Computing and Software Wiki - User contributions [en]

City-Wide Wireless Networks

2008-04-14T07:01:19Z

Goesc: /* How it Works */

[[Image:Googlewifinode.gif|right|thumbnail|250px|Picture of a Google WiFi node. Most of the nodes either reside on power line or light poles, since the only requirement is a power connection [1] ]]

As network technology (wireless in particular) is getting cheaper, the concept of large scale wireless networks has spread rapidly. Most major cities have some sort of wireless blanket over them, some of them owned by private companies, while others by the cities themselves[2]. In 2005 when [http://www.google.ca Google] announced their free wireless internet for the residents of Mountain View, CA. most city-wide wireless networks were owned by private [http://en.wikipedia.org/wiki/ISP ISPs] selling internet connections. Since then, the idea of "free internet for all" has been adopted in many cities, two of which are explored in '''Case Studies'''.

== How it Works==

Although new wireless technologies are being developed to facilitate better wireless connections, most current city-wide networks are implemented on the popular 802.11x technology. Just like any smaller wireless network, a city-wide network is implemented with an internet connection at an aggregation point, spanning out to one or more routers organized in a wireless mesh network. The wireless routers connect to multiple adjacent nodes forming a [http://en.wikipedia.org/wiki/Bipartite_graph bipartite graph].[2]

[[Image:Wireless_mesh.GIF|right|thumbnail|250px|A diagram of a very simple wireless mesh network. WiFi-Co represents the aggregation point. The wireless towers represent nodes or collections of nodes, and the houses represent neighborhoods.
]]

The structure of the wireless mesh provides a high level of redundancy with self-healing capabilities, as failing or heavy loaded nodes are bypassed. This is done using standard routing algorithms based on “next hops”, signal strength, latency and other metrics.[3]

The aggregation points are usually owned by large public/private WiFi organizations. Here, all the forwarded wireless signals are collected and routed through the internet via large internet pipes. For this reason, mesh networks are built flowering out from the aggregation points, getting farther away from the center. When a mesh grows large enough that routing to one aggregation point is inefficient, another aggregation point can be added to the network at a different place[4], and the routing algorithms will adapt the network accordingly.

== Security Concerns ==

There are two major groups of security concerns that a city-wide wireless network needs to take into consideration.

'''Network security'''

Network security concerns mainly include problems of having such a large number of people on the same network, as well as guarding against abuse from attackers overusing the network resources provided. Using standard network protection strategies (binding leased IP addresses to MAC addresses, limiting the number of hosts routing traffic, etc.) the most networking concerns are taken care of. To deal with people abusing the network resources for things like servers, IP addresses are leased out for limited time frames[2]. This allows users to browse the internet and download as they wish, while still limiting their ability to host their own web or file servers.

'''Wireless security'''

Wireless security is an ongoing concern, as new ways of breaking wireless encryption keep pushing the need for newer technologies. For this reason, Google offers both [http://en.wikipedia.org/wiki/Google_WiFi GoogleWiFi] (an unencrypted network) and GoogleWiFiSecure, a secure wireless network using either WPA or WPA2 encryption. By providing an encrypted wireless connection, any information sent over radio waves is safe from being captured and read[1] .

== Case Studies ==

The concept of free wireless internet has been adopted in many cities now. We will investigate two of these connections, a smaller scale network for Hamilton, ON. and a large scale network provided by Google originally for the residents of Mountain View, CA.

[[Image:Hamilton_wireless.GIF|left|thumbnail|200px|Wireless Hamilton welcome screen. Just one click and you're on the internet!
]]

===Wireless Hamilton===
The Wireless Hamilton WiFi connection is in its trial phases at the moment, and as such, no secure (encrypted) version of the connection is currently available. Users do not need to create an account to gain access, they need only have an [http://en.wikipedia.org/wiki/IEEE_802.11 802.11x] card and be in the range of an [http://en.wikipedia.org/wiki/Access_point access point]. When the wireless is detected, an initial connection is created, however all internet traffic is directed to the Wireless Hamilton website. After clicking on the “Connect” button, the assigned IP address is registered with Wireless Hamilton, and the IP address is leased out to the registered network interface.[4]

 

===Google WiFi===
The [http://en.wikipedia.org/wiki/Google_WiFi Google WiFi] project is possibly one of the most publicized WiFi networks available. Although the network is privately owned by Google, the company is committed to keeping the service free until 2010[1]. Unlike the Wireless Hamilton, Google WiFi does require an account to be created. Part of the reason for this is to be able to provide wireless security through encryption with Google WiFiSecure. Once again, an initial connection is made that directs users to the Google WiFi homepage. After logging into a Google account the assigned IP is registered for a one hour lease, and in the case of Google WiFiSecure, a WPA/2 session is initiated.[5]

== See Also ==
[[WiMAX]]

[[Wireless Network Security]]

[[Mesh Networking]]

== References ==
[1][http://en.wikipedia.org/wiki/Google_WiFi http://en.wikipedia.org/wiki/Google_WiFi] Google WiFi Wikipedia Page

[2][http://en.wikipedia.org/wiki/Municipal_wireless_network Municipal http://en.wikipedia.org/wiki/Municipal_wireless_network Municipal] Wireless Wikipedia Page

[3][http://en.wikipedia.org/wiki/Wireless_mesh_network http://en.wikipedia.org/wiki/Wireless_mesh_network] Wireless Mesh Networks Wikipedia Page

[4][http://www.wirelesshamilton.com/index.shtml http://www.wirelesshamilton.com/index.shtml] Wireless Hamilton

[5][http://wifi.google.com/ http://wifi.google.com/] GoogleWiFi

== External Links ==

[http://en.wikipedia.org/wiki/Municipal_wireless_network "Google WiFi"]

[http://en.wikipedia.org/wiki/Municipal_wireless_network Municipal "Municipal Wireless"]

[http://en.wikipedia.org/wiki/Wireless_mesh_network Wireless "Mesh Networks"]

[http://en.wikipedia.org/wiki/Bipartite "Bipartite Graph"]

----

--[[User:Goesc|Goesc]] 23:56, 13 April 2008 (EDT)

City-Wide Wireless Networks

2008-04-14T07:00:10Z

Goesc:

[[Image:Googlewifinode.gif|right|thumbnail|250px|Picture of a Google WiFi node. Most of the nodes either reside on power line or light poles, since the only requirement is a power connection [1] ]]

As network technology (wireless in particular) is getting cheaper, the concept of large scale wireless networks has spread rapidly. Most major cities have some sort of wireless blanket over them, some of them owned by private companies, while others by the cities themselves[2]. In 2005 when [http://www.google.ca Google] announced their free wireless internet for the residents of Mountain View, CA. most city-wide wireless networks were owned by private [http://en.wikipedia.org/wiki/ISP ISPs] selling internet connections. Since then, the idea of "free internet for all" has been adopted in many cities, two of which are explored in '''Case Studies'''.

== How it Works==

Although new wireless technologies are being developed to facilitate better wireless connections, most current city-wide networks are implemented on the popular 802.11x technology. Just like any smaller wireless network, a city-wide network is implemented with an internet connection at an aggregation point, spanning out to one or more routers organized in a wireless mesh network. The wireless routers connect to multiple adjacent nodes forming a [http://en.wikipedia.org/wiki/Bipartite bipartite graph].[2]

[[Image:Wireless_mesh.GIF|right|thumbnail|250px|A diagram of a very simple wireless mesh network. WiFi-Co represents the aggregation point. The wireless towers represent nodes or collections of nodes, and the houses represent neighborhoods.
]]

The structure of the wireless mesh provides a high level of redundancy with self-healing capabilities, as failing or heavy loaded nodes are bypassed. This is done using standard routing algorithms based on “next hops”, signal strength, latency and other metrics.[3]

The aggregation points are usually owned by large public/private WiFi organizations. Here, all the forwarded wireless signals are collected and routed through the internet via large internet pipes. For this reason, mesh networks are built flowering out from the aggregation points, getting farther away from the center. When a mesh grows large enough that routing to one aggregation point is inefficient, another aggregation point can be added to the network at a different place[4], and the routing algorithms will adapt the network accordingly.

== Security Concerns ==

There are two major groups of security concerns that a city-wide wireless network needs to take into consideration.

'''Network security'''

Network security concerns mainly include problems of having such a large number of people on the same network, as well as guarding against abuse from attackers overusing the network resources provided. Using standard network protection strategies (binding leased IP addresses to MAC addresses, limiting the number of hosts routing traffic, etc.) the most networking concerns are taken care of. To deal with people abusing the network resources for things like servers, IP addresses are leased out for limited time frames[2]. This allows users to browse the internet and download as they wish, while still limiting their ability to host their own web or file servers.

'''Wireless security'''

Wireless security is an ongoing concern, as new ways of breaking wireless encryption keep pushing the need for newer technologies. For this reason, Google offers both [http://en.wikipedia.org/wiki/Google_WiFi GoogleWiFi] (an unencrypted network) and GoogleWiFiSecure, a secure wireless network using either WPA or WPA2 encryption. By providing an encrypted wireless connection, any information sent over radio waves is safe from being captured and read[1] .

== Case Studies ==

The concept of free wireless internet has been adopted in many cities now. We will investigate two of these connections, a smaller scale network for Hamilton, ON. and a large scale network provided by Google originally for the residents of Mountain View, CA.

[[Image:Hamilton_wireless.GIF|left|thumbnail|200px|Wireless Hamilton welcome screen. Just one click and you're on the internet!
]]

===Wireless Hamilton===
The Wireless Hamilton WiFi connection is in its trial phases at the moment, and as such, no secure (encrypted) version of the connection is currently available. Users do not need to create an account to gain access, they need only have an [http://en.wikipedia.org/wiki/IEEE_802.11 802.11x] card and be in the range of an [http://en.wikipedia.org/wiki/Access_point access point]. When the wireless is detected, an initial connection is created, however all internet traffic is directed to the Wireless Hamilton website. After clicking on the “Connect” button, the assigned IP address is registered with Wireless Hamilton, and the IP address is leased out to the registered network interface.[4]

 

===Google WiFi===
The [http://en.wikipedia.org/wiki/Google_WiFi Google WiFi] project is possibly one of the most publicized WiFi networks available. Although the network is privately owned by Google, the company is committed to keeping the service free until 2010[1]. Unlike the Wireless Hamilton, Google WiFi does require an account to be created. Part of the reason for this is to be able to provide wireless security through encryption with Google WiFiSecure. Once again, an initial connection is made that directs users to the Google WiFi homepage. After logging into a Google account the assigned IP is registered for a one hour lease, and in the case of Google WiFiSecure, a WPA/2 session is initiated.[5]

== See Also ==
[[WiMAX]]

[[Wireless Network Security]]

[[Mesh Networking]]

== References ==
[1][http://en.wikipedia.org/wiki/Google_WiFi http://en.wikipedia.org/wiki/Google_WiFi] Google WiFi Wikipedia Page

[2][http://en.wikipedia.org/wiki/Municipal_wireless_network Municipal http://en.wikipedia.org/wiki/Municipal_wireless_network Municipal] Wireless Wikipedia Page

[3][http://en.wikipedia.org/wiki/Wireless_mesh_network http://en.wikipedia.org/wiki/Wireless_mesh_network] Wireless Mesh Networks Wikipedia Page

[4][http://www.wirelesshamilton.com/index.shtml http://www.wirelesshamilton.com/index.shtml] Wireless Hamilton

[5][http://wifi.google.com/ http://wifi.google.com/] GoogleWiFi

== External Links ==

[http://en.wikipedia.org/wiki/Municipal_wireless_network "Google WiFi"]

[http://en.wikipedia.org/wiki/Municipal_wireless_network Municipal "Municipal Wireless"]

[http://en.wikipedia.org/wiki/Wireless_mesh_network Wireless "Mesh Networks"]

[http://en.wikipedia.org/wiki/Bipartite "Bipartite Graph"]

----

--[[User:Goesc|Goesc]] 23:56, 13 April 2008 (EDT)

File:Hamilton wireless.GIF

2008-04-14T05:58:50Z

Goesc: A snapshot of the Hamilton Wireless connection page. On the internet in just one click!

A snapshot of the Hamilton Wireless connection page. On the internet in just one click!

File:Wireless mesh.GIF

2008-04-14T04:41:19Z

Goesc: A diagram of a very simple wireless mesh network. WiFi-Co represents the aggregation point. The wireless towers represent nodes or collections of nodes, and the houses represent neighborhoods.

A diagram of a very simple wireless mesh network. WiFi-Co represents the aggregation point. The wireless towers represent nodes or collections of nodes, and the houses represent neighborhoods.

File:Googlewifinode.gif

2008-04-14T04:11:21Z

Goesc: Picture of a Google WiFi node, posted on a light post. All the wireless node needs is a power connection since both incoming and outgoing packets are forwarded using radio waves.

Picture of a Google WiFi node, posted on a light post. All the wireless node needs is a power connection since both incoming and outgoing packets are forwarded using radio waves.

City-Wide Wireless Networks

2008-04-14T03:56:02Z

Goesc: New page: As network technology (wireless in particular) is getting cheaper, the concept of large scale wireless networks has spread rapidly. Most major cities have some sort of wireless blanket o...

As network technology (wireless in particular) is getting cheaper, the concept of large scale wireless networks has spread rapidly. Most major cities have some sort of wireless blanket over them, some of them owned by private companies, while others by the cities themselves. In 2005 when Google announced their free wireless internet for the residents of Mountain View, CA. most city-wide wireless networks were owned by private ISPs selling internet connections. Since then, the idea of "free internet for all" has been adopted in many cities, two of which are explored Case Studies.

== How it Works==

Although new wireless technologies are being developed to facilitate better wireless connections, most current city-wide networks are implemented on the popular 802.11x technology. Just like any smaller wireless network, a city-wide network is implemented with an internet connection at an aggregation point, spanning out to one or more routers organized in a wireless mesh network. The wireless routers connect to multiple adjacent nodes forming a bipartite graph.

The structure of the wireless mesh provides a high level of redundancy with self-healing capabilities, as failing or heavy loaded nodes are bypassed. This is done using standard routing algorithms based on “next hops”, signal strength, latency and other metrics.

The aggregation points are usually owned by large public/private Wifi organizations. Here, all the forwarded wireless signals are collected and routed through the internet via large internet pipes. For this reason, mesh networks are built flowering out from the aggregation points, getting farther away from the center. When a mesh grows large enough that routing to one aggregation point is inefficient, another aggregation point can be added to the network at a different place, and the routing algorithms will adapt the network accordingly.

== Security Concerns ==

There are two major groups of security concerns that a city-wide wireless network needs to take into consideration.

'''Network security'''
Network security concerns mainly include problems of having such a large number of people on the same network, as well as guarding against abuse from attackers overusing the network resources provided. Using standard network protection strategies (binding leased IP addresses to MAC addresses, limiting the number of hosts routing traffic, etc.) the most networking concerns are taken care of. To deal with people abusing the network resources for things like servers, IP addresses are leased out for limited time frames. This allows users to browse the internet and download as they wish, while still limiting their ability to host their own web or file servers.

''Wireless security''
Wireless security is an ongoing concern, as new ways of breaking wireless encryption keep pushing the need for newer technologies. For this reason, Google offers both GoogleWiFi (an unencrypted network) and GoogleWiFiSecure, a secure wireless network using either WPA or WPA2 encryption. By providing an encrypted wireless connection, any information sent over radio waves is safe from being captured and read.

== Case Studies ==

The concept of free wireless internet has been adopted in many cities now. We will investigate two of these connections, a smaller scale network for Hamilton, ON. and a large scale network provided by Google originally for the residents of Mountain View, CA.

'''Hamilton Wireless'''
The Hamilton Wireless WiFi connection is in its trial phases at the moment, and as such, no secure (encrypted) version of the connection is currently available. Users do not need to create an account to gain access, they need only have an 802.11x card and be in the range of an access point. When the wireless is detected, an initial connection is created, however all internet traffic is directed to the Hamilton Wireless website. After clicking on the “Connect” button, the assigned IP address is registered with Hamilton Wireless, and the IP address is leased out to the registered network interface.

'''Google WiFi'''
The Google Wifi project is possibly one of the most publicized WiFi networks available. Although the network is privately owned by Google, the company is committed to keeping the service free until 2010. Unlike the Hamilton Wireless, Google Wifi does require an account to be created. Part of the reason for this is to be able to provide wireless security through encryption with Google WiFiSecure. Once again, an initial connection is made that directs users to the Google WiFi homepage. After logging into a Google account the assigned IP is registered for a one hour lease, and in the case of Google WiFiSecure, a WPA/2 session is created.

--[[User:Goesc|Goesc]] 23:56, 13 April 2008 (EDT)

Biometrics in Information Security

2007-12-09T17:15:42Z

Goesc:

[[Image:Airport_Iris_Scan.png|right|thumbnail|250px|By registering their biometric data ahead of time, travelers at Heathrow Airport in London, UK can go through an automated check in, using [http://en.wikipedia.org/wiki/Project_IRIS IRIS][E2]]]

The word '''biometric''' originally comes from ancient Greek, “bios” – life + “metron” – measurement[R1]. The classic definition of biometrics refers to the measurement of biological traits (i.e. the growth rates of bacteria) however this field of study is now referred to as [http://en.wikipedia.org/wiki/Biostatistics Biostatistics]. The contemporary field of biometrics refers to measurements of unique physical or behavioral traits in humans. In the vernacular of information security, biometrics falls mainly under confidentiality and availability because of its applications in identification and authentication.

In the process of biometric authentication, a mathematic model of a measurable trait (see '''Types of Measurements''' below) is converted into a unique signature, similar to the [http://en.wikipedia.org/wiki/Checksum checksum] of a file. This process refers to the identification phase of authentication, where an identity is bound to a subject. When the physical trait is measured again, the same signature should be produced and authentication of the subject is successful[R2].

Despite its wide use as a quick and fairly reliable means of identification (see '''Applications''' below), there remains some criticism over biometric systems. Problems include susceptibility to replay attacks, and identity theft with more permanent consequences than a compromised password (see '''Problems with Biometric Systems''' below).

== Types of Measurements ==
Biometric measurements can usually be divided into two main branches, '''Physiological''' - patterns in physical appearance or structure, and '''Behavioral''' - patterns in how something is done[R2].

''Physiological''

[[Image:Thermograph_face.png‎ |right|thumbnail|250px|A [http://en.wikipedia.org/wiki/Thermograph thermographic] image of a face[E3]]]

'''Eyes''' - Images of the [http://en.wikipedia.org/wiki/Iris_scan iris] or retina

'''Face''' - Electromagnetic or [http://en.wikipedia.org/wiki/Thermography thermal scans]

'''Hand/Fingers''' - [http://en.wikipedia.org/wiki/Fingerprint Fingerprints], vein and palm geometry

'''DNA''' - [http://en.wikipedia.org/wiki/Noncoding_DNA Noncoding DNA] pattern matching

''Behavioral''

'''Signature''' - Combinations of specific features of a signature (i.e. size of lines and loops in letters)

'''Voice''' - Patterns in tones and frequencies when a specific words are spoken

'''Keystroke''' - Patterns in how specific text is typed in (i.e. relative delays in different keystrokes)

In all biometric measurements, an original sample of the data is recorded as a digital signature and linked to an identity. This signature is stored, and used to compare to future signatures to ensure that the person giving the new sample matches the identity for the originally recorded data.

== Applications ==
Biometric technology has two closely related applications, '''identification''' and '''authentication'''.

In the Identification stage, an existing identity (or person) is linked to a piece of stored biometric information. Identification is usually used as a deterrent against fraud, or as the first stage in authentication. An example of this is at the entrance gates in Disney Land. Along with their ticket, patrons are asked to provide a fingerprint scan which is linked to the ticket, so that only that person can use the ticket for re-entry. In this example, the biometric information of the person is linked to their ticket, and not their actual identity, which maintains anonymity while still preventing unwanted accesses to the park.

In the Authentication stage, a person provides a biometric sample which is compared to a database of signatures. If a match is made, the person is successfully authenticated with the identity linked to the biometric information. An example of this is a military system which has biometric information on all of its officers on file. In order to enter a specific room, an officer must provide fingerprints and an iris scan to confirm his identity. In this example, the officer's fingerprints and iris scans are being compared to original samples which he would have initially provided.

== Problems with Biometric Systems ==

'''Replay Attacks''' - a replay attack occurs when an attacker captures a piece of secret data (i.e. a password, or a fingerprint) and uses that data to make subsequent accesses to the system. Biometric systems are vulnerable to replay attacks because by capturing authentication data, an attacker can produce the same signature stored in the database. By compromising a fingerprint or iris scan, an attacker can reuse that information to gain access to the system[R2].

'''Identity Theft''' - Identity theft is always a consideration when considering an authentication system, however with biometric systems, the problem has larger repercussions. Normally, when an account has been compromised, the user name or password for the account can be reset. A fingerprint in a biometric system serves as the password, so when this information is compromised, the fingerprint cannot be changed (without cosmetic surgery). This means that once an identity is stolen, it has been stolen forever[R1].

'''Dystopia''' - Many science fiction stories have addressed the problem of a society with an entrenched biometric infrastructure. As the technology becomes more widely used for quickly identifying people, more places will be gathering, storing and tracking biometric information. This may put true anonymity in the world in danger of extinction, which would have many political and social repercussions (Watergate would not exist without the anonymous "[http://en.wikipedia.org/wiki/Deep_throat Deep Throat]").

== See Also ==

[http://www.cas.mcmaster.ca/wiki/index.php/Biometric_systems_regarding_security_design_principle Biometric Systems Regarding Security Design Principle]

[http://www.cas.mcmaster.ca/wiki/index.php/Identity_Theft Identity Theft]

[http://www.cas.mcmaster.ca/wiki/index.php/Electronic_Voting_Systems Electronic Voting Systems]

[http://www.cas.mcmaster.ca/wiki/index.php/Payment_Card_Industry_Data_Security_Standard Payment Card Industry Data Security Standard]

[http://www.cas.mcmaster.ca/wiki/index.php/Smart_Card_technology_to_prevent_fraud Smart Card Technology to Prevent Fraud]

==External Links==

[E1] http://en.wikipedia.org/wiki/Biometrics

[E2] http://edition.cnn.com/2007/BUSINESS/07/25/biztrav.iris/index.html

[E3] http://www.wescanu.com/

== References ==

[R1] http://en.wikipedia.org/wiki/Biometrics

[R2] Bishop, Matt. Introduction to Computer Security. Boston: Addison-Wesley, 2006.

[R3] http://biometrics.org/

[R4] http://dictionary.reference.com/

--[[User:Goesc|Goesc]] 12:07, 9 December 2007 (EST)

Biometrics in Information Security

2007-12-09T17:07:58Z

Goesc:

[[Image:Airport_Iris_Scan.png|right|thumbnail|250px|By registering their biometric data ahead of time, travelers at Heathrow Airport in London, UK can go through an automated check in, using [http://en.wikipedia.org/wiki/Project_IRIS IRIS][2]]]

The word '''biometric''' originally comes from ancient Greek, “bios” – life + “metron” – measurement[1]. The classic definition of biometrics refers to the measurement of biological traits (i.e. the growth rates of bacteria) however this field of study is now referred to as [http://en.wikipedia.org/wiki/Biostatistics Biostatistics]. The contemporary field of biometrics refers to measurements of unique physical or behavioral traits in humans. In the vernacular of information security, biometrics falls mainly under confidentiality and availability because of its applications in identification and authentication.

In the process of biometric authentication, a mathematic model of a measurable trait (see '''Types of Measurements''' below) is converted into a unique signature, similar to the [http://en.wikipedia.org/wiki/Checksum checksum] of a file. This process refers to the identification phase of authentication, where an identity is bound to a subject. When the physical trait is measured again, the same signature should be produced and authentication of the subject is successful.

Despite its wide use as a quick and fairly reliable means of identification (see '''Applications''' below), there remains some criticism over biometric systems. Problems include susceptibility to replay attacks, and identity theft with more permanent consequences than a compromised password (see '''Problems with Biometric Systems''' below).

== Types of Measurements ==
Biometric measurements can usually be divided into two main branches, '''Physiological''' - patterns in physical appearance or structure, and '''Behavioral''' - patterns in how something is done.

''Physiological''

[[Image:Thermograph_face.png‎ |right|thumbnail|250px|A [http://en.wikipedia.org/wiki/Thermograph thermographic] image of a face[3]]]

'''Eyes''' - Images of the [http://en.wikipedia.org/wiki/Iris_scan iris] or retina

'''Face''' - Electromagnetic or [http://en.wikipedia.org/wiki/Thermography thermal scans]

'''Hand/Fingers''' - [http://en.wikipedia.org/wiki/Fingerprint Fingerprints], vein and palm geometry

'''DNA''' - [http://en.wikipedia.org/wiki/Noncoding_DNA Noncoding DNA] pattern matching

''Behavioral''

'''Signature''' - Combinations of specific features of a signature (i.e. size of lines and loops in letters)

'''Voice''' - Patterns in tones and frequencies when a specific words are spoken

'''Keystroke''' - Patterns in how specific text is typed in (i.e. relative delays in different keystrokes)

In all biometric measurements, an original sample of the data is recorded as a digital signature and linked to an identity. This signature is stored, and used to compare to future signatures to ensure that the person giving the new sample matches the identity for the originally recorded data.

== Applications ==
Biometric technology has two closely related applications, '''identification''' and '''authentication'''.

In the Identification stage, an existing identity (or person) is linked to a piece of stored biometric information. Identification is usually used as a deterrent against fraud, or as the first stage in authentication. An example of this is at the entrance gates in Disney Land. Along with their ticket, patrons are asked to provide a fingerprint scan which is linked to the ticket, so that only that person can use the ticket for re-entry. In this example, the biometric information of the person is linked to their ticket, and not their actual identity, which maintains anonymity while still preventing unwanted accesses to the park.

In the Authentication stage, a person provides a biometric sample which is compared to a database of signatures. If a match is made, the person is successfully authenticated with the identity linked to the biometric information. An example of this is a military system which has biometric information on all of its officers on file. In order to enter a specific room, an officer must provide fingerprints and an iris scan to confirm his identity. In this example, the officer's fingerprints and iris scans are being compared to original samples which he would have initially provided.

== Problems with Biometric Systems ==

'''Replay Attacks''' - a replay attack occurs when an attacker captures a piece of secret data (i.e. a password, or a fingerprint) and uses that data to make subsequent accesses to the system. Biometric systems are vulnerable to replay attacks because by capturing authentication data, an attacker can produce the same signature stored in the database. By compromising a fingerprint or iris scan, an attacker can reuse that information to gain access to the system.

'''Identity Theft''' - Identity theft is always a consideration when considering an authentication system, however with biometric systems, the problem has larger repercussions. Normally, when an account has been compromised, the user name or password for the account can be reset. A fingerprint in a biometric system serves as the password, so when this information is compromised, the fingerprint cannot be changed (without cosmetic surgery). This means that once an identity is stolen, it has been stolen forever.

'''Dystopia''' - Many science fiction stories have addressed the problem of a society with an entrenched biometric infrastructure. As the technology becomes more widely used for quickly identifying people, more places will be gathering, storing and tracking biometric information. This may put true anonymity in the world in danger of extinction, which would have many political and social repercussions (Watergate would not exist without the anonymous "[http://en.wikipedia.org/wiki/Deep_throat Deep Throat]").

== See Also ==

[http://www.cas.mcmaster.ca/wiki/index.php/Biometric_systems_regarding_security_design_principle Biometric Systems Regarding Security Design Principle]

[http://www.cas.mcmaster.ca/wiki/index.php/Identity_Theft Identity Theft]

[http://www.cas.mcmaster.ca/wiki/index.php/Electronic_Voting_Systems Electronic Voting Systems]

[http://www.cas.mcmaster.ca/wiki/index.php/Payment_Card_Industry_Data_Security_Standard Payment Card Industry Data Security Standard]

[http://www.cas.mcmaster.ca/wiki/index.php/Smart_Card_technology_to_prevent_fraud Smart Card Technology to Prevent Fraud]

==External Links==

[1] http://en.wikipedia.org/wiki/Biometrics

[2] http://edition.cnn.com/2007/BUSINESS/07/25/biztrav.iris/index.html

[3] http://www.wescanu.com/

== References ==

- Bishop, Matt. Introduction to Computer Security. Boston: Addison-Wesley, 2006.

- http://en.wikipedia.org/wiki/Biometrics

- http://biometrics.org/

- http://dictionary.reference.com/

--[[User:Goesc|Goesc]] 12:07, 9 December 2007 (EST)

File:Thermograph face.png

2007-12-09T16:40:19Z

Goesc: Picture of a thermographic facial scan, taken from [http://www.wescanu.com/images/thermal-image-face2.jpg]

Picture of a thermographic facial scan, taken from [http://www.wescanu.com/images/thermal-image-face2.jpg]

Biometrics in Information Security

2007-12-03T03:52:29Z

Goesc:

Biometrics in Information Security

2007-12-03T01:02:13Z

Goesc: New page: [[Image:Airport_Iris_Scan.png|right|thumbnail|250px|By registering their biometric data ahead of time, travelers at Heathrow Airport in London, UK can go through an automated check in, usi...

File:Airport Iris Scan.png

2007-12-03T00:20:57Z

Goesc: Picture of IRIS, a biometric scanning system in use at Heathrow airport in London, England. Taken from http://i.l.cnn.net/cnn/2007/BUSINESS/07/25/biztrav.iris/art.bizt.iris.jpg

Picture of IRIS, a biometric scanning system in use at Heathrow airport in London, England. Taken from http://i.l.cnn.net/cnn/2007/BUSINESS/07/25/biztrav.iris/art.bizt.iris.jpg