+ All Categories
Home > Documents > Pti btd it Tt f Idi ttProtected biometrics for Identity...

Pti btd it Tt f Idi ttProtected biometrics for Identity...

Date post: 06-May-2018
Category:
Upload: habao
View: 215 times
Download: 1 times
Share this document with a friend
20
P t t d bi t i f Id tit T t P t t d bi t i f Id tit T t Protected biometrics for Identity Trust Protected biometrics for Identity Trust RISE - Awareness of Biometrics and Security Ethics By Nicolas DELVAUX [email protected] Hong-Kong, 5 th of January 2010 0 DOCUMENT INTERNE - Equipe Marketing / 20 février 2010
Transcript

P t t d bi t i f Id tit T tP t t d bi t i f Id tit T tProtected biometrics for Identity TrustProtected biometrics for Identity Trust

RISE - Awareness of Biometrics and Security EthicsyBy Nicolas DELVAUX

[email protected], 5th of January 2010

0DOCUMENT INTERNE - Equipe Marketing / 20 février 2010

SAFRAN AT A GLANCE

An international high technology groupMore than 12 billion Euros sales in 2007 (At December 31, 2007)

58 200 employees in over 30 countries 58,200 employees in over 30 countries (At September 30, 2008)

Three branches of activity:- Aerospace propulsion- Aircraft equipment- Defense Security

Sagem Sécurité: worldwide leading positionsMulti modal biometrics solutions ID l ti ID solutionsBiometric terminals (access control)Automated fingerprint identification systemsSecure ID documents including biometric features (passports, H&ID cards,

driving licenses)

11

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

22

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

Agenda

1. An Identity use case - from Passport to e-Passport: a short survey1

2. Identity : a new field for organised crime

3. Biometrics for identity : strategies for trustworthy framework

4. Conclusion

33

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

An Identity use case -

from Passport to e-Passport: a short survey

4DOCUMENT INTERNE - Equipe Marketing / 20 février 2010

Travel document : passport usage

Process for identity verification:1 T th ti t th t l d t i iti t1. To authenticate the travel document: issuer, securities, etc…2. To check document personalisation3 To check the link between document data and holder3. To check the link between document data and holder

Majors identity’s issuesj y Fake travel documents Genuine travel document with fraudulent personalisation Stolen travel document with photo substitutionStolen travel document with photo substitution

Impostor using similarity with the genuine travel document holder

55

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

Challenging issues for checking process

Genuine document Facial similarity

66

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

Identity on e-Passport: more authentication factors

ICAO 9303 introduces major updatesEl t i t th ti t th i t l d t d i f tiElectronic: to authenticate the genuine travel document and information

consistency by electronic signatureBiometrics features: face (M), fingerprint and iris to link the document and

the holder

To know: PINTo be:

biometrics

1 2 34 5 6

To have: token biometrics

7 8 9* 0 #

77

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

Identity : a new field for organised crimey g

8DOCUMENT INTERNE - Equipe Marketing / 20 février 2010

Biometric authentication

Biometrics technologies is not restricted to law enforcement Since 90’s: large scale civil application for civil registry, welfare, etc.Since 90 s: large scale civil application for civil registry, welfare, etc.

Need for ID fraud prevention US: $50 billions / year

(source: Javelin Strategy & Research Survey – 2007)

UK £1 7 billi / UK: £1.7 billions / year (source: 2006 Home office report)

France: France: € 6.2 Billions / year for welfare organizations€ 474 Millions for 212,762 victims in 2008,

(source CREDOC, June 2009)

99

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

Biometrics as Security Enhanced Technology for Identity

Identity management is a security target for the future

Biometrics: individual authentication or identification based onphysiological / behavioral traits of individuals Many modalities : fingerprint, face, iris, vein, DNA.. Different performances and no « silver bullet » modality or technology Common characteristics: Universality, Uniqueness, Permanence, Collectabilityy, q , , y

As any stage, use of biometrics can potentially raise privacy & securiy concerns: Misuse / Abuse breach function Creep Misuse / Abuse, breach,function Creep Collected without consent: collected from a trace, from a data base,

Nobody can revoke his/her biometrics Protection schemes are essential!

1010

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

ISO/IEC JTC1 SC37Reference ArchitectureBiometrics protection issues

Data Collection

Data Storage

Matching Decision Comparison

Attacks

Presentation

Matchi ng

Signal P i Match?

Template

T l t

Matching Score(s)

Identity Claim

EnrolmentDatabase

Candidate?

Compare

Presentation

Biometric Characteristics

Template Creation

Processing Template

Match/ Non -match

Features

Threshold Candidate List

Sensor Quality Control Verified?

Decision Criteria

Features

Re-acquire

Segmentation Feature Extraction

Identified?

Compression

Sample Sample

Expansion

Verification Identification

p

Transmission

Transmission Channel

Enrolment Verification Identification

1111

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

Biometrics for identity :

strategies for trustworthy framework

13DOCUMENT INTERNE - Equipe Marketing / 20 février 2010

Biometrics protection: technological approaches Secure token

Pros: an evaluated solutionCons: what happens whenCons: what happens when

token is cracked?Cryptography

Pros: reliable solutionsCons: ready for all your live

Multi-modalitiesPros: statics and dynamics mixturePros: statics and dynamics mixtureCons: increase complexity only

Crypto-biometricsPros: revocability capabilityCons: accuracy & irreversibility

1414

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

An implementation on bio-encryption

Fingerprintbiometrybiometry

Multivendor Generation ofMultiple + revocable

identities based on theMultivendorinteroperability

Minutiae

Generation ofprotected

pseudo identities

identities based on thesame fingerprint

MinutiaeVendor A

Minutiae

Templateprotection H

ash ID1

ID3MinutiaeVendor B

ID2

Identities are not invertible

1515

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

Biometrics protection: Legal ApproachesSolution providers in EU

Needs more developments

EU: legal Data Protection framework

Needs more developments Depending MS:

from prior authorisation to simple notification

Directive 95/46 on personal data protection

Interpretation by DPA principles: “PROPORTIONALITY PRINCIPLE”

Systematic warnings about biometrics d t bprotection

National transposition in (27) laws different perceptions I t MS

databases

Deployment discrepancy & different identity management diff t l l f t t In most MS:

no specific provisions on biometrics Some MS:

biometric data as sensitive data

different level of trust

biometric data as « sensitive data » or only when reveal racial, ethnic origins or health

Needs of dedicated legal decision

1616

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

Principles of proportionality: uses cases

Time attendance Access control in sport stadium

Access control in swimming pool At school (Fingerprint)

1717

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

Biometrics database: submitted to DPA decision?

1818

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

Conclusion

T d t t Id tit

Identity is a major value in society

To demonstrate Identity: Travel document: authentication factors by a tokenNeed of an additional authentication factor: biometrics modalities Long-term mechanisms for a worldwide trust

N d f h i l d l l i hNeeds of technical and legal consistent approachesProtect identity for citizen privacyProtect identity for trusted relationshipProtect identity for trusted relationshipSecurity against abuse, misuse and corruption of identity Privacy and Security shall become “a positive-Sum Paradigm”

1919

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

Th k f ti !Th k f ti !Thank you for your patience!Thank you for your patience!

Protected biometrics for identity trustyRISE - Awareness of Biometrics and Security Ethics

By Nicolas [email protected]@ g

Hong-Kong, 5th of January 2010

20DOCUMENT INTERNE - Equipe Marketing / 20 février 2010


Recommended