available
from voice portals and voice application
networks. Distributed speech technology is
enabling next-generation PDAs, such as iPaq, to
access a range of services from the Voice Web,
including dictation and unified messaging.
Small footprint voice biometrics are being
embedded into toys and cell phones. They are also
being put onto smart cards for point-of-sale
speaker authentication.
34
Market Acceptance Of Voice Biometrics
VOICE WEB ANY DATA The Voice Web provides a
basis for achieving the anywhere, anytime, any
device goal. It is, however, an abstraction that
can be described as a series of stages
culminating in the anytime, anywhere, any device
condition. The Voice Web applications that are
moving into the mainstream today are still at the
earliest stage of evolution. They are highly
constrained in the content (Internet and other
content) that can be accessed, since interaction
is menu oriented, designed primarily for standard
telephones and operate in a single language (or a
restricted set of languages). Even these
incarnations of the Voice Web support
consolidation of content and systems that is a
step towards realizing the anytime, anywhere, any
device goal. Consumers can use voice portals to
get the weather, find the nearest Starbucks or
hear what is playing at local movie theaters.
Corporate customer relationship management
(CRM) systems, such as the one deployed by
JiffyLube, is starting to offer customers
appointment scheduling and service alerts.
Software vendors are extending search so soon
Google will respond to a voice keyword or phrase
search request. For example Get me the
contents of President Bush's last state of the
union
35
Market Acceptance Of Voice Biometrics
There has also been a change in the way speaker
authentication is marketed. The selling points
have moved away from fraud reduction and pure
security. Now, both vendors and their customers
are talking about ease-of-use and ROI. This is
an indication that the market is starting to
believe that the technology works which means the
focus can be shifted to standard business-case
issues. This change is also an indication that
the market is beginning to mature., says Dr.
Markowitz..
36
References
An introduction evaluating biometric systems,
Phillips, P.J., Martin, A., Wilson, C.L.,
Przybocki, M., Nat. Inst. Of Stand. and Technol.,
USA, Computer, Feb. 2000, Vol. 33, Issue 2, pp.
56 63. Federal biometric technology
legislation, Wayman, J.L., US Nat. Biometric
Test Center, USA, Computer, Feb. 2000, Vol. 33,
Issue 2, pp. 76 80. Speak n See voice
actuated security camera for disabled
persons,Michaud, T.D., Pruehsner, W.R.,
Enderle, J.D., Department of Electrical and
Systems Engineering, Connecticut University,
Bioengineering Conference, 2000 Proceedings of
the IEEE Annual Northeast, April 2000, pp.
157-158. What is Biometrics , Meg Mitchell
Moore, DarwinMag, September 2001. Voice
Biometrics Are you who you say you are?, Dr.
Judith Markowitz, Speech Technology Magazine,
November/December 2003.
Voice Biometrics, Judith A. Markowitz,
Communications of the ACM, September 2000. How
does Voice Biometrics work?, OTG website,
http//www.otg.ca/biometrics/how.html Smart
Cards and Biometrics in Privacy-Sensitive Secure
Personal Identification Systems, Smart Card
Alliance, White paper, 2002.
37
References Continued
An introduction evaluating biometric systems,
Phillips, P.J., Martin, A., Wilson, C.L.,
Przybocki, M., Nat. Inst. Of Stand. and Technol.,
USA, Computer, Feb. 2000, Vol. 33, Issue 2, pp.
56 63.   Federal biometric technology
legislation, Wayman, J.L., US Nat. Biometric
Test Center, USA, Computer, Feb. 2000, Vol. 33,
Issue 2, pp. 76 80.   Speak n See voice
activated security camera for disabled persons,
Michaud, T.D., Pruehsner, W.R., Enderle, J.D.,
Department of Electrical and Systems Engineering,
Connecticut University, Bioengineering
Conference, 2000 Proceedings of the IEEE Annual
Northeast, April 2000, pp. 157-158.
About PowerShow.com