Methods of Authentication
Due to increase in frauds and crimes, personal authentication finds great importance in society today. Till the most recent time passwords, ID cards etc. were the most reliable modes of authentication. Reliable and robust authentication system is required for secure access to vulnerable places such as research labs, government organizations, to transfer confidential data, applications like ATMs, workstations. Authentication systems are also required in forensic applications like prison security and crime investigations. Currently there are three main methods by which identity can be authenticated. These three methods are best described as “What You Know”, “What You Have,” and “What You Are.”
A legitimate user tries to keep simpler password, which is based on “What You Know.” This weakens security as an attacker can easily guess it. Another mean of authentication is ID cards, which is based on “What You Have,” can easily be lost or stolen. With fast growing technology and the world getting more and more digitised these means of authentication cannot be considered reliable and robust. Instead of “What You Know”, and/or “What You Have,” a robust authentication system needs the information about “What You Are,” which includes biometrics and natural “inherent” behaviour patterns.
The three methods may be implemented by themselves or in combinations. In other words, passwords can serve as a stand-alone authentication mechanism or may be used in conjunction with a biometric based authentication mechanism. The different kinds of authentication mechanisms contribute different levels of security to the authentication process. Passwords are fairly easily compromised while biometrics are more difficult to compromise. There is an additive property as well: the more mechanisms used, the more confident an administrator can be that only authorized users are gaining access to the secured system. There are, unfortunately, severe processing and management impacts associated with using the more secure of the authentication mechanisms. Therefore, the choice of authentication mechanism(s) used in an environment becomes a resource allocation issue associated with risk management. The research presented in this study pertains to technology that has the potential to add to the robustness of the authentication methods by the addition of another method to the existing categories of authentication.
This paper discusses the emerging challenges facing authentication systems, the means that are currently being deployed in order to defeat them, and the countermeasures and best practices that are presently arrayed against the threats to online accounts, personal information, or networks.
In a person-to-person transaction, identification of the two parties is accomplished through a variety of authentication mechanisms such as third party introduction or presentation of credentials. When transaction elements are automated there must be a way of first establishing the identification of the participants to the transaction and then authenticating the truth of that identity. (Smith 2002)
Before a person accesses their employer’s computer network, before they retrieve money from their ATM, before they log on to their Internet Service Provider (ISP) and before they make an online purchase from an E-business, almost inevitably they have had to prove their identity to some automated entity to which they have entrusted their personal information, credit card numbers, savings, and good name. Quite literally, often all that stands between a potential criminal and our treasured property is a user name, which is either not secret or easily guessed, and a password. The systems that administer the authentication process, as well as the human aspects of password security are both of critical importance to the ongoing security of information and the viability of automated information transactions. (Smith 2002)
The information infrastructure supports the availability of information to and from government and the private sectors; information integrity, such that people can be assured that information obtained via the infrastructure is accurate and has not been tampered with; authenticated transactions by which one can be assured that only authorized individuals can gain access to sensitive or proprietary information and resources; confidentiality, by which those involved with transactions can be assured of an appropriate measure of privacy; and transaction non-repudiation, where a business deal cannot be subsequently disavowed by one or more of the parties without due course. (Ahmad 2000)
That for some it is apparently more acceptable to break in and vandalize or steal a companies services or assets via a remotely connected computer as opposed to gaming physical access via a broken window or the like is clear. The access is available to those with the time and the tools, the risk to the perpetrator are often perceived as low, and the rewards, high. If one computer user per ten thousand is predisposed to hack a system, based upon the vast number of computer users world wide, one can expect the number of hackers and cyber-criminals to be numbered in the tens of thousands. It has been estimated that crimes committed by means of a computer tend to cost the victimized company ten times more than crimes committed without one. (Nichols et al. 2000)
It is clear that our culture has much at stake with its information infrastructure. The role of authentication in protecting information assets is a critical one. Based upon faulty authentication alone, “[an] intruder would (have) access to your files, your e-mail, your funds, your personal information, and more. This intruder would have the power to modify and destroy your files, to send electronic mail threats in your name, or to subscribe to unwanted services for which you would have to pay. In short, an insecure password can easily wreak havoc in your life.”. (Nichols et al. 2000 p.32-33)
The types of cyber-crimes that can be facilitated through the compromise of a authentication system protected computer network include but are not limited to: Industrial Espionage; Cyber-Extortion; Securities Fraud; Wire Fraud; Vandalism; Theft of services; Page Jacking; Identity Theft (Nichols et al., 2000)
Specifically, what is likely to be at stake as a result of a successful password penetration are:
§ An organization’s or individual’s reputation and public confidence
§ An organization’s data or records could be modified on a one time or ongoing basis
§ An organization’s or individual’s computer could be infected with a destructive virus or be programmed to infect or attack another computer system.
§ Confidential, private or proprietary information can be stolen from the computer system under attack.
§ Services or access can be stolen or denied from the victimized system (Nichols et al., 2000)
A secure, automated information transaction involves the presentation of an identification string, and then the carrying out of an authentication mechanism that has been agreed upon between both legitimate parties at some earlier time of registration or registration support. Current authentication processes are based conceptually on either:
§ What you know (password techniques)
§ Who you are (biometrics)
§ What you have (token, smart card)
These three mechanisms for authentication will be discussed further. The authentication mechanisms can be instantiated in various ways (Nichols et al., 2000):
1. The conveyance of the digitised data generated by the authentication sequence may be static such that it does not change between successive authentication transactions.
2. The conveyance of the digitised data generated by the authentication sequence may be encrypted.
3. The conveyance of the digitised data generated by the authentication sequence may be dynamic.
The first case represents the simplest of the possible technical configurations for no encryption is applied to the authentication sequence or the password and the authentication sequence will generally remain the same between successive authentication transactions. The first configuration presents a vulnerability to data line eavesdropping in that whether the authentication sequence is a password or a digital representation of some biometric data, the complete authentication sequence can be captured and replayed from a person seeking unauthorized access (Nichols et al., 2000).
The second instantiation option involves the use of encryption. When the data generated by an authentication transaction is encrypted, not only is it more difficult for the eavesdropper to identify the key components of an authentication transaction, but digital signature technology supported by the public key infrastructure can be supported as well. The last instantiation refers to the case where the data associated with each successive authentication transaction is altered with respect to its predecessor in some predetermined fashion. This can be done as simply as appending a running sequence number with each authentication attempt, or by the more sophisticated onetime password techniques (Nichols et al. 2000).
Vulnerabilities and Susceptibility to Attack
Any authentication system designed to protect a computer system or to control physical access is associated with some degree of exposure to attack and vulnerability to compromise. It is the purpose of the authentication system to minimize the probability of penetration of the protected system by unauthorized users. Internet-accessible systems are associated with a higher degree of exposure then a system that is not accessible from the Internet Typically, the greater exposure that a system has, the more susceptible it is to attack. The less robust the measures aligned to protect a system, the more vulnerable the system is to attack. Therefore, vulnerability and susceptibility are quite different concepts. A system’s susceptibility would tend to affect the total number of attacks that would likely be directed against a system and its vulnerability would affect the proportion of those attacks waged that would result in successful penetration (Nichols et al., 2000).
For many systems, practicality of access dictates that the system be highly susceptible to attack. For such systems, vulnerability must be kept to a minimum. Conversely, if a system is only accessible by means of physical access via a bank vault, or locked quarters, susceptibility is low and even a relatively high level of vulnerability may not lead to a large number of penetrations. Due to the various natures of the authentication systems under discussion, it is of use to examine the elements of vulnerability and susceptibility for each of them separately.
Authentication Based Upon What You Know
The identity of a person can be verified based upon the knowledge of some peculiar and specific quantity. The most common quantity for this purpose is the password, a term which tended to be more closely associated with spies, speakeasies and gambling games back when information was secured by lock and key as opposed to the everyday services that individuals tend to use them for today. Much of the discussion of passwords is also relevant to the discussion on Personal ID Numbers (PINs) and pass phrases. (Smith 2002)
The Simple Password Technique (SPW) or basic password system, involves the authentication pair of a username and a password. The computer user seeking access to the SPW secured system is prompted by the secured system to submit both by means of a log-in form. The authentication pair is transmitted in plaintext (unencrypted) from the user, or remote system to the secured system, or server (Ahmad 2000). The server then compares the username supplied by the user with it’s own list of authorized users and verifies that the password, or hashed password product, matches the one that it “expects”. The SPW technique is very common though it suffers from vulnerabilities including the easy readability of the authentication pair by a communications line eavesdropper or “man in the middle”.
The encrypted password system functions like the SPW system from the user’s perspective. The difference lies in the fact that the authentication pair is encrypted using an algorithm known by the server. By this means, the username and password do not transit the network in plaintext form, which makes the capture of the authentication sequence by a man in the middle more difficult. (Smith 2002)
Pass Phrase Systems
Pass Phrase Systems are generally considered enhancements of regular password systems in that they extract from an easily remembered pass phrase, the components necessary to create a difficult to guess password. Pass phrase systems represent an mitigation approach to some human factor vulnerability concerns regarding sound password selection and the writing down of passwords (Barkakati 2001).
Personal ID Numbers (PIN s)
PIN numbers represent a limited application of a password system in that they are made up of only numeric characters. This restriction severely limits the entropy associated with PINs and for that reason PINs are typically used as supplemental authentication in conjunction with a token system. PINs are intended to be easier to remember than passwords so as to decrease the likelihood that individuals will write their PIN on their token, which for the case of ATM cards, could tend to have significant negative ramifications to the user or issuing entity. (Nichols et al., 2000)
Because password, PIN and pass phrase systems operate on textual input from a conventional keyboard or keypad, they do not require supporting hardware beyond what is already provided with a typical computer workstation. This characteristic makes the password system the default authentication method of choice for most server access applications. Enhanced password systems such as encrypted passwords and pass phrase systems can be installed on systems for the price of purchase, or fee for license or contract for the particular system. Specialized systems may require access to an off site authentication server maintained by an authentication service provider. (Smith 2002) None of the password systems require extensive or even moderate processing resources as compared to biometric systems.
The practical advantages of the password system for authentication, including low cost, ease of use, and reasonably good security have been discussed in the previous sections. These advantages have made the password-based systems the authentication methods of choice for most computer networks and software-based systems. Consequently, much is known about the vulnerabilities of password systems and the kinds of attacks, which are directed against them. In this section the types of vulnerabilities inherent in most password-based authentication systems will be discussed. As with any security system, it is the vulnerabilities, which drive innovation and therefore, are important to understand. (Smith 2002)
With the increased capabilities of modem computers and communication systems, and with the increased complexity and availability of hacker utility software, the challenges to password protected systems can occur from many vectors, which include the following seven types of attacks (Nichols et al., 2000):
§ Dictionary attacks;
§ Sniffer attacks;
§ Personnel and Garbage attacks;
§ Race attacks;
§ Man in Middle attack;
§ Brute Force attack;
§ Keyboard Logger attack.
Technological Enhancements for Additional Security
Technological enhancements for additional security include password authentication system software that has some of the features described in the previous section built in and system imposed. (Smith 2002)
Password authentication software can require that all passwords meet sound security guidelines and that passwords are changed frequently. Authentication systems can be made-to automatically assign suitable passwords at predefined intervals thus ensuring that suitable passwords are employed and retired on a regular basis. The system cannot ensure that system generated passwords, which are typically difficult to remember, especially when they expire periodically, are not written down on slips of paper and hidden around a terminal space. The automatic password generator does not solve all of the problems associated with individuals that might be unreceptive to security impositions. (Smith 2002)
The use of encrypted passwords is a technological security countermeasure that is directed against the threats posed by password sniffing and racing. Often password sniffer utilities are programmed to key off of plain text language associated with the authentication process (Nichols et al., 2000). Encryption of the text associated with authentication can be effective in defeating attacks made with those utilities.
Authentication Based Upon What You Have
Theoretically, verification of identity can be based upon what a person possesses. If a system for authentication is based upon the distribution of uniquely identifiable or coded items, or tokens, there is inherent in the system a basis for verifying Identity. If an individual is able to produce the token that was issued to a specific authorized system user, then barring the possibility of a stolen, borrowed or counterfeited token, there can be a high degree of confidence that identification has in fact, been verified.
The concept of a token, as it applies to authentication processes is similar to the concept of a token as it applies to distributed network communication theory in that the possession of the token grants the possessor with privileges, being it access to the secured services or a communication channel to a central communication hub. Based upon the general function of the token within an authentication system, a token can be any number of different transportable items such as a machine readable card (credit or ATM cards affixed with a magnetic stripe or scanable bar code), a key chain portable passive electromagnetic device, magnetic key lock actuators, or a optically scanable key chain fixture, or a smart card. (Smith 2002)
Token-based authentication systems have the advantage that they can contain a large amount of information, and in the case of the card-type tokens, in human readable form. The security of token protected systems is dependent upon the rigor with which the user protects the token, how quickly they report its loss and the resistance of the token technology to being counterfeited or altered. The integration of holographic emblems into credit cards is an example of an attempt to make machine-readable cards more resistant to counterfeit. (Ahmad 2000)
Because of the inherent lack of control over user side aspects of token management, emphasis is typically placed on the integrity of the database, which processes the token-based authentication transactions. An example of this is when a hotel issues a magnetically imprinted room key card. If the key is lost, the actual cost of replacing it is typically negligible, and security is maintained by having the administrators provide a new card with a new access code embedded in its magnetic strip, the hotel door lock is reprogrammed to receive the new number and the access code associated with the lost card is nullified. The whole process takes place in an instant. (Smith 2002)
The bearer of a token may or may not be individually identifiable with that token. Such as in the case of a movie ticket, token access can be used to provide access without having a specific name or account number associated with the access. Token systems have in the past been supplemented with the requirement of a signature (credit cards) or with the advent of automated banking, a PIN. Because they involve more than one means of authentication, these measures represent hybrid techniques of authentication processes. Smart cards offer a means of interactivity which can facilitate highly functional authentication processes such as retrieval of biometric data, stored images, one time password algorithmic functions, and lengthy cryptographic keys (Sandhu and Samarati 1996).
Token and smart card systems require a means for reading the token or smart card. The technologies supporting magnetic strip readers and optical scanners for authentication purposes are well established. Processing costs associated with token systems are not significantly different from password system requirements.
Vulnerabilities and Susceptibility to Attack
Token-based access control systems are vulnerable to exploitation of lost tokens. The susceptibility to compromise can be considered a function of the physical security or accessibility provided at the various possible points of access to the secured system. This relationship can be illustrated by means of the following example pertaining to computer use at a public library. (Smith 2002)
Given the case where a machine readable library card is required to access the internet from a public library, the total susceptibility to granting access based upon false authentication would be measured at any given time based upon the number of lost or counterfeit library cards outstanding and the number of points of access (i.e. number of available workstations) and ease of accessibility (i.e. library hours). The total vulnerability to granting unauthorized access would be a function of whether or not the library card had been reported lost or stolen and appropriately flagged as such in the library’s authentication control server. Without any supplemental means of security or systems in place to discourage misuse, such as requiring a picture ID, using a sign up sheet or having a security camera in place, the vulnerability of the library’s access control system would be either 0% or 100% for the cases in which the lost card was reported and flagged or not reported or flagged incorrectly, respectively. (Sandhu and Samarati 1996)
Authentication Based Upon What You Are
Techniques for measuring immutable and unique human anatomical characteristics can be employed for purposes of identity verification. Such systems are referred to as biometric systems. (Woodward et al. 2002) Innate and habitual behaviours such as writing and typing style are in large part determined by the accumulation of skills, styles and limitations of ability due to physical characteristics or degree of experience. Inherent abilities to sign one’s signature or to type a word or phrase can be distinctive enough between users that they can be used to reinforce the authentication process (Cyber Sign 2005). The following subsections address the most commonly applied means of biometric and inherent behaviour-metric authentication and authentication support.
Vulnerabilities and Susceptibility to Attack
Due to the diverse nature of different biometric-based authentication systems, their particular vulnerabilities do not lend themselves to discussion in general terms. What can be surmised is that the biometric systems in place today are carefully selected based upon the particular requirements and resources for each application. Because the sensors associated with many biometric systems are usually expensive they are often located within physically secure areas of the buildings in which they are deployed, thus making the systems less susceptible to attack than authentication systems that are widely accessible through home connection to the internet or from another unsecured location. (Bolle et al. 1999)
Biometric authentication refers to the measurement of presumably immutable physical characteristics of the human anatomy to form a basis for authentication. In many authentication applications it is desirable to have the individual users positively identifiable. Biometrics are good for these applications. Some biometric methods allow authentication in such a way that the system is blind to the actual identity of the authenticating party. (Woodward et al. 2002) Thus, there is some flexibility associated with the rigor with which biometric identification can be applied. In all cases, the human factor vulnerabilities that are of concern in the case of passwords, do not exist for the case of biometrics. The following is a list of anatomical attributes on which biometric automated authentication processes have been based (Bolle et al. 1999):
§ Iris and Retina Patterns
§ Hand Geometry
§ Voice Prints
§ Facial features
§ Keystroke Dynamics
Fingerprint-based biometric authentication systems have attracted considerable interest and are typically convenient and reliable, and have the potential to become widely used. Much is known about the science of fingerprint analysis and fingerprints have long been accepted as unique to each individual.
Good fingerprint-based authentication systems have built-in safeguards against simulated fingerprints that are possible to fabricate from rubber (I/O Software 2004). Fingerprint readers range in quality, speed, and resolution.
Fingerprint-based authentication systems are based upon one of two basic processing technologies, these are image matching technology and minutiae logging systems (Underbill 2004). The term “minutiae” as it applies to fingerprints refers to the “… locations on your fingerprint where the ridges will stop or split into two, or intersect. (ridge ends and bifurcations)” (ThinkQuest 2006).
The two systems carry slightly different ramifications as far as vulnerability in terms of entropy is concerned. The image matching technique carries with it the greatest degree of authentication entropy because it implicitly compares each and every item of minutiae that is associated with the print by the nature of the image itself. However, image-based fingerprint recognition systems require that a control image of each fingerprint be stored somewhere on the authenticating server thus leaving the possibility of unauthorized disclosure.
There is also diversity in the sensing schemes associated with fingerprint recognition systems. The two main techniques involve optical scanning and capacitive scanning. Capacitive scanning offers the least vulnerable solution because it can be made to only respond to skin and can distinguish between actual and simulated fingerprints (Underbill 2004).
Authentication systems that are based upon the bone structure of a person’s finger or hand are characteristically accurate and convenient. A potential advantage exists for hand geometry authentication systems over fingerprint systems in that hand geometry is not distinct and therefore cannot be used to make a positive identification (Maltoni et al. 2003). Therefore, hand-geometry authentication system is favoured for applications where user privacy is of concern, such as access to medical databases. Another advantage to the hand-based systems is that their sensors have a greater tolerance for dirt or grime, things that can make fingerprint systems reject an authorized user. Hand geometry systems are larger and typically more expensive than fingerprint authentication sensing pads. Hand geometry systems have found use in the mitigation of the problem of “buddy punching” where employees on a time clock system at work will “clock in” for a co-worker. (Jain et al. 2004)
Hand-scan technologies are typically deployed in moderate security applications such as in time clock or attendance verification or in conjunction with other forms of more secure authentication processes. It represents one of the least invasive and most convenient biometric-based options for authentication (Maltoni et al. 2003). Because most hand-scan applications are “relatively small scale and involve only a handful of readers, though some larger applications employ dozens of them”(Hand-scan.com 2005), the susceptibility to attack is commensurately low. Furthermore, the hand scan systems are characteristically expensive and are usually located in areas that are under some kind of human observation. (Jain et al. 2004)
Iris and Retina Patterns
Iris pattern recognition systems have evolved as an attractive alternative to retina scan technologies. The iris is distinguished by the pattern of flecks that appear on it. The advantage of Ms scanners is that they do not require the user to focus on a target or require a lighted inspection of the retina, in the back of the eye. (Woodward et al. 2002) Current technology allows an iris scan to be completed at a distance as great as 3 feet away, which makes the technology suitable for use with ATMs (I/O Software 2005). Some contact lenses can be used to alter the pattern on the Ms so the Ms based system suffers from this security defect. (Woodward et al. 2002)
Retinal scans involve using a low-intensity infrared camera to record the vascular pattern associated with the retina. The retina scan is likely the most secure of all the biometric methods but disorders of the cornea, or cataracts can aggravate the imaging process (leading to false rejections). Retina scanning is a more invasive process as well involving the “point blank” and motion free imaging of the rear surface of the eye. (Biometric FAQ 2006)
The two ocular imaging systems share much of the same characteristics in terms of susceptibility and vulnerability. The sensing technology for both systems is costly and is not likely to be widely accessible in unsecured public settings. Iris scan systems have the potential to be used in diverse applications including physical access, automobiles, ATM transactions and others (Whitesel 2000). For the cases of ATMs it is reasonable to assume that security measures such as video cameras would be in place but the effectiveness of such measures as deterrents to crime may raise doubt.
The process of retina scanning is considered to be invasive, uncomfortable and difficult to use as it usually requires a cooperative subject to stare into an eyepiece calmly for several seconds (Biometrics-Scan.com 1999). Such a requirement may not be practical or acceptable for many applications. Conversely, the iris scanning technology is nowhere near as invasive but has the unfortunate disadvantage that a valid user’s iris pattern could be duplicated in a contact lens and be used to fool the system. (Woodward et al. 2002)
Voice print technology is attractive due to the fact that it can be implemented inexpensively in any PC or workstation that can be fitted with a microphone. Voice systems are subject to false rejection conditions due to authorized users experiencing a cold or other throat related malady. Voice print technologies tend to key off of physiological factors in a person’s voice and therefore, fooling them as a means of gaining false authentication is far from a trivial task (Bolle et al. 1999).
The low cost of implementation of voice print systems makes their widespread deployment across many applications feasible. Many voice print-based authentication systems are designed for use over telephone lines (Biometrics-Scan.com 1999). Telephone access imparts a particularly high level of susceptibility. Furthermore, the restricted audio bandwidth afforded by telephone lines is associated with reduced authentication entropy.
Aggravating the vulnerability aspects even further is the extent of variance that is common in the quality of the human voice from day to day, based upon health or behaviour-related factors. Therefore, the voiceprint biometric technologies present an alternative that is at once, susceptible to attack and also vulnerable to penetration due to physiological characteristics and technological constraints. (I/O Software 2005).
The technologies for facial feature recognition are coining of age and are generating a high degree of interest, primarily due to the ability of the systems to identify individuals at a distance (i.e. for law enforcement purposes). Though facial recognition systems are in place in places like casinos, customs portals and airports, the technology has yet to gain acceptance in the computer or network access field except for in some very specialized applications. (Woodward et al. 2002) Because the technology relies on the visual appearance of the face, it cannot be relied upon to identify those individuals that may turn to disguises in order to defeat it. Therefore, its applications lie mostly with high traffic and volume identification checking. (Bolle et al. 1999)
Facial recognition systems allow a captured image, perhaps from a security camera in a public and populated area, to be cross-referenced among data kept in a database and prospective matches brought forth. Few authentication systems have the ability to identity at a distance in a comparable manner. For general authentication purposes however, facial recognition systems are vulnerable to disguises in the form of masks, or simply uncooperative subjects (Facial-scan.com 1999). Individuals that were aware of the system and wished to defeat it would have the options of using masks or changing their facial expressions. Also, masks simulating the faces of authorized users could be used in order to gain false access to a system. (Woodward et al. 2002)
Keystroke dynamics technology, which is similar in effect to a passive behaviour version of the active behaviour TDSPP technique, deals with the characterization of a person’s natural typing patterns during the course of a log-in session. (Leggett and Williams, 1991) The BioPassword® system for keyboard dynamic authentication enhancement has found application within a digitised music retrieval service (Musicrypt 2003). In this application, BioPassword® is employed as a measure of insurance protecting the service provider from the unauthorized sharing or posting of passwords. This application represents more of a separate layer of authentication designed to protect the service provider as opposed to an integrated enhancement of entropy designed to prevent successful password guessing or on or offline dictionary attack.
Signature recognition technologies are finding widespread application in retail sales, and in delivery services. The hardware required for these systems are relatively inexpensive. Signature recognition technologies tend to find utility in applications where proof of a transaction is needed. As in the case of a written signature on a credit card slip, the latent, stored digital signature serves as a basis for non-repudiation of business transactions and of proof of acceptance of a commodity or of contractual terms or obligations. These applications represent after the fact identity verification and not real time authentication. The potential for use of signature recognition technologies for real time authentication does exist and it remains to be seen whether the technologies will be applied in that manner. Signature recognition technologies are vulnerable to forging and hence are not suitable for high security applications (Woodward et al. 2002).
The alternative inherent behaviour based system for authentication is the signature-based system. Signature recognition systems can be either stationary and physically secure or portable and under the control of an authenticating agent (person). Submission of a signature for authentication purposes would tend to be done mostly in a protected and secured setting making the inherent susceptibility low and comparable to fixed station biometric-based systems. (Woodward et al. 2002)
Based upon a review of biometric approaches to authentication it is apparent that some biometric methods are more suitable for applications other than computer network access verification and security. The factors that determine suitability include cost, intrusiveness or convenience, and rate of error for both false rejection and false acceptance. Retina scanning technologies may be most applicable to high security physical access and entry control systems. Hand geometry-based systems can be effective for time card and attendance control (Dugelay et al. 2002) without being unnecessarily intrusive. Face recognition technologies have the distinction of being suitable for “face in the crowd” identification, though it can also be used for other purposes as well. (Woodward et al. 2002)
There are other biometric technologies that are emerging based upon other physiological attributes, such as vascularity patterns on hands and faces and associated thermal signatures. Each biometric technique must be considered in the context of the cost, the applications need for security, convenience and the level of intrusiveness that is required or will be tolerated. (Bolle et al. 1999)
Most of the systems represent a considerable expense and may not be practical for widespread use. Of the less expensive systems, voice print-based technologies have the advantage of not requiring any additional equipment requirement beyond a computer microphone and sound card (Biometrics FAQ 2006). Facial recognition systems can be implemented using a basic PC camera system and as such offer a similar advantage. (Biometrics FAQ 2006) Signature and fingerprint matching systems are also relatively cheap to acquire and set up. Hand-scan technologies require the least amount of digital storage space and computational overhead of any of the other biometric methods, storing the data associated with a typical hand scan in a mere 9 bytes, orders of magnitude smaller than most other biometric technologies (Bolle et al. 1999).
The voice print systems and the image-based biometric authentication processes of signature, fingerprint, facial recognition and the ocular systems employ algorithms that tend to be computationally intensive. The use of the systems noted above requires computational resources well beyond those required for password systems both for processing each authentication attempt and for storing the control data or images.
In conclusion, some relevant factors concerning various authentication methods are summarised in table 1.
Table 1. Relevant Factors Concerning Various Authentication Techniques
Ease of Implementation and Management
Easy to implement and manage. Both capabilities are typically built in to OTS software
Relatively hard to implement and maintain due to the need to construct and maintain a supporting database to retain physiological data for users
Harder to implement and manage than password systems as tokens can be lost, stolen and counterfeited. The system relies on hardware devices that must be secure. Data retained on tokens may become obsolete.
Cost of Implementation
Use and Management
High cost in hardware and in time required to populate and maintain supporting database
Moderate cost in maintaining tokens and token readers
Difficulty to subvert by Process
Password systems are often compromised by the users themselves who are likely to pick easy to guess passwords, give out their passwords, or practice poor password security discipline.
Biometric systems can be made essentially impervious to subversion by process.
Token systems lend themselves to subversion by process. A user could conceivably leave his/her token on top of their computer.
Difficulty to bypass by technology
Many tools that are readily available exist in order to “crack” passwords
Biometric systems are difficult to bypass by technology.
Due to the possibility of counterfeiting a token or tampering with a token reader, token systems must be considered at risk of being bypassed by technological means
Accuracy in terms of Authenticating correctly
Highest level of accuracy. If the correct word is supplied authentication is granted
Biometric systems are subject to noise and hence, are associated with some degree of error.
Tokens can be damaged and token readers subject to noise. The nature of the data contained in the token would tend to make erroneous reading less likely than in the case of most biometric systems.
Good Trade-off between Utility and Security
Even though password systems are important and ubiquitous, they are still victim to bad practice on behalf of users. Unfortunately, this is not so much the fault of the password system but is cultural in that it is due to poor awareness and appreciation of IS issues.
Biometric systems are typically very easy to use from the users standpoint.
The security obtained with them is high so therefore the utility/security trade-off must be considered good
Although token systems are typically easy to use, by themselves they offer relatively poor security and therefore the utility/security trade-off should not be considered good.
Ahmad, Zubair. (2000) “Internet Information Services 5.0 Authentication Methods.” Windows 2000 Ready. Retrieved from: http://www.winntmag.com/Articles/Index.cfim?ArticleID=8443
Barkakati, Naba. (2001) Red Hat Linux 7.1 Secrets. Hungry Minds. New York, NY
Biometric FAQ,” (2006) Retrieved from: www.bromba.com/faq/biofaqe.htm,
Biometrics-Scan.com. (1999) “Retina Scan Technology.” Biometrics-Scan.com. Retrieved from: http://www.retina-scan.com/retina_scan_technology.htm
Bolle RM, Pankanti S., Jain AK. (1999) Biometrics: Personal Identification in Networked Society. Springer Kluwer Academic,
Smith RE. (2002) Authentication: From Passwords to Public Keys. Addison Wesley.
Cyber Sign, Inc. (2005) “Biometric Signature Verification” Cyber Sign, Inc. Retrieved from: http://www.cybersign.com.
Dugelay, JL. et al. (2002) Recent advances in biometric person authentication Acoustics, Speech, and Signal Processing. Proceedings (ICASSP ’02). IEEE International Conference, Vol. 4, p.4060-4063
Facial-scan.com (1999) Facial Scan Technology: How it Works.” Facial-scan.com. Retrieved from: http://www.facial-scan.com/facial-scan_technology.htm#Verirication vs. Identification.
Hand-scan.com. (1999) “Projects and Applications”. Hand-Scan.com. Retrieved from: http://www.hand-scan.com
I/O Software, Inc. (2005) “Biometrics Explained”, Authentication Methods, I/O Software, Inc. Retrieved from: http://www.iosoftware.com/biometrics/methods.htm.
Ingersoll-Rand Corporation. (2005) “ER Security and Safety – -Recognition Systems”. Ingersoll-Rand Corporation. Retrieved from: http://www.recogsys.com/products/index.html
Jain, AK. Ross A. and S. Prabhakar. (2004) An Introduction to Biometric Recognition. IEEE Transactions on Circuits and Systems for Video Technology, Special Issue on Image- and Video-Based Biometrics, Vol. 14, No. 1, pp. 4-20
Leggett J. and G. Williams (1991) Verifying identity via keystroke characteristics, International Journal of Man-Machine Studies, no. 35: 859-870.
Lipson, Howard. (2000) Defining risk: security and survivability, InfoSec Outlook. Information Technology Association of America and CERT Coordination Center. No. 2 p.3-4
Nichols RD Ryan JJ and CH Ryan. (2000) Defending your Digital Assets from Hackers, Crackers, Spies and Thieves. New York, NY: McGraw-Hill
Maltoni D, Maio D, Jain AK and Prabhakar S. (2003) Handbook of Fingerprint Recognition, Springer Kluwer Academic.
Musicrypt. (2003) “Technical Summary. Digital Rights Management System (DRM)”. Musicrypt. Retrieved from: www.musicrypt.com/html/technology.html
Retina-Scan.com. (1999) “Retina-Scan Vendors and Products”. Retina-Scan.com. Retrieved from: http:/www.retina-scan.com/
Sandhu R. and P. Samarati (1996) “Authentication, Access Control, and Audit” ACM Computing Surveys, Vol.28, No. 1, p.241 – 243
ThinkQuest. (2006) “Biometrics- The Hand- The Fingerprint”. ThinkQuest. Retrieved from: http://library.thinkquest.org/28062/hand/finger.html
Whitesel, Jim. (2000) “Iris Scanning Report.” Stanford University Department of Computer Science. Retrieved from: http://www.stanford.edu/~jimwhite.
Woodward J, Orlans NM, Higgins PT (2002) Biometrics and Strong Authentication. McGraw-Hill Education
Underbill, Sandra. (2001) “Fingerprint Identification Recognition Devices.” InfiniSource. Retrieved from: http://www.infinisource.com