Bibliography
1. AuthenTec, Inc. "Fingerprint Matching TechnologyThe Basics," June 7, 2002 (www.authentec.com/finalInteg/MatchingBasics_files/frame.htm).
2. AuthenTec, Inc. "Operating Principles for Very Small Fingerprint Sensors," June 7, 2002 (www.authentec.com/finalInteg/HowSmallSensorsWork_files/frame.htm).
3. AuthenTec, Inc. "Specifying Commercial and Consumer Fingerprint Systems," June 7, 2002 (www.authentec.com/finalInteg/SpecComFprintSyst_files/frame.htm).
4. AuthenTec, Inc. "TruePrint TechnologyThe Fundamentals," June 7, 2002 (www.authentec.com/finalInteg/TechieDetail_files/frame.htm).
5. Bishop, Peter. "Atmel's Fingerchip Technology for Biometric Security," November 2002 (www.atmel.com).
6. Bromba, Manfred. "Bioidentification," September 12, 2003 (www.bromba.com).
7. Broun, C.C., X. Zhang, R.M. Mersereau, and M. Clements. "Automatic Speechreading with Application to Speaker Verification," (www.users.ece.gatech.edu).
8. Bruderlin, Rene. "What Is Biometrics? Automated Identification of Persons based on Personal Characteristics," 2001 (www.bioservice.ch).
9. Daugman, John. "How Iris Recognition Works," University of Cambridge (www.cl.cam.ac.uk/users/jgd1000).
10. Davies, Simon G. "Touching Big Brother: How Biometric Technology Will Fuse Flesh and Machine," Information Technology & People , Vol. 7, No. 4, 1994.
11. de Boer, Johan, Asker M. Bazen, and Sabih H. Gerez. "Indexing Fingerprint Databases Based on Multiple Features" (www.stw.nl.prorisc/proc2000).
12. Dugelay, J.L., J.C. Junqua, C. Kptropoulos, R. Kuhn, F. Perronnin, and I. Pitas. "Recent Advances in Biometric Person Authentication," (www.eurecom.fr/~perronni/papers/icassp02.pdf).
13. Dunlap, Duane D. November 2001 (http://et.wcu.edu/aidc/).
14. Ernst, Jan. "Iris Recognition and Identification," December 2, 2002 (www.irisrecognition.org).
15. Ethentica. "Tactilesense White Paper A Breakthrough in Fingerprint Authentication," January 2003 (www.securityfirstcorp.com/tactwhtpr.pdf).
16. Frischholz, Robert. "Face Detection," August 29, 2003 (www.home.tonline.de/home/RobertFrischholz/face/htm).
17. Ganger, Gregory R. and David F. Nagle. "Better Security via Smarter Devices," May 2001 (www.pdl.cs.cmu.edu/PDL-FTP/Secure/hotos01.pdf).
18. Govindavajhala, Sudhakar, and Andrew W. Appel, "Using Memory Errors to Attack a Virtual Machine," Dept. of Computer Science, Princeton University, Princeton, NJ, 2003.
19. Harper, Jim. "Biometrics: New Weapons in the War Against Terrorism or New Blow to Privacy?" Prepared Remarks to the American Bar Association Section of Science and Technology Law Panel, August 11, 2002.
20. Harris, Tom. "How Fingerprint Scanners Work," 2003 (www.computer.howstuffworks.com).
21. Hawkins, Dana. "Who's Watching Now? Hassled by Lawsuits, Firms Probe Workers' Privacy," U.S. News , September 15, 1997.
22. Infineon. (www.infineon.com/cmc_upload/documents/028/946/FREQUENTLYASKEDQUESTIONS.pdf).
23. Jain, Anil K. and Sharath Prabhakar. "Fingerprint Classification and Matching," (www.research.ibm.com/ecvg/pubs/sharat-handbook.pdf).
24. Jain, Anil K., S. Prabhakar, and Arun Ross. "Fingerprint Matching: Data Acquisition and Performance Evaluation," March 1999 (www.cse.msu.edu/cgi-user/web/tech/document?ID=402).
25. Kingpin. "Attacks on and Countermeasures for USB Hardware Token Devices," 2002 (www.atstake.com).
26. Leeper, David, Jeff Foerster, Evan Green, and Srinivasa Somayazulu. Secure Solutions , May 3, 2002 (www.digitalpersona.com).
27. Lewis, Peter. "Verizon sues State over Rules on Privacy," Seattle-Times , November 22, 2002.
28. Liedy, Martin V. "Biometric Security Systems the Next Generation of Security."
29. Mansfield, A.J., and J.L. Wayman. "Best Practices in Testing and Reporting Performance of Biometric Devices," Version 2.01, August 2002 (www.cesg.gov.uk/site/ast/biometrics).
30. Marinov, Svetoslav. "Text Dependent and Text Independent Speaker Verification Systems, Technology and Applications," February 26, 2003 (www.speech.kth.se).
31. Mast, Lucas. "Biometrics: Hold On, Chicken Little," TechKnowledge , No. 31, January 18, 2002.
32. Matsumoto, Tsutomu. "Importance of Open Discussion on Adversarial Analyses for Mobile Security TechnologiesA Case Study for User Identification," May 14, 2002 (www.itu.int/itudoc/itu-t/workshop/security/present/s5p4.pdf).
33. May, Timothy C. "The Cyphernomicon: Cypherpunks FAQ and More," Version 0.666, September 10, 1994 (www.www2.pro-ns.net/crypto).
34. MIT Media Laboratory Vision and Modeling Group Face Recognition Demo Page, July 25, 2002 (www.whitechapel.media.mit.edu).
35. Pankanti, Sharath, Salil Prabhakar, and Anil K. Jain. On The Individuality of Fingerprints , Michigan State University, 2001.
36. Penzhorn, W.T. "Principles of Network Security Lecture N-03 Biometric User Identification" (www.ict.tuwein.ac.at/skripten/Penzhorn).
37. Schuckers, Stephanie, Larry Hornak, Tim Norman, Reza Derakhshani, and Sujan Parthasaradhi. "Issues for Liveness Detection in Biometrics" (www.biometrics.org/html/bc2002_sept_program/2_bc0130_DerakhshabiBrief.pdf).
38. Shankar, Asim, and Priyendra Singh Deshwal. Face Detection in Images: Neural Networks & Support Vector Machines , Indian Institute of Technology at Kanpur, April 2002.
39. Shinn, Phil. "Speaker Verification," Telephony Voice User Interface Conference, Scottsdale, AZ, January 1999.
40. Singer, Brooke. Against Data Determinism in a Networked World , Spring 2002 (www.bsing.net).
41. Speir, Michelle. "The New Face of Security: Understanding the Promises and Pitfalls of Facial-Recognition Technology," March 4, 2002 (www.iwsinc.com).
42. Suares, Stuart. "Biometric Security Systems" (www.biometricsecurity.com.au/technologies).
43. Thompson, Susan. "Improving Biometrics" (www.silicontrust.com/pdf/secure_5/50_techno_5.pdf).
44. Visualize. "Face Recognition: A camera and Algorithm Know It's You," November 2001 (www.technologyreview.com).
45. Wayman, James L. "Biometric Identification Standards Research Final Report, Volume I," San Jose State University, December 1997.
46. Woodward, John D., Katharine W. Webb, Elaine M. Newton, Melissa Bradley, and David Rubenson. Army Biometric Applications: Identifying and Addressing Sociocultural Concerns , Rand Corporation, 2001.
47. Wrigley, Stuart N. "Speech Recognition by Dynamic Time Warping," 1999.
Chapter 1. Introduction
Stop! Right now, think of how many passwords and personal identification number (PIN) codes you have to remember. Now, think back to when you started using passwords and PIN codes. How many did you use then compared to now? For most of us, the number of passwords and PIN codes we currently have is somewhere between 5 and 8. For some, that number can be as high as 12 to 15. How often do you forget them? It is very inconvenient to remember those codes. Now, do you have your fingers, eyes, voice, and face with you? The answer hopefully is yes! Have you ever forgotten any of those body parts? Not very likely! What if we could use those body parts instead of passwords and PIN codes to verify who you are? Would that not be more convenient? It also seems logical that it could be a more secure way of authenticating a person.
Biometric technology uses a physical or psychological trait for identification and/or authentication. By using physical traits, the provider of the trait always has them with him or her.
This book is about using those physical traits for providing access to computers and their networks. Biometrics for Network Security is a book dedicated to helping those interested in the use and implementation of biometrics systems for access control to be successful the first time.
This book is based on my own real-world experiences. The methodologies, observations, and suggestions are based on several years of real-world, in-the-field experience. Everything I talk about in this book really happened to me. I did not get the information from a presentation or hear a story secondhand from a friend; I have been in the trenches and have the scars to prove it!