SlideShare una empresa de Scribd logo

CASE STUDY ON PKI & BIOMETRIC BASED APPLICATION

Descargar como DOCX, PDF
Pankaj Rane
Pankaj Rane

Public Key Infrastructure is a widely deployed security technology for handling key distribution and validation in computer security. Despite PKI’s popularity as a security solution, Phishing and other Man-in-the-Middle related attacks are accomplished with ease throughout our computer networks. The major problems with PKI come down to trust, and largely, how much faith we must place in cryptographic keys alone to establish authenticity and identity. In this paper, we look at a novel biometric solution that mitigates this problem at both the user and certificate authority levels. More importantly, we examine the trouble with the application of unprotected biometric features directly into PKI, and propose the integration of a secure, revocable biometric template protection technology that supports transactional key release. A detailed explanation of this new Biometric application is provided, including composition, enrollment, authentication, and revocation details. The Biometric provides a new paradigm for blending elements of physical and virtual security to address pesky network attacks that more conventional approaches have not been able to stop.

Tecnología
1 de 5
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATION Rama Krishna Pankaj Rane 120851923010 120851923024 Venkatesh 120851923027 Abstract - Public Key Infrastructure is a widely deployed security technology for handling key distribution and validation in computer security. Despite PKI’s popularity as a security solution, Phishing and other Man-in-the-Middle related attacks are accomplished with ease throughout our computer networks. The major problems with PKI come down to trust, and largely, how much faith we must place in cryptographic keys alone to establish authenticity and identity. In this paper, we look at a novel biometric solution that mitigates this problem at both the user and certificate authority levels. More importantly, we examine the trouble with the application of unprotected biometric features directly into PKI, and propose the integration of a secure, revocable biometric template protection technology that supports transactional key release. A detailed explanation of this new Biometric application is provided, including composition, enrollment, authentication, and revocation details. The Biometric provides a new paradigm for blending elements of physical and virtual security to address pesky network attacks that more conventional approaches have not been able to stop. 1. INTRODUCTION Public Key Infrastructure or PKI can be a very complex but important subject. We’ll give you a PKI overview to help you understand what PKI is and how it can help you. PKI is a loaded term that involves the hardware, software, policies, and standards that are necessary to manage SSL certificates. A PKI lets you: Manikanta Devi Sree 120851923019 120851923014 using their trusted root certificate (or an intermediate of it) to create a "chain of trust" so the browser will trust the entity’s certificate. Basically, web browser developers are saying "We trust this certificate authority and they say that this is the entity's public key so, if we use it, we know we are talking to the right entity." Biometrics (or biometric authentication) refers to the identification of humans by their characteristics or traits. Biometrics is used in computer science as a form of identification and access control. It is also used to identify individuals in groups that are under surveillance. Biometric identifiers are the distinctive, measurable characteristics used to label and describe individuals. Biometric identifiers are often categorized as physiological versus behavioral characteristics. A physiological biometric would identify by one's voice, DNA, hand print or behavior. Behavioral biometrics are related to the behavior of a person, including but not limited to: typing rhythm, gait, and voice. Some researchers have coined the term behaviometrics to describe the latter class of biometrics. More traditional means of access control include token-based identification systems, such as a driver's license or passport, and knowledge-based identification systems, such as a password or number. Since biometric identifiers are unique to individuals, they are more reliable in verifying identity than token and knowledge-based methods; however, the collection of biometric identifiers raises privacy concerns about the ultimate use of this information. i) Authenticate users more securely than standard usernames and passwords. ii) Encrypt sensitive information. iii) Electronically sign documents more efficiently. A PKI allows you to bind public keys (contained in SSL certificates) with a person so in a way that allows you to trust the certificate. Public Key Infrastructures most commonly use a Certificate Authority (also called a Registration Authority) to verify the identity of an entity and create unforgeable certificates. Web browsers, web servers, email clients, smart cards, and many other types of hardware and software all have integrated, standards-based PKI support that can be used with each other. A PKI is only as valuable as the standards that are established for issuing certificates. Certificate Authorities An SSL Certificate Authority (also called a trusted third party) is an organization that issues digital certificates to organizations or individuals after verifying their identity. The information that it verifies is included in the signed certificate. It is also responsible for revoking certificates that have been compromised. Many Certificate Authorities have their root certificates embedded in web browsers so your web browser automatically trusts them. They will sign an entity’s certificate 2. PKI BASED APPLICATIONS 2.1 E-BANKING IN CORPORATE LEVEL In normal transaction we use user ID, password to authenticate the person. Through this user name and password any one can login if they know our confidential details. due to this if they perform any transaction without knowing us then we have the problem. To resolve this we use Digital certificate. If we enable the Digital certificate to transact the amount and also enable the Digital certificate for login it provides some security. Let see the process now ENABLE THE DIGITAL CERTIFICATE 1. Login with your Corporate Id, User Id and Login Password 2. Enable the Digital Certificate Registration
3. Click upload button System will automatically pick up the desired details form the certificate file. 4. Select whether you require digital certificate for login, for transaction or for both LOGIN THE USER AND TRANSACT WITH THE HELP OF DIGITAL CERTIFICATE 1. Click on the link Corporate User (With Digital Certificate) link. 2. You will be prompted for selecting the digital certificate 3. Enter your Corporate Id, User Id and login ID and password. 4. Now you will be able to use Corporate Internet Banking with additional security of Digital Certificate 5. Perform the operations (Transactions) with the help of additional security 2.2 E-CORPORATION If anyone wants to start a company they must register the details of company and personal details in the ministry of corporate affairs. These ministries of corporate affairs newly implemented the process to register the company with the help of Digital certificate. Let see the process now... To register a company, you need to first apply for a Director Identification Number (DIN) which can be done by filing eForm for acquiring the DIN. You would then need to acquire your Digital Certificate and register the same on the portal. Thereafter, you need to get the company name approved by the Ministry. Once the company name is approved, you can register the company by filing the incorporation form depending on the type of company 2.3 E-LICENCING If we want to renewal the license we apply the renewal application through by online. if we want to apply online we register first and login the username and password and enter the details and perform the transactions but if anyone knows our confidential information they can use it for wrong things. To solve this problem we use the Digital Certificate. Let see the process now.. 1. Applicant must have digital certificate. 2. Applicant authentication will be done by uploading personal certificate and enter the pin of the certificate. 3. Enter the details like 1. Provide the particulars of register owner and vehicle. 2. Upload required support documents 1. Vehicle registration document. 2. Certificate of roadworthiness. 3. Third party Risk Insurance Policy. 3. Providing Residential address. 4. Provide digital signature and enter pin of certificate to sign the application. 5. Make payment using your credit card. 6. Obtain acknowledgement slip. Normally if we want to use online transaction, some sites can't provide secure transaction. Suppose if we want to send the confidential information to any one if transaction is not secure then our confidential information will be damaged. To overcome the situation we use the PKI. Here the customer, who is going to renewal the LICENCE is transferring the confidential information and also he is transferring the amount have to be paid for the government such that we have to enable PKI.To achieve this the customer must have Digital Certificate. The data from sender side will be encrypted. 3. BIOMETRIC BASED APPLICATIONS 3.1. BIOMETRIC ATM We all know of ATM's that accept our credit/debit card and the PIN number to dispense cash. Biometric ATM's are the latest inventions to help us avoid fraud and duplication. If somebody steals our card and also knows our PIN they can easily withdraw cash from our account. In case of biometric ATM's they cannot. Usually the PIN for bio ATM's is the finger print of the card holder or his eye retina scan etc. These cannot be duplicated and hence they are very safe and secure. But they are very costly when compared to traditional ATM machines and hence they are not very widely used now. Japanese bank palms off customers with biometric ATMs: Japan-based Ogaki Kyoritsu Bank is claiming to be the first in the world set to offer its customers the option of using ATM services without the need for a cash card or passbook, thanks to palm-scanning biometric technology from Fujitsu. The technology works by mapping and identifying the unique pattern of veins in the user’s palm. Although biometric scanners are used in some Japanese banks. With the tag-line "You are the cash card", the technology will be rolled-out from September in ten branches including the major city of Nagoya, as well as a drive-through cash point (yes, they have them too) and two mobile banking units. Ogaki Kyoritsu – which is a regional bank centered in Gifu prefecture west of Tokyo – was quick to point out that a card-less authentication system could have helped survivors of the recent Tohoku earthquake and tsunami who, having lost cards and passbooks, were stranded unable to access their accounts. One of the bank’s mobile units operates as a “rescue” bank for just such occasions. The system is pretty straightforward. Initially the user must associate their palm scan with their account by inputting PIN and birth date, after which time they are free to access their account via the scan alone to withdraw or deposit money or check account balance. • • • • • Poland's cooperative BPS (Bank Polskiej SpoldzielczosciSA) bank says it's the first in Europe to install a biometric ATM --allowing customers to withdraw cash simply with the touch of a fingertip. The digit-scanning ATM, introduced in the Polish capital of Warsaw, runs on the latest in “finger vein" technology. Developed by Japanese tech giant Hitachi. In this technology an infrared light is passed through the finger to detect a unique pattern of micro-veins beneath the surface - which is then matched with a preregistered profile to verify an individual's identity. Finger veins are impossible to replicate because they are beneath the surface of the skin.
Airports, Train stations, Trade-centers, Stadiums, and public malls. With these recent APS update, Ayonix’s APS product now greatly benefits from the additional performance boost provided by the new image processing algorithm, as evidenced by recent tests. More specifically, the processing speed in APS ver2.1 has been 10 times faster than other releases. Users can now achieve real-time face recognition in public locations. And whereas previously it was difficult to recognize identities while people were walking, APS ver2.1 now makes a walk-through facial recognition feasible. Fig 3.1 a) Customer enrollment for biometric scan at bank • • • • • Face Recognition identify a person uniquely in crowd. Face Recognition can be deployed in any crowd places such as railways, public malls, airports, stadiums etc… This technology was first introduced in JAPAN by Ayonix, Inc. Japan, a leading Image technology solution provider. As U.S. airports installed face-recognition systems to prevent terrorism in the wake of the Sept. 11 attack. Developed by herta security known as Bio surveillance. Fig 3.1 b) Customer accessing biometric ATM 3.2. FACE RECOGNITION FOR SURVEILLANCE Biometrics is the digital analysis using cameras or scanners of biological characteristics such as facial structure, fingerprints and iris patterns to match profiles to databases of people such as suspected terrorists. Some experts say face recognition is perhaps the most promising biometric technique for overcrowded airports because it relies on distant cameras to identify people--not finger scanners or other devices requiring people to click, touch or stand in a particular position. Several airports are adopting such face-recognition software in an effort to beef up security after the suicide bombings on the World Trade Center and the Pentagon. In addition to the Logan airport in Boston, Oakland International Airport in Oakland, Calif.; T.F. Green Airport in Providence, R.I.; and Fresno Yosemite International Airport in California are among those adopting identification technology to check passengers. Visionics' technology can scan about 15 faces a second, compiling 84 bytes of data for each face detected in a frame of video. It maps the landmarks of the face including nose, eyes and mouth to create a digital "face print" of a person. The face print is then compared to a database of tens of thousands of other biometric IDs representing criminals, terrorists or other people for whom security is looking. Ayonix, Inc. Japan, a leading Image technology solution provider, today announced the release of Ayonix Public Security (APS ver2.1), a new real-time facial detection and recognition surveillance product aimed at safely identifying criminals as well as suspects in public locations such as Fig.3.2 Workflow for face recognition for surveillance at Airport 4. PKI AND APPLICATIONS BIOMETRIC BASED 4.1. e-PASSPORT A biometric passport, also known as an e-passport, ePassport or a digital passport, is a combined paper and electronic passport that contains biometric information that can be used to authenticate the identity of travelers. It uses contactless smart card technology, including a microprocessor chip (computer chip) and antenna (for both power to the chip and communication) embedded in the front or back cover, or center page, of the passport. Document and chip characteristics are documented in the International Civil AviationOrganization's (ICAO) Doc 9303. The passport's critical information is both printed on the data page of the passport and stored in the chip. Public Key Infrastructure (PKI) is used to authenticate the data stored electronically in the passport chip making it expensive and difficult to forge when all security mechanisms are fully and correctly implemented. The currently standardized biometrics used for this type of identification system are facial recognition, fingerprint recognition, and irisrecognition. These were adopted after assessment of several different kinds of biometrics including retinal scan. The ICAO defines the biometric file formats and communication protocols to be used in passports. Only the digital image (usually in JPEG or JPEG2000 format) of each biometric feature is actually stored in the chip. The comparison of biometric features is performed outside the passport chip by electronic border control systems (e-borders). To store biometric data on the contactless chip, it includes a minimum
of 32 kilobytes of EEPROM storage memory, and runs on an interface in accordance with the ISO/IEC 14443 international standard, amongst others. These standards intend interoperability between different countries and different manufacturers of passport books. Fig.4.1 a) Countries with biometric passports Fig.4.1 b) Workflow of biometric passport 4.2 BIOMETRIC ENABLED PROXY SIM Normally proxy sim contains inbuilt PKI(that means public and private keys). Suppose if we want to send a message confidentially to any one we can send the message to them with the help of PKI (encrypt the message whatever we send to him). If anyone knows the password of PKI, they can use this mobile and they can send the message through our mobile with enabled PKI. To overcome this Situation we can use this BIOMETRIC ENABLED PROXY SIM. What we are proposing in this system is not even if anyone knows our password they must want our BIOMETRICS(already stored in that sim which is cant open by any way) that means without using BIOMETRICS they cannot use PKI. If authorized user want to perform any sms/transaction, If authorized user wants to send the sms through the PKI, he type the sms and send the sms to destination. Before going to destination it asks the Biometrics (fingerprint) and it asks to enter the private key pin number. First enter the finger print and then type the pin number. Due to this Destination person can understood that confidential matter is sent by the authorized person. If authorized user wants to transact an amount to any account, he must login in to his account and transact the amount. Before complete the transaction mobile asks the biometrics that means finger print and then it asks the private key to complete the transaction. Due to this the transaction is done by the authorized person. • • • http://www.theregister.co.uk/2012/04/12/ogaki_palm_s canning_cash/ http://news.cnet.com/2100-1023-275313.html http://www.dhs.gov/e-passport • • hthttp://www.mca.gov.in/MCA21/ http://www.netpnb.com/index.html# 5 References • • • http://en.wikipedia.org/wiki/Biometric_passport http://www.dhs.gov/e-passports http://www.gov.hk/en/residents/transport/vehicle/renew vehiclelicense.
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATION

Recomendados

PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and ApplicationsSvetlin Nakov
 
Blockchain ecosystem and evolution
Blockchain ecosystem and evolutionBlockchain ecosystem and evolution
Blockchain ecosystem and evolutionChandra Sekhar AKNR
 
Introduction to Public Key Infrastructure
Introduction to Public Key InfrastructureIntroduction to Public Key Infrastructure
Introduction to Public Key InfrastructureTheo Gravity
 
Darwin's Finches, 20th Century Business, and APIs
Darwin's Finches, 20th Century Business, and APIsDarwin's Finches, 20th Century Business, and APIs
Darwin's Finches, 20th Century Business, and APIsSam Ramji
 
OpenID for Verifiable Credentials (IIW 35)
OpenID for Verifiable Credentials (IIW 35)OpenID for Verifiable Credentials (IIW 35)
OpenID for Verifiable Credentials (IIW 35)Torsten Lodderstedt
 
IBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxIBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxFIDO Alliance
 
OpenID for Verifiable Credentials @ IIW 36
OpenID for Verifiable Credentials @ IIW 36OpenID for Verifiable Credentials @ IIW 36
OpenID for Verifiable Credentials @ IIW 36Torsten Lodderstedt
 
Introduction to DID Auth for SSI with Markus Sabadello
Introduction to DID Auth for SSI with Markus SabadelloIntroduction to DID Auth for SSI with Markus Sabadello
Introduction to DID Auth for SSI with Markus SabadelloSSIMeetup
 

Recomendados

PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and ApplicationsSvetlin Nakov
 
Blockchain ecosystem and evolution
Blockchain ecosystem and evolutionBlockchain ecosystem and evolution
Blockchain ecosystem and evolutionChandra Sekhar AKNR
 
Introduction to Public Key Infrastructure
Introduction to Public Key InfrastructureIntroduction to Public Key Infrastructure
Introduction to Public Key InfrastructureTheo Gravity
 
Darwin's Finches, 20th Century Business, and APIs
Darwin's Finches, 20th Century Business, and APIsDarwin's Finches, 20th Century Business, and APIs
Darwin's Finches, 20th Century Business, and APIsSam Ramji
 
OpenID for Verifiable Credentials (IIW 35)
OpenID for Verifiable Credentials (IIW 35)OpenID for Verifiable Credentials (IIW 35)
OpenID for Verifiable Credentials (IIW 35)Torsten Lodderstedt
 
IBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxIBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxFIDO Alliance
 
OpenID for Verifiable Credentials @ IIW 36
OpenID for Verifiable Credentials @ IIW 36OpenID for Verifiable Credentials @ IIW 36
OpenID for Verifiable Credentials @ IIW 36Torsten Lodderstedt
 
Introduction to DID Auth for SSI with Markus Sabadello
Introduction to DID Auth for SSI with Markus SabadelloIntroduction to DID Auth for SSI with Markus Sabadello
Introduction to DID Auth for SSI with Markus SabadelloSSIMeetup
 
Blockchain in healthcare
Blockchain in healthcareBlockchain in healthcare
Blockchain in healthcareAhsan Shamsudeen
 
OIDC4VP for AB/C WG
OIDC4VP for AB/C WGOIDC4VP for AB/C WG
OIDC4VP for AB/C WGTorsten Lodderstedt
 
Logging, Metrics, and APM: The Operations Trifecta
Logging, Metrics, and APM: The Operations TrifectaLogging, Metrics, and APM: The Operations Trifecta
Logging, Metrics, and APM: The Operations TrifectaElasticsearch
 
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)Lal Chandran
 
Under the Hood: Open vSwitch & OpenFlow in XCP & XenServer
Under the Hood: Open vSwitch & OpenFlow in XCP & XenServerUnder the Hood: Open vSwitch & OpenFlow in XCP & XenServer
Under the Hood: Open vSwitch & OpenFlow in XCP & XenServerThe Linux Foundation
 
Cloud Native Identity with SPIFFE
Cloud Native Identity with SPIFFECloud Native Identity with SPIFFE
Cloud Native Identity with SPIFFEPrabath Siriwardena
 
Vault
VaultVault
Vaultdawnlua
 
Introduction to Self Sovereign Identity
Introduction to Self Sovereign IdentityIntroduction to Self Sovereign Identity
Introduction to Self Sovereign IdentityHeather Vescent
 
ERC Identity
ERC IdentityERC Identity
ERC IdentityFabian Vogelsteller
 
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...Torsten Lodderstedt
 
OpenID for Verifiable Credentials
OpenID for Verifiable CredentialsOpenID for Verifiable Credentials
OpenID for Verifiable CredentialsTorsten Lodderstedt
 
mimikatz @ phdays
mimikatz @ phdaysmimikatz @ phdays
mimikatz @ phdaysBenjamin Delpy
 
Self Sovereign Identity (SSI) Open standards with Drummond Reed
Self Sovereign Identity (SSI) Open standards with Drummond Reed Self Sovereign Identity (SSI) Open standards with Drummond Reed
Self Sovereign Identity (SSI) Open standards with Drummond Reed SSIMeetup
 
OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)Torsten Lodderstedt
 
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018HashiCorp
 
Hyperledger Indy tutorial
Hyperledger Indy tutorialHyperledger Indy tutorial
Hyperledger Indy tutorialssuser3993f3
 
Self-Sovereign Identity: Ideology and Architecture with Christopher Allen
Self-Sovereign Identity: Ideology and Architecture with Christopher AllenSelf-Sovereign Identity: Ideology and Architecture with Christopher Allen
Self-Sovereign Identity: Ideology and Architecture with Christopher AllenSSIMeetup
 
Digital certificates and information security
Digital certificates and information securityDigital certificates and information security
Digital certificates and information securityDevam Shah
 
OpenID for SSI
OpenID for SSIOpenID for SSI
OpenID for SSITorsten Lodderstedt
 
Public key Infrastructure (PKI)
Public key Infrastructure (PKI)Public key Infrastructure (PKI)
Public key Infrastructure (PKI)Venkatesh Jambulingam
 
Fingerprint detection
Fingerprint detectionFingerprint detection
Fingerprint detectionMudit Mishra
 
Fingerprint based transaction system
Fingerprint based transaction systemFingerprint based transaction system
Fingerprint based transaction systemsagar solanky
 

Más contenido relacionado

La actualidad más candente

Logging, Metrics, and APM: The Operations Trifecta
Logging, Metrics, and APM: The Operations TrifectaLogging, Metrics, and APM: The Operations Trifecta
Logging, Metrics, and APM: The Operations TrifectaElasticsearch
 
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)Lal Chandran
 
Under the Hood: Open vSwitch & OpenFlow in XCP & XenServer
Under the Hood: Open vSwitch & OpenFlow in XCP & XenServerUnder the Hood: Open vSwitch & OpenFlow in XCP & XenServer
Under the Hood: Open vSwitch & OpenFlow in XCP & XenServerThe Linux Foundation
 
Cloud Native Identity with SPIFFE
Cloud Native Identity with SPIFFECloud Native Identity with SPIFFE
Cloud Native Identity with SPIFFEPrabath Siriwardena
 
Introduction to Self Sovereign Identity
Introduction to Self Sovereign IdentityIntroduction to Self Sovereign Identity
Introduction to Self Sovereign IdentityHeather Vescent
 
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...Torsten Lodderstedt
 
OpenID for Verifiable Credentials
OpenID for Verifiable CredentialsOpenID for Verifiable Credentials
OpenID for Verifiable CredentialsTorsten Lodderstedt
 
Self Sovereign Identity (SSI) Open standards with Drummond Reed
Self Sovereign Identity (SSI) Open standards with Drummond Reed Self Sovereign Identity (SSI) Open standards with Drummond Reed
Self Sovereign Identity (SSI) Open standards with Drummond Reed SSIMeetup
 
OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)Torsten Lodderstedt
 
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018HashiCorp
 
Hyperledger Indy tutorial
Hyperledger Indy tutorialHyperledger Indy tutorial
Hyperledger Indy tutorialssuser3993f3
 
Self-Sovereign Identity: Ideology and Architecture with Christopher Allen
Self-Sovereign Identity: Ideology and Architecture with Christopher AllenSelf-Sovereign Identity: Ideology and Architecture with Christopher Allen
Self-Sovereign Identity: Ideology and Architecture with Christopher AllenSSIMeetup
 
Digital certificates and information security
Digital certificates and information securityDigital certificates and information security
Digital certificates and information securityDevam Shah
 

La actualidad más candente (20)

Blockchain in healthcare
Blockchain in healthcareBlockchain in healthcare
Blockchain in healthcare
 
OIDC4VP for AB/C WG
OIDC4VP for AB/C WGOIDC4VP for AB/C WG
OIDC4VP for AB/C WG
 
Logging, Metrics, and APM: The Operations Trifecta
Logging, Metrics, and APM: The Operations TrifectaLogging, Metrics, and APM: The Operations Trifecta
Logging, Metrics, and APM: The Operations Trifecta
 
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)
 
Under the Hood: Open vSwitch & OpenFlow in XCP & XenServer
Under the Hood: Open vSwitch & OpenFlow in XCP & XenServerUnder the Hood: Open vSwitch & OpenFlow in XCP & XenServer
Under the Hood: Open vSwitch & OpenFlow in XCP & XenServer
 
Cloud Native Identity with SPIFFE
Cloud Native Identity with SPIFFECloud Native Identity with SPIFFE
Cloud Native Identity with SPIFFE
 
Vault
VaultVault
Vault
 
Introduction to Self Sovereign Identity
Introduction to Self Sovereign IdentityIntroduction to Self Sovereign Identity
Introduction to Self Sovereign Identity
 
ERC Identity
ERC IdentityERC Identity
ERC Identity
 
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
 
OpenID for Verifiable Credentials
OpenID for Verifiable CredentialsOpenID for Verifiable Credentials
OpenID for Verifiable Credentials
 
mimikatz @ phdays
mimikatz @ phdaysmimikatz @ phdays
mimikatz @ phdays
 
Self Sovereign Identity (SSI) Open standards with Drummond Reed
Self Sovereign Identity (SSI) Open standards with Drummond Reed Self Sovereign Identity (SSI) Open standards with Drummond Reed
Self Sovereign Identity (SSI) Open standards with Drummond Reed
 
OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)
 
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018
 
Hyperledger Indy tutorial
Hyperledger Indy tutorialHyperledger Indy tutorial
Hyperledger Indy tutorial
 
Self-Sovereign Identity: Ideology and Architecture with Christopher Allen
Self-Sovereign Identity: Ideology and Architecture with Christopher AllenSelf-Sovereign Identity: Ideology and Architecture with Christopher Allen
Self-Sovereign Identity: Ideology and Architecture with Christopher Allen
 
Digital certificates and information security
Digital certificates and information securityDigital certificates and information security
Digital certificates and information security
 
OpenID for SSI
OpenID for SSIOpenID for SSI
OpenID for SSI
 
Public key Infrastructure (PKI)
Public key Infrastructure (PKI)Public key Infrastructure (PKI)
Public key Infrastructure (PKI)
 

Destacado

Fingerprint detection
Fingerprint detectionFingerprint detection
Fingerprint detectionMudit Mishra
 
Fingerprint based transaction system
Fingerprint based transaction systemFingerprint based transaction system
Fingerprint based transaction systemsagar solanky
 
ATM(AUTOMATIC TELLER MACHINE)-HISTORY,TYPES, WORKING, STRUCTURE
ATM(AUTOMATIC TELLER MACHINE)-HISTORY,TYPES, WORKING, STRUCTUREATM(AUTOMATIC TELLER MACHINE)-HISTORY,TYPES, WORKING, STRUCTURE
ATM(AUTOMATIC TELLER MACHINE)-HISTORY,TYPES, WORKING, STRUCTURERadhika Venkat
 
BIOMETRIC IDENTIFICATION IN ATM’S PPT
BIOMETRIC IDENTIFICATION IN ATM’S PPTBIOMETRIC IDENTIFICATION IN ATM’S PPT
BIOMETRIC IDENTIFICATION IN ATM’S PPTsravya raju
 
High protection ATM system with fingerprint identification technology
High protection ATM system with fingerprint identification technologyHigh protection ATM system with fingerprint identification technology
High protection ATM system with fingerprint identification technologyAlfred Oboi
 
Feasibility Study Product Proposals
Feasibility Study Product ProposalsFeasibility Study Product Proposals
Feasibility Study Product ProposalsBryan Agustin Oculam
 
Feasibility Study- Bakery
Feasibility Study- BakeryFeasibility Study- Bakery
Feasibility Study- Bakerysakurashu28
 
Fingerprint presentation
Fingerprint presentationFingerprint presentation
Fingerprint presentationrajarose89
 
Feasibility report -basic concepts with example
Feasibility report -basic concepts with exampleFeasibility report -basic concepts with example
Feasibility report -basic concepts with exampleAbhijeet Bhosale
 
Project planning and feasibility study
Project planning and feasibility studyProject planning and feasibility study
Project planning and feasibility studyMars Mfyam
 

Destacado (13)

Fingerprint detection
Fingerprint detectionFingerprint detection
Fingerprint detection
 
Fingerprint based transaction system
Fingerprint based transaction systemFingerprint based transaction system
Fingerprint based transaction system
 
ATM(AUTOMATIC TELLER MACHINE)-HISTORY,TYPES, WORKING, STRUCTURE
ATM(AUTOMATIC TELLER MACHINE)-HISTORY,TYPES, WORKING, STRUCTUREATM(AUTOMATIC TELLER MACHINE)-HISTORY,TYPES, WORKING, STRUCTURE
ATM(AUTOMATIC TELLER MACHINE)-HISTORY,TYPES, WORKING, STRUCTURE
 
BIOMETRIC IDENTIFICATION IN ATM’S PPT
BIOMETRIC IDENTIFICATION IN ATM’S PPTBIOMETRIC IDENTIFICATION IN ATM’S PPT
BIOMETRIC IDENTIFICATION IN ATM’S PPT
 
How to Prepare Innovative Feasibility Study in transitional economy
How to Prepare Innovative Feasibility Study in transitional economyHow to Prepare Innovative Feasibility Study in transitional economy
How to Prepare Innovative Feasibility Study in transitional economy
 
High protection ATM system with fingerprint identification technology
High protection ATM system with fingerprint identification technologyHigh protection ATM system with fingerprint identification technology
High protection ATM system with fingerprint identification technology
 
Feasibility Study Product Proposals
Feasibility Study Product ProposalsFeasibility Study Product Proposals
Feasibility Study Product Proposals
 
Feasibility Study- Bakery
Feasibility Study- BakeryFeasibility Study- Bakery
Feasibility Study- Bakery
 
Feasibility Study
Feasibility StudyFeasibility Study
Feasibility Study
 
Fingerprint presentation
Fingerprint presentationFingerprint presentation
Fingerprint presentation
 
Feasibility Study (Veggie Bread)
Feasibility Study (Veggie Bread)Feasibility Study (Veggie Bread)
Feasibility Study (Veggie Bread)
 
Feasibility report -basic concepts with example
Feasibility report -basic concepts with exampleFeasibility report -basic concepts with example
Feasibility report -basic concepts with example
 
Project planning and feasibility study
Project planning and feasibility studyProject planning and feasibility study
Project planning and feasibility study
 

Similar a CASE STUDY ON PKI & BIOMETRIC BASED APPLICATION

The 10 most trusted authentication solution providers of 2021
The 10 most trusted authentication solution providers of 2021The 10 most trusted authentication solution providers of 2021
The 10 most trusted authentication solution providers of 2021CIO Look Magazine
 
INTERNET BANKING & SECURITY ANALYSIS
INTERNET BANKING & SECURITY ANALYSISINTERNET BANKING & SECURITY ANALYSIS
INTERNET BANKING & SECURITY ANALYSISRAHUL KUMAR
 
Evolution of Digital Trust
Evolution of Digital TrustEvolution of Digital Trust
Evolution of Digital TrustBahaa Al Zubaidi
 
Two Factor Authentication Using Smartphone Generated One Time Password
Two Factor Authentication Using Smartphone Generated One Time PasswordTwo Factor Authentication Using Smartphone Generated One Time Password
Two Factor Authentication Using Smartphone Generated One Time PasswordIOSR Journals
 
A Comprehensive guide to understanding Digital Wallets.pdf
A Comprehensive guide to understanding Digital Wallets.pdfA Comprehensive guide to understanding Digital Wallets.pdf
A Comprehensive guide to understanding Digital Wallets.pdfPay10
 
5 Best Identity Verification Software to Look Into in 2022.docx
5 Best Identity Verification Software to Look Into in 2022.docx5 Best Identity Verification Software to Look Into in 2022.docx
5 Best Identity Verification Software to Look Into in 2022.docxSameerShaik43
 
A Simplified Guide to the Evolution of Authentication!
A Simplified Guide to the Evolution of Authentication!A Simplified Guide to the Evolution of Authentication!
A Simplified Guide to the Evolution of Authentication!Caroline Johnson
 
An Introduction to Authentication for Applications
An Introduction to Authentication for ApplicationsAn Introduction to Authentication for Applications
An Introduction to Authentication for ApplicationsUbisecure
 
Boosting Your Business with KYC Analysis Software | ScoreMe Solutions
Boosting Your Business with KYC Analysis Software | ScoreMe SolutionsBoosting Your Business with KYC Analysis Software | ScoreMe Solutions
Boosting Your Business with KYC Analysis Software | ScoreMe SolutionsScoreme Solutions
 
Online Payment System using Steganography and Visual Cryptography
Online Payment System using Steganography and Visual CryptographyOnline Payment System using Steganography and Visual Cryptography
Online Payment System using Steganography and Visual CryptographyIJCERT
 
The Essence of Online ID Verification for Enhanced User Authentication.pdf
The Essence of Online ID Verification for Enhanced User Authentication.pdfThe Essence of Online ID Verification for Enhanced User Authentication.pdf
The Essence of Online ID Verification for Enhanced User Authentication.pdfIDMERIT IDMERIT
 
Kerberos-PKI-Federated identity
Kerberos-PKI-Federated identityKerberos-PKI-Federated identity
Kerberos-PKI-Federated identityWAFAA AL SALMAN
 
What is Digital Signature, Digital Signature FAQ - eMudhra
What is Digital Signature, Digital Signature FAQ - eMudhraWhat is Digital Signature, Digital Signature FAQ - eMudhra
What is Digital Signature, Digital Signature FAQ - eMudhraeMudhra dsc
 
apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...
apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...
apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...apidays
 
Multi Factor Authentication
Multi Factor AuthenticationMulti Factor Authentication
Multi Factor AuthenticationPing Identity
 
Going beyond MFA(Multi-factor authentication)-Future demands much more
Going beyond MFA(Multi-factor authentication)-Future demands much moreGoing beyond MFA(Multi-factor authentication)-Future demands much more
Going beyond MFA(Multi-factor authentication)-Future demands much moreindragantiSaiHiranma
 

Similar a CASE STUDY ON PKI & BIOMETRIC BASED APPLICATION (20)

The 10 most trusted authentication solution providers of 2021
The 10 most trusted authentication solution providers of 2021The 10 most trusted authentication solution providers of 2021
The 10 most trusted authentication solution providers of 2021
 
Passwordless Mobile Banking.pdf
Passwordless Mobile Banking.pdfPasswordless Mobile Banking.pdf
Passwordless Mobile Banking.pdf
 
INTERNET BANKING & SECURITY ANALYSIS
INTERNET BANKING & SECURITY ANALYSISINTERNET BANKING & SECURITY ANALYSIS
INTERNET BANKING & SECURITY ANALYSIS
 
Evolution of Digital Trust
Evolution of Digital TrustEvolution of Digital Trust
Evolution of Digital Trust
 
Two Factor Authentication Using Smartphone Generated One Time Password
Two Factor Authentication Using Smartphone Generated One Time PasswordTwo Factor Authentication Using Smartphone Generated One Time Password
Two Factor Authentication Using Smartphone Generated One Time Password
 
A Comprehensive guide to understanding Digital Wallets.pdf
A Comprehensive guide to understanding Digital Wallets.pdfA Comprehensive guide to understanding Digital Wallets.pdf
A Comprehensive guide to understanding Digital Wallets.pdf
 
5 Best Identity Verification Software to Look Into in 2022.docx
5 Best Identity Verification Software to Look Into in 2022.docx5 Best Identity Verification Software to Look Into in 2022.docx
5 Best Identity Verification Software to Look Into in 2022.docx
 
A Simplified Guide to the Evolution of Authentication!
A Simplified Guide to the Evolution of Authentication!A Simplified Guide to the Evolution of Authentication!
A Simplified Guide to the Evolution of Authentication!
 
An Introduction to Authentication for Applications
An Introduction to Authentication for ApplicationsAn Introduction to Authentication for Applications
An Introduction to Authentication for Applications
 
Boosting Your Business with KYC Analysis Software | ScoreMe Solutions
Boosting Your Business with KYC Analysis Software | ScoreMe SolutionsBoosting Your Business with KYC Analysis Software | ScoreMe Solutions
Boosting Your Business with KYC Analysis Software | ScoreMe Solutions
 
SECURED BANKING TRANSACTION USING VIRTUAL PASSWORD
SECURED BANKING TRANSACTION USING VIRTUAL PASSWORDSECURED BANKING TRANSACTION USING VIRTUAL PASSWORD
SECURED BANKING TRANSACTION USING VIRTUAL PASSWORD
 
Online Payment System using Steganography and Visual Cryptography
Online Payment System using Steganography and Visual CryptographyOnline Payment System using Steganography and Visual Cryptography
Online Payment System using Steganography and Visual Cryptography
 
The Essence of Online ID Verification for Enhanced User Authentication.pdf
The Essence of Online ID Verification for Enhanced User Authentication.pdfThe Essence of Online ID Verification for Enhanced User Authentication.pdf
The Essence of Online ID Verification for Enhanced User Authentication.pdf
 
Kerberos-PKI-Federated identity
Kerberos-PKI-Federated identityKerberos-PKI-Federated identity
Kerberos-PKI-Federated identity
 
What is Digital Signature, Digital Signature FAQ - eMudhra
What is Digital Signature, Digital Signature FAQ - eMudhraWhat is Digital Signature, Digital Signature FAQ - eMudhra
What is Digital Signature, Digital Signature FAQ - eMudhra
 
120 i143
120 i143120 i143
120 i143
 
apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...
apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...
apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...
 
Multi Factor Authentication
Multi Factor AuthenticationMulti Factor Authentication
Multi Factor Authentication
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Going beyond MFA(Multi-factor authentication)-Future demands much more
Going beyond MFA(Multi-factor authentication)-Future demands much moreGoing beyond MFA(Multi-factor authentication)-Future demands much more
Going beyond MFA(Multi-factor authentication)-Future demands much more
 

Último

Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 

Último (20)

Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 

CASE STUDY ON PKI & BIOMETRIC BASED APPLICATION

  • 1. CASE STUDY ON PKI & BIOMETRIC BASED APPLICATION Rama Krishna Pankaj Rane 120851923010 120851923024 Venkatesh 120851923027 Abstract - Public Key Infrastructure is a widely deployed security technology for handling key distribution and validation in computer security. Despite PKI’s popularity as a security solution, Phishing and other Man-in-the-Middle related attacks are accomplished with ease throughout our computer networks. The major problems with PKI come down to trust, and largely, how much faith we must place in cryptographic keys alone to establish authenticity and identity. In this paper, we look at a novel biometric solution that mitigates this problem at both the user and certificate authority levels. More importantly, we examine the trouble with the application of unprotected biometric features directly into PKI, and propose the integration of a secure, revocable biometric template protection technology that supports transactional key release. A detailed explanation of this new Biometric application is provided, including composition, enrollment, authentication, and revocation details. The Biometric provides a new paradigm for blending elements of physical and virtual security to address pesky network attacks that more conventional approaches have not been able to stop. 1. INTRODUCTION Public Key Infrastructure or PKI can be a very complex but important subject. We’ll give you a PKI overview to help you understand what PKI is and how it can help you. PKI is a loaded term that involves the hardware, software, policies, and standards that are necessary to manage SSL certificates. A PKI lets you: Manikanta Devi Sree 120851923019 120851923014 using their trusted root certificate (or an intermediate of it) to create a "chain of trust" so the browser will trust the entity’s certificate. Basically, web browser developers are saying "We trust this certificate authority and they say that this is the entity's public key so, if we use it, we know we are talking to the right entity." Biometrics (or biometric authentication) refers to the identification of humans by their characteristics or traits. Biometrics is used in computer science as a form of identification and access control. It is also used to identify individuals in groups that are under surveillance. Biometric identifiers are the distinctive, measurable characteristics used to label and describe individuals. Biometric identifiers are often categorized as physiological versus behavioral characteristics. A physiological biometric would identify by one's voice, DNA, hand print or behavior. Behavioral biometrics are related to the behavior of a person, including but not limited to: typing rhythm, gait, and voice. Some researchers have coined the term behaviometrics to describe the latter class of biometrics. More traditional means of access control include token-based identification systems, such as a driver's license or passport, and knowledge-based identification systems, such as a password or number. Since biometric identifiers are unique to individuals, they are more reliable in verifying identity than token and knowledge-based methods; however, the collection of biometric identifiers raises privacy concerns about the ultimate use of this information. i) Authenticate users more securely than standard usernames and passwords. ii) Encrypt sensitive information. iii) Electronically sign documents more efficiently. A PKI allows you to bind public keys (contained in SSL certificates) with a person so in a way that allows you to trust the certificate. Public Key Infrastructures most commonly use a Certificate Authority (also called a Registration Authority) to verify the identity of an entity and create unforgeable certificates. Web browsers, web servers, email clients, smart cards, and many other types of hardware and software all have integrated, standards-based PKI support that can be used with each other. A PKI is only as valuable as the standards that are established for issuing certificates. Certificate Authorities An SSL Certificate Authority (also called a trusted third party) is an organization that issues digital certificates to organizations or individuals after verifying their identity. The information that it verifies is included in the signed certificate. It is also responsible for revoking certificates that have been compromised. Many Certificate Authorities have their root certificates embedded in web browsers so your web browser automatically trusts them. They will sign an entity’s certificate 2. PKI BASED APPLICATIONS 2.1 E-BANKING IN CORPORATE LEVEL In normal transaction we use user ID, password to authenticate the person. Through this user name and password any one can login if they know our confidential details. due to this if they perform any transaction without knowing us then we have the problem. To resolve this we use Digital certificate. If we enable the Digital certificate to transact the amount and also enable the Digital certificate for login it provides some security. Let see the process now ENABLE THE DIGITAL CERTIFICATE 1. Login with your Corporate Id, User Id and Login Password 2. Enable the Digital Certificate Registration
  • 2. 3. Click upload button System will automatically pick up the desired details form the certificate file. 4. Select whether you require digital certificate for login, for transaction or for both LOGIN THE USER AND TRANSACT WITH THE HELP OF DIGITAL CERTIFICATE 1. Click on the link Corporate User (With Digital Certificate) link. 2. You will be prompted for selecting the digital certificate 3. Enter your Corporate Id, User Id and login ID and password. 4. Now you will be able to use Corporate Internet Banking with additional security of Digital Certificate 5. Perform the operations (Transactions) with the help of additional security 2.2 E-CORPORATION If anyone wants to start a company they must register the details of company and personal details in the ministry of corporate affairs. These ministries of corporate affairs newly implemented the process to register the company with the help of Digital certificate. Let see the process now... To register a company, you need to first apply for a Director Identification Number (DIN) which can be done by filing eForm for acquiring the DIN. You would then need to acquire your Digital Certificate and register the same on the portal. Thereafter, you need to get the company name approved by the Ministry. Once the company name is approved, you can register the company by filing the incorporation form depending on the type of company 2.3 E-LICENCING If we want to renewal the license we apply the renewal application through by online. if we want to apply online we register first and login the username and password and enter the details and perform the transactions but if anyone knows our confidential information they can use it for wrong things. To solve this problem we use the Digital Certificate. Let see the process now.. 1. Applicant must have digital certificate. 2. Applicant authentication will be done by uploading personal certificate and enter the pin of the certificate. 3. Enter the details like 1. Provide the particulars of register owner and vehicle. 2. Upload required support documents 1. Vehicle registration document. 2. Certificate of roadworthiness. 3. Third party Risk Insurance Policy. 3. Providing Residential address. 4. Provide digital signature and enter pin of certificate to sign the application. 5. Make payment using your credit card. 6. Obtain acknowledgement slip. Normally if we want to use online transaction, some sites can't provide secure transaction. Suppose if we want to send the confidential information to any one if transaction is not secure then our confidential information will be damaged. To overcome the situation we use the PKI. Here the customer, who is going to renewal the LICENCE is transferring the confidential information and also he is transferring the amount have to be paid for the government such that we have to enable PKI.To achieve this the customer must have Digital Certificate. The data from sender side will be encrypted. 3. BIOMETRIC BASED APPLICATIONS 3.1. BIOMETRIC ATM We all know of ATM's that accept our credit/debit card and the PIN number to dispense cash. Biometric ATM's are the latest inventions to help us avoid fraud and duplication. If somebody steals our card and also knows our PIN they can easily withdraw cash from our account. In case of biometric ATM's they cannot. Usually the PIN for bio ATM's is the finger print of the card holder or his eye retina scan etc. These cannot be duplicated and hence they are very safe and secure. But they are very costly when compared to traditional ATM machines and hence they are not very widely used now. Japanese bank palms off customers with biometric ATMs: Japan-based Ogaki Kyoritsu Bank is claiming to be the first in the world set to offer its customers the option of using ATM services without the need for a cash card or passbook, thanks to palm-scanning biometric technology from Fujitsu. The technology works by mapping and identifying the unique pattern of veins in the user’s palm. Although biometric scanners are used in some Japanese banks. With the tag-line "You are the cash card", the technology will be rolled-out from September in ten branches including the major city of Nagoya, as well as a drive-through cash point (yes, they have them too) and two mobile banking units. Ogaki Kyoritsu – which is a regional bank centered in Gifu prefecture west of Tokyo – was quick to point out that a card-less authentication system could have helped survivors of the recent Tohoku earthquake and tsunami who, having lost cards and passbooks, were stranded unable to access their accounts. One of the bank’s mobile units operates as a “rescue” bank for just such occasions. The system is pretty straightforward. Initially the user must associate their palm scan with their account by inputting PIN and birth date, after which time they are free to access their account via the scan alone to withdraw or deposit money or check account balance. • • • • • Poland's cooperative BPS (Bank Polskiej SpoldzielczosciSA) bank says it's the first in Europe to install a biometric ATM --allowing customers to withdraw cash simply with the touch of a fingertip. The digit-scanning ATM, introduced in the Polish capital of Warsaw, runs on the latest in “finger vein" technology. Developed by Japanese tech giant Hitachi. In this technology an infrared light is passed through the finger to detect a unique pattern of micro-veins beneath the surface - which is then matched with a preregistered profile to verify an individual's identity. Finger veins are impossible to replicate because they are beneath the surface of the skin.
  • 3. Airports, Train stations, Trade-centers, Stadiums, and public malls. With these recent APS update, Ayonix’s APS product now greatly benefits from the additional performance boost provided by the new image processing algorithm, as evidenced by recent tests. More specifically, the processing speed in APS ver2.1 has been 10 times faster than other releases. Users can now achieve real-time face recognition in public locations. And whereas previously it was difficult to recognize identities while people were walking, APS ver2.1 now makes a walk-through facial recognition feasible. Fig 3.1 a) Customer enrollment for biometric scan at bank • • • • • Face Recognition identify a person uniquely in crowd. Face Recognition can be deployed in any crowd places such as railways, public malls, airports, stadiums etc… This technology was first introduced in JAPAN by Ayonix, Inc. Japan, a leading Image technology solution provider. As U.S. airports installed face-recognition systems to prevent terrorism in the wake of the Sept. 11 attack. Developed by herta security known as Bio surveillance. Fig 3.1 b) Customer accessing biometric ATM 3.2. FACE RECOGNITION FOR SURVEILLANCE Biometrics is the digital analysis using cameras or scanners of biological characteristics such as facial structure, fingerprints and iris patterns to match profiles to databases of people such as suspected terrorists. Some experts say face recognition is perhaps the most promising biometric technique for overcrowded airports because it relies on distant cameras to identify people--not finger scanners or other devices requiring people to click, touch or stand in a particular position. Several airports are adopting such face-recognition software in an effort to beef up security after the suicide bombings on the World Trade Center and the Pentagon. In addition to the Logan airport in Boston, Oakland International Airport in Oakland, Calif.; T.F. Green Airport in Providence, R.I.; and Fresno Yosemite International Airport in California are among those adopting identification technology to check passengers. Visionics' technology can scan about 15 faces a second, compiling 84 bytes of data for each face detected in a frame of video. It maps the landmarks of the face including nose, eyes and mouth to create a digital "face print" of a person. The face print is then compared to a database of tens of thousands of other biometric IDs representing criminals, terrorists or other people for whom security is looking. Ayonix, Inc. Japan, a leading Image technology solution provider, today announced the release of Ayonix Public Security (APS ver2.1), a new real-time facial detection and recognition surveillance product aimed at safely identifying criminals as well as suspects in public locations such as Fig.3.2 Workflow for face recognition for surveillance at Airport 4. PKI AND APPLICATIONS BIOMETRIC BASED 4.1. e-PASSPORT A biometric passport, also known as an e-passport, ePassport or a digital passport, is a combined paper and electronic passport that contains biometric information that can be used to authenticate the identity of travelers. It uses contactless smart card technology, including a microprocessor chip (computer chip) and antenna (for both power to the chip and communication) embedded in the front or back cover, or center page, of the passport. Document and chip characteristics are documented in the International Civil AviationOrganization's (ICAO) Doc 9303. The passport's critical information is both printed on the data page of the passport and stored in the chip. Public Key Infrastructure (PKI) is used to authenticate the data stored electronically in the passport chip making it expensive and difficult to forge when all security mechanisms are fully and correctly implemented. The currently standardized biometrics used for this type of identification system are facial recognition, fingerprint recognition, and irisrecognition. These were adopted after assessment of several different kinds of biometrics including retinal scan. The ICAO defines the biometric file formats and communication protocols to be used in passports. Only the digital image (usually in JPEG or JPEG2000 format) of each biometric feature is actually stored in the chip. The comparison of biometric features is performed outside the passport chip by electronic border control systems (e-borders). To store biometric data on the contactless chip, it includes a minimum
  • 4. of 32 kilobytes of EEPROM storage memory, and runs on an interface in accordance with the ISO/IEC 14443 international standard, amongst others. These standards intend interoperability between different countries and different manufacturers of passport books. Fig.4.1 a) Countries with biometric passports Fig.4.1 b) Workflow of biometric passport 4.2 BIOMETRIC ENABLED PROXY SIM Normally proxy sim contains inbuilt PKI(that means public and private keys). Suppose if we want to send a message confidentially to any one we can send the message to them with the help of PKI (encrypt the message whatever we send to him). If anyone knows the password of PKI, they can use this mobile and they can send the message through our mobile with enabled PKI. To overcome this Situation we can use this BIOMETRIC ENABLED PROXY SIM. What we are proposing in this system is not even if anyone knows our password they must want our BIOMETRICS(already stored in that sim which is cant open by any way) that means without using BIOMETRICS they cannot use PKI. If authorized user want to perform any sms/transaction, If authorized user wants to send the sms through the PKI, he type the sms and send the sms to destination. Before going to destination it asks the Biometrics (fingerprint) and it asks to enter the private key pin number. First enter the finger print and then type the pin number. Due to this Destination person can understood that confidential matter is sent by the authorized person. If authorized user wants to transact an amount to any account, he must login in to his account and transact the amount. Before complete the transaction mobile asks the biometrics that means finger print and then it asks the private key to complete the transaction. Due to this the transaction is done by the authorized person. • • • http://www.theregister.co.uk/2012/04/12/ogaki_palm_s canning_cash/ http://news.cnet.com/2100-1023-275313.html http://www.dhs.gov/e-passport • • hthttp://www.mca.gov.in/MCA21/ http://www.netpnb.com/index.html# 5 References • • • http://en.wikipedia.org/wiki/Biometric_passport http://www.dhs.gov/e-passports http://www.gov.hk/en/residents/transport/vehicle/renew vehiclelicense.