Next generation of security technology
Download
1 / 45

Next-Generation of Security Technology - PowerPoint PPT Presentation


  • 83 Views
  • Uploaded on

Next-Generation of Security Technology. Edward M. Cheng, M.D. Ph.D. ABFP CMO, VP Bus. Dev., HealthHighway Consultant Biometrics application in e-Biz [email protected] Steve Hong, Director, SW Appl., SecuGen [email protected] February 13, 2002. Contents of this Seminar.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Next-Generation of Security Technology' - Jimmy


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Next generation of security technology

Next-Generation of Security Technology

Edward M. Cheng, M.D. Ph.D. ABFP

CMO, VP Bus. Dev., HealthHighway

Consultant Biometrics application in e-Biz

[email protected]

Steve Hong, Director, SW Appl., SecuGen

[email protected]

February 13, 2002


Contents of this seminar
Contents of this Seminar

  • Update Current Status of Network Security

  • Review Existing Security Technology

  • Introduction and Relevance of Biometrics

  • Types of Biometrics and Market Trend

  • Potential Biometrics applications

  • Fingerprint Biometrics in Internet application in e-Business


What consist of a secure network
What Consist of a Secure Network?

  • Person-to-Person authentication

  • User identification

  • Data integrity

  • Data confidentiality

  • Privacy protection

  • Non-repudiation

  • User and process management SW


How secure is our network
How Secure is our Network?

  • According to recent survey by CSI on 521 security executives:

    >32% has experienced incidents of serious electronic fraud- double in 3 years

    > 30% reported intrusion by outsiders

    >55% reported insiders unauthorized access

    >estimated: in-house security breaches account for 70-90% of all attacks on corporate network

  • Concern: financial, reputation, legal liability


How serious is id theft
How Serious is ID Theft?

  • 500,000-700,000 Social Security Recipients are victims of fake ID.

    - Social Security Adminstration in Baltimore

  • Online Credit Card Fraud: $24M/day: $9B/year

    - Meridien Research Jan. 2002

  • Online Consumers Survey: 1 in 12 are victimized

  • Total cost in ID Fraud: 1.13% of all Online Transactions or $tens of billion yearly.

    - Gartner Jan. 2002


Passwords and locks are inadequate
Passwords and Locks are Inadequate

  • The GAO report found weaknesses at nearly every point of computer security controls at the Treasury Department’s FMS (Financial Management Service).

  • Government computers that handle $trillion in tax refunds and SS benefits are vulnerable to cyber-attacks.

  • Billions of dollars of payments and collections are at significant risk of loss or fraud, sensitive data are at risk of inappropriate disclosure, and critical computer-based operations are vulnerable to serious disruption.

  • The GAO recommended FMS to install a security management program and to fix individual weaknesses- identified as access control, such as passwords and locks.

    - CNN Government Reuters, Feb.5, 2002


Existing security technology
Existing Security Technology

  • PKI / Encryption / SSL

  • Firewall

  • Digital Certificate

  • Password and PIN

  • Token

  • Smart Card

  • Biometrics


Passwords frustration
Passwords Frustration

  • Must be a mixture of alpha-numeric with upper and lower cases

  • Must be random and not easy to figure out

  • Should not be written down or posted on monitor

  • Must be changed regularly

  • Password should not be recycled within 5 months

  • Transfer factor- Passwords get passed around


Cost of maintaining passwords
Cost of maintaining passwords

  • About 50% of calls in IT help desks are password related

  • Estimated cost per employee per year:

    • $200 by Forrester Research Inc.

      (Economics of Security, 2/98)

    • $340 by Gartner Group

  • Bottom line: A single biometrics can replace multiple applications’ passwords


What is biometrics
What is Biometrics ?

  • Definition: Measurement of body’s unique characteristics or behavior

  • Types: Voice, Signature, Facial, Palm, Eye, Fingerprint

  • System components:

    • HW -sensor

    • SW -algorithm, API

    • Middleware and application


Why biometrics
Why Biometrics ?

  • Unique

  • Authentication: 1-to-1 matching

  • Identification: 1-to-M matching

  • Convenient

  • Non-repudiable

  • Fast, accurate, non-transferable

  • Nothing to remember and nothing to forget


How is biometrics performance rated
How is Biometrics Performance Rated?

  • FTE Vs FRR Vs FAR

  • Reliability

  • Speed

  • Ergonomic

  • Intrusiveness

  • Convenience

  • Acceptance


Biometrics acceptance
Biometrics Acceptance

  • Historically slow

    • Privacy concern

    • Unreliable

    • Expensive

    • Difficult to integrate

    • Negligence

  • Post September 11

    • demand and acceptance: increased by 3-4 folds


Change in acceptance of biometrics
Change in Acceptance of Biometrics

  • Estimate: ID theft in U.S. is about 500,000 cases/year

  • Consumers are ready to accept biometrics at the cost of decreased privacy and more intrusive method of identification

  • Consumers’ fears and losses due to fraud give strong incentives for institutions to invest heavily in biometrics as alternative to PIN

  • Financial institutions are considering biometrics:

    ING Direct, American Banker Association, Credit Union of Canada, Deutsche Bank, Citibank Meridien Research Inc.

  • Financial Service will spend $1.8B annually on biometric technology by 2004

    IDC, Framingham, MA


Biometrics is a good fit with banking
Biometrics is a Good Fit with Banking”

“The Technology offers security to customers at ATM, within branches to authorize transactions and for online banking. It can also be used inside companies to secure vaults and monitor access to doors and computer systems.

Meridien Research Inc.


Market Trend - 1

Total Biometric Revenue 1999-2005 ($M)

2000

1905.4

1750

1500

1440.6

1250

1000

1049.6

750

729.1

500

523.9

399.4

250

250.9

0

1999

2000

2001

2002

2003

2004

2005

Biometric Market Report 1999-2005

International Biometric Group – 2001


Market Trend- 2

Fingerprint Market Revenue 2000-2005 ($M)

500

450

453.3

400

373.9

350

300

266.6

250

200

167.0

150

100

99.4

50

57.2

0

2000

2001

2002

2003

2004

2005

Fingerprint Market Report 2000-2005

International Biometric Group – 2001


Market Trend - 3

Biometric Market Report 1999-2005

International Biometric Group – 2001

  • Fingerprint and Middleware market will lead biometrics market in future

  • Projected Revenue of Fingerprint and Middleware will occupy 40% of Total Market at 2005


Dynamic growth in finger scan biometrics

Signature-Scan

3%

Voice-Scan

Iris-Scan

4%

6%

Facial-Scan

15%

Finger-Scan

49%

Hand-Scan

11%

Middleware

12%

Dynamic Growth in Finger-Scan Biometrics

Market Share by Technology, 2001

(Excludes AFIS Revenues)

Worldwide Finger-Scan

Biometrics Technology Revenues

($ Millons)

Source: Frost & Sullivan, 2001


Privacy Concern:Minutiae Extraction

Fingerprints cannot be reproduced from minutiae template


Areas of biometrics application
Areas of Biometrics Application

  • Physical access control

  • Data access security

  • Time and attendance

  • ID theft prevention

  • Privacy protection

  • Fraud reduction

  • Cost-effective and high security


Types of fingerprint sensor
Types of Fingerprint Sensor

  • Semiconductor

    • Capacitive

    • Thermal

    • RF

  • Optical

    • Traditional

    • SEIR

  • Thin Film Technology



Semiconductor fp sensor
Semiconductor FP Sensor

  • Small and low profile

  • Cost - expensive at low volume and large sensing area

  • Physical and electrical Unstable

  • Vulnerable to EDS

  • Metal discharge pathway

  • Surface coating required

  • Low tolerance to abuse


Types of fingerprint sensor1
Types of Fingerprint Sensor

  • Semiconductor

    • Capacitive

    • Thermal

    • RF

  • Optical

    • Traditional

    • SEIR

  • Thin Film Technology



Traditional optical fp sensor
Traditional Optical FP Sensor

  • Plastic platen with soft coating

  • Nonlinear distortion

  • Low contrast image

  • Stray light interference

  • High power consumption

  • Assembly required mirror for compensation

  • Integration relatively difficult

  • Production- labor intensive


Types of fingerprint sensor2
Types of Fingerprint Sensor

  • Semiconductor

    • Capacitive

    • Thermal

    • RF

  • Optical

    • Traditional

    • SEIR

  • Thin Film Technology


New generation optical fp sensors
New Generation Optical FP Sensors

  • SEIR: Surface Enhanced Irregular Reflection- a break through optical finger-scanning technology

  • High contrast and virtually distortion-free image

  • High performance for extreme skin condition

  • Scratch-proof surface with robust and compact housing

  • Low power consumption

  • Integration relatively easy

  • Mass production capable at low cost


Eyed mouse tm
EyeD MouseTM

  • Award-winning world’s first biometric mouse

  • Most ergonomic & durable fingerprint sensor

  • State-of-the-art fingerprint matching algorithm

  • Matching software: SecuDesktop, SecuIBAS (Features: logon, File En/Decryption, Screen Saver)



How to select a fingerprint biometrics
How to Select a Fingerprint Biometrics?

  • User friendliness

  • Durability

  • Cost

  • Size

  • Ease of integration

  • Choice of application products

  • Third-party SW support


Stand alone finger scan module
Stand-alone Finger-Scan Module

  • Building Access Control

  • Time & Attendance

  • Vehicle Control

  • Door-lock System

  • Point of Sale

  • Safe and Gun control Box

  • Supported protocols: Wiegand, RS232 and RS485


Financial Sector

Computer Security

Telecommunication

Point of Sale

ATM

Online Banking

Access Control

Network Security

e-Commerce

Mobile Phone

Call Center

Internet Phone

Immigration

Medical

Facility and Attendance

Passport Control

Border Control

Medical Records Mgt

HIPAA Compliance

Door Lock

Time-Attendance

Public Sector

Social Service

Aviation & Travel

National ID

Correctional Facility

AFIS

DMV

Social Security

Welfare Payment

Missing Child

Access Control

Ticket-less Travel

Anti-terrorist security

Biometrics Overview

Biometrics Applications


Biometrics for healthcare

  • Electronic Medical Records

  • Automatic encounter documentation

  • Electronic transaction processing

  • Online PDA easy data entry

  • Work flow management

  • Transcriptions

  • Patients

  • Website Access

  • Clinical and Account Info

  • Appointments and Messages

  • Personalized Health Info

  • Financial Management

  • Charge capture at the point of encounter

  • Claims processing and billing

  • Accounts Receivable

  • Eligibility & Authorizations

  • Managed Care

  • Health Plans/IPA

  • Claims, Eligibility, Authorization,

  • Formulary, Regulations, Contracts,

  • Connectivity

Biometrics for Healthcare

Provider’s Automated Office


Biometrics application
Biometrics Application

  • Physical Access Control

  • Time and Attendance

  • PC/Enterprise/Network Security

  • Internet & e-Commerce

  • B2B Transactions

  • Financial: on-line banking, ATM

  • Medical information system

  • Distant Learning

  • e-Publishing

  • Smart card/Digital Certificate

  • Any password-based application


Distant learning
Distant Learning

  • Physical Access Control

  • Time and Attendance

  • PC/Network Security/IT

  • Student registration/verification

  • On-line testing


Healthcare
Healthcare

  • Physical Access Control

  • Time and Attendance

  • PC/Network Security/IT

  • Patient registration and Identification

  • e-Claim processing

  • EMR

  • Document Management

  • HIPAA Compliance

  • Privacy Protection


Benefits of biometrics implementation
Benefits of Biometrics Implementation

  • Maximize network security

  • Ensure users’ privacy

  • Protect institution physical assets

  • Provide user authentication

  • Allow non-repudiable transaction

  • Deter hackers and ID fraud

  • Eliminate password frustration

  • Cut IT cost in password maintenance

  • Increase corporation image, productivity and profitability


SecuIBAS Server

Configuration

CORPORATE HEADQUARTERS

Mobile & Remote Warriors

PSTN / ISDN / ADSL

Customers

University

Bank

Trading

Hospital

INTERNET

PSTN / ISDN / ADSL

Home Worker

Firewall

Groupware

Web Server

SNA Leased Line

Branch Office

Supply Chain or Factory


SecuGen Biometric Authentication

  • SecuIBAS Web Server Software

  • Takes only one day to integrate into your system.

  • Supports various operating systems and databases.

    • Windows 2000/NT

    • Solaris

    • Linux

    • Unix


SecuGen Biometric Authentication

  • SecuIBAS Server Software

  • Takes only one day to install.

  • Supports various operating systems and databases.

    • Windows 2000/NT

    • Solaris

    • Linux

    • Unix


SecuGen Biometric Authentication

  • SecuIBAS Client Pack

  • USB plug & play mouse or other sensor

  • Windows device driver

  • Supports Internet Explorer & Netscape


Eyed mouse tm1
EyeD MouseTM

  • Award-winning world’s first biometric mouse

  • Most ergonomic & durable fingerprint sensor

  • State-of-the-art fingerprint matching algorithm

  • Matching software : SecuDesktop, iBAS (logon, File En/Decryption, Screen Saver)


ad