What are the biometric ways to protect information. Biometric computer security methods. Template protection methods

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
xxxxxxxxxxxxxxxxxxxxxxxxxx

abstract

On the topic:

"Biometric methods of information protection
in information systems "

Completed: xxxxxxxxxxxxxxxxxxxxxxx

Checked:
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxrotresres

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
2011

Fingerprint authentication …………………………………. 10

Retinal authentication …………… ………………………… .. 10

Iris Authentication …………………………… 11

Hand Geometry Authentication ……………………………………… .. 12

Face Geometry Authentication ……………………………………… .. 12

Facial thermogram authentication …………………………………… 13

Voice authentication …………………………………………………. 13

Handwriting authentication ………………………………………………. ... fourteen

Combined Biometric Authentication System …………. fourteen

Introduction

Various systems of controlled access provision can be divided into three groups in accordance with what the person is going to present to the system:

Biometric access systems are very user friendly. Unlike passwords and storage media, which can be lost, stolen, copied. Biometric access systems are based on human parameters that are always with them, and the problem of their safety does not arise. Losing them is almost more difficult. It is also impossible to transfer the identifier to third parties.

Basic information

Biometrics is the identification of a person by unique biological characteristics inherent only to him. Information access and protection systems based on such technologies are not only the most reliable, but also the most convenient for users today. Indeed, you do not need to remember complex passwords, constantly carry hardware keys or smart cards with you. You just need to put your finger or hand to the scanner, put your eyes to scan or say something to go into the room or gain access to information.
Various biological traits can be used to identify a person. They are all divided into two large groups. Static signs include fingerprints, the iris and retina of the eye, the shape of the face, the shape of the palm, the location of the veins on the hand, etc. That is, what is listed here that practically does not change over time, since the birth of a person. Dynamic signs are voice, handwriting, keyboard handwriting, personal signature, etc. In general, this group includes the so-called behavioral characteristics, that is, those that are built on the features characteristic of subconscious movements in the process of reproducing an action ... Dynamic signs can change over time, but not abruptly, abruptly, but gradually. Static identification of a person is more reliable. Agree, you cannot find two people with the same fingerprints or iris. But, unfortunately, all these methods require special devices, that is, additional costs. Dynamic identification is less reliable. In addition, when using these methods, the likelihood of "Type I errors" is quite high. For example, during a cold, a person's voice may change. And keyboard handwriting can change during the stress of the user. But on the other hand, you do not need additional equipment to use these features. A keyboard, microphone or webcam connected to a computer and special software are all you need to build a simple biometric information security system.
Biometric technologies are based on biometrics, the measurement of the unique characteristics of an individual. It can be as unique features received by him from birth, for example: DNA, fingerprints, iris of the eye; and characteristics acquired over time or capable of changing with age or external influences. For example: handwriting, voice or sound.
Increased in Lately it is customary to associate interest in this topic in the world with the threats of intensified international terrorism. Many states are planning to introduce passports with biometric data into circulation in the near future.

A bit of history

The origins of biometric technology are much older than their futuristic image suggests. Even the creators of the Great Pyramids in ancient Egypt recognized the benefits of identifying workers by pre-recorded bodily characteristics. The Egyptians were clearly ahead of their time, since during the next four thousand years practically nothing new happened in this area. It wasn't until the late 19th century that systems began to appear that used fingerprints and other physical characteristics to identify people. For example, in 1880, Henry Faulds, a Scottish physician living in Japan, published his reflections on the diversity and uniqueness of fingerprints, and suggested that they could be used to identify criminals. In 1900, such a significant work was published as the Galton-Henry fingerprint classification system.
With the exception of a few scattered works on the uniqueness of the iris (the first working technology on the basis of which was introduced in 1985), biometric technologies practically did not develop until the 1960s, when the Miller brothers in New Jersey (USA) began to the introduction of a device that automatically measured the length of a person's fingers. In the late 1960s and 70s, voice identification and signature technologies were also developed.
Until recently, more precisely, until September 11, 2001, biometric security systems were used only to protect military secrets and the most important commercial information. Well, after the terrorist act that shook the whole world, the situation changed dramatically. At first, airports were equipped with biometric access systems, large shopping centers and other places where people gather. The increased demand has provoked research in this area, which, in turn, has led to the emergence of new devices and whole technologies. Naturally, the increase in the market for biometric devices has led to an increase in the number of companies dealing with them, the resulting competition has led to a very significant decrease in the price of biometric information security systems. Therefore, today, for example, a fingerprint scanner is quite affordable for a home user. And this means that soon a second wave of the boom in biometric devices is possible, connected precisely with ordinary people and medium-sized companies.

Advantages and disadvantages

The most important advantage of information security systems based on biometric technologies is high reliability. Indeed, it is almost impossible to fake the papillary pattern of a human finger or the iris of the eye. So the occurrence of "errors of the second kind" (that is, granting access to a person who does not have the right to do so) is practically impossible. True, there is one "but" here. The fact is that under the influence of certain factors, the biological characteristics by which a person is identified can change. Well, for example, a person may catch a cold, as a result of which his voice will change beyond recognition. Therefore, the frequency of occurrence of "errors of the first kind" (denial of access to a person who has the right to do so) in biometric systems is quite high. In addition, an important factor in reliability is that it is completely independent of the user. Indeed, when using password protection, a person can use a short keyword or hold a piece of paper with a hint under the computer keyboard. When using hardware keys, an unscrupulous user will not strictly monitor his token, as a result of which the device may fall into the hands of an attacker. In biometric systems, on the other hand, nothing depends on a person. And this is a big plus. The third factor that positively affects the reliability of biometric systems is the ease of identification for the user. The fact is that, for example, scanning a fingerprint requires less labor from a person than entering a password. And therefore, this procedure can be carried out not only before starting work, but also during its implementation, which, of course, increases the reliability of protection. It is especially important in this case to use scanners combined with computer devices. So, for example, there are mice, when using which the user's thumb always rests on the scanner. Therefore, the system can constantly carry out identification, and the person not only will not suspend work, but also will not notice anything at all. The last advantage of biometric systems over other methods of ensuring information security is the inability of the user to transfer his identification data to third parties. And this is also a serious plus. In the modern world, unfortunately, almost everything is sold, including access to confidential information. Moreover, the person who transmitted the identification data to the attacker practically does not risk anything. About the password, we can say that it was picked up, and the smart card that they were pulled out of their pocket. In the case of using biometric security, this "trick" will no longer work.
The biggest disadvantage of biometric information security systems is the price. This is despite the fact that the cost of various scanners has dropped significantly over the past two years. True, the competition in the biometric device market is becoming increasingly fierce. Therefore, we should expect a further decline in prices. Another disadvantage of biometrics is the very large size of some scanners. Naturally, this does not apply to a person's fingerprint identification and some other parameters. Moreover, in some cases special devices are not needed at all. Equipping your computer with a microphone or webcam is sufficient.

Biometric system parameters

The probability of occurrence of FAR / FRR errors, that is, the rates of false admission (False Acceptance Rate - the system provides access to an unregistered user) and false denial of access (False Rejection Rate - access is denied to a person registered in the system). It is necessary to take into account the interconnection of these indicators: by artificially reducing the level of system "demanding" (FAR), we, as a rule, reduce the percentage of FRR errors, and vice versa. Today, all biometric technologies are probabilistic, none of them is able to guarantee the complete absence of FAR / FRR errors, and often this circumstance serves as the basis for not too correct criticism of biometrics.

Unlike user authentication using passwords or unique digital keys, biometric technologies are always probabilistic, since there is always a small, sometimes extremely small chance that two people can have the same comparable biological characteristics. Because of this, biometrics determines whole line important terms:

Scheme of work

All biometric systems work in almost the same way. First, the system remembers a sample of the biometric characteristic (this is called the recording process). During the recording, some biometric systems may ask you to take several samples in order to compose the most accurate image of the biometric characteristic. Then the received information is processed and converted into mathematical code. In addition, the system may ask you to perform some more actions in order to "assign" a biometric sample to to a certain person... For example, a personal identification number (PIN) is attached to a specific sample, or a smart card containing the sample is inserted into a reader. In this case, a sample of the biometric characteristic is again made and compared with the submitted sample. Identification by any biometric system goes through four stages:
Record - a physical or behavioral pattern is memorized by the system;
Allocation - unique information is removed from the sample and a biometric sample is compiled;
Compare - the saved sample is compared with the presented one;
Match / mismatch - the system decides if the biometric samples match and makes a decision.
The vast majority of people believe that a sample of a fingerprint, a person's voice, or a picture of the iris of their eye is stored in the computer's memory. But in fact, in most modern systems, this is not the case. A digital code up to 1000 bits long is stored in a special database, which is associated with a specific person who has access rights. A scanner or any other device used in the system reads a specific biological parameter of a person. Next, he processes the resulting image or sound, converting them into a digital code. It is this key that is compared with the contents of a special database for personal identification.

Practical use

Biometric technologies are actively used in many areas related to ensuring the security of access to information and material objects, as well as in the tasks of unique identification of a person.
Applications biometric technologies varied: access to workplaces and network resources, information protection, access to certain resources and security. Conducting e-business and e-government affairs is only possible after following certain identification procedures. Biometric technologies are used in the field of banking, investment and other financial movement security, as well as retail trade, law enforcement, health issues, as well as in the field of social services. Biometric technologies will soon play a major role in personal identification in many areas. Used alone or used in conjunction with smart cards, keys and signatures, biometrics will soon be used in all areas of the economy and private life.
Biometric information security systems are developing very actively today. Moreover, the price for them is constantly decreasing. And this may well lead to the fact that biometric systems will soon begin to displace other methods of information protection from the market.

Technologies

Fingerprint authentication

Fingerprint identification is the most widely used, reliable and efficient biometric technology. Due to the versatility of this technology, it can be used in almost any field and for solving any problem where reliable user identification is required. The method is based on the uniqueness of the pattern of capillary patterns on the fingers. The print taken with a special scanner, transducer or sensor is converted into a digital code and compared with a previously entered reference.
Each person's fingerprints are unique in their papillary lines and are different even among twins. Fingerprints do not change throughout the life of an adult; they are easily and easily presented during identification.
If one of the fingers is damaged, you can use the "backup" fingerprint (s) for identification, information about which, as a rule, is also entered into the biometric system during user registration.
To obtain information about fingerprints, specialized scanners are used. There are three main types of fingerprint scanners: capacitive, rolling, optical.
The most advanced fingerprint identification technology is implemented by optical scanners.

Retina Authentication

The retinal authentication method was put into practice around the mid-50s of the last century. It was then that the uniqueness of the pattern of the blood vessels of the fundus was established (even in twins, these figures do not coincide). Low-intensity infrared light is used to scan the retina, directed through the pupil to the blood vessels at the back of the eye. Several hundred special points are selected from the received signal, information about which is stored in the template. The disadvantages of such systems should primarily include the psychological factor: not every person is pleased to look into an incomprehensible dark hole, where something shines into the eye. In addition, such systems require a clear image and are usually sensitive to incorrect orientation of the retina. Therefore, it is required to look very carefully, and the presence of certain diseases (for example, cataracts) may interfere with the use of this method. Retinal scanners have become widespread for accessing top-secret objects, since they provide one of the lowest probabilities of type I errors (denial of access for a registered user) and almost zero percentage of type II errors. Recently, this recognition method has not been used, since, in addition to the biometric feature, it carries information about a person's health.

Iris Authentication

The iris recognition technology has been developed to negate the intrusiveness of retinal scans that use infrared rays or bright light. Scientists have also conducted a number of studies that have shown that the human retina can change over time, while the iris remains unchanged. And most importantly, it is impossible to find two absolutely identical patterns of the iris of the eye, even in twins. To obtain an individual recording of the iris of the eye, a black and white camera takes 30 recordings per second. Subtle light illuminates the iris and this allows the camcorder to focus on the iris. One of the records is then digitized and stored in a database of registered users. The entire procedure takes a few seconds and can be fully computerized with voice guidance and autofocus.
At airports, for example, the passenger's name and flight number are mapped to the iris image, no other data is required. The size of the created file, 512 bytes with a resolution of 640 x 480, allows you to save a large number of such files on your computer's hard disk.
Glasses and contact lenses, even colored ones, will not affect the imaging process in any way. It should also be noted that the performed operations on the eyes, removal of cataracts or implantation of corneal implants do not change the characteristics of the iris, it cannot be changed or modified. A blind person can also be identified using the iris of the eye. As long as the eye has an iris, its host can be identified.
The camera can be installed at a distance of 10 cm to 1 meter, depending on the scanning equipment. The term “scanning” can be misleading, as the process of acquiring an image does not involve scanning, but simple photographing.
The texture of the iris resembles a network with many surrounding circles and patterns that can be measured by a computer. The iris scanning software uses about 260 anchor points to create a sample. In comparison, the best fingerprint identification systems use 60-70 points.
Cost has always been the biggest deterrent to technology adoption, but iris identification systems are now becoming more affordable for various companies. Proponents of the technology claim that iris recognition will very soon become the mainstream identification technology in various fields.

Hand geometry authentication

This biometric method uses the shape of a hand to authenticate a person. Due to the fact that the individual parameters of the hand shape are not unique, several characteristics have to be used. The parameters of the hand are scanned, such as the bends of the fingers, their length and thickness, the width and thickness of the back of the hand, the distance between the joints and the structure of the bone. Also, the geometry of the hand includes small details (for example, wrinkles on the skin). Although the structure of joints and bones is relatively permanent, tissue swelling or bruises in the hand can distort the original structure. Technology problem: Even without considering the possibility of amputation, a condition called arthritis can greatly interfere with the use of scanners.
With the help of a scanner, which consists of a camera and illuminating diodes (when scanning a hand, the diodes turn on in turn, this allows you to obtain different projections of the hand), then a three-dimensional image of the hand is built. The reliability of hand geometry authentication is comparable to fingerprint authentication.
Hand geometry authentication systems are widespread, which is proof of their user friendliness. The use of this parameter is attractive for a number of reasons. All working people have hands. The procedure for obtaining a sample is quite simple and does not impose high demands on the image. The size of the received template is very small, a few bytes. The authentication process is not affected by temperature, humidity or pollution. The calculations made by comparison with the reference are very simple and can be easily automated.
Authentication systems based on the geometry of the hand began to be used around the world in the early 70s.

Face geometry authentication

Biometric authentication of a person based on the geometry of the face is a fairly common method of identification and authentication. The technical implementation is a complex mathematical problem. The extensive use of multimedia technologies, with the help of which you can see a sufficient number of video cameras at train stations, airports, squares, streets, roads and other crowded places, has become decisive in the development of this direction. To build a three-dimensional model of a human face, the contours of the eyes, eyebrows, lips, nose, and other various elements of the face are selected, then the distance between them is calculated, and a three-dimensional model is built using it. Defining a unique template for a specific person requires 12 to 40 characteristic elements. The template should take into account many variations of the image in cases of face rotation, tilt, changes in lighting, changes in expression. The range of such options varies depending on the purpose of using this method (for identification, authentication, remote search over large areas, etc.). Some algorithms make it possible to compensate for the presence of glasses, a hat, a mustache, and a beard.

Facial thermogram authentication

The method is based on studies that have shown that a thermogram (an image in infrared rays showing a picture of the distribution of temperature fields) of a face is unique for each person. The thermogram is obtained using infrared cameras. Unlike face geometry authentication, this method distinguishes between twins. The use of special masks, plastic surgery, aging of the human body, body temperature, cooling of the facial skin in frosty weather do not affect the accuracy of the thermogram. Due to the low quality of authentication, the method is currently not widely used.

Voice authentication

A biometric voice authentication method characterized by ease of use. This method no expensive equipment is required, a microphone and a sound card are enough. Currently, this technology is developing rapidly, as this authentication method is widely used in modern business centers. There are quite a few ways to build a template by voice. Usually, these are different combinations of frequency and statistical characteristics of the voice. Parameters such as modulation, intonation, pitch, etc. may be considered.
The main and defining disadvantage of the voice authentication method is the low accuracy of the method. For example, a person with a cold may not be recognized by the system. An important problem is the variety of manifestations of the voice of one person: the voice can change depending on the state of health, age, mood, etc. This diversity presents serious difficulties in highlighting the distinctive properties of the human voice. In addition, accounting for the noise component is another important and unsolved problem in the practical use of voice authentication. Since the probability of type II errors when using this method is high (about one percent), voice authentication is used to control access in medium-security premises, such as computer classrooms, laboratories of manufacturing companies, etc.

Handwriting authentication

There are usually two ways to process signature data:

Classical verification (identification) of a person by handwriting implies a comparison of the analyzed image with the original. This is the procedure that, for example, a bank operator does when processing documents. Obviously, the accuracy of such a procedure, from the point of view of the probability of making a wrong decision (see FAR & FRR), is not high. In addition, the subjective factor also affects the spread of the probability of making the right decision. Fundamentally new possibilities of handwriting verification open up when using automatic methods of handwriting analysis and decision-making. These methods allow you to eliminate the subjective factor and significantly reduce the likelihood of errors in decision making (FAR & FRR). The biometric handwriting authentication method is based on the specific movement of a human hand when signing documents. Special pens or pressure-sensitive surfaces are used to preserve the signature. This kind of person authentication uses his signature. The template is created depending on the required level of protection. Automatic identification methods allow making a decision not only by comparing the image of the verified and control sample, but also by analyzing the trajectory and dynamics of the signature or any other keyword.

Combined biometric authentication system

Combined (multimodal) biometric authentication system uses various add-ons to use several types of biometric characteristics, which allows combining several types of biometric technologies in authentication systems in one. This allows you to meet the most stringent requirements for the effectiveness of the authentication system. For example, fingerprint authentication can easily be combined with a hand scan. Such a structure can use all kinds of human biometric data and can be applied where it is necessary to force the limitations of one biometric characteristic. Combined systems are more reliable in terms of the ability to simulate human biometric data, since it is more difficult to falsify a number of characteristics than to falsify one biometric feature.

Vulnerability of biometric systems

Biometric systems are widely used in information security systems, e-commerce, crime detection and prevention, forensics, border control, telemedicine, etc. But they are vulnerable to attacks at various stages of information processing. These attacks are possible at the sensor level, where an image or signal from an individual is received, replay attacks on communication lines, attacks on a database where biometric templates are stored, attacks on comparison and decision-making modules.
The main potential threat at the sensor level is spoofing attacks. Spoofing is the deception of biometric systems by providing the biometric sensor with copies, dummies, photographs, severed fingers, pre-recorded sounds, etc.
The purpose of a spoofing attack during verification is to present an illegal user in the system as legitimate, and during identification, to achieve non-detection of an individual contained in a database (DB). Countering spoofing attacks is more difficult because the attacker has direct contact with the sensor and it is impossible to use cryptographic and other protection methods.
Articles on successful spoofing attacks on biometric devices have appeared
etc.................

Scanning the iris of the eye or recognizing the voice upon entering a secret object has long ceased to be just an element of spy films. Biometric security systems are becoming more reliable and more affordable over time, which gives reason to pay attention to this range of technologies.

Biometric Authentication Methods

First, a little terminology. Authentication is an authentication procedure by reading certain parameters (like a password or signature) and comparing them with a value in a certain database (password entered during registration, signature samples, etc.). Biometric authentication takes place using biological properties that are unique and measurable as a key.

The advantages of this group of methods lie on the surface: it is more difficult to lose, steal or forge a key parameter than a password or a card, because this is a human property that is always with him.

Biometric authentication is divided into two types:

Static where life-long properties are used (fingerprint pattern, retinal or iris pattern, etc.).
Dynamic, where the acquired properties of a person are used (features of performing habitual actions: movements, speech, handwriting).

A third type can also be distinguished - combined authentication, which is a combination of the first two and does not have its own distinctive features.

Static methods

Based on the recognition of stable (relatively) and unique parameters of the human body, a wide variety of authentication methods with different characteristics have been created.

	Principle of operation	Dignity	disadvantages
Fingerprint	Reading fingerprints, recognizing certain elements in them (points, line endings and branches, etc.) and translating them into code	High reliability (low percentage of errors), relatively low cost of reading devices, simplicity of the procedure.	Vulnerability of the method to forgery of a finger pattern and problems with recognizing too dry or damaged skin.
On the iris of the eye	A snapshot of the iris is taken, processed and compared by the algorithm with the values in the database.	High reliability, contactless reading, convenience of the object (it is damaged or changed less often in comparison with other parts of the body), the possibility of effective protection against counterfeiting.	High cost, few options for sale.
Facial (2D)	Face recognition in the image with measurement of the distance between certain points	Does not require expensive equipment, allows recognition at a long distance.	Low reliability, distorting the effects of lighting, facial expressions, foreshortening.
Facial features (three-dimensional)	Creation of a three-dimensional model of a face by projecting and reading a special grid with the subsequent possibility of recognizing images from several cameras.	High reliability, contactless reading, lack of sensitivity to light interference, glasses, mustache, etc.	The high cost of equipment, distorting the effects of facial expressions.
Through the veins of the hand	A picture of the palm is taken with an infrared camera, which clearly displays and recognizes the unique pattern of veins.	High reliability, contactless reading, parameter "invisibility" under normal conditions.	Vulnerability to scanner illumination and distortion of the picture by some diseases, poor knowledge of the method.
On the retina of the eye	Reading by an infrared scanner a pattern of blood vessels from the surface of the retina.	High reliability, complexity of falsifications.	Relatively long processing time and scanning discomfort, high cost, poor market penetration.
By the geometry of the hands	A snapshot of the hand is taken and its geometric characteristics are read (length and width of fingers, palms, etc.)	Low cost, contactless reading.	Low confidence, outdated method.
Facial thermogram	Infrared camera reads "thermal portrait"	Contactless reading.	Low confidence, poor spread.

Dynamic methods

There are fewer methods of authentication based on acquired features, and in terms of reliability and reliability they are inferior to most static ones. At the same time, the price performance of dynamic methods and their ease of use add to their appeal.

Authentication Method Name	Principle of operation	Dignity	disadvantages
		Simple and affordable equipment, ease of use, technology continues to evolve.	Low accuracy, vulnerability to sound interference and voice distortion in case of a cold, difficulty with variations in intonation and timbre for each person.
By handwriting	A signature is made using a special pen or surface; both the signature itself and the movements of the hand can be analyzed.	Relative availability and ease of use.	Low accuracy.

Biometric security systems

Regardless of which authentication method is used, they all serve the same purpose: to distinguish a person or group of people with authorized access from everyone else.

Application in everyday life

In everyday life, biometric technologies are increasingly common. First of all, in a smartphone, a lifelong companion of a modern person, it is feasible to implement several methods at once to confirm the identity of the owner:

Not only reading technologies are constantly improving, but also recognition algorithms.

Models with retina and iris scanners have already been released, but so far these technologies cannot be called perfect, because there is information that it is relatively easy to deceive them.

The same methods can be used to protect access to information on other gadgets and PCs, to devices in the "smart home". On sale you can already find door locks where a finger serves instead of a key, and the market for biometric technologies for everyday life continues to develop actively. Despite constant innovations and improvements in other areas, at the moment, the fingerprint method is the most developed, widespread and suitable for personal use.

Application in management and access control systems (ACS)

There are many enterprises, the entrance to the territory of which is allowed only to a certain circle of people. They usually have fences, guards and checkpoints. At the checkpoints there are:

controller(a control element deciding whether to allow access);
reader(a sensory element that perceives identifiers);
identifiers(keys to gain access) for everyone who needs to go inside.

From the point of view of the organization of the protective system, the number of people passing the control is important, acceptable level mistakes and resistance to deception.

Systems based on biometric features (as identifiers) have worked well in this sense. If the most stringent control is required, the most reliable methods are used (retinal, iris, fingerprint authentication), sometimes a combination of them. For ordinary enterprises (where the main goal is to determine whether a worker is present on site and for how long), less reliable, but easier-to-implement solutions (voice authentication and others) are suitable.

Biometric security equipment manufacturers

The largest companies on the market:

BioLink(Russia) produces systems using combined authentication methods, for example BioLink U-Match 5.0 - a fingerprint scanner with a built-in magnetic and / or chip card reader.

ZKTeco(China) distributes low-cost devices that provide access control and time tracking to factories, financial institutions and government agencies. Fingerprints and face geometry are used.

Ekey biometric systems(Austria) - the European leader, produces fingerprint scanners that use thermal and radio frequency analysis for greater accuracy.

As the analysis of the modern Russian market shows technical means ensuring security, in the development of the security industry today new stage... Against the general background of the stabilized market, modern systems of personal identification and information protection continue to develop most dynamically. Draw special attention to themselves biometric information security(BSZI), which is determined by their high reliability of identification and a significant breakthrough in reducing their cost.

At present, the domestic industry and a number of foreign firms offer a fairly wide range of different means of controlling access to information, as a result of which the choice of their optimal combination for use in each specific case grows into independent problem... By its origin, both domestic and imported BSIS are currently represented on the Russian market, although there are jointly developed tools. By design features it is possible to note systems made in the form of a monoblock, several blocks and in the form of attachments to computers. A possible classification of biometric information security tools on the Russian market according to biometric characteristics, principles of operation and implementation technology is shown in Fig. 2.

Fig. 2. Classification of modern biometric information security

Currently, biometric information access control systems are gaining more and more popularity in banks, firms involved in ensuring security in telecommunications networks, in information departments of firms, etc. The expansion of the use of systems of this type can be explained both by a decrease in their cost and an increase requirements for the level of security. Such systems appeared on the Russian market thanks to the firms “Identix”, “SAC Technologies”, “Eyedentify”, “Biometric Identification Inc.”, “Recognition Systems”, “Trans-Ameritech”, “BioLink”, “Sonda”, “Elsys” , "Advance", "AAM Systems", "Polmi Group", "Mask", "Biometric Systems", etc.

Modern biometric systems for controlling access to information include verification systems based on voice, hand shape, finger skin pattern, retina or iris of the eye, face photograph, face thermogram, signature dynamics, fragments of the genetic code, etc. (Fig. 3).

Fig. 3. The main modern bio-features of personal identification

All biometric systems are characterized by high level security, primarily because the data used in them cannot be lost by the user, stolen or copied. By virtue of their principle of operation, many biometric systems are still characterized by relatively low speed and low bandwidth. However, they represent the only solution to the problem of access control in mission-critical facilities with fewer personnel. For example, a biometric system can control access to information and storage in banks, it can be used in enterprises engaged in the processing of valuable information, to protect computers, communications, etc. It is estimated that more than 85% of biometric access controls installed in the United States were intended to protect computer rooms, storage of valuable information, research centers, military installations and institutions.

Currently, there are a large number of biometric identification algorithms and methods that differ in accuracy, implementation cost, ease of use, etc. However, all biometric technologies have general approaches to solving the problem of user identification. The generalized biometric identification algorithm, typical for all known BSIS, is shown in Fig. four.

Fig. 4. Generalized biometric identification algorithm

As can be seen from the presented algorithm, the biometric recognition system establishes the correspondence of specific behavioral or physiological characteristics of the user to a certain predetermined pattern. As a rule, a biometric system that implements this generalized algorithm consists of three main blocks and a database (Fig. 5).

Fig. 5. Block diagram of a typical biometric information security system

The greatest application is currently found biometric information security systems using personal identification by fingerprint... In particular, information access control systems “ TouchLock "("TouchClock") of "Identix" USA are based on the registration of such an individual characteristic of a person as a fingerprint. This characteristic is used as control image... A three-dimensional fingerprint recorded in the form of a control image is scanned by an optical system, analyzed, digitized, stored in the terminal memory or in the memory of the control computer, and is used to verify anyone who pretends to be an authorized user. At the same time, the device memory does not contain real fingerprints, which does not allow an intruder to steal them. Typical storage time for one control fingerprint is up to 30 seconds. Each authorized user entered into the terminal's memory enters a pin-code on the keyboard of the “TouchLock” terminal and passes the stage of identity verification, which takes approximately 0.5 - 2 seconds. One pincode usually stores a sample of one fingerprint, but in some cases, three-fingerprint authentication is possible. If the presented and control fingerprints match, the terminal sends a signal to the executive device: electric lock, gateway, etc.

Terminal " TouchSafe ” TS-600 is designed to provide access to servers, computers, etc. It consists of a sensor module and a card that plugs into the slot (ISA 16-bit) of the computer. To organize the network version of the work, the terminal “ TouchNet ”, providing a data transfer rate of up to 230.4 Kbaud with a line length of up to 1200 m. For the organization of network work, the company "Identix" has developed a special software (system " Fingerlan III ").

To protect computer information, the Russian market offers a simpler and cheaper system of biometric access control to computer information " SACcat "... The “SACcat” system manufactured by SAC Technologies consists of a reader, a conversion device and software.

The reader is an external compact scanner based on an optoelectronic converter with automatic illumination, with light indicators of readiness and scanning process. The scanner is connected to the conversion device using two cables (Video and RJ45), which are designed for video signal transmission and for control, respectively.

The conversion device converts the video signal and input it into the computer, as well as controls the reading device. Structurally, the “SACcat” system can be connected either as an internal one - via an ISA card, or as an external one - via a parallel EPP or USB port.

The “SACcat” system and SACLogon software control access to workstations and / or Windows servers NT, as well as to the corresponding resources protected by the Windows NT password system. At the same time, the system administrator can use his usual (not biokey) password registered in Windows NT. The system is able to provide effective protection against unauthorized access for networks of financial organizations, insurance companies, medical institutions, networks of various commercial structures, individual workstations.

It should be noted that at present, the means of automatic identification of a person based on a finger skin pattern are the most developed and are offered by many foreign companies for use in BSZI (especially for use in computer systems). Among them, in addition to those discussed above, an identification device can be noted SecureTouch by Biometric Access Corp., device BioMouse by American Biometric Corp., Sony identification unit, device Secure Keyboard Scanner by National Registry Inc. other. These tools are connected directly to the computer. Their main feature is high reliability at a relatively low cost. Some comparative characteristics of biometric means of protecting computer information on the pattern of the skin of a finger are given in table. one.

Table 1. Comparative characteristics of biometric means of protecting computer information

Characteristic	TouchSAFE Personal (Identix)	U.are.U (Digital Persona)	FIU (SONY, I / O Software)	BioMouse (ABC)	TouchNet III (Identix)
Error of the first kind,%				-
Error of the second kind,%	0,001	0,01	0,1	0,2	0,001
Registration time, s		-
Identification time, s			0,3
Encryption	there is	there is	there is	there is	there is
Data storage	there is	not	there is	not	there is
Power supply	external 6VDC	USB	external	external	external 12VDC
Connection	RS-232	USB	RS-232	RS-485	RS-232
Price, $
Smart-card reader	there is	not	not	not	not

The firm "Eyedentify" (USA) offers biometric control systems for the Russian market using retinal pattern... During operation, the eyeball of the person being examined is scanned by an optical system and the angular distribution of blood vessels is measured. It takes about 40 bytes to register a control sample. The information obtained in this way is stored in the system memory and used for comparison. Typical authorization times are less than 60 seconds.

Currently, the Russian market offers three implementations of the considered method. Device “ EyeDentification System 7.5 " allows to carry out entrance control with regulation of time zones, print out messages in real time, keep logs of passages, etc. This device has two modes of operation: verification and recognition. In the verification mode, after entering the PIN-code, the image stored in the controller's memory is compared with the presented one. The test time is no more than 1.5 s. In the recognition mode, the presented sample is compared with all those in memory. Search and comparison takes less than 3 seconds with a total of 250 samples. Upon successful authorization, the relay is automatically activated and a signal is sent to the actuator directly or through the control computer. The sound generator indicates the state of the device. The device is equipped with an 8-character LCD display and a 12-button keypad. Non-volatile memory capacity up to 1200 samples.

The second implementation of the considered method is the system “ Ibex 10 ", which, in contrast to the “EyeDentification System 7.5” device, is characterized by the execution of the optical unit in the form of a movable camera. The electronic unit is wall-mounted. All other characteristics are the same.

The third implementation of the method of identification by the pattern of the retina is the development of the company "Eyedentify" - the device ICAM 2001... This device uses a camera with an electromechanical sensor that measures the natural reflective and absorbing characteristics of the retina from a short distance (less than 3 cm). The user only looks with one eye at the green circle inside the device. To record a picture of the retina, a 7 mW light bulb with a wavelength of 890 cm is used, which generates radiation in the near-infrared spectrum. Retinal identification is performed by analyzing the reflected signal data. A person can be identified with absolute accuracy from 1,500 others in less than 5 seconds. A single ICAM 2001 device, if installed autonomously, has a memory capacity of 3000 people and 3300 performed actions. When used as part of a network, there are no restrictions for working in the mode of information storage and reporting. All three considered implementations can work both autonomously and as part of network configurations.

Despite the great advantages of this method (high reliability, impossibility of counterfeiting), it has a number of such disadvantages that limit the scope of its application (relatively long analysis time, high cost, large dimensions, identification procedure is not very pleasant).

Devoid of these shortcomings is the device quite widely represented on the Russian market “ HandKey”(Handkey), using as an identification feature palm parameters... This device is a structure (slightly larger than a telephone set) with a niche where the person being tested puts his hand. In addition, the device has a mini-keyboard and a liquid crystal screen on which identification data is displayed. The authenticity of the person is determined by a photograph of the palm (in digital form), while the photograph of the hand is compared with the standard (previous data). At the first registration, a personal code is entered, which is entered into the database.

The hand inside the handkey is photographed in ultraviolet light in three projections. The resulting electronic image is processed by a built-in processor, the information is compressed to nine bytes, which can be stored in a database and transmitted through communication systems. The total time of the procedure is from 10 seconds to 1 minute, although the identification itself occurs in 1 ... 2 seconds. During this time, the handkey checks the characteristics of the hand against previously defined data, and also checks the restrictions for this user, if any. With each check, the stored information is automatically updated, so that all changes on the hand of the person being checked are constantly recorded.

The handkey can work offline, in which he is able to memorize 20,000 different hand patterns. Its memory can store a calendar plan for the year, in which, with an accuracy of the minute, you can indicate when a particular client is allowed access. The designers of the device also provided for the possibility of working with a computer, connecting the lock control circuit, setting it up for emulation standard devices reading credit cards, connecting a printer for keeping a record of work. In network mode, up to 31 devices can be connected to the handkey. total length lines (twisted pair) up to 1.5 km. One cannot fail to note such a feature of the device as the ability to build it into an existing access control system. The main handkey manufacturer is Escape. The analysis shows that in the Russian market the palm-based identification device (handkey) has good prospects, given its ease of use, sufficiently high reliability characteristics and low price.

Depending on the specific conditions, they are often used combined systems access control, such as contactless card readers when entering and exiting a building in conjunction with a voice-based access control system in processing areas classified information. The best choice the required system or combination of systems can only be made on the basis of a clear definition of the current and future needs of the firm. So, for example, to improve operational and technical characteristics in the information security system "Rubezh", a combination of identification methods is used by signature dynamics, speech spectrum and personal code recorded in electronic key type "Touch memory".

The main means of biometric access control to information provided by the Russian security market are shown in Table. 2.

Table 2. Modern technical means of biometric control of access to information

Name	Manufacturer	Supplier in the Russian market	Biosign	Note
SACcat	SAC Technologies, USA	Trans-Ameritech, Mask	Finger skin drawing	Computer attachment
TouchLock	Identix, USA	Trans-Ameritech, Mask	Finger skin drawing	ACS facility
Touch safe	Identix, USA	Trans-Ameritech, Mask	Finger skin drawing	Computer ACS
TouchNet	Identix, USA	Trans-Ameritech, Mask	Finger skin drawing	ACS network
Eye Dentification System 7.5	Eyedentify, USA	Devecon, Raider	Retina drawing	ACS facility (monoblock)
Ibex 10	Eyedentify, USA	Devecon, Raider	Retina drawing	ACS facility (port. Camera)
Veriprint 2000	Biometric Identification, USA	AAM Systems	Finger skin drawing	SKD station wagon
ID3D-R Handkey	Recognition Systems, USA	AAM Systems, Mask	Hand palm drawing	SKD station wagon
HandKey	Escape, USA	Divecon	Hand palm drawing	SKD station wagon
ICAM 2001	Eyedentify, USA	Eyedentify	Retina drawing	SKD station wagon
Secure Touch	Biometric Access Corp.	Biometric Access Corp.	Finger skin drawing	Computer attachment
BioMouse	American Biometric Corp.	American Biometric Corp.	Finger skin drawing	Computer attachment
Fingerprint Identification Unit	Sony	Informzaschita	Finger skin drawing	Computer attachment
Secure Keyboard Scanner	National Registry Inc.	National Registry Inc.	Finger skin drawing	Computer attachment
Border	NPF "Kristall" (Russia)	Mask	Signature dynamics, voice parameters	Computer attachment
Daktochip Delsy	Elsis, NPP Electron (Russia), Opak (Belarus), P&P (Germany)	Elsis	Finger skin drawing	Computer attachment (including for work via a radio channel)
BioLink U-Match Mouse	BioLink Technologies (USA)	CompuLink	Finger skin drawing	Standard mouse with integrated fingerprint reader
Bogo-2000 Bogo-2001 Bogo-1999	Bogotech (South Korea)	Biometric systems	Finger skin drawing	Memory - 640 prints Memory - 1920 otp.
SFI-3000 HFI-2000 HFI-2000V (with videophone)	SecuOne (South Korea)	Biometric systems	Finger skin drawing	Memory - 30 prints Memory - 640 prints
VeriFlex VeriPass VeriProx VeriSmart	BIOSCRYPT (USA)	BIOSCRYPT	Finger skin drawing	Combination of fingerprint scanner and contactless smart card reader
BM-ET500 BM-ET100	Panasonic (Japan)	JSC "Panasonic CIS"	Iris drawing	For collective and individual use
Senesys light	State Unitary Enterprise SPC "ELVIS" (Russia)	State Unitary Enterprise SPC "ELVIS"	Finger skin drawing	Network version (dact reader and computer with software)

As can be seen from the table, biometric access control devices are currently being actively introduced into the Russian security market. In addition to the technical means indicated in the table, which have taken a firm position in the analyzed segment of the Russian market, some foreign companies also offer biometric access control devices based on other biofeatures, the reliability of identification of which has not yet been finally confirmed. Therefore, the optimal choice of BISZ from the means available on the market is a rather difficult task, for the solution of which, as a rule, the following main ones are used: specifications:

The likelihood of unauthorized access;
- the probability of a false alarm;
- throughput(identification time).

Given the probabilistic nature of the main characteristics, the sample size (statistics) at which the measurements are made is of great importance. Unfortunately, this characteristic is usually not indicated by manufacturing firms in accompanying and advertising documents, which further complicates the selection task. Table 3 shows the average values of the main technical characteristics of the BSZI, which differ in their principle of operation.

Table 3. Main technical characteristics of BSZI

Model (firm)	Biosign	Probability of unauthorized access,%	False alarm probability,%	Identification time (throughput), s
Eyedentify ICAM 2001 (Eyedentify)	Retina parameters	0,0001	0,4	1,5...4
Iriscan (Iriscan)	Iris parameters	0,00078	0,00066
FingerScan (Identix)	Fingerprint	0,0001	1,0	0,5
TouchSafe (Identix)	Fingerprint	0,001	2,0
TouchNet (Identix)	Fingerprint	0,001	1,0
Startek	Fingerprint	0,0001	1,0
ID3D-R HANDKEY (Recognition Systems)	Hand geometry	0,1	0,1
U.are.U (Digital Persona)	Fingerprint	0,01	3,0
FIU (Sony, I / O Software)	Fingerprint	0,1	1,0	0,3
BioMause (ABC)	Fingerprint	0,2	-
Cordon (Russia)	Fingerprint	0,0001	1,0
DS-100 (Russia)	Fingerprint	0,001	-	1,3
BioMet	Hand geometry	0,1	0,1
Veriprint 2100 (Biometric ID)	Fingerprint	0,001	0,01

The analysis of the Russian BSZI market showed that at present there is a very wide range of biometric identification devices that differ from each other in reliability, cost, and speed. The fundamental trend in the development of biometric identification tools is a constant decrease in their cost while improving their technical and operational characteristics.

Similar information.

The presentation for this lecture can be downloaded.

Simple identification of the person. Combination of face, voice and gesture parameters for more accurate identification. Integration of the capabilities of the Intel Perceptual Computing SDK modules for the implementation of a multi-level information security system based on biometric information.

This lecture provides an introduction to the subject of biometric information security systems, examines the principle of operation, methods and application in practice. Review of ready-made solutions and their comparison. The main algorithms for personal identification are considered. SDK capabilities for creating biometric information security methods.

4.1. Description of the subject area

There are a wide variety of identification methods, and many of them are widely used commercially. Today, the most common verification and identification technologies are based on the use of passwords and personal identification numbers (PIN) or documents such as a passport, driver's license. However, such systems are too vulnerable and can easily suffer from counterfeiting, theft and other factors. Therefore, more and more interest is aroused by the methods of biometric identification, which make it possible to determine the personality of a person by his physiological characteristics by recognition by previously saved samples.

The range of problems that can be solved using new technologies is extremely wide:

prevent intruders from entering protected areas and premises by forging, stealing documents, cards, passwords;
restrict access to information and ensure personal responsibility for its safety;
ensure admission to responsible facilities only by certified specialists;
the recognition process, thanks to the intuitiveness of the software and hardware interface, is understandable and accessible to people of any age and does not know language barriers;
avoid overhead costs associated with the operation of access control systems (cards, keys);
eliminate the inconvenience associated with loss, damage or elementary forgetting of keys, cards, passwords;
organize a record of access and attendance of employees.

In addition, an important factor in reliability is that it is completely independent of the user. When using password protection, a person can use a short keyword or hold a piece of paper with a hint under the computer keyboard. When using hardware keys, an unscrupulous user will not strictly monitor his token, as a result of which the device may fall into the hands of an attacker. In biometric systems, on the other hand, nothing depends on a person. Another factor that has a positive effect on the reliability of biometric systems is the ease of identification for the user. The fact is that, for example, scanning a fingerprint requires less labor from a person than entering a password. And therefore, this procedure can be carried out not only before starting work, but also during its implementation, which, of course, increases the reliability of protection. It is especially important in this case to use scanners combined with computer devices. So, for example, there are mice, when using which the user's thumb always rests on the scanner. Therefore, the system can constantly carry out identification, and the person not only will not suspend work, but also will not notice anything at all. In the modern world, unfortunately, almost everything is sold, including access to confidential information. Moreover, the person who transmitted the identification data to the attacker practically does not risk anything. About the password, we can say that it was picked up, but about the smart card that it was pulled out of the pocket. In the case of using biometric security, such a situation will no longer happen.

The choice of the industries most promising for the introduction of biometrics, from the point of view of analysts, depends, first of all, on the combination of two parameters: security (or security) and the expediency of using this particular control or protection means. The main place in compliance with these parameters is undoubtedly occupied by the financial and industrial sectors, government and military institutions, the medical and aviation industries, and closed strategic facilities. For this group of consumers of biometric security systems, it is, first of all, important to prevent an unauthorized user from among their employees from performing an unauthorized operation, and it is also important to constantly confirm the authorship of each operation. A modern security system can no longer do not only without the usual means that guarantee the security of the object, but also without biometrics. Also, biometric technologies are used to control access in computer, network systems, various information storages, data banks, etc.

Biometric methods of information protection are becoming more relevant every year. With the development of technology: scanners, photo and video cameras, the range of tasks solved using biometrics is expanding, and the use of biometric methods is becoming more popular. For example, banks, credit and other financial institutions serve as a symbol of reliability and trust for their clients. To meet these expectations, financial institutions pay more and more attention to the identification of users and personnel, actively using biometric technologies. Some use cases for biometric methods:

reliable identification of users of various financial services, incl. online and mobile (fingerprint identification prevails, recognition technologies based on the pattern of veins on the palm and finger and voice identification of customers contacting call centers are actively developing);
prevention of fraud and fraud with credit and debit cards and other payment instruments (replacing the PIN-code by recognizing biometric parameters that cannot be stolen, "spied", cloned);
improving the quality of service and its comfort (biometric ATMs);
control of physical access to buildings and premises of banks, as well as to depository cells, safes, vaults (with the possibility of biometric identification, both of a bank employee and a client-user of the cell);
protection information systems and resources of banking and other credit institutions.

4.2. Biometric information security systems

Biometric information security systems are access control systems based on identification and authentication of a person based on biological characteristics, such as DNA structure, iris pattern, retina, face geometry and temperature map, fingerprint, palm geometry. Also, these methods of human authentication are called statistical methods, since they are based on the physiological characteristics of a person, present from birth to death, which are with him throughout his life, and which cannot be lost or stolen. Unique dynamic biometric authentication methods are often used - signature, keyboard handwriting, voice and gait, which are based on the behavioral characteristics of people.

The concept of "biometrics" appeared at the end of the nineteenth century. The development of technologies for pattern recognition based on various biometric characteristics began to be dealt with for a long time, the beginning was laid in the 60s of the last century. Our compatriots have made significant progress in developing the theoretical foundations of these technologies. However, practical results have been obtained mainly in the west and more recently. At the end of the twentieth century, interest in biometrics increased significantly due to the fact that the power modern computers and improved algorithms have made it possible to create products that, in terms of their characteristics and ratio, have become available and interesting to a wide range of users. The branch of science has found its application in the development of new security technologies. For example, a biometric system can control access to information and storage in banks, it can be used in enterprises engaged in the processing of valuable information, to protect computers, communications, etc.

The essence of biometric systems boils down to the use of computer systems for personality recognition based on a person's unique genetic code. Biometric security systems allow you to automatically recognize a person by their physiological or behavioral characteristics.

Fig. 4.1.

Description of the work of biometric systems:

All biometric systems work in the same way. First, the recording process takes place, as a result of which the system memorizes a sample of the biometric characteristic. Some biometric systems take multiple samples to capture biometric characteristics in more detail. The information received is processed and converted into mathematical code. Biometric information security systems use biometric methods to identify and authenticate users. Biometric identification takes place in four stages:

Registration of an identifier - information about a physiological or behavioral characteristic is converted into a form accessible to computer technologies and entered into the memory of the biometric system;
Allocation - unique features analyzed by the system are selected from the newly presented identifier;
Comparison - the information about the newly submitted and previously registered identifier is compared;
Decision - a conclusion is made on whether the newly presented identifier matches or does not match.

The conclusion about the coincidence / mismatch of identifiers can then be transmitted to other systems (access control, information security, etc.), which then act on the basis of the information received.

One of the most important characteristics of information security systems based on biometric technologies is high reliability, that is, the ability of the system to reliably distinguish between biometric characteristics belonging to different people and reliably find matches. In biometrics, these parameters are referred to as Type I Errors (False Reject Rate, FRR) and Type II Errors (False Accept Rate, FAR). The first number characterizes the probability of denial of access to a person who has access, the second - the probability of a false coincidence of the biometric characteristics of two people. It is very difficult to fake the papillary pattern of a person's finger or the iris of the eye. So the occurrence of "errors of the second kind" (that is, granting access to a person who does not have the right to do so) is practically excluded. However, under the influence of some factors, the biological characteristics by which a person is identified may change. For example, a person may catch a cold, as a result of which his voice will change beyond recognition. Therefore, the frequency of occurrence of "errors of the first kind" (denial of access to a person who has the right to do so) in biometric systems is quite high. The system is better, the lower the FRR value for the same FAR values. Sometimes used and Comparative characteristics EER (Equal Error Rate), which defines the point at which the FRR and FAR graphs intersect. But it is not always representative. When using biometric systems, especially face recognition systems, even with the introduction of correct biometric characteristics, the decision on authentication is not always correct. This is due to a number of features and, first of all, to the fact that many biometric characteristics can change. There is a certain degree of probability of system error. Moreover, when using different technologies, the error can vary significantly. For access control systems when using biometric technologies, it is necessary to determine what is more important not to miss a "stranger" or to miss all "friends".

Fig. 4.2.

Not only FAR and FRR determine the quality of the biometric system. If this were the only way, then the leading technology would be the recognition of people by DNA, for which FAR and FRR tend to zero. But it is obvious that this technology is not applicable at the current stage of human development. Therefore, an important characteristic is the resistance to dummy, the speed of work and the cost of the system. Do not forget that a person's biometric characteristics can change over time, so if it is unstable, this is a significant disadvantage. Ease of use is also an important factor for users of biometric technology in security systems. The person whose characteristics are being scanned should not experience any inconvenience. In this regard, the most interesting method is, of course, face recognition technology. True, in this case, other problems arise, primarily related to the accuracy of the system.

Typically, a biometric system consists of two modules: an enrollment module and an identification module.

Registration module"trains" the system to identify a specific person. At the registration stage, a video camera or other sensors scan a person in order to create a digital representation of his appearance. As a result of scanning, several images are formed. Ideally, these images will have slightly different angles and facial expressions for more accurate data. A special software module processes this representation and identifies personality traits, then creates a template. There are some parts of the face that hardly change over time, such as the upper outline of the eye sockets, the areas around the cheekbones, and the edges of the mouth. Most of the algorithms developed for biometric technologies allow you to take into account possible changes in the hairstyle of a person, since they do not use for the analysis of the area of the face above the hairline. Each user's image template is stored in the biometric database.

Identification module receives an image of a person from a camcorder and converts it to the same digital format in which the template is stored. The resulting data is compared with a template stored in the database in order to determine if the images match each other. The degree of similarity required for verification is a certain threshold that can be adjusted for different types of personnel, PC power, time of day, and a number of other factors.

Identification can be performed in the form of verification, authentication, or recognition. During verification, the identity of the received data and the template stored in the database is confirmed. Authentication - confirms that the image received from the video camera matches one of the templates stored in the database. During recognition, if the obtained characteristics and one of the stored templates are the same, then the system identifies the person with the corresponding template.

4.3. Overview of ready-made solutions

4.3.1. IKAR Lab: a complex of forensic research of phonograms of speech

The IKAR Lab hardware and software complex is designed to solve a wide range of analysis tasks audio information, in demand in specialized law enforcement units, laboratories and forensic centers, flight accident investigation services, research and training centers. The first version of the product was released in 1993 and was the result of collaboration between leading audio experts and software developers. The complex's specialized software provide high quality visual presentation of speech phonograms. Modern algorithms of voice biometrics and powerful automation tools for all types of speech phonograms research allow experts to significantly increase the reliability and efficiency of examinations. The SIS II program included in the complex has unique tools for identification research: a comparative study of a speaker whose voice and speech recordings were submitted for examination and samples of the suspect's voice and speech. Phonoscopic identification expertise is based on the theory of the uniqueness of the voice and speech of each person. Anatomical factors: the structure of the organs of articulation, the shape of the vocal tract and the oral cavity, as well as external factors: speech skills, regional characteristics, defects, etc.

Biometric algorithms and expert modules make it possible to automate and formalize many processes of phonoscopic identification research, such as searching for identical words, searching for identical sounds, selecting compared sound and melodic fragments, comparing speakers by formants and pitch, auditive and linguistic types of analysis. The results for each research method are presented in the form of numerical indicators of the overall identification solution.

The program consists of a number of modules with the help of which one-to-one comparison is performed. The "Formant Comparison" module is based on the term phonetics - formant, which denotes the acoustic characteristic of speech sounds (primarily vowels) associated with the level of the frequency of the voice tone and forming the timbre of the sound. The identification process using the "Formant Comparison" module can be divided into two stages: first, the expert searches and selects the reference sound fragments, and after the reference fragments for the known and unknown speakers have been typed, the expert can start the comparison. The module automatically calculates the intra-speaker and inter-speaker variability of the formant trajectories for the selected sounds and decides on positive / negative identification or an undefined result. The module also allows you to visually compare the distribution of selected sounds on the scatterogram.

The "Fundamental Tone Comparison" module allows you to automate the process of speaker identification using the melodic contour analysis method. The method is intended for comparing speech samples based on the implementation parameters of the same type of melodic contour structure elements. For analysis, 18 types of contour fragments and 15 parameters of their description are provided, including values of minimum, average, maximum, rate of change of tone, kurtosis, bevel, etc. The module returns the comparison results as a percentage match for each of the parameters and decides on positive / negative identification or undefined result. All data can be exported to a text report.

The automatic identification module allows one-to-one comparison using the following algorithms:

Spectral format;
Pitch statistics;
Mixture of Gaussian distributions;

The probabilities of coincidence and differences of speakers are calculated not only for each of the methods, but also for their totality. All the results of comparing speech signals in two files, obtained in the automatic identification module, are based on the selection of identifying significant features in them and the calculation of a measure of proximity between the obtained sets of features and calculations of a measure of proximity of the obtained sets of features to each other. For each value of this measure of proximity, during the training period of the automatic comparison module, the probabilities of coincidence and difference of the speakers whose speech was contained in the compared files were obtained. These probabilities were obtained by the developers on a large training sample of phonograms: tens of thousands of speakers, various sound recording channels, many sound recording sessions, and various types of speech material. The application of statistical data to a single case of file-to-file comparison requires taking into account the possible scatter of the obtained values of the measure of proximity of two files and the corresponding probability of coincidence / difference of speakers, depending on various details of the speech delivery situation. For such values in mathematical statistics, it is proposed to use the concept of a confidence interval. The automatic comparison module displays numerical results taking into account confidence intervals of various levels, which allows the user to see not only the average reliability of the method, but also the worst result obtained on the training base. The high reliability of the biometric engine developed by the CRT company has been confirmed by tests by NIST (National Institute of Standards and Technology)

Some comparison methods are semi-automatic (linguistic and auditory analyzes)

The topic of our scientific and practical work is "Biometric methods of information security."

The problem of information security, ranging from the individual to the state, is currently very relevant.

Information protection should be considered as a set of measures, including organizational, technical, legal, software, operational, insurance and even moral and ethical measures.

In this paper, we investigated a modern developing direction of information security - biometric methods and security systems applied on their basis.

Tasks.

In the course of the study, we had to solve the following tasks:

theoretically study biometric methods of information security;
explore their practical application.

The subject of our research is modern access control and management systems, various biometric systems for personal identification.

The object of the research was literary sources, Internet sources, conversations with specialists

The result of our work is proposals for the use of modern technologies for personal identification. They will allow, in general, to strengthen the information security system of offices, companies and organizations.

Biometric identification technologies allow identification of the physiological characteristics of a person, and not a key or a card.

Biometric identification is a way of identifying a person based on certain specific biometric features inherent in a particular person.

Much attention is paid to this problem at international forums held both in our country and abroad.

The most popular and new access control and time tracking equipment for fingerprint recognition, face geometry and RFID, biometric locks and much more were demonstrated at the specialized forum "Security Technologies" in Moscow on February 14, 2012 at the International Exhibition Center.

We have researched a large number of methods, their abundance just amazed us.

We referred to the main statistical methods:

identification by capillary pattern on fingers, iris, face geometry, human retina, hand vein pattern. We also identified a number of dynamic methods: voice identification, heart rate, gait.

Fingerprints

Each person has a unique papillary print pattern. The features of the papillary pattern for each person are converted into a unique code, "Fingerprint Codes" are stored in the database.

Method advantages

High reliability

Low cost of devices

A fairly simple procedure for scanning a fingerprint.

Disadvantages of the method

The papillary pattern of a fingerprint is very easily damaged by small scratches, cuts;

Iris

The iris pattern is finally formed at the age of about two years and practically does not change during life, except for severe injuries.

The advantages of the method:

Statistical reliability of the method;

Capturing an image of the iris can be performed at a distance from a few centimeters to several meters.

The iris is protected from corneal injury

A large number of anti-counterfeiting methods.

Disadvantages of the method:

The price of such a system is higher than the price of a fingerprint scanner.

Face geometry

These methods are based on the fact that facial features and the shape of the skull of each person are individual. This area is divided into two directions: 2D recognition and 3D recognition.

2D face recognition is one of the most ineffective biometrics methods. It appeared quite a long time ago and was used mainly in forensic science. Subsequently, computer 3D versions of the method appeared.

Method advantages

2D recognition does not require expensive equipment;

Recognition at significant distances from the camera.

Disadvantages of the method

Low statistical reliability;

Lighting requirements are imposed (for example, it is not possible to register the faces of people entering from the street on a sunny day);

A frontal face image is mandatory

Facial expression should be neutral.

Venous hand drawing

This is a new technology in the field of biometrics. An infrared camera takes pictures of the outside or inside of the hand. The pattern of veins is formed due to the fact that the hemoglobin of the blood absorbs infrared radiation. As a result, the veins are visible on the camera as black lines.

Method advantages

No need to contact the scanning device;

High reliability

Disadvantages of the method

Sun exposure of the scanner is unacceptable

The method is less studied.

Retina

Until recently, the method based on scanning the retina was considered the most reliable method of biometric identification.

The advantages of the method:

High level of statistical reliability;

There is little likelihood of developing a way to "cheat" them;

Contactless method of data collection.

Disadvantages of the method:

Complex system to use;

The high cost of the system;

The method is not sufficiently developed.

Technologies for the practical application of biometrics

While researching this topic, we have collected enough information about biometric security. We have come to the conclusion that modern biometric solutions are accompanied by stable growth. The market is seeing a merger of biometric companies with different technologies. Therefore, the appearance of combined devices is a matter of time.

A big step for improving the reliability of biometric identification systems is the integration of readings different types biometric identifiers in one device.

Multiple IDs are already being scanned when issuing visas for travel to the United States.

There are various forecasts for the development of the biometric market in the future, but in general, we can say about its further growth. Thus, fingerprint identification still controls more than half of the market in the coming years. This is followed by recognition by face geometry and iris. They are followed by other recognition methods: hand geometry, vein pattern, voice, signature.

This is not to say that biometric security systems are new. However, it must be admitted that recently these technologies have made great strides forward, which makes them a promising direction not only in ensuring information security, but also an important factor in the successful operation of security services.

The solutions we investigated can be used as an additional identification factor, and this is especially important for comprehensive information protection.

What are the biometric ways to protect information. Biometric computer security methods. Template protection methods

Fingerprint authentication …………………………………. 10

Retinal authentication …………… ………………………… .. 10

Iris Authentication …………………………… 11

Hand Geometry Authentication ……………………………………… .. 12

Face Geometry Authentication ……………………………………… .. 12

Facial thermogram authentication …………………………………… 13

Voice authentication …………………………………………………. 13

Handwriting authentication ………………………………………………. ... fourteen

Combined Biometric Authentication System …………. fourteen

Technologies

Fingerprint authentication

Retina Authentication

Iris Authentication

Hand geometry authentication

Face geometry authentication

Facial thermogram authentication

Voice authentication

Handwriting authentication

Combined biometric authentication system

Biometric Authentication Methods

Static methods

Dynamic methods

Biometric security systems

Application in everyday life

Application in management and access control systems (ACS)

Biometric security equipment manufacturers

4.1. Description of the subject area

4.2. Biometric information security systems

4.3. Overview of ready-made solutions

4.3.1. IKAR Lab: a complex of forensic research of phonograms of speech

Technologies for the practical application of biometrics

The last

You need to know