Security in biometric systems
share
The objective of biometric systems is to provide an identification mechanism. This identification mechanism can be used to fulfil several objectives. The most common, related to providing security to a resource, is usually authentication or detection of authorized personnel and detection of unauthorized personnel. From the technical point of view, these two objectives can be included in a single point since most functionalities are achieved by making searches of people previously identified in the database of the system in question. In the first case access is given to people entered in the database and in the second case access is given to people who are not entered in the database. Although these are the two most common attacks there are also others that we will discuss in this chapter. The structure of the chapter is as follows. The first part of the chapter gives an overview of the basic types of attacks and describes the usual protection measures (Sections 1, 2 and 3). The second part of the chapter describes several attacks that can be made on systems based on fingerprinting, face recognition, and iris recognition (Sections 4 and 5). Once the attack methodologies have been described, some specific protection measures are also discussed (Sections 4 and 5). Finally, side channel attacks and their usefulness in combination with other possible attacks are described (Section 6).
READ FULL TEXT