BIOMETRICS

IN
NETWORK SECURITY

Abstract: In this
paper, we deduced the
In today’s information most important, efficient
technology world, security for systems and accurate method of
is becoming more and more authentification and verification using
important. One area where security Iris Recognition Technology. In
can be improved is in authentication. addition to these we have also
Biometric, provides one of the most discussed the advantages of Iris
secure methods of authentication and Recognition Technology including its
identification Biometric identification applications.
utilizes physiological and behavioural
characteristics to authenticate a
person’s identity, which are both INTRODUCTION
unique and measurable.
Some common physical Iris recognition, a biometric,
characteristics that may be used for provides one of the most secure methods
identification include fingerprints, of authentication and identification
palm prints, hand geometry, retinal thanks to the unique characteristics of
patterns and iris patterns. the iris. An Iris Recognition system
Behavioural characteristics include works by capturing and storing the
signature, voice pattern and keystroke biometric information and then
dynamics. Among all these techniques comparing the scanned biometric with
we have chosen iris recognition what is stored in the repository. Once the
because, that no two irises are alike, image of the iris has been captured using
even in twins, thus making them a a standard camera, the authentication
good biometric. process, involving comparing the current
subject’s iris with the stored version, is greater than fingerprints, and accuracy is
one of the most accurate with very low greater than DNA
false acceptance and rejection rates. This
makes the technology very useful in IRIS RECOGNITION PROCESS:
areas such as information security,
physical access security, ATMs and The process of Iris Recognition is made
airport security. up of three steps:
The technology is accurate,  Capturing the image
easy to use, non-intrusive, and difficult  Defining the location of the iris
to forge. Iris recognition technology and optimizing the image
does provide a good method of  Storing and comparing the
authentication to replace the current image.
methods of passwords, token cards or
Pin’s and if used in conjunction with 1. CAPTURING THE IMAGE
something the user knows in a two- The image of the iris can be
factor authentication system then the captured using a standard camera using
authentication becomes even stronger. both visible and infrared light and may
be either a manual or automated
KNOWLEDGE OF IRIS:

The iris is the plainly visible, colored

ring that surrounds the pupil. It is a
muscular structure that controls the
amount of light entering the eye, with
intricate details that can be measured,
such as striations, pits and furrows. The
iris is not to be confused with the retina,
which lines the inside of the back of the
procedure. The camera can be positioned
eye. The amount of information that can
between three and a half inches and one
be measured in a single iris is much
meter to capture the image. In the
manual procedure, the user needs to
adjust the camera to get the iris in focus boundary and the centre of the pupil.
and needs to be within six to twelve This results in the precise location of the
inches of the camera. circular iris.

Circular Iris Location

This process is much more manually
intensive and requires proper user 2.2 OPTIMIZATION OF IMAGE
training to be successful. The automatic The iris recognition system
procedure uses a set of cameras that then identifies the areas of the iris image
locate the face and iris automatically that are suitable for feature extraction
thus making this process much more and analysis. This involves removing
user friendly. areas that are covered by the eyelids, any
deep shadows and reflective areas. The
2. DEFINING THE LOCATION OF following diagram shows the
THE IRIS AND OPTIMIZING THE optimization of the image.
IMAGE

2.1 LOCATION OF IRIS

Once the camera has located
the eye, the iris recognition system then
identifies the image that has the best
focus and clarity of the iris. The image is
then analyzed to identify the outer
boundary of the iris where it meets the
Optimizing the Image
white sclera of the eye, the pupillary
 regardless of its size and pupil dilation.
3. STORING AND COMPARING This information is used to produce what
THE IMAGE is known as the Iris Code, which is a
512-byte record. The iris code template
3.1 STORING captures the unique features of an iris in
Once the image has been captured, the a robust way that allows easy and very
image of eye is processed by software rapid comparisons against large
that localizes the inner and outer databases of other templates. This record
boundaries of the iris and the eyelid is stored in a database for future
contours, in order to extract just the iris comparison.
portion. Eyelashes and reflections that
may cover parts of the iris are detected
and discounted.
Sophisticated mathematical
3.2 COMPARISON

When a comparison is
required the same process is followed
but instead of storing the record it is
compared to all the Iris Code records
stored in the database. The comparison
also doesn’t actually compare the image
of the iris but rather compares the
software then encodes the iris pattern by
hexadecimal value produced after the
a process called demodulation. This
algorithms have been applied. In order to
creates a phase code for the texture
compare the stored Iris Code record with
sequence in the iris, similar to a DNA
an image just scanned, a calculation of
sequence code. The demodulation
the Hamming Distance is required. The
process uses functions called 2-d
Hamming Distance is a measure of the
wavelets that make a very compact yet
variation between the Iris Code record
complete description of the iris pattern,
for the current iris and the Iris Code
records stored in the database. Each of template stored in the biometric system.
the 2048 bits is compared against each False Accept Rate (FAR) occurs when
other, i.e. bit 1 from the current Iris the measurement taken from the live
Code and bit 1 from the stored Iris Code subject is so close to another subject’s
record are compared, then bit 2 and so template that a correct match will be
on. Any bits that don’t match are declared by mistake. The point at which
assigned a value of one and bits that do the FRR and the FAR are equal is known
match a value of zero. Once all the bits as the Crossover Error Rate (CER). The
have been compared, the number of non- lower the CER, the more
matching bits is divided by the total Hamming distances and Error
number of bits to produce a two-digit Probabilities
figure of how the two Iris Code records
differ. reliable and accurate the system. In iris
recognition technology, a Hamming
Distance of .342 is the nominal
3.3 CASE STUDY CER.This means that if the difference
between a presented Iris Code record
For example a Hamming and one in the database is 34.2% or
Distance of 0.20 means that the two Iris greater then they are considered to have
Code differ by 20%.With all biometric come from two different subjects.
systems there are two error rates that During Recognition mode, this
need to be taken into consideration. comparison has to occur between the Iris
False Reject Rate (FRR) occurs when Code record from the live subject and
the biometric measurement taken from every Iris Code stored in the database
the live subject fails to match the before the live subject is rejected. The
following table shows the probabilities
of false accept and false reject with iris
recognition technology:

SYSTEM USAGE
 Enrolment in an iris system processor the database is running
recognition system is normally quite on and the size of the database itself.
fast. The actual capturing and testing of The proximity a user needs to be to the
the image, administrative requirements scanning system is usually dependant on
and training of the subject can usually be the lens in use and the illumination. For
accomplished in a couple of minutes. example, systems scanning at the
Subjects who wear glasses should desktop PC level can operate with the
remove their glasses during the initial Subject seventeen to nineteen inches
enrolment in a recognition system to from the unit.
ensure that the best image is captured
without any reflection from the lenses in ADVANTAGES OF IRIS
the glasses. Contact lenses, on the other RECOGNITION TECHNOLOGY
hand, do not need to be removed as they
sit flush with the eye and hence have no The physiological properties
reflections to impede the initial scan. of irises are major advantages to using
After the initial enrolment most users are them as a method of Authentication.
able to go through subsequent scanning The morphogenesis of the iris that
without any additional instruction or occurs during the seventh month of
assistance. Those who wear glasses no gestation results in the uniqueness of the
longer have to remove them after initial iris even between multi-birth children.
enrolment and wearing clear or colored These patterns remain stable throughout
contact lenses pose no problems. Note life and are protected by the body’s own
that the same eye used during enrolment mechanisms. This randomness in irises
must be used during subsequent makes them very difficult to forge and
comparisons. The comparison of a live hence imitate the actual person. In
subject Iris Code record with all the Iris addition to the physiological benefits,
Code records in the database may seem iris-scanning technology is not very
like a large amount of data to process, in intrusive as there is no direct contact
reality it normally only takes a few between the subject and the camera
seconds. This comparison speed is technology. It is non-invasive, as it does
obviously affected by the speed of the not use any laser technology, just simple
video technology. The camera does not a company’s network and being able to
record an image unless the user actually access the network with a username and
engages it. It poses no difficulty in password is the most common method of
enrolling people that wear glasses or authentication today. If a username and
contact lenses. The accurateness of the password is stolen then this gives the
scanning technology is a major benefit thief all of that person’s access
with error rates being very low, hence privileges and this can be detrimental to
resulting in a highly reliable system for a company in today’s competitive
authentication. Scalability and speed of environment. Implementing an iris
the technology are a major advantage. recognition system to authenticate users
The technology is designed to be used on the network means that there are no
with large-scale applications such as passwords to steal and no tokens to lose.
with ATMs. The speed of the database Users are only able to access the systems
iris records are stored in is very they have privileges to access and it’s
important. Users do not like spending a very difficult for someone to replicate an
lot of time being authenticated and the iris for authentication.
ability of the system to scan and The technology can
compare the iris within a matter of not only be used for securing log on but
minutes is a major benefit. also in areas such as file and directory
access, web site access and key access
“Communication with users for file encryption and decryption. In a
plays a major part in introducing such network environment, a system may be
a system Successfully” configured to compare the live template
K6E4 A169 4E46 to the stored template and if a match is
APPLICATIONS OF IRIS found then the user’s access privileges
RECOGNITION TECHNOLOGY are passed back to the client. In other
implementations, after a match is found,
The most obvious the server returns a username and
use of iris recognition technology is password to the client, which then
within the computing environment. transmits this information to the network
There is a lot of valuable data stored on server to allow access to the systems the
user has privileges to. Enterprise banking industry is also involved in
applications are also being worked on in looking at implementing the technology
the areas of e-commerce, healthcare in over the counter transactions with
applications for medical records customers. This would reduce the
protection, insurance and brokerage requirement for customers to produce
transactions. identification, bank books, account
Another area iris numbers etc and would result in faster
recognition is useful with is physical transaction times that leaves the bank
security to data centers or computer teller with more time to concentrate on
rooms. Mounting a scanner by the access the level of service provided to the
door and authenticating people via their customer.
iris is a good method of ensuring only Iris recognition is
those whose templates are in the being considered in areas where there is
database for computer room access are a need for large throughput and queuing.
actually allowed in. This helps to For example border clearance, ticket less
alleviate problems associated with swipe air travel, transportation and airport
card access where some systems have to security. Airport security has seen a
be manually programmed with specific huge increase in focus after the recent
card numbers and robust processes need events of July 07, 2005 and September
to be in place to ensure access lists are 11, 2001. Heathrow airport is already
regularly reviewed. Swipe cards are also testing a system that scans a passenger’s
easily lost, stolen or borrowed. iris rather than the passenger needing to
Iris recognition is provide their passport. The aim behind
also being utilized or considered in other the trial is to speed up processing of
areas of daily life. ATMs are a major passengers and to detect illegal
area where iris recognition is being immigrants into the country. Currently,
trialed. The use of this technology with approximately 2000 passengers are
ATMs means that customers can discard participating in the trial that is due to run
their Plastic cards and Pins thus for five months. Passengers participating
eliminating the possibility of having will have one of their irises stored in a
cards and/or PIN’s stolen or lost. The database. When arriving at the airport,
instead of presenting their passport, they no longer have to worry about
proceed to a kiosk where their iris will remembering passwords and system
be scanned by a camera and matched administrators no longer need to worry
with the record stored in the database. about the never-ending problem of users
Once a match is confirmed a barrier will disclosing passwords or having weak
open and the passenger is able to passwords that are easily cracked. If a
proceed as normal. two-factor authentication system is
implemented, for example iris
recognition with a smart card, then the
CONCLUSION strength of authentication increases and
The need for secure provides another part to “defense in
methods of authentication is becoming depth” for the company.
increasingly important in the corporate
world today. Passwords, token cards and REFERENCES
PIN’s are all risks to the security of an [1] Iris-scan.com. Iris Recognition: The
organization due to human nature. Our Technology.
inability to remember complex URL: http://www.iris-
passwords and tendency to write these scan.com/iris_technology.htm
down along with losing token cards or [2] Iris-scan.com. Iris Recognition:
forgetting PIN’s all contribute to the Issues.
possible breakdown in security for an URL:http://www.iris-
organization. The uniqueness of the iris scan.com/iris_cautionary.htm
and low probability of a false acceptance [3] Iris-scan.com. Iris Recognition in
or false rejection all contribute to the Action.
benefits of using iris recognition URL:http://www.iris-
technology. It provides an accurate and scan.com/iris_recognition_applications.h
secure method of authenticating users tm
onto company systems, is a non- [4] Daugman, John. History and
intrusive method and has the speed Development of Iris Recognition
required to minimize user frustration
when accessing company systems. Users
URL:
http://www.cl.cam.ac.uk/users/jgd1000/h
istory.html
[5] Daugman, John. Some Possible
Applications of Iris Recognition
URL:
http://www.cl.cam.ac.uk/users/jgd1000/a
pplics.html .