Lecture 7: 5th October 2019 Flashcards Preview

CS4203 Computer Security > Lecture 7: 5th October 2019 > Flashcards

Flashcards in Lecture 7: 5th October 2019 Deck (22)
Loading flashcards...

What are biometrics?

Biological authenticators based on physical attributes and characteristics


What are the pros and cons of biometric authentication systems?

can't be lost; can be coerced or stolen; low trust for privacy and affinity for biometric auth systems; systems often can be slow and expensive


What are some examples of biometrics?

voice recognition, handprints, thumbprints, retinal scan, DNA, keystroke dynamics, gait anlysis, palm vein depth, body odour, body shape, ear shape...


When may biometrics authentication systems fail to work?

moisturised skin would prevent print recognition; musicians and builders don't work well with thumbprint recognition; voice recognition trained to user's voice/accent


What is FAR?

false acceptance rate: when authentication allowed but shouldn't be


What is FRR?

false rejection rate: when authentication denied when should have been


What is FAR aka?

fraud rate


What is FRR aka?

insult rate


What do biometric authentication systems require for pattern matching and recognition?

lots of training data and stats


What are the aims and priorities of biometric authentication systems?

Have low as possible FAR and FRR, but prioritise low FAR over FRR: worse to have terrorists on plane vs angry customers. But a balance is needed to stay profitable.


Why are people resistant to biometrics?

Privacy concerns


Why is heterogeneity an issue with biometrics?

Different data protection laws and algorithms and standards used in different countries prevent interchange and collaboration which makes security worse.


How does iris recognition work?

Analyse > 200 points, with a focus on the shape of the eye and iris itself, to build a signature.


What are some issues with biometrics?

Not seen as more trusted than a PIN; costly to install; users must learn to use and accept new system; must consider when to use: DNA to pass customs but not to buy a meal deal; privacy concerns; different standards and patterns used prevents collaboration for securoity


What are soft biometrics?

Biological authentication factors which can change over time or are less precise in distinguishing or identifying people than hard biometrics, which can never change (DNA).


What are some soft biometrics?

height, weight, gait, facial features, hair colour.


Are biometrics or no authentication to authenticate credit cards perceived to be more trusted?



Are biometrics or PINs perceived to be more trusted to authenticate credit card use?

No sig difference


What are the issues with converting to a biometric-based authentication system?

People aren't keen from privacy; have to learn to use a new system and accept it; costly to make and install


What happens when FAR < FRR?

More people falsely rejected than falsely accepted. Good security but would be unhappy customers. Used for high-security applications, e.g. military.


What happens when FAR = FRR?

Same number of people falsely authenticated as falsely rejected; tradeoff between security and happy customers. Used for general civilian applications.


What happens when FAR > FRR?

Poor security but happy customers; more people falsely authenticated than are falsely rejected; used in forensic applications.