Académique Documents
Professionnel Documents
Culture Documents
CONTENTS
1.Introduction
2.Security and authentication
3.Methods of verification
a.Psychological verification
i. Finger Print.
ii. Hand Print.
iii. Face Measurement.
iv. Retinal Scanning.
v. DNA Analysis.
b.Behavioral verification
i. Typing.
ii. Signature.
iii. Voice.
4.Identification.
5.Verification.
6.Advantages
7.Limitations
8.Conclusion.
9.References
Introduction
Biometrics is an advanced technology for superb security and
authentication .The very term "biometric” it represent that "bio" means
related to the biological study and "metric " means something, which is
related to measurement. In network environment security is a crucial factor.
Provide security to pages in the network is to difficulty. Password is not a
good measurement for security. Good security mechanism is necessary on
the Internet. Security in different levels applies to various documents.
Security is depends how security assign to documents. Security depends on
following categories.
1. Confidential
2. Secret
3. Non-secret
4. Public
1.Token-based security:
It relies on the users special item -token like card-id.
Neither of the two can accurately determine whether the password that
posses a token nor knows some secret information of the individual it
represents. Tokens can be stolen and information can be guessed or
fraudulently obtained.
Permissions:
Microsoft SQL Server uses permissions to enforce database security.
The SQL Server permissions system specifies which users are authorized to
use which Transact-SQL statements, views, and stored procedures. The
System Administrator
Database owners
Database object owners
Database users
inside a database, giving all of them the same permissions. Any username in
a database can also serve as an alias.
Aliases are often used so that several users can assume the role of
database owner.
Database object owner
Database objects are tables, indexes, views, defaults, triggers, rules,
and procedures. The user who creates a database object is the database
object owner and is automatically granted all permissions on it. The database
object owner can grant permission to other users to use that object. Database
object ownership cannot be transferred.
database owner
The database owner (DBO) is the creator of a database. There is only
one DBO. The DBO has full privileges inside the database that he or she
owns, and determines the access and capabilities provided to other users.
In his or her own database, the user is recognized as DBO; in other
databases, the database owner is known by his or her database username.
DBO status can be reassigned to a different user. Only one login ID
can be DBO, although other login IDs can be aliased to DBO.
domain
In Windows NT security, a domain is a collection of computers that
are grouped for viewing and administrative purposes, and that share a
common security database.
group
In SQL Server, a database group is a collection of database users. The
users receive the database permissions granted to the group. Using groups
simplifies management of a large number of database users, because groups
provide a convenient way to grant and revoke permissions to more than one
user at the same time.
In Windows NT, a group is a collection of Windows NT users. The
users received the Windows NT rights and permissions granted to the group.
Groups provide a convenient way to manage the capabilities of a large
number of users with similar needs, within the security scope of a domain or
a computer.
integrated security
Integrated security allows a SQL Server to use Windows NT
authentication mechanisms to validate logins for all connections. Only
trusted (multi-protocol or named pipes) connections are allowed.
login ID
A login ID is a name by which a user is known to SQL Server. Login
IDs are also referred to as logins.
To log in to a SQL Server that is running standard security, a user
must provide a valid login ID and password.
mixed security
Mixed security allows login requests to be validated using either
integrated or standard security. Trusted connections (as used by integrated
security) and nontrusted connections (as used by standard security) can be
established.
object permissions
Object permissions regulate the use of certain statements on certain
database objects. They are granted and revoked by the owner of the object.
permissions
Microsoft SQL Server uses permissions to enforce database security.
The SQL Server permissions system specifies which users are authorized to
use which Transact-SQL statements, views, and stored procedures. The
username
In SQL Server, a database username is a name assigned to a login ID
for the purpose of allowing a user to have access to a database. The abilities
a user has within a database depend on the permissions granted to the
username (and to any groups the username is a member of).
Method of Verification
1.PSYCHOLOGICAL VERIFICATION
I. Finger print: It involves the user placing his finger over a glass-plate,
which resides over a high-resolution camera, which uses optical or
electromagnetic means to take its snapshot. The software analysis your
finger for pattern such as loops, worls and arches.
Advantages:
Advantage:
a. Accuracy is better than fingerprint.
b. Cheap and easy to deploy.
Disadvantage:
a. Complex in usage.
b. Implementation is expensive.
c. Any damages to hand effect more.
Disadvantage:
a. Inaccurate is affected by changes in lighting, age, and
movement, glass.
b. Face creams also effect the measurements.
The retinal iris patterns are unique to individuals than any biometric
yet devised.
The retina is an internal part of the eye located at the back of the eye
and is get of thin nerve which sense the light coming through a camera,
pupil, eye lenses.
The pattern of blood vessels which makeup retina are unique to each
individual i.e., <1.2 inch.
Advantage:
a. Accurate with no false match in 2 million people.
b. It s sophisticated process.
Disadvantages:
c. Expensive, difficult to deploy and use.
d. Focus of light effect measurements.
V. DNA Analysis:
It involves in checking the DNA pattern of a human used when
physical characteristics are unrecognizable. It is used to identify people, who
are died, to find out the relationship like identifying Childs natural parents.
Advantages:
a. DNA samples can be collected from toothbrush, clothes.
Disadvantages:
e. DNA testing takes longer time than other methods.
f. Twins have same DNA.
g. Researchers produce same DNA.
2.BEHAVOURAL VERIFICATION
This involves in oral thing done by the individual. There are 3 types of
behavioral verifications,
1. Typing
2. Signature
3. Voice
1. Typing:
Some systems measure things you do in addition to the things you are,
you will notice that your typing has a certain pattern. Some letters follow
others in quick succession, while others take longer.
2. Signature:
Some qualities looked into include acceleration rates, direction, and
pressure and stroke length. Here mainly concentrate on pressures. This
pressures stored in back end for future significations.
Disadvantages:
a. The disadvantage with the technology lies in the randomness or the
consistency with which a user makes his signature. If pressures are not tally
with stored pressure in the database.
3. Voice:
It involves in the recognition of the voice of the individual.
Advantages:
1) It is inexpensive.
2) It also works through telephone.
3) Some person mimicry with other person voices.
Disadvantages:
a. One can mimic the voice of the individual.
Identification
It is a process of recognition and involves taking the biometric data and
searching for the match in the database asking it a slow process that it is
more prone to errors.
Authentication:
It involves confirming your identity and the biometric systems have to
match your data with only one, single record.
Advantages
It provide good security mechanism than all other security
methods
It never fails in security constraints.
In public locations such as banks and airports a large
number of people transit every day including known
criminals. Face recognition systems attached to video
surveillance systems are supposed to help catch them.
A professor recently published his techniques for fooling
finger print scanners. He found that Optical finger print
scanners can be fooled by silicon rubber. However electro
magnetic scanners would reject those, because electrical
characteristics are different from that of a live finger.
Limitations
It needs high memory space in the back end.
Collect data for security is difficult
Some times fails the security with right users
Any time data loose in database high effect for
security mechanism.
So many equipments are needed for provide this
technology.
It highly expensive.
Conclusion
Security is not just about putting big locks on the front
door; it also involves making sure all the windows are shut. Each
one can be individually fooled, but the comparison makes the
system more secure as a whole. Biometrics are have its own
advantages and disadvantages. It high expensive but it provide
good security. Money is not important than security. It is more
useful for confidential maters.
References
http://Biometrics.com
http://whitepapers.com
http://www.milesresearch.com
http://microsoft/biometrics.com
IT Magazines