|
|
|
Modern Operating Systems by Herbert Bos and Andrew S. Tanenb...
Modern_Operating_Systems_by_Herbert_Bos_and_Andrew_S._Tanenbaum_4th_Ed.pdf
Showing 668-669 out of 1137
Modern Operating Systems by Herbert Bos and Andrew...
Modern_Operating_Systems_by_Herbert_Bos_and_Andrew_S._Tanenbaum_4th_Ed.pdf-M ODERN O PERATING S YSTEMS
Modern Operating Systems by Herbert...
Modern_Operating_Systems_by_Herbert_Bos_and_Andrew_S._Tanenbaum_4th_Ed.pdf-M ODERN O PERATING S YSTEMS
Page 668
SEC. 9.6
AUTHENTICATION
637
has a device like the one of Fig. 9-20. The user inserts his hand into it, and the
length of all his fingers is measured and checked against the database.
Spring
Pressure plate
Figure 9-20.
A device for measuring finger length.
Finger-length measurements are not perfect, however. The system can be at-
tacked with hand molds made out of plaster of Paris or some other material, pos-
sibly with adjustable fingers to allow some experimentation.
Another biometric that is in widespread commercial use is
iris recognition
.
No two people have the same patterns (even identical twins), so iris recognition is
as good as fingerprint recognition and more easily automated (Daugman, 2004).
The subject just looks at a camera (at a distance of up to 1 meter), which pho-
tographs the subject’s eyes, extracts certain characteristics by performing what is
called a
gabor wavelet
transformation, and compresses the results to 256 bytes.
This string is compared to the value obtained at enrollment time, and if the Ham-
ming distance is below some critical threshold, the person is authenticated.
(The
Hamming distance between two bit strings is the minimum number of changes
needed to transform one into the other.)
Any technique that relies on images is subject to spoofing. For example, a per-
son could approach the equipment (say, an ATM machine camera) wearing dark
glasses to which photographs of someone else’s eyes were attached. After all, if the
ATM’s camera can take a good iris photo at 1 meter, other people can do it too, and
at greater distances using telephoto lenses. For this reason, countermeasures may
be needed such as having the camera fire a flash, not for illumination purposes, but
to see if the pupil contracts in response or to see if the amateur photographer’s
dreaded red-eye effect shows up in the flash picture but is absent when no flash is
Page 669
638
SECURITY
CHAP. 9
used. Amsterdam Airport has been using iris recognition technology since 2001 to
enable frequent travelers to bypass the normal immigration line.
A somewhat different technique is signature analysis. The user signs his name
with a special pen connected to the computer, and the computer compares it to a
known specimen stored online or on a smart card. Even better is not to compare the
signature, but compare the pen motions and pressure made while writing it.
A
good forger may be able to copy the signature, but will not have a clue as to the
exact order in which the strokes were made or at what speed and what pressure.
A scheme that relies on minimal special hardware is voice biometrics (Kaman
et al., 2013).
All that is needed is a microphone (or even a telephone); the rest is
software. In contrast to voice recognition systems, which try to determine what the
speaker is saying, these systems try to determine who the speaker is. Some systems
just require the user to say a secret password, but these can be defeated by an
eavesdropper who can record passwords and play them back later. More advanced
systems say something to the user and ask that it be repeated back, with different
texts used for each login. Some companies are starting to use voice identification
for applications such as home shopping over the telephone because voice identifi-
cation is less subject to fraud than using a PIN code for identification. Voice
recognition can be combined with other biometrics such as face recognition for
better accuracy (Tresadern et al., 2013).
We could go on and on with more examples, but two more will help make an
important point. Cats and other animals mark off their territory by urinating around
its perimeter. Apparently cats can identify each other’s smell this way.
Suppose
that someone comes up with a tiny device capable of doing an instant urinalysis,
thereby providing a foolproof identification. Each computer could be equipped
with one of these devices, along with a discreet sign reading: ‘‘For login, please
deposit sample here.’’ This might be an absolutely unbreakable system, but it
would probably have a fairly serious user acceptance problem.
When the above paragraph was included in an earlier edition of this book, it
was intended at least partly as a joke. No more. In an example of life imitating art
(life imitating textbooks?), researchers have now developed odor-recognition sys-
tems that could be used as biometrics (Rodriguez-Lujan et al., 2013). Is Smell-O-
Vision next?
Also potentially problematical is a system consisting of a thumbtack and a
small spectrograph. The user would be requested to press his thumb against the
thumbtack, thus extracting a drop of blood for spectrographic analysis.
So far,
nobody has published anything on this, but there
is
work on blood vessel imaging
as a biometric (Fuksis et al., 2011).
Our point is that any authentication scheme must be psychologically ac-
ceptable to the user community. Finger-length measurements probably will not
cause any problem, but even something as nonintrusive as storing fingerprints on
line may be unacceptable to many people because they associate fingerprints with
criminals. Nevertheless, Apple introduced the technology on the iPhone 5S.
Ace your assessments! Get Better Grades
Browse thousands of Study Materials & Solutions from your Favorite Schools
Concordia University
Concordia_University
School:
Operating_Systems
Course:
Great resource for chem class. Had all the past labs and assignments
Leland P.
Santa Clara University
Introducing Study Plan
Using AI Tools to Help you understand and remember your course concepts better and faster than any other resource.
Find the best videos to learn every concept in that course from Youtube and Tiktok without searching.
Save All Relavent Videos & Materials and access anytime and anywhere
Prepare Smart and Guarantee better grades
Know more
Students also viewed documents
lab 18.docx
lab_18.docx
Course
Course
3
Module5QuizSTA2023.d...
Module5QuizSTA2023.docx.docx
Course
Course
10
Week 7 Test Math302....
Week_7_Test_Math302.docx.docx
Course
Course
30
Chapter 1 Assigment ...
Chapter_1_Assigment_Questions.docx.docx
Course
Course
5
Week 4 tests.docx.do...
Week_4_tests.docx.docx
Course
Course
23
Week 6 tests.docx.do...
Week_6_tests.docx.docx
Course
Course
106
