Download: |
Advancements in Biometrics and Identity Verification – A Universal Solution that Achieves both Security and Privacy
Prof.
Barry W. Johnson Identity verification requires the presentation of credentials to prove that you are who you say you are. Credentials are typically based on several factors, including: (1) something you know such as passwords, personal data, or answers to security questions, (2) something you have such as access cards, tokens, or smart cards, or (3) something you are such as biometrics. Authentication approaches employ one or more of these factors with many critical applications now requiring multi-factor authentication. Biometrics has emerged as one of the most promising approaches for reliable identity verification, either as a single factor to enhance convenience or as one of multiple factors to enhance security. Despite the promise of biometrics, its adoption has been slower than predicted. Common perceptions include that biometrics-based solutions are not secure, that personal information and privacy can be compromised, that the technology is disruptive and expensive to implement, and that biometric solutions are invasive and non user-friendly. Due to advancements in processing power and security technologies, a new approach to biometrics-based identity verification has emerged that overcomes these limitations. This presentation will focus specifically on the technologies behind a personal hand-held token that addresses the security and privacy concerns of a biometrics-based solution. This personal approach to biometric security is the result of over six years of research and development involving the creation of a secure integrated circuit and the associated embedded software capable of encapsulating all of the biometrics storage, processing, and matching into a secure boundary. The technology was conceived and developed to combat the main impediments preventing the wide-spread adoption of biometric technology and to help begin to fulfill the promise that biometrics hold for significantly heightening security. A key fob-sized token with a built-in fingerprint sensor and all on-board and secure biometric processing was created to enable access to buildings, vehicle gates and computer networks, replacing standard access cards and passwords. Several key technology hurdles have been overcome to allow creation of this key fob-sized solution. First, biometric algorithms are complex, and significant processing power is needed to ensure that high performance and reliability can be achieved in the authentication process. Previous solutions that implemented sufficient processing capabilities required space and power consumption that far exceeded what could be enclosed in a key fob-sized device. Second, prior solutions have also limited the secure boundaries to include only the storage of biometric information and not the complete processing of that data thus leaving biometric information susceptible at certain stages of the authentication process. Some solutions have even used inherently insecure computational engines such as laptops and desktops to manipulate the biometric information during a user authentication. The solution discussed in this presentation has solved both of the above fundamental problems through the creation of a single, secure integrated circuit that provides the needed processing capability and places all of the biometric processing within a secure boundary thus protecting biometric information at all stages of the process including storage, processing, and matching. The embedded software and all of the data that it manipulates is stored in external memory in encrypted form such that information is never left unprotected. Instructions are checked for an appropriate digital signature and decrypted “on-the-fly” to ensure that rogue code cannot be used to capture biometric information inappropriately. Similarly, data is encrypted and decrypted during execution as well to protect all information. The result is an integrated hardware/software solution designed to meet the highest levels of integrity and to do so in a small package with very low power consumption. In this presentation, Barry Johnson, Chief Technology Officer of Privaris and Professor of Electrical and Computer Engineering at the University of Virginia will detail how wireless biometrics-based identity verification solutions have been developed to address the critical need for stronger identity verification coupled with security and personal privacy. Dr. Johnson will discuss the shortcomings of traditional biometrics-based approaches, providing insight on why these solutions have not captured the mindshare of some commercial organizations. Dr. Johnson will also describe the technological advancements that have enabled a new approach to biometrics which integrates with existing access control solutions but does not require central biometric databases, and how he envisions this approach will impact the identity verification landscape moving forward.
|
|