Docstoc

Analysis of Hardware Controls for Secure ... - ECE Users Pages

Document Sample
Analysis of Hardware Controls for Secure ... - ECE Users Pages Powered By Docstoc
					                Georgia Institute of Technology

         CS4235: Introduction to Information Security

Analysis of Hardware Controls for Secure Authentication

     Karan Asnani, John Bowen, Michael Ellis, Nirav Shah
                         July 19th, 2006
CS4235: Introduction to Information Security



                                                       Table of Contents

Abstract ........................................................................................................................................... 3
1. Introduction ................................................................................................................................. 4
2. Smart Cards................................................................................................................................. 5
   2.1 History................................................................................................................................... 5
   2.2 Functionality ......................................................................................................................... 6
   2.3 Pros and Cons ....................................................................................................................... 8
   2.4 Future .................................................................................................................................. 11
3. Hardware Tokens ...................................................................................................................... 12
   3.1 History................................................................................................................................. 12
   3.2 Functionality ....................................................................................................................... 13
      3.2.1 Multi-Factor Authorization .......................................................................................... 14
      3.2.2 USB Hardware Tokens ................................................................................................ 14
      3.2.3 Authorization Levels .................................................................................................... 15
   3.3 Market ................................................................................................................................. 15
   3.4 Pros and Cons ..................................................................................................................... 17
   3.5 Future .................................................................................................................................. 18
4. Biometrics and Face Recognition ............................................................................................. 18
   4.1 History................................................................................................................................. 19
   4.2 Functionality ....................................................................................................................... 21
      4.2.1 Eigenface...................................................................................................................... 21
      4.2.2 3D Methods .................................................................................................................. 22
      4.2.3 Weaknesses of Eigenfaces ........................................................................................... 23
   4.3 Research and Market........................................................................................................... 25
   4.4 Pros and Cons ..................................................................................................................... 26
5. Voice Recognition and Fingerprint Authentication .................................................................. 27
   5.1 History................................................................................................................................. 27
   5.2 Functionality ....................................................................................................................... 29
      5.2.1 Fingerprinting .............................................................................................................. 29
      5.2.2 Voice ............................................................................................................................ 30
   5.3 Market ................................................................................................................................. 31
   5.4 Pros and Cons ..................................................................................................................... 32
   5.5 Future .................................................................................................................................. 33
6. Conclusion ................................................................................................................................ 34
7. Notes ......................................................................................................................................... 36
8. Bibliography ............................................................................................................................. 37




Analysis of Hardware Controls for Secure Authentication                                                                                      2
CS4235: Introduction to Information Security



Abstract

       Although many organizations are placing increasing emphasis on the protection of

their data and electronic assets, one often neglected area is the first step in information

security – access control. The protection of access to resources is a key deterrent in reducing

information loss, and therefore should be given equal importance in an organization‘s

security policy.

       Although numerous methods are available for implementing access control, hardware

authenticators are quite powerful due to their separation from data itself. This paper analyzes

three major types of hardware controls for authentication – smart cards, hardware tokens, and

biometrics, where specific attention is paid to face recognition, fingerprint scanning, and

voice recognition. Each of the technologies is discussed in detail along with a weighted

analysis of their associated pros and cons, and an attempt is made to determine the future path

each industry may take relative to its current position.




Analysis of Hardware Controls for Secure Authentication                                       3
CS4235: Introduction to Information Security



1. Introduction

         Information security is a rapidly growing field that is finally beginning to gain the

attention it deserves from private industry. Business managers are recognizing that attacks on

their organization‘s data and computing infrastructure can have a direct impact on the bottom

line, and spending on protection of electronic resources is well worth the investment involved.

However, most of the research and investment in this field tends to concentrate on the

protection of data when a user already has access to a system, or protecting against invaders

over a network. In non-governmental organizations, the risk of attack via physical break-ins

is often overlooked in the name of a trusting ―open-door‖ policy, or the initial prohibitive cost

of setting up access control systems. This not only leaves an organization exposed to outside

threats, but inside threats as well, since it is widely accepted that insiders make up about 60%

of all information security attacks.

         When looking at the three major information security principles of Confidentiality,

Integrity, and Availability, which are all crucial to the maintenance of a secure system, access

control is most relevant to the Availability aspect. An ideal access control scheme would

provide both authentication and authorization. The former refers to verifying the digital

identity of a user, whereas authorization is the process of checking to see if the user has the

necessary privileges to access a particular resource. Therefore, a good access control system

needs to both authorize and authenticate users effectively, thus making the right resources

available to the right person when they require it, while preventing access to unauthorized

users.

         This paper discusses and analyzes three separate authenticators: hardware tokens,

smart cards, and biometrics; the latter category being further divided into related recognition

methods such as face recognition, voice recognition, and fingerprint scanning. Each

technology is discussed in terms of its history, an explanation of the technology‘s pros and


Analysis of Hardware Controls for Secure Authentication                                           4
CS4235: Introduction to Information Security


cons is provided, and a prediction is made regarding the future direction that the technology

or industry may take. When discussing the potential use of these technologies, an emphasis is

placed on their suitability for private organizations, since that is a sector of the economy still

lacking in its deployment of access control schemes.


2. Smart Cards


2.1 History

       Smart cards have evolved from magnetic stripe plastic cards which commonly

function as credit cards, membership cards for loyalty programs, or perhaps most importantly,

for the purpose of basic identification. However, data stored on the magnetic stripes of these

cards suffers from a major weakness, namely the ease with which the information can be

skimmed onto another card with someone possessing the right type of (cheap and readily

available) equipment. Therefore, the use of smart cards is now a much safer option available

to organizations implementing access control systems, as they have numerous applications

(―What‘s so Smart about Smart Cards‖ 5):

      Protect the privacy of individuals and keep their informational assets safe from

       hacking

      Restrict access on to networks or computer systems, in combination with hardware

       tokens

      Storage and encryption of sensitive data like certificates or passwords, usually in

       conjunction with a Public Key Infrastructure (PKI) that involves a certified digital

       certificate

      Restrict physical access to protected areas

       Although smart cards are the youngest member of the plastic card family, and indeed,

still have huge scope for growth in their deployment, the technology itself is fairly old.


Analysis of Hardware Controls for Secure Authentication                                          5
CS4235: Introduction to Information Security


Various inventors in Germany, Japan, and France all applied for patents for plastic cards that

could carry microchip technology in the late 1960s and early 1970s (Dhar 2). Since then,

smart cards have grown widely in use in Europe, but the technology has not yet fully tapped

into its global potential, especially in private industry in the United States.


2.2 Functionality

       Before delving into an explanation of smart cards, it is appropriate to first analyze the

technology behind the magnetic stripe and why these cards do not offer an appropriate level

of security for access control systems. A typical magnetic stripe contains three tracks which

are further divided into tiny domains, each being 1/75 of an inch long and magnetized in a

particular fashion. The direction of magnetization of each domain represents either a 0 or 1

bit, and thus when the stripe is read, the reader obtains the data from the card in binary form.

The use of skimming card readers, or other materials that can alter the polarization of a

magnetic domain, means that information on these cards is not secure.

       Smart cards are an improvement on simple magnetic-strip cards because they are

essentially cards with very tiny computers in them, containing a microprocessor and memory.

The underlying technology behind smart cards is relatively uncomplicated, but information is

often not readily available due to manufacturers protecting their business secrets, and so the

technical description here is relatively brief. However, numerous variations do exist in the

types of smart cards manufactured, and these can be analyzed based on any number of

parameters, the key ones being memory and interface.

       Memory cards are the simplest and cheapest types of smart cards. They usually

contain an area for permanent information, and another area where changing information can

be stored. Prepaid phone cards are often considered to be the ideal application for such cards.

The permanent information is perhaps the card number, whereas the changing information




Analysis of Hardware Controls for Secure Authentication                                          6
CS4235: Introduction to Information Security


would be the talk time remaining. However, based on their technical capabilities,

microprocessor or chip based cards are the more appropriate type of smart card for access

control in organizations. Chip based smart cards contain four components:

      Read Only Memory (ROM): An area to store permanent data, usually the Operating

       System of the smart card. These are called Smart-Card Operating Systems (SCOS)

       and usually use up to 16 kB of space in the ROM. Many SCOSs are available, notable

       ones being MultOS, JavaCard, and StarCOS.

      Electrically Erasable Programmable Read Only Memory (EEPROM): An area to store

       application data and instructions

      Random Access Memory (RAM): Runtime volatile memory used by the processor to

       run desired functions

      Central Processing Unit (CPU): The heart of the card that performs instructions

These cards are usually more expensive than simple memory cards, but are more appropriate

for information-sensitive applications like banking and finance or indeed, access control.1

       With regards to classification based on interface, each type is fairly self explanatory.

Contact cards contain between six and eight gold plated contacts that can be inserted into a

reader, where physical contact is made, and data communicated via electrical contact between

the card and the card reader2. Chip based contactless cards can simply be passed near a reader

in order for a transaction to be performed, making them extremely convenient and easy to use.

A radio frequency (RFID) transmission originates from the reader, and information on the

cards themselves is read via an antenna which is also part of the reader. Interestingly, this

radio frequency transmission is what supplies the energy that the card needs to run its

microprocessor. A series of standards govern contactless smart card manufacture, namely

ISO 7816-1 through to ISO 7816-7 (Shelfer and Procaccino 86). The technology of

contactless cards is in turn governed by two more standards – ISO/IEC 14443, which allows


Analysis of Hardware Controls for Secure Authentication                                         7
CS4235: Introduction to Information Security


for communications up to 10 cm, and ISO 15693, which is an alternative standard that allows

for communications up to 50 cm.

       The use of contactless cards also helps to reduce the risk of vandalism to card readers

themselves; for example, a card reader at the entrance to a company‘s building could be

placed low and to the side of the door frame, and can scan the card as the employee passes by

with the card in his/her pocket or purse (Security 32). In fact, many banks are jumping upon

the contactless card bandwagon due to the numerous retail possibilities it presents, and are

trying to meet high consumer demand for increasingly convenient services (Noe). Finally,

hybrid cards offer users both possibilities, making them quite flexible and extremely secure.


2.3 Pros and Cons

       The first and most obvious benefit of smart cards is that they counter threats to

information loss from physical attacks where a potential criminal attempts to gain access to

an area or resources that he/she should not be using. Smart cards‘ actions are twofold –

protecting the actual physical resource itself, and also authenticating the identity of an

individual trying to get access to an electronic resource (―Logical Access Security: The Role

of Smart Cards in Strong Authentication‖). A pervasive and consistent access control system

therefore greatly reduces the risk of physical attacks, not just through preventing access when

someone attempts to break in, but also as a deterrent to potential criminals. Smart cards can

also be combined with other authentication technology, biometrics for example, to provide

economic and security advantages through a ―two-factor‖ authentication system, which is

described in more detail later in this paper.

       Along with the previously described ease of use and convenience of contactless smart

cards, another advantage of smart cards is their large capacity. Smart cards can hold up to 32

kB of data, which means that each card can contain multiple pieces of identification and




Analysis of Hardware Controls for Secure Authentication                                         8
CS4235: Introduction to Information Security


permissions information for a user. Instead of maintaining separate access methods for

different systems, information storage can be centralized, with information pertaining to

logical access, physical access, and secure data storage all maintained on the same card.

Some smart cards can even perform encryption on the data they contain.

       An indirect benefit of a large storage capacity is that smart cards can also be used for

multiple functions. This is an approach being taken by the government of the United Arab

Emirates as it implements a new national scheme aimed at providing all residents with

National ID cards. These are simply multifunctional smart cards which residents can use as

their labor identification card, a substitute for a passport, clearing immigration at the airport,

and other daily activities. In addition to the relatively large storage capacity, smart cards also

offer the capability of on-card data processing through the on-card microprocessor. However,

this approach of ―placing all your eggs in one basket‖ does raise a security concern if the card

is lost or physically damaged, and that is also an issue that is addressed later in this section.

       Smart cards also have a very long lifetime. In fact, unlike contact cards where the

contacts may wear out, the life of a contactless smart card is practically unlimited as long as

the information stays relevant. The risk of data being erased or altered by malicious use of

skimmers or other magnetic devices is also minimized, since credential information is solely

on the card, and not actually on a network or in software. Therefore, the life of smart cards

goes above and beyond the Principle of Timeliness, which states that data need only be

protected for as long as it is valuable. With smart cards, data can be protected, with no

significant increase in cost, well beyond its useful life.

       Finally, smart cards are quite secure themselves. Cards can be designed to be

multilayered, a process that involves the use of tamper-proof security measures such as

innovative color patterns and designs, nano printing of text, and holograms. These are

intended to prove the card‘s genuineness and make it difficult to forge (Fontanella 1).


Analysis of Hardware Controls for Secure Authentication                                             9
CS4235: Introduction to Information Security


       As alluded to earlier, a major disadvantage of using smart cards is the security risk

associated with the card being lost, stolen, or physically damaged due to misuse or natural

elements like rain. The risk of data loss is magnified if a multifactor authentication scheme is

not used. However, a solution to this problem can be fairly simple to implement, and is

similar to the scheme used by banks for credit cards. If the card is lost, the owner can call

his/her own company‘s Information Technology or Security department and notify them that

the card should be disabled, with all future use being potentially fraudulent. Having the

company itself maintain a centralized system may be cost-ineffective, but it does reduce the

risk of information having to be shared with a third party organization, and allows a company

to tailor its access control system to meet its own specific needs. Unlike a suggested British

national ID card scheme, allowing each company to set up its own database would also mean

there are no problems with having to accredit various organizations to give them access to a

central database (Hilley 10).

       The other major disadvantage, and arguably the one that may play the biggest part in

the lack of widespread deployment of smart card technology thus far, is the high initial

capital expenditure involved. When implementing a hardware-based access control system, a

company will need to purchase cards for each of its employees, install the hardware needed to

read the cards, and also set up databases and associated systems required for the entire project.

Other costs involved are protection of information in the databases, protecting the

transmission of information between a smart card and its reader, and implementing strong

training schemes and security policies for employees (which should be in place anyway).

These costs are typically unavoidable because they are associated with crucial components of

any access control system.

       However, innovative schemes do exist that can simplify the cost and administrative

issues associated with installing an access control system. For example, Liaw, Lin, and Wu


Analysis of Hardware Controls for Secure Authentication                                          10
CS4235: Introduction to Information Security


suggest a scheme of remote authentication that does not require a dictionary of verification

tables to authenticate users, does not require timestamps, and promises a low communication

and computational cost (223-8).

       A third major disadvantage arises from the issue of a lack of human trust, and the risk

of reduced productivity if employees constantly require authorization before accessing their

own computer or other physical resources. The latter can be minimized with the use of

contactless cards, but the main issue here is the urgent need for management to realize the

importance of good physical security. As cynical as it may sound, a lack of trust is perhaps

the soundest way to protect an organization‘s information, and often some compromises have

to be made on an emotional level if a company‘s reputation and profits are to be protected.


2.4 Future

       The future of smart cards is still wide open. With regards to research in the field,

advances are continually being made on innovative methods to protect the cards themselves,

and improving the processing and storage capabilities of the cards. Many researchers are also

seeking to tackle the cost issue by proposing schemes that can reduce the expenditure of

setting up a hardware-based access control system. Perhaps more research could be aimed at

tackling the issue of disabling a smart card that is reported lost or stolen; despite being an

idea put forward in this paper, current research in the field seems to be lacking in this area. In

addition, the legal and privacy issues associated with smart card based access control systems

are always a concern.

       Research by the Smart Card Forum in 1999 showed that U. S. smart card shipments

were expected to grow at a rate of 60% between 1998 and 2003. Sumit Dhar also points out

that the ―smart card market is set for exponential growth in the next few years‖ (8).




Analysis of Hardware Controls for Secure Authentication                                          11
CS4235: Introduction to Information Security


Undoubtedly, the market will move towards more sophisticated on-card technology, and

further exploitation of the multifunctional abilities of smart cards.

        In conclusion, relatively few organizations outside of the Federal sector are actually

using smart cards for the purpose of authenticating identity (Everett 22). Therefore,

tremendous potential for growth still exists, especially if the multifunctional capability of

smart cards is fully exploited. It is therefore up to private firms to also realize that protection

against physical attacks is just as important as protecting their network, and smart cards are

one of the most effective technologies available to provide this physical security, especially

when combined with other hardware controls like hardware tokens or biometrics.


3. Hardware Tokens

        As today's enterprises and individuals participate in an increasing amount of mobile

activity, a dynamic technology is needed to keep applications secure, while making

technological freedom a reality. This freedom comes in the form of an authenticator known

as a hardware token. Today's tokens vary wildly in terms of size and advanced specifications,

but they all have the same goal: to safeguard authentication while allowing for dynamic

security.


3.1 History

        Hardware tokens were created as a way to limit access to confidential or protected

information. They are portable devices which allow a user to access this protected

information. In essence, a hardware token could be anything as simple as a key to one's front

door. The modern hardware token analyzed in this paper is somewhat more complex, but it

provides much of the same functionality: using something a user possesses to authenticate

their identity.




Analysis of Hardware Controls for Secure Authentication                                           12
CS4235: Introduction to Information Security


       The earliest form of the modern hardware token evolved in the 1970s. Originally

called "dongles," these devices used hardware to connect to a computer and allow access to

software (Elsom 3). Many of the first dongles connected to parallel or serial ports to block the

flow of data (essentially to protect from information being copied).

       Today hardware tokens are still used to restrict access to applications; however they

now are almost always defined by a changing (dynamic) pass code to aid in security.


3.2 Functionality

       Hardware tokens take a variety of shapes and sizes, from calculator-like cards to small

shells that can be hooked to key chains. Hardware tokens typically have a LED (Light-

Emitting Diode) display which contains a special code the user enters to a system for

authentication.3 Depending on the particular token being used, the code will change after a set

period of time or after some event takes place.

       For time-changing hardware tokens, the code is usually updated within a period of 60

seconds or less.4 The hardware token and the system the user is trying to access are originally

setup to concurrently cycle so that the code on the user's token matches that of the machine.

For algorithms which are not time-based, examples of code-changing events are insertion into

a drive (as with the USB-1 Token from CRYPTOCard) or the press of a button located on a

token (as with the KT-1 Key Chain from CRYPTOCard).5

       Because the password on hardware tokens can never be used again, it is sometimes

called a one-time password, or OTP (Pfleeger 220). One-time passwords offer excellent

security. These special passwords prevent "shoulder surfing," the act of watching somebody

type a password in order to gain access to a system.




Analysis of Hardware Controls for Secure Authentication                                         13
CS4235: Introduction to Information Security


3.2.1 Multi-Factor Authorization

       In addition to the special dynamic code, most often a static code known to a user is

also used to provide a new dimension to the token's security. This static code is generally

entered before the dynamic code into an authentication system (via keyboard) in the

following way:

                                      STATICDYNAMIC

       One way to group authenticators is to label them as knowledge-based (something

known to a user such as a password/PIN sometimes used with a smart card), object-based

(something a user possesses such as smart-cards or tokens) or ID-based (using a unique

feature in biometrics) authentication. A policy of using two or more forms of authentication

is called ―multifactor authentication‖ (O‘Gorman 2024). The combination of static code and

dynamic code is a form of multifactor authentication and "this example of token plus

password constitutes the vast majority of current multifactor implementations" (O'Gorman

2025). O'Gorman goes on to explain this multifactor authentication implementation combines

something a user has (an object-based authenticator) with something a user knows (a

knowledge-based authenticator) and is commonly called two-factor authorization.6


3.2.2 USB Hardware Tokens

       Some hardware tokens have now merged with Universal Serial Bus (USB) storage

devices. They also contain a dynamic security code to be entered by the user for access to a

system if a company desires this option. Additionally, the extra storage capacity a USB drive

offers allows a user to save documents on the drive by means of encryption using a public

key infrastructure (PKI). In other words, as a user loads a document to the USB it is

encrypted using public key cryptography.




Analysis of Hardware Controls for Secure Authentication                                        14
CS4235: Introduction to Information Security


       The decryption takes place automatically when the user enters a memorized personal

identification number. This leads one to question the existence of the encryption in the first

place; if the PIN is all that is necessary to decrypt (why not just use the PIN to protect the

data)? The answer is to fend off any intruder who could somehow extract the data from the

USB without having to authenticate on an outside computer. There are also tamper-proof

USB keys to keep an unauthorized user from extracting data. Also, because of the extra space

associated with USB keys, they may also allow for digital signing.7


3.2.3 Authorization Levels

       Authentication options range for token vendors and also changes based on the needs

of the client. Most of the time users just type in their dynamic and static codes along with a

username into authentication software in order to gain access to information (as described

above). Some USB keys just require the user to plug the key into a system to allow access.

The level of access which is granted also ranges for vendors and clients. For some secure

systems, a token may be necessary to access any information on a computer. Some

authentication software only restricts access to the internet or perhaps a certain server.


3.3 Market

       The largest single producer of hardware tokens is RSA Security. Their product,

SecurID, is used by the "White House, the U.S. Senate, NSA, CIA, The U.S. Department of

Defense, and a majority of the Fortune 100 companies" (Biryukov 130). Originally,

according to Biryukov, Lano, and Preneel, the SecurID hash function used the "secret key,

unique to one single authenticator, and the current time (expressed in seconds since 1986)" to

produce its secret key. (Biryukov 131) The algorithm was breakable and RSA has now

moved to an AES-based algorithm. Typically the code-producing algorithms of vendors are




Analysis of Hardware Controls for Secure Authentication                                          15
CS4235: Introduction to Information Security


kept secret, making technical information and statistics of the actual security technology hard

to come by.

       RSA makes three distinctions among its OTP products. They offer a plain OTP

generator, a USB key which has the ability to encrypt documents stored on it, and a key

which will combine a user pin with an OTP generator all on the token. These three different

versions are a good representation of the vast majority of hardware tokens on the market.

       VeriSign (and its original equipment manufacturer Aladdin Knowledge Systems) are

active participants in the field of hardware authenticators as well. VeriSign offers similar

products to RSA Security; however they also have an event-based password generating token.

VeriSign uses the OATH (The Initiative for Open Authentication) standard for authentication.

OATH is a consortium of technology companies that have a goal to standardize

authentication technology to be used across commerce and government networks. OATH

seeks to "deliver solutions that allow for strong authentication of all users on all devices,

across all networks" (OpenAuthentication Vison). It seems profit-margins could ultimately be

the bottom line for this group and not security as the official website states a goal to "reduce

the cost and complexity of strong authentication to drive broad enterprise and consumer

adoption." More consumer adoption may mean better business over better security.

       There are many other companies in competition with RSA. VASCO is a company

which has been targeting an international audience as well as financial institutions.

Companies look to VASCO for a cheaper token, VASCO's "tokens cost about $8 each, vs.

$20 or more for RSA tokens" (Swartz). Many institutions are holding out until a price war

begins to heat up. For banks, spending $8 per customer is a huge ordeal given a large

customer base. As more and more companies such as VASCO evolve to compete with the

larger companies, cheaper alternatives become a reality.




Analysis of Hardware Controls for Secure Authentication                                         16
CS4235: Introduction to Information Security


3.4 Pros and Cons

       There are many advantages for using hardware tokens. One big advantage is the one-

time password (OTP) which prevents shoulder-surfing and guessing. The biggest advantage,

however, is the common two-factor authentication: combining a password and the pseudo-

random pass code generated. This way, even if the token is stolen, it is virtually unusable.

Additionally, if a token is stolen, the user will know. While many times an intrusion is tough

to detect over a network, it is quite obvious when a token is missing. In this case, a

disconnect between a token and an authentication server needs to be made.

       Modern hardware tokens also allow for increased mobility. Research and confidential

data that could once be only accessed within labs can now be accessed from a user's home, or

even in another country. For example, to gain access to a Virtual Private Network, all one

needs is their token and PIN. This information can be entered into a security application or

interface on a computer and then sent to an authentication server. If the user possessed the

correct credential, the user is then granted access. The added security of a hardware token

enables this foreign access which should never be provided with single-factor authentication.

       Hardware tokens are far from perfect. If the problem is not the user remembering

his/her PIN, it is the user remembering the token itself! If a user just lost their keys, they may

have lost their hardware token as well. Also, a user may be tempted to write down their PIN

as not to forget it. This basically negates the two-factor authentication and as long as

somebody has the hardware token, access to the system/portal and the PIN, they can be

granted authentication. Additionally, hardware tokens can cost users time. They are great for

commercial enterprises, research, and government organizations; however they have not been

accepted for widespread consumer use. Banks are hesitant to ask for another form of

identification for transactions besides a PIN because it is an inconvenience (taking more time

for a single transaction). Customers who don't like the inconvenience may even decide to


Analysis of Hardware Controls for Secure Authentication                                         17
CS4235: Introduction to Information Security


leave the bank. Additionally, hardware tokens are currently expensive. For a major financial

institution, the cost to deliver hardware tokens to its customers would be millions (if not

billions over time). Similarly to smart cards, setup of a hardware token security scheme is

rather expensive. This added expense is scaring companies away from incorporating better

security into its business plans. Most companies choose to not upgrade their current security

until it become problematic.


3.5 Future

       As radio-signal based technology Bluetooth becomes more common in mobile

devices, there may be a move away from random password generators. With a Bluetooth

token, a user could have access to a machine by taking the token within 10 meters of the

machine.8 The radio-signal's ―Zero-Interaction Authentication,‖ or ZIA, adds to convenience

but has many of the same limitations as a password generating token (Abdelhameed 200).

Bluetooth has encouraging money-saving possibilities. Instead of issuing a new token, it is

now possible to program a token into a PDA or cell phone to enable authentication.

       Recently Bank of America has announced a deal with VeriSign in which "select

online users are issued token devices, electronic gadgets that generate one-time passwords"

for online transactions (Schnieder 1). Hardware tokens are on the verge of hitting the

consumer market, however even Bank of America's policy is voluntary. It could take several

years before hardware tokens become accepted by consumers and private institutions make

widespread policy changes to include this form of two-factor authentication.


4. Biometrics and Face Recognition

       Identification before the days of hardware methodologies and even before passwords

was a matter of human instinct, based simply on the appearance of an individual: his face,

build, and other physical attributes. These characteristics assist in defining an individual‘s


Analysis of Hardware Controls for Secure Authentication                                          18
CS4235: Introduction to Information Security


identity, and even today, they are pivotal in much of societal interaction. It is no surprise,

then, that security professionals now employ these features in the context of access control.

This field is known as biometrics. In particular, face recognition in security has recently

received much attention, some of which is evidenced by the rise of face recognition

conferences such as AFGR (IEEE International Conference on Automatic Face Gesture

Recognition) and AVBPA (Conference on Audio- and Video-based Biometric Person

Authentication) as well as ―empirical evaluations of face recognition techniques‖ (Zhao 1).

This technology provides means of personal identification and verification within some

degree of certainty, and face recognition plays a unique role in security surveillance.

Understanding the full implications of face recognition in the security (and access control)

arena requires some knowledge of the history, technologies and techniques, testing and

standards, research, and markets of the two individual fields.


4.1 History

       Face recognition has obviously been practiced by security personnel for some time,

but automated face recognition is a relatively new concept (National Science and Technology

Council: Subcommittee on Biometrics npa). The very nature of face recognition makes it

useful in some unique ways and at the same time difficult to implement; these two themes

become apparent early in the history of face recognition, and it is this history that one should

first realize. During the 1960s, Woody Bledsoe, Helen Chan Wolf, and Charles Bisson

developed the first semi-automated (computerized) system for face recognition. This early

system required an administrator to locate facial features such as eyes, ears, and nose on a

photograph, which were then used to calculate distances and ratios to a common reference

point. These data were then compared to reference data by the computer for recognition,

thereby identifying an individual within some degree of certainty. Unfortunately, some




Analysis of Hardware Controls for Secure Authentication                                          19
CS4235: Introduction to Information Security


difficulties arose concerning the orientation of the individual‘s face—difficulties that still

persist. According to Bledsoe, ―...the correlation is very low between two pictures of the

same person with two different head rotations‖ (Scheentra 891). Each set of data, then, must

be normalized to represent the face in a frontal orientation.

       Later, in the 1970s, Goldstein, Harmon, and Lesk utilized characteristics such as hair

color and lip thickness to aid in automation, but the real breakthrough came in 1988 when

Kirby and Sirovich applied ―principle component analysis‖ (a technique of linear algebra) to

the face recognition problem. This showed that ―less than one hundred values were required

to accurately code a suitably aligned and normalized face image‖ and became known as the

―eigenface technique‖. In 1991, Turk and Pentland extended this technique by realizing that

residual error could be used to detect the faces in images, further automating the face

recognition process and creating significant interest in further development of the technology

(National Science and Technology Council: Subcommittee on Biometrics npa).

       Furthermore, much interest in face recognition stems from the fact that, according to

―Face Recognition: A Literature Survey,‖

       Although extremely reliable methods of biometric
       personal identification exist, e.g., fingerprint
       analysis and retinal or iris scans, these methods
       rely on the cooperation of the participants, whereas
       a personal identification system based on analysis
       of frontal or profile images of the face is often
       effective without [italics added] the participant’s
       cooperation or knowledge. (Zhao 1)

In other words, because faces can be captured from far away, no physical contact is required

for face recognition. As a result, face recognition has applications in security surveillance

(identification) as well as verification problems (and thus access control). In identification

problems, the input to the system is an unknown face, and the system attempts to determine




Analysis of Hardware Controls for Secure Authentication                                          20
CS4235: Introduction to Information Security


an identity from a database of known individuals, but in verification problems, the system

attempts to confirm or reject the claimed identity of the input face (Zhao 1).


4.2 Functionality

       Regardless of specific application, implementing face recognition can be summarized

in five steps. The first step is acquiring an image of the face, which can be accomplished

using anything from an existing photograph to a snapshot from a live camera. Second, the

location of the face must be detected, whether in a crowd or in front of a standard background.

Third, the face must be analyzed using one or more of a variety of algorithms. Fourth, the

data gathered must be compared to some reference (e.g., an individual face or a database of

known faces). Finally, the results of the comparison must be analyzed to determine whether

or not an accurate match exists (Woodware npa). Some particular algorithms include the

aforementioned eigenface method as well as fisherface, the Hidden Markov model, the

―neuronal motivated‖ Dynamic Link Matching, elastic bunch graph matching (EBGM), and

more recently, three-dimensional face recognition. The eigenface, or Principal Component

Analysis, method, because of its widespread application, is worthy of further discussion.

Three-dimensional recognition is also worthy of further discussion because of its future

potential.


4.2.1 Eigenface

       The eigenface technique (a linear algebra-based technique) corresponds to ―one of the

most successful methodologies for the computational recognition of faces in digital images.‖

In fact, it is the basis for a number of variations known as eigenspace-based approaches,

which differ in the kind of projection method, the projection algorithm, the use of simple or

differential images before/after projection, and the similarity matching criterion. The starting

point for the use of any eigenspace-based method is realizing that the amount of data carried


Analysis of Hardware Controls for Secure Authentication                                         21
CS4235: Introduction to Information Security


in an image is much greater than what is needed to describe a face, since ―faces are similar in

appearance and contain significant statistical regularities‖. This approach works by first

projecting input faces onto a dimensional reduced space where recognition is carried out. As

previously stated, Sirovich and Kirby used PCA (principal component analysis) to derive a

reduced representation of face images. According to Javier Ruiz-del-Solar,

       PCA is a general method for identifying the linear
       directions in which a set of [data-containing]
       vectors are best represented in a least-squares
       sense, allowing a dimensional reduction by choosing
       the directions of largest variance.(Navarrete 820)

       In terms of representing a face, PCA reduces the dimensions of facial data by means

of data compression basics, revealing the most effective low dimensional structure of facial

patterns (National Science and Technology Council: Subcommittee on Biometrics npa). The

term ―eigenfaces‖ comes from the fact that the face structure is decomposed into orthogonal

components (eigenfaces), similar to the standard linear algebra technique of eigenvector

reduction. In more mathematical terms, PCA determines the orthogonal projection that

maximizes the determinant of the total scatter matrix of the projected sample images (Cohn

7-8). A face image is then represented as a weighted sum of the eigenfaces.9 As a final step in

the recognition process, the input image is compared to a reference image by measuring the

distance between the respective weighted sums of eigenfaces (National Science and

Technology Council: Subcommittee on Biometrics npa). Close mathematical matches are

considered facial matches.


4.2.2 3D Methods

       3D face recognition is a much newer field within face recognition, but holds much

promise. Three-dimensional technology captures facial images using a number of cameras

placed around an individual‘s face (Greenemeier npa). 3D models hold more information




Analysis of Hardware Controls for Secure Authentication                                        22
CS4235: Introduction to Information Security


than 2D models, and this information can be used for face recognition or subject

discrimination (verification). Mavridis designed the original approach to 3D facial models,

which was very similar to eigenfaces for two dimensions, but others have since extended this

approach to take advantage of Gaussian curvatures. However, according to ―A Survey of 3D

Face Recognition Methods,‖ 2D face recognition seems to outperform 3D face recognition

methods, but it is expected that this will change in the near future (Scheentra 891).


4.2.3 Weaknesses of Eigenfaces

       Six specific difficulties outlined in ―Quo vadis Face Recognition‖ hinder the

algorithms described above and are all functions of face image acquisition and individual

differences in subjects.

   1. Viewing angle affects the appearance of the face because of projective deformation

       (stretching, etc. of different parts of the face) and self-occlusion and dis-occlusion of

       parts of the face.

   2. Illumination can accentuate or diminish certain facial features.

   3. Expressions of emotion and ―paralinguistic communication‖ can cause large

       variations in facial appearance.

   4. Objects in the scene or on the face may obscure the face.

   5. Faces change over time, whether in response to aging or fashion. However, it is the

       same individual behind the face.

   6. Other individual factors such as sensitivity to gender or ethnicity may affect the

       output of the algorithm.

(Cohn 2-3). It should be noted, though, that over the last few years, face recognition

algorithms such as eigenfaces have been improved and tested on less than perfect images

(Scheentra 891).




Analysis of Hardware Controls for Secure Authentication                                        23
CS4235: Introduction to Information Security


4.2.4 Testing & Standards

       With the rise of face these recognition applications, the government has responded by

establishing two major entities to encourage and test face recognition technology: FERET

and FRVT. A number of standards have appeared as well. The Department of Defense, for

one, sponsored the Face Recognition Technology (FERET) program, which began in 1993.

The FERET program comprised three major elements. First, it sponsored research for

promoting recognition algorithms from theory to application. Second, it collected and

distributed the FERET database of facial images, which is used as a standard for testing

algorithms. Finally, and most importantly, FERET performed evaluations that compared the

abilities of race recognition algorithms (FERET).

       FRVT, the Face Recognition Vendor Test, specifically targets commercial systems.

Its primary goal is ―to measure progress of prototype systems/algorithms and commercial

face recognition systems…‖ Participating agencies include the FBI, NIST, and DHS (Face

Recognition Vendor Test 2006 - Introduction). One may now question the accuracy of the

face recognition, especially in the context of verification since it applies directly to access

control. In response, FRVT 2002 has verification performance data for the top three face

recognition companies tested.10 Surprisingly, for a desired ―false alarm rate‖ of 0.1%, the

average verification rate was only near 80% (Phillips npa).

       While a number of standards for biometrics in general exist, INCITS M1 and ISO

SC37 Face Recognition Data Interchange Format specifically target face recognition. These

―[ensure] that enrolled images will meet a quality standard needed for both automated face

recognition and human inspection of facial images; [facilitate] the use of face information in

applications that have limited storage…and [allow] interoperability among facial recognition

vendors‖ (Identix - Standards). In addition, it should be noted that in October of 2004, the

U.S. Department of Homeland Security adopted its first biometric face recognition standard.


Analysis of Hardware Controls for Secure Authentication                                           24
CS4235: Introduction to Information Security


This standard is used in applications such as travel documents, specifying definitions of

photographic properties for the purposes of ―computer automated face recognition‖

(―Department of Homeland Security Adopts Facial Recognition Standard).


4.3 Research and Market

       With face recognition receiving both government support and commercial interest, it

is no surprise that researchers and vendors alike seek to further face recognition technology.

While improving the accuracy of recognition algorithms is obviously one major goal of

current research, ―significant research efforts have [also] been focused on video-based face

modeling, processing, and recognition‖ (Zhao 2). A large number of research groups exist in

the U.S. alone. For example:

          Advanced Multimedia Processing Lab, Carnegie Mellon University

          Center for Automation Research, University of Maryland

          Face Perception and Research Laboratories, University of Texas at Dallas

          Perceptual Science Laboratory, University of California – Santa Cruz

       (Face Recognition Homepage – Research Groups).

       Accordingly, in 2005, ―Q-Tel, a CIA-backed venture group…disclosed about $6

million in investments in A4Vision Inc., a provider of 3-D facial-scanning and –recognition

software and equipment.‖ Also, since the beginning of 2005, the French Civil Aviation

Authority has employed A4Vision‘s 3-D recognition systems in the Lyon airport to create

security badges for pilots, mechanics, and other employees to access the highly secure tarmac.

There have been only a few incidents in which the system failed to meet expectations

(Greenemeier npa). One other popular 2D face recognition vendor is Identix, Inc., which is

named in FRVT as one of the most reliable face recognition software companies. Identix

software was used at Super Bowl XXXV to search for potential criminals and terrorists.



Analysis of Hardware Controls for Secure Authentication                                        25
CS4235: Introduction to Information Security


       It is obvious that even through the weakness of face recognition technology, advances

driven by research and growing commercial availability could in fact make face recognition a

viable security feature within businesses. One can perhaps expect the aforementioned large-

scale implementations of the technology to trickle into the smaller private market, further;

coupling face recognition technology with other security measures (multifactor authentication)

may provide greater levels of security. For example, some research into embedding a face

image as a watermark into iris images allows for establishing the authenticity of the iris and

user in iris recognition (another biometric technology). This scheme resists ―malicious

manipulations of an iris image‖ during the iris patter matching process (Ji 1).


4.4 Pros and Cons

       Despite the rise of face recognition technology, it is somewhat tarnished by its

deficiencies. Even the more accurate 3D recognition still faces a number of hurdles,

especially in the context of verification (Greenemeier npa). According to Stan Li, the

challenges—many of which were mentioned previously—come ―from high nonconvexity of

face manifolds [mathematical projections of the face], in the image space, under variations in

lighting, pose, and so on‖. In layman‘s terms, face recognition involves just too many

variables. It is this flexibility, however, that makes face recognition the main route in

automated security surveillance while at the same time tempering its use as a means of

verification in access control. Still, future research in two directions may provide possible

―solutions.‖ First is the construction of a ―‗good‘ feature space [the mathematical space onto

which face manifolds are projected] in which face manifolds become less complex.‖ Second

is the construction of more capable ―classification engines,‖ which utilize common face

attributes to aid in recognition (Li 3). In fact, few studies have tested face recognition in the




Analysis of Hardware Controls for Secure Authentication                                             26
CS4235: Introduction to Information Security


context of individual differences in subjects regarding ethnicity, etc. (Cohn 1). In light of this

information, one may conclude that face recognition is still a future technology.

       Furthermore, while surveying information on face recognition, one is likely to

encounter the topic of iris recognition, which in fact may be a more accurate alternative to

general face recognition. The inventor of this technology, J. Daugman, describes the accuracy

in his essay, ―High Confidence Visual Recognition of Persons by a Test of Statistical

Independence,‖ offering evidence that in a typical recognition case, the confidence levels of

his algorithm correspond formally to a conditional false accept probability of one in about

1031 (Daugman 1148). This patented and tested technology is thus perhaps the superior option

in biometrics in the context of access control.


5. Voice Recognition and Fingerprint Authentication


5.1 History

       The process of fingerprinting a person has been around for hundreds, perhaps

thousands of years, as handprints have been found impressed in various artifacts, from

Chinese and Babylonian tablets, to pre-historic Native American petroglyphs. (History of

Fingerprinting 4) However, the use of fingerprints to identify a person has comparatively

been around for only a short period of time. The idea of using fingerprints as identification

was first circulated by Dr. Henry Faulds, who in 1880 was the first scientist to publish a

paper mentioning the use of fingerprints for identification. While Faulds wrongfully believed

that fingerprints were not unique to each individual, his observation that fingerprints could be

used as identification would have far reaching implications. Subsequently, in the 1890‘s, Sir

Francis Galton, a famous British scientist, was the first to put fingerprinting on a scientific

basis, as he proved the individuality/permanence of fingerprints through the publishing of

dozens of scholarly works, articles, and two major books (History of Fingerprinting 5). Later


Analysis of Hardware Controls for Secure Authentication                                           27
CS4235: Introduction to Information Security


on, Sir Edward Richard Henry, a British official in India, created a way of classifying

fingerprints, called the Henry Classification System, in 1897 after consulting with Galton on

the issue. Later on, in the early 20th century fingerprinting became extremely common, as it

became commonly used in law enforcement to catch criminals. Today, fingerprint

identification, has become more widely used then ever, as the use of Automated Fingerprint

Identification System (AFID), an electronic database of fingerprints, has caused the use of

fingerprint identification to skyrocket. (History of Fingerprinting 6)

       Voice recognition technology, on the other hand, is a relatively new technology

compared to fingerprint identification. The first attempt at synthesizing speech occurred in

1936, with the innovation of a robot-like machine called Voder that emitted speech.

Demonstrated at the World Fair, it sparked interest in voice recognition, as the U.S.

Department of Defense funded research in voice recognition in the 1940s, in an attempt to

decode enemy messages. However, this turned out to be a failure, as the technology required

for such an innovation was ahead of its time. Years later, during the 1970s - 1980s,

commercial viable products began to enter the mainstream, as the VIP 100 product from

Threshold Technologies began a new wave of voice recognition research/technology. While

innovative, the VIP 100 and other products during this time period were very limited, as they

could usually only recognize a handful of words and were not very accurate. As personal

computers became more and more powerful during the mid-1990s, voice recognition became

more advanced, as continuous speech products such as ―Naturally Speaking‖ from Dragon

Systems became more and more popular (Zumalt 181). Today, there are many different

companies, such as IBM, Dragon Systems, Microsoft, etc striving to provide high quality

voice recognition technology (Weston).




Analysis of Hardware Controls for Secure Authentication                                        28
CS4235: Introduction to Information Security


5.2 Functionality


5.2.1 Fingerprinting

       Fingerprint authentication is a type of id-based authentication (uniqueness to one

person), as each person‘s fingerprint is unique to that individual. There are three main ridge

patterns, or types of fingerprints – arches, whorls and loops.11

       Fingerprints usually also have minor patterns or special features, called minutia, that

cause each fingerprint to be unique. Examples of these include ridge endings, (point at which

a ridge terminates), bifurcations (where a ridge splits into two) and divergences (ridges so

small that they appear like dots). Fingerprint scanners typically differentiate fingerprints first

through the ridge patterns (arch, loop, etc) and then by the various minutia points on each

finger, as they characterize each minutia point based upon its orientation, spatial frequency,

curvature, and position (Weaver 97). While there are many different ways to scan a

fingerprint, two methods dominate – optical scanning and capacitance scanning. Other

methods include ultrasonic sensors, electric field scanning, and temperature scanning.

       The first is the method of optical finger scanning, in which a digital image of the

finger is taken in a process similar to the process that takes place in digital cameras. In an

optical scanner, a charge coupled device (CCD) composed of thousands of photosites, or

light-sensitive diodes, generates a digital image of the fingerprint, as each photosite in the

CCD records a pixel corresponding to the light that hit it (Khuwaja). Because optical

scanning relies on light to scan in a fingerprint, it can sometimes read in a bad image, as a

dirty finger can result in an improper image or no image at all.

       The second method of finger scanning is the process of capacitance scanning, in

which a capacitor puts together an image of the fingerprint, similar to the image of an optical

scanner. In capacitance scanning, a capacitive sensor uses the property of capacitance to scan




Analysis of Hardware Controls for Secure Authentication                                          29
CS4235: Introduction to Information Security


in the image of a fingerprint. The sensor is made up of one or more semiconductor chips,

each which contain a collection of cells. In each cell, there are two conductor plates which act

as a capacitor, and the finger (to be scanned) acts as the third capacitance plate, as moving the

finger closer or further away from the capacitor changes the total capacitance of the capacitor.

Because of this, the capacitance in a valley will have a different capacitance then that of a

ridge, as each cell will have a different capacitance. A feedback loop connects the conductor

plates to the amplifier, which then outputs the final voltage. Using the voltage output from

each cell in the sensor, an image of the fingerprint is put together, as the capacitance in each

cell will determine if a valley or ridge is being mapped. One upside to capacitance scanning

is that the final image is not subject to distortion or trickery, as it does not require an actual

image of the fingerprint in order to form a digital one. Additionally, because a semiconductor

chip is much smaller then a CCD, capacitive scanners are much smaller and lightweight.


5.2.2 Voice

        Voice recognition technology is also a type of id-based authentication. While

fingerprinting and most other biometrics technology (iris, facial, etc) utilizes image-based

information to process an authentication request, voice, or speech recognition technology

uses acoustic information to process such a request. There are two different types of voice

biometrics: speaker verification and speaker identification. In speaker verification, the system

confirms the identity of the person he/she claims to be, while in speaker identification, the

system finds and assigns an identity to an unidentified person (Markowitz 69). For example,

in speaker verification, a person would state his/her name or phrase and wait to be

authenticated, while in speaker identification, a person would say anything and wait until the

system found his/her identity and confirmed it. There are many parameters which affect the

performance of a voice recognition system.12




Analysis of Hardware Controls for Secure Authentication                                              30
CS4235: Introduction to Information Security


       Voice recognition technology involves two main steps: feature extraction and acoustic

modeling/classification. Feature extraction is the process of breaking up audio data into

individual windows, called ―frames.‖ The vast majority of speech recognition technology

utilizes mel frequency cepstral coefficients (MFCC) to extract the raw data from the acoustic

signal. MFCC, also used in various types of speakers around the world, are coefficients used

to represent audio features. In the MFCC process, each individual frame is converted into an

MFCC, or feature vector. After the entire audio signal is transformed into feature vectors,

acoustic modeling/classification is employed in order to actually recognize and translate each

individual word.

       For this, several different models/systems are used, as models such as Dynamic Time

Warping, Neural Networks, and Hidden Markov Model (HMM) translate data into

recognizable words. HMM is the most widely used model in voice recognition technology, as

most new voice recognition systems use it to recognize words in speech. It utilizes finite state

machines to model words, as it compares feature vectors it receives to mappings it already

contains in its system (Rabiner 27). For example, it is similar to that of a person getting

directions to a particular place. A person going to location B using a set of directions (take

left down Peachtree Street, right on 10th Street, etc) is analogous to the patterns the system

already has, mapping a particular auditory signal to a word. If that person were to follow a

friend to location B, the person would then be able to compare his/her memory to the set of

directions they received, similar to when a set of feature vectors are sent to the system to

determine their meanings.


5.3 Market

       While in the past, only a few major companies were able to produce fingerprint

scanners due to the amount of research and investment required, today fingerprint scanners




Analysis of Hardware Controls for Secure Authentication                                          31
CS4235: Introduction to Information Security


have become extremely inexpensive. In recent years, a host of different companies have

started to manufacture fingerprint reading/scanning products. Companies such as Identix Inc.,

Bioscrypt Inc, and Ultra-Scan Corporation have become industry leaders through finger

scanning products such as LiveScan, V-Pass™, and UltraTouch®. Many manufacturers have

also begun to combine multiple biometric technologies – for example, Bioscrypt Inc. offers

the V-Smart™ reader, which reads both a smart card and a fingerprint at the same time,

therefore providing even more security to users.

Voice recognition technology, on the other hand, is only just beginning to take off, resulting

in far fewer companies then fingerprint scanning. For example, the field includes huge multi-

national corporations such as Microsoft and IBM, but also smaller, well established

companies such as Nuance and QVoice Inc, which offer speech verification products such as

Verifier and VoiceLock.


5.4 Pros and Cons

       Since fingerprints are natural and unique to each individual, they have clear

advantages over most other authentication technologies, as fingerprint recognition is

extremely stable (hard to lose a finger, unlike a password) and also very hard to forge. It is

also relatively accurate, as the false match rate (the rate at which a user is misidentified in a

database) is in the range of 0.01% - 0.15%, similar to the rate for voice and hand biometrics,

and less then the rate for facial biometrics (O‘Gorman 2027). Additionally, fingerprint

scanners are very easy to use, meaning little training is required to use it. They are also

extremely small, use very little power, and in recent years, have become relatively

inexpensive. Conversely, fingerprint recognition cannot be used by everybody – for example,

the elderly may have a tough time scanning their fingers in such a small device. In addition,

while scanners are fairly accurate, they are not 100% accurate – for example, dirty, moist




Analysis of Hardware Controls for Secure Authentication                                             32
CS4235: Introduction to Information Security


fingers can easily cause a false rejection. Lastly, a strong cultural stigma is still connected

with fingerprint scanning, as in the past, fingerprinting has been associated with criminal

behavior.

        In contrast to fingerprint scanning, voice recognition technology is an instable

biometric, as it can be altered. While it is not as difficult to forge as fingerprint scanning, it is

still harder to deceive than other authentication systems, such as smart cards, hardware tokens,

etc., as in the case of the latter, fooling a security system simply requires the physical object.

As mentioned earlier, speech recognition is fairly accurate, as it is about as accurate as hand

or fingerprint biometrics. One major advantage voice recognition has over other

authentication technologies is the fact that it needs no extra hardware or training in order to

operate, as it can utilize existing telephone lines. Because of this, it is easier to use and fairly

low-cost compared to other authentication technologies. Conversely, voice recognition is

subject to background noise and other distortions, which can affect its accuracy by causing

false negatives or false positives. Additionally, because human voice is an unstable biometric,

the physical state of the voice can also affect the accuracy rate, as old age (the voice changes

over time) and sickness can distort the readings, and cause a false negative. Also, an attacker

could potentially hack into the system by using an advanced recording that imitates the voice

of a legitimate user (Markowitz 68).


5.5 Future

Overall, fingerprint scanning stands as a fairly established authentication technology, as its

longevity, its uniqueness, and its ease of use has caused it to become widely used across the

world today. While huge growth in the field of fingerprint recognition is not expected

because of its relatively old age, fingerprint scanning is projected to grow at a steady pace.




Analysis of Hardware Controls for Secure Authentication                                            33
CS4235: Introduction to Information Security


Through research and technological gains, a whole new generation of more accurate, lower

cost fingerprint scanners are anticipated to flood the market in the near future.

       Because of its fairly recent entry into the field of authentication technology, speech

recognition is a technology that is considered to still be in its infancy, as problems such as

reading distortions and vulnerabilities plague it. However, it has a bright future ahead of it, as

the use of voice recognition in biometrics is expected to rise – especially as technological

breakthroughs and greater computational power allow more powerful, accurate, and low-cost

voice recognition solutions to be developed. Text-independent (systems that can accept input

continuously) speech recognition systems as well as speech systems that use multiple

biometric technologies are expected to grow tremendously in the near future (Markowitz 73).


6. Conclusion

       As security becomes an increasingly important part of digital systems, the utilization

of hardware controls becomes more pertinent. Systems with confidential military, business,

and research information necessitate authentication which is nearly impossible to reproduce.

In addition, private sector organizations are also beginning to realize the importance of

protecting their seemingly insignificant data, due to the financial damage an information

security attack can cause.

       Smart cards, hardware tokens, and biometrics are all hardware schemes which

incorporate something a person possesses (whether it be knowledge, object, or ID-based) in

order to strengthen the accuracy of authentication. Because technologies used in each of these

fields of study are so hard to reproduce or break without possession, they are an excellent

standard for the future of authentication.

       A smart card allows for quick access to secured areas and electronic resources. They

are relatively cheap and can even store some simple user information. Unfortunately the



Analysis of Hardware Controls for Secure Authentication                                          34
CS4235: Introduction to Information Security


smart card does not allow for remote access (or remote access is a bit of a hassle with a

mobile card reader).

          While the hardware token can take a variety of forms, typically a one-time-password

(OTP) is generated allowing the user access to a system. This authentication is strengthened

when this dynamic OTP is combined with a memorized password to create two-factor

authorization. An important aspect of hardware tokens is that they can allow access to remote

systems. USB tokens allow a user to encrypt files, store certificates, and digitally sign

documents. Upcoming technologies including Bluetooth could make authentication even

easier.

          Biometrics is a field which is constantly becoming more reliable. By analyzing the

physical features of an individual, this technology provides relatively accurate and convenient

means of verification. There are, however, a number of external variables that limit the

accuracy of biometrics.

          It is evident that the more factors of authentication a security system contains, the

more secure it is. Ultimately combining smart cards, hardware tokens, and biometrics for

three-factor (knowledge, object and ID) authorization would be ideal, but the level of security

provided must be balanced with the weight of the information being protected. Adoption of

more secure methods is slow as private sector companies (a) do not have unlimited funding

when it comes to security and (b) do not want to inconvenience or alienate their customers

and employees. Security constantly needs to be updated as crackers are able to penetrate the

existing security systems of institutions, however many institutions are reluctant to do so until

a breach occurs. The irony is that as usage of hardware authentication increases, research and

cheaper technology will become more prevalent. Institutions need to recognize the

importance of protecting their electronic assets, and hardware authentication is a powerful,

viable solution for this purpose.


Analysis of Hardware Controls for Secure Authentication                                           35
CS4235: Introduction to Information Security



7. Notes
         1
             See Appendix A for a diagram representing the architecture of a chip card.
         2
             See Appendix A for diagrams illustrating the layout of a contact smart card.
         3
             See Appendix B for pictures of some popular hardware tokens.
         4
             All of RSA Security's current products generate a token once every sixty seconds. This includes them

SecurID models 200, 600, 700, 800, and 900.
         5
             Images of KT-1 and USB-1 from CRYPTOCard are available in Appendix B. VeriSign's One-Time

Password is also an example of an event triggered token.
         6
             O'Gorman goes explains two-factor authentication on page 2024 of Comparing Passwords, Tokens,

and Biometrics for User Authentication, and how it applies to hardware tokens on page 2033.
         7
             The Aladdin Knowledge Systems, Verisign, and RSA are USB tokens which allow for encryption and

digital signing.
         8
             Ten meters is based off of a class-two Bluetooth signal. Information on range is taken from

Bluetooth.com, the official Bluetooth website.
        9
            See Appendix A for sample eigenfaces (Figure A3, source: National Science and Technology Council:

Subcommittee on Biometrics).
         10
              See Appendix A for FRVT 2002 sample data (Figure A4, source: Phillips).
         11
              See Appendix A for arch, whol and loop prints (Figure A5).
         12
              See Appendix A for the parameters affecting the performance of voice recognition systems (Figure

A6).




Analysis of Hardware Controls for Secure Authentication                                                          36
CS4235: Introduction to Information Security




8. Bibliography

Abdelhameed, Rania, Sabira Khatun, Borhanuddin Mohd Ali, and Abdul Rahman Ramli.

       ―Authentication model based Bluetooth-enabled mobile phone.‖ Journal of Computer

       Sciences 1.2 (2005): 200-203.

Biryukov, Alex , Joseph Lano and Bart Preneel. ―Cryptanalysis of the Alleged SecurID Hash

       Function.‖ Lecture Notes in Computer Science 3006 (2004): 130-144.

Cohn, Jeff, Gross, Ralph, and Shi, Jianbo. ―Quo vadis Face Recognition?‖ Third Workshop

       on Empirical Evaluation Methods in Computer Vision (December, 2001): 1-9.

Cole, Ron. Mariani, H. Uszkoreit, A. Zaenen, and V. Zue. Survey of the state of the art in

       human language technology. Cambridge: Cambridge University Press, 1997.

Corcoran, David, David Sims, and Bob Hillhouse. ―Smart Cards and Biometrics: You‘re Key

       to PKI.‖ Linux Journal 1999:59 1999. ACM Digital Library. Georgia Tech Lib.,

       Atlanta, GA. 16 July 2006.

CRYPTOCard Tokens. CRYPTOCard Secure Password Technologies. 14 July 2006.

       <http://www.cryptocard.com/index.cfm?PID=377>.

Daugman, John G. ―High Confidence Visual Recognition of Persons by a Test of Statistical

       Independence.‖ IEEE Transactions on Pattern Analysis and Machine Intelligence

       15.11 (November 1993): 1148.

Dhar, Sumit. ―Introduction to smart cards‖ 1-9.

Elsom, S.M. "Protection of Computer Software By Technical Measures.‖ Software

       Protection 4.6 (1985): 1-6.

―Delivery of national ID cards starts next week.‖ Gulf News 10 July 2006. 13 July 2006.

       <http://archive.gulfnews.com/articles/06/07/10/10052713.html>.

Everett, C. ―Smart cards face long wait.‖ Infosecurity Today May-June 2006: 22-23.



Analysis of Hardware Controls for Secure Authentication                                      37
CS4235: Introduction to Information Security


Face Recognition Homepage – Research Groups. Face Recognition Homepage. 10 July 2006.

       <http://www.face-rec.org/research-groups/>.

Face Recognition Vendor Test 2006 – Introduction. Face Recognition Vendor Test. 10 July

       2006. <http://www.frvt.org/FRVT2006/>.

FERET. Face Recognition Homepage. 10 July 2006.

       <http://www.frvt.org/FERET/default.htm>.

Fontanella, A. ―The Layered Look: The Latest Trend in ID Card Security.‖ Security Info

       Watch. 21 June 2006. 10 July 2006.

       <http://www.securityinfowatch.com/article/article.jsp?id=8523&siteSection=306>.

Greenemeier, Larry. ―U.S. Pushes For Advances in Facial Recognition.‖ InformationWeek 14

       Mar 2005: npa.

Hilley, Sarah. ―Will Government ID schemes help infosecurity managers with their jobs?‖

       Computer Fraud and Security February 2006: 10-12.

History of Fingerprinting. Guardware Systems. Guardware Systems, 2000. 2-11. 16 July

       2006 <http://biometrie.online.fr/dossiers/technique/empreintes/History_of_Finger

       printing.pdf#search='history%20of%20fingerprint%20recognition'>.

Identix – Standards. Identix. 13 July 2006. <http://www.identix.com/trends/standards.html>.

Ji, Shen, Fan Kefeng, Mo Wei, Wang Meihua, Zhao Xinhua. ―Human Identification

       technique based on Iris Feature Watermarking.‖ Chinese Journal of Electronics 15.2

       (2006): 251-256.

Khuwaja, Gulzar A. ―A Multimodal Biometric Identification System Using Compressed

       Finger Images‖ Cybernetics and Systems: An International Journal 37:1 2005: 23-46.

       Inspec. Georgia Tech Lib., Atlanta, GA. 16 July 2006.

Li, Stan Z. ―Face Recognition: Technical Challenges and Research Directions.‖ Lecture

       Notes in Computer Science 3338 (2004). 3.


Analysis of Hardware Controls for Secure Authentication                                   38
CS4235: Introduction to Information Security


Liaw, Horng-Twu, Jiann-Fu Lin and Wei-Chen Wu. ―An efficient and complete remote user

       authentication scheme using smart cards.‖ Mathematical and Computer modeling.

       44.1-2 (2006): 223-8.

Markowitz, Judith A. ―Voice Biometrics.‖ Communications of the ACM 43:9 2000: 66-73.

       ACM Digital Library. Georgia Tech Lib., Atlanta, GA. 16 July 2006.

Mathieson, Steven. ―Biometrics: what are they good for?‖ Infosecurity Today 2:1 2005: 24-

       28. Inspec. Georgia Tech Lib., Atlanta, GA. 16 July 2006.

National Science and Technology Council: Subcommittee on Biometrics. Face Recognition.

       NSTC: Subcommittee on Biometrics. 27 March 2006.

Navarrete, Pablo, and Ruiz-del-Solar, Javier. ―Eigenspace-based Face Recognition: A

       comparative study of different approaches.‖ IEEE Trans. On Sys., Man. & Cyb C.

       16.7 (2005). 817-830.

Noe, Jeffrey. ―Contactless cards: The next big thing?‖ ABA Banking Journal 97.9 (2005): 42-

       46.

O‘Gorman, David. ―Comparing Passwords, Tokens, and Biometrics for User

       Authentication.‖ Proceedings of the IEEE 91:12 2003: 2021-2040. Inspec. Georgia

       Tech Lib., Atlanta, GA. 16 July 2006.

O'Gorman, Lawrence. "Comparing Passwords, Tokens, and Biometrics for User

       Authentication." Proceedings of the IEEE 91.12 (2003): 2021-2040.

Open Authentication Vision. Open Authentication (OATH). 15 July 2006.

       <http://www.openauthentication.org/vision.asp>.

Pfleeger, Charles, and Shari Pfleeger. Security in Computing Third Edition. Upper Saddle

       River, NJ: Prentice Hall, 2003.

Phillips, Jonathon P., Grother, Patrick, Michaels, Ross J., Blackburn, Duane M., Tabassi,

       Elham, and Bone, Mike. Face Recognition Vendor Test 2002. DARPA, National


Analysis of Hardware Controls for Secure Authentication                                     39
CS4235: Introduction to Information Security


       Institute of Standards and Technology, DoD Counterdrug Technology Development

       Program Office, NAVSEA Crane Division [March 2003].

Rabiner, Lawrence R. "A Tutorial on Hidden Markov Models and Selected Applications in

       Speech Recognition." Proceedings of the IEEE 77.2 (1989): 257-285. 17 July 2006

       <http://www.ece.ucsb.edu/Faculty/Rabiner/ece259/Reprints/tutorial%20on %20hmm

       %20and%20applications.pdf>.

RSA SecurID Authenticators. RSA Security. 14 July 2006.

       <http://www.rsasecurity.com/products/securid/datasheets/SID_DS_0606-4pp.pdf>.

Scheentra, Alize, Ruifrok, Arnout, and Veltkamp, Remco C. ―A Survey of 3D Face

       Recognition Models.‖ Lecture Notes in Computer Science 3546 (2005): 891-899.

Schneider, Ivan. "Bank of America Describes One-Time Password Plans." Bank Systems +

       Technology 42.4 (2005): 12.

―Security is in the Cards.‖ Security. 42.4 (2005): 36-8.

Shelfer, Katherine M. and J. Drew Procaccino. ―Smart Card Evolution.‖ Communications of

the

       ACM 45.7 (2002): 83-88.

Smart Card Alliance, The. ―Identity Management Systems, Smart Cards and Privacy.‖

       <http://www.smartcardalliance.org/alliance_activities/publications.cfm>.

Smart Card Alliance, The. ―Logical Access Security: The Role of Smart Cards in Strong

       Authentication.‖

       <http://www.smartcardalliance.org/alliance_activities/publications.cfm>.

Smart Card Alliance, The. ―Smart Cards and Biometrics Report.‖

       <http://www.smartcardalliance.org/alliance_activities/publications.cfm>.

Smart Card Forum. ―What‘s so smart about smart cards?‖ 1-12.

Swartz, John. "How One Little Fob Could Foil a Cyber Bank Robber." USA TODAY


Analysis of Hardware Controls for Secure Authentication                                  40
CS4235: Introduction to Information Security


       2 Nov. 2005.

―The Smart Card Alliance.‖ The Smart Card Alliance. 17 July 2006.

       <http://www.smartcardalliance.org>.

Unified Authentication. VeriSign. 15 July 2006. <http://www.verisign.com/products-

       services/security-services/unified-authentication/usb-tokens/index.html>.

Weaver, Alfred C. ―Biometric Authentication.‖ IEEE Computer Journal 39:2 2006: 96-97.

       Inspec. Georgia Tech Lib., Atlanta, GA. 16 July 2006.

Weston, Tom. "Affordances of Voice Recognition." Dec. 2000. Stanford University. 17 July

       2006 <http://florin.stanford.edu/~t361/Fall2000/TWeston/history.html>.

Woodware, John D., Horn, Christopher, Gatune, Julius, and Thomas, Aryn. Biometrics: A

       Look at Facial Recognition. RAND Public Safety and Justice for the Virginia State

       Crime Commission [2003].

Zhao, W.Y., Chellappa, R., Rosenfeld, A. and Phillips, P.J. ―Face Recognition: A literature

       Survey.‖ UMD CAR-TR-948 (2000). 1-17.

Zumalt, Joseph R. ―Voice Recognition Technology: Has It Come of Age?‖ Information

       Technology and Libraries 24:4 2005: 180-185. Inspec. Georgia Tech Lib., Atlanta,

       GA. 16 July 2006.




Analysis of Hardware Controls for Secure Authentication                                       41

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:3
posted:7/27/2011
language:English
pages:41