Biometrics, is it a viable proposition for identity authentication and access control?

doi:10.1016/0167-4048(95)97054-E

Computers & Security

Volume 14, Issue 3, 1995, Pages 205-214

https://doi.org/10.1016/0167-4048(95)97054-E Get rights and content

Abstract

In modern society, where a welfare recipient signs up for benefits under six identities, a child is released to a stranger from a day care centre, a hacker accesses sensitive databases, and a counterfeiter makes copies of bank cards, a trustworthy means of identifying employees or customers is urgently in demand. Biometrics is emerging as the most foolproof method of automated personal identification in today's highly computer dependent world. Biometric systems are automated methods of verifying or recognizing the identity of a living person on the basis of some physiological characteristics or some behavioural aspects. No one biometric system is likely to dominate the marketplace since all have limitations that compromise possible system solutions. The trade-offs in developing such systems invoke hardware cost, reliability, discomfort in using a device, the amount of data needed, and other factors. This article looks at different types of biometrics systems and discusses in detail the various security implications associated with their application.

References (26)

W. Caelli
T Forester et al.
Computer Ethics: Cautionary tales and ethical dilemmas in computing
(1994)
K. Dittrich
Computer Security and Information Integrity
(1991)
I.O Angell et al.
Information Systems Management: Opportunities and Risks
(1991)
R.L. Sherman
Bometrics Futures
R.L. Sherman
The Right Look Can Open Doors
W.R Cheswick et al.
Firewalls and Internet Security: Repelling the Wily Hacker
Addison-Wesley Professional Computing Series
(1994)
B. Miller
Vital Signs of Identity
EEE Spectrum
(Feb 1994)
F.M. Tuerkheimer
The underpinning of privacy protection
Communications of the ACM
(Aug 1993)
R.A. Clark
Information Technology and Dataveillance
Communications of the ACM
(May 1988)

RUSSELL, D and GANGEMI Sr, G.T. Computer Security Basics, O'Reilly and Associates...

R Joyce et al.

Identity Authentication Based on Keystroke Latencies

Communications of the ACM

(Feb 1990)

R.D. Peacocke et al.

An Introduction to Speech and Speaker Recognition

IEEE Computer

(Aug 1990)

Cited by (31)

Comparing fingerprint-based biometrics authentication versus traditional authentication methods for e-payment
2018, Decision Support Systems
Citation Excerpt :
There are few theoretically grounded studies that focus on the determinants of users' perceptions of biometrics authentication. Most extant literature provides descriptions of biometrics technologies, its architecture or viability [38]. Today, biometrics technology seemingly enjoys a wider acceptance due to the inclusion of fingerprint biometrics and more user-friendly applications on mobile devices.
Biometrics authentication for electronic payment is generally viewed as a quicker, convenient and a more secure means to identify and authenticate users for online payment. This view is mostly anecdotal and conceptual is nature. The aim of the paper is to shed light on the comparison of perceptions and beliefs of different authentication methods for electronic payment (i.e., credit card, credit card with PIN, and fingerprint biometrics authentication) in an e-commerce context. As theoretical foundation, the valence framework is used in understanding and explaining the individual's evaluation of benefit and risk concerning the payment methods. We propose a research model with hypotheses that evaluate and compare the individual's perceptions of the payment authentication methods, trust of the online store, and the willingness to continue using the website account associated with the payment authentication method. An experiment is used to test the hypotheses. The results show that biometrics authentication significantly influences the individual's security concern, perceived usefulness, and trust of online store. Theoretically, through the study's context – biometrics versus credit card authentication – evidence is provided for the importance of the individual's perceptions, concerns, and beliefs in the use of biometrics for electronic payments. Managerial implications include shedding light on the perceptions and concerns of secure authentication and the need for implementing biometrics authentication for electronic payments.
One-time password authentication scheme based on the negative database
2017, Engineering Applications of Artificial Intelligence
Citation Excerpt :
Thus far, many one-time password authentication schemes have been proposed to protect the authentication data and user password. The security of the schemes proposed in early years was primarily based on information known by the user (Joyce, 1990; Kim, 1999), such as the one-time password authentication scheme based on a one-way hash function proposed by Lamport (1981) and its improved versions (Haller, 1995; Sandirigama et al., 2000; Chen and Ku, 2002). One-time password authentication schemes using smart cards were subsequently proposed in later studies (Yang and Shieh, 1999; Liao et al., 2006; Chang and Wu, 1991; Xu et al., 2009; Wu et al., 2012).
In this paper, a novel one-time password authentication scheme based on the negative database (NDB) is proposed. The authentication data, which involve a user password and random number, are converted to an NDB before they are transmitted to the network. Recovering the original database (DB) from an NDB is an NP-hard problem. Even if the data transmitted in the network have been intercepted by an attacker, the attacker cannot recover the password due to the hardness of reversing the NDB. The proposed scheme is the first one-time password authentication scheme based on the NDB. Following the method used in this paper, the NDB can be added to other authentication schemes as an extra layer to further improve security. The proposed scheme can be adopted into other applications such as business management, network-based consumer electronics, and intelligent household systems.
Hierarchy of users' web passwords: Perceptions, practices and susceptibilities
2014, International Journal of Human Computer Studies
Citation Excerpt :
Maintaining a unique identity of this type typically requires remembering a unique username and a password for that site, much like the authentication procedures on more security-sensitive sites, such as those for banking, stock trading, email, and online social networks. Advances in technology and design have led to various other forms of user authentication, such as biometrics (Roddy and Stosz, 1997; Marino et al., 2006; Kim, 1995), graphical passwords (Goldberg et al., 2002; Brostoff and Sasse, 2000; Wiedenbeck et al., 2005b), and token-based authentication (Corner and Noble, 2002; Syta et al., 2010). Still, password-based authentication remains the most popular due to its simplicity and cost effectiveness.
In this study, we propose a hierarchy of password importance, and we use an experiment to examine the degree of similarity between passwords for lower-level (e.g. news portal) and higher-level (e.g. banking) websites in this hierarchy. We asked subjects to construct passwords for websites at both levels. Leveraging the lower-level passwords along with a dictionary attack, we successfully cracked almost one-third of the subjects׳ higher-level passwords. In a survey, subjects reported frequently reusing higher-level passwords, with or without modifications, as well as using a similar process to construct both levels of passwords. We thus conclude that unsafely shared or leaked lower-level passwords can be used by attackers to crack higher-level passwords.
A password authentication scheme over insecure networks
2006, Journal of Computer and System Sciences
Authentication ensures that system's resources are not obtained fraudulently by illegal users. Password authentication is one of the simplest and the most convenient authentication mechanisms over insecure networks. The problem of password authentication in an insecure networks is present in many application areas. Since computing resources have grown tremendously, password authentication is more frequently required in areas such as computer networks, wireless networks, remote login, operation systems, and database management systems. Many schemes based on cryptography have been proposed to solve the problem. However, previous schemes are vulnerable to various attacks and are neither efficient, nor user friendly. Users cannot choose and change their passwords at will. In this paper, we propose a new password authentication scheme to achieve the all proposed requirements. Furthermore, our scheme can support the Diffie–Hellman key agreement protocol over insecure networks. Users and the system can use the agreed session key to encrypt/decrypt their communicated messages using the symmetric cryptosystem.
Alternative method for unique RSA primes generation
2001, Computers and Security
This paper describes a new method for generating RSA primes. While the primes generated according to this method satisfy all of the existing requirements for making RSA encryption and signature generation secure and efficient, they possess two additional properties. First, the RSA primes derived by different parties will always be different. This is a highly desirable property in view of possible disputes around the authenticity of a digital signature. Second, it will not be necessary to store any seed values to verify that these primes were generated according to the prescribed procedure. This is achieved by incorporating the required information about the seeds into the primes themselves without weakening the security properties of the RSA primes.
Biometric standard for information management and security
2000, Computers and Security
Today, biometric systems are being widely developed and deployed to provide greater security to users and there is an increased awareness of the value of biometric systems. Biometric systems are being developed and deployed, users are gaining experience and confidence in biometric systems and are beginning to reap the benefits of this technology. Users and developers of this technology have also recognized the need for a biometric standard and work on a defining standard is currently underway. The standard establishes an appropriate biometric model and the associated security requirements that will allow different biometric solutions to co-exist in the marketplace. The standard views biometric systems within a global user community and it assures that the security of any one biometric system will be unaffected by the security of any other biometric system. This paper argues that integrity of authentication data is the primary security requirement and that confidentiality is secondary, even though the majority of authentication schemes today encrypt PINs and passwords.

View all citing articles on Scopus

View full text

Special featureBiometrics, is it a viable proposition for identity authentication and access control?

Abstract

Computer Ethics: Cautionary tales and ethical dilemmas in computing

Computer Security and Information Integrity

Information Systems Management: Opportunities and Risks

Bometrics Futures

The Right Look Can Open Doors

Firewalls and Internet Security: Repelling the Wily Hacker

Addison-Wesley Professional Computing Series

Vital Signs of Identity

EEE Spectrum

The underpinning of privacy protection

Communications of the ACM

Information Technology and Dataveillance

Communications of the ACM

Identity Authentication Based on Keystroke Latencies

Communications of the ACM

An Introduction to Speech and Speaker Recognition

IEEE Computer

Special feature
Biometrics, is it a viable proposition for identity authentication and access control?