希赛网 · 知识导航  
 
    软考英语    通信工程英语    软件工程    项目管理    操作系统    数据库系统    计算机网络    IT新技术    硬件数码    应用系统    计算机基础    IT职场  
希赛网 > IT英语 > 数据库系统 > 生物特征认证

生物特征认证

www.educity.cn   发布者:hegangtxd   来源:网络转载   发布日期:2013年08月27日   

Biometric authentication

  In this computer-driven era, identity theft and the loss or disclosure of data and related intellectual property are growing problems. We each have multiple accounts and use multiple passwords on an ever-increasing number of computers and Web sites. Maintaining and managing access while protecting both the user's identity and the computer's data and systems has become increasingly difficult. Central to all security is the concept of authentication——verifying that the user is who he claims to be.

  We can authenticate an identity in three ways: by something the user knows (such as a password or personal identification number), something the user has (a security token or smart card) or something the user is (a physical characteristic, such as a fingerprint, called a biometric).

  All three authentication mechanisms have drawbacks, so security experts routinely recommend using two separate mechanisms, a process called two-factor authentication. But implementing two-factor authentication requires expensive hardware and infrastructure changes. Therefore, security has most often been left to just a single authentication method.

  Passwords are cheap, but most implementations offer little real security. Managing multiple passwords for different systems is a nightmare, requiring users to maintain lists of passwords and systems that are inevitably written down because they can't remember them. The short answer, talked about for decades but rarely achieved in practice, is the idea of single sign-on.

  Using security tokens or smart cards requires more expense, more infrastructure support and specialized hardware. Still, these used to be a lot cheaper than biometric devices and, when used with a PIN or password, offer acceptable levels of security, if not always convenience.

  Biometric authentication has been widely regarded as the most foolproof —or at least the hardest to forge or spoof. Since the early 1980s, systems of identification and authentication based on physical characteristics have been available to enterprise IT. These biometric systems were slow, intrusive and expensive, but because they were mainly used for guarding mainframe access or restricting physical entry to relatively few users, they proved workable in some high-security situations. Twenty years later, computers are much faster and cheaper than ever. This, plus new, inexpensive hardware, has renewed interest in biometrics.

Types of Biometrics

  A number of biometric methods have been introduced over the years, but few have gained wide acceptance.

  Signature dynamics. Based on an individual's signature, but considered unforgeable because what is recorded isn't the final image but how it is produced——i.e., differences in pressure and writing speed at various points in the signature.

  Typing patterns. Similar to signature dynamics but extended to the keyboard, recognizing not just a password that is typed in but the intervals between characters and the overall speeds and pattern. This is akin to the way World War II intelligence analysts could recognize a specific covert agent's radio transmissions by his “hand”——the way he used the telegraph key.

  Eye scans. This favorite of spy movies and novels presents its own problems. The hardware is expensive and specialized, and using it is slow and inconvenient and may make users uneasy. In fact, two parts of the eye can be scanned, using different technologies: the retina and the iris.

  Fingerprint recognition. Everyone knows fingerprints are unique. They are also readily accessible and require little physical space either for the reading hardware or the stored data.

  Hand or palm geometry. We're used to fingerprints but seldom think of an entire hand as an individual identifier. This method relies on devices that measure the length and angles of individual fingers. Although more user-friendly than retinal scans, it's still cumbersome.

  Voice recognition. This is different from speech recognition. The idea is to verify the individual speaker against a stored voice pattern, not to understand what is being said.

  Facial recognition. Uses distinctive facial features, including upper outlines of eye sockets, areas around cheekbones, the sides of the mouth and the location of the nose and eyes. Most technologies avoid areas of the face near the hairline so that hairstyle changes won't affect recognition.

  Because of its convenience and ease of use, fingerprint authentication is becoming the biometric technology of widest choice. A growing number of notebook PCs and computer peripherals are coming to market with built-in fingerprint readers. Scores of products are available, including keyboards, mice, external hard drives, USB flash drives and readers built into PC card and USB plug-in devices. Most of these units are relatively inexpensive.

  These devices allow the user to maintain encrypted passwords that don't need to be remembered but instead are invoked after the user puts his finger on the reader. This can also be used with a separate PIN or password to offer true two-factor authentication.

  生物特征认证

  在计算机驱动的时代,身份失窃、数据暴露和与有关知识产权的损失越来越成为问题。我们每人都有多个账号,在数量不断增加的计算机和网站上使用多个口令。在保护用户身份和计算机的数据和系统的同时,维护和管理接入已经越来越困难。而所有安全的核心就是“认证”这个概念——验证用户就是他所声称的人。

  我们能以三种方式认证身份:用户知道的东西(如口令或个人身份证号码)、用户拥有的东西(安全令牌或智能卡)或用户本身就是的东西(物理特征,如指纹,称作生物特征)。

  所有这三种认证机制都有缺陷,因此安全专家通常推荐(同时)使用两种不同的机制,这个过程称作双重认证。但是,实施双重认证需要昂贵的硬件和改动基础设施。因此,最常见的安全只剩下了单一的认证方法。

  口令很便宜,但大多数实现几乎没有提供真正的安全。管理不同系统的多个口令,也是件可怕的事情,需要用户维护口令和系统的列表,由于记不住它们,不可避免地要把它们一一写下来。一个已经谈论了几十年但在实践中很难做到的简单答案,就是单一登录。

  使用安全令牌或智能卡需要更贵、更多的基础实施支持和专用硬件。但大量使用它们仍比生物特征设备便宜。当与PIN或口令一起使用时,即使不是很方便,但也提供了能接受的安全保证。

  生物特征认证已被广泛地认为是最安全的,或者至少是最难伪造或欺骗的。自上世纪八十年代初,基于物理特性的识别和认证系统已可供企业的IT部门使用。这些生物特征系统比较慢、烦人和昂贵,但由于它们主要用于保护大型机的接入或者对为数不多的用户限制物理进入,所以在某些高安全情况下业已证明它们是能工作的。二十年以后,计算机变得更快、也更便宜。此情况加上新的廉价硬件,重新引起人们对生物特征的兴趣。

  生物特征的类型

  多年来已经推出了许多不同的生物特征方法,但几乎没有一个获得广泛认可。

  签名动力学 它是基于一个人的签名,但被认为是不可伪造的,因为它所记录的不是最后的图像,而是如何产生图像,即在签名的各个点上的压力和书写速度是不同的。

  敲键模式 它与签名动力学相似,但扩展到键盘,它不仅识别敲入的口令,而且还识别字符之间的间隔和总的速度与模式。这很像二战中的情报分析,通过他的“手”(即他使用电报按键的方法)识别特定谍报人员的无线电发射。

  眼睛扫描 这种间谍电影和小说里喜欢用的方式有其自己的问题。其硬件昂贵、专用,使用起来很慢,不方便,还有可能造成用户不安。实际上,利用不同技术,眼睛有两个部分可以扫描—视网膜和虹膜。

  指纹识别 人人都知道,指纹具有惟一性。它们也容易取得,就阅读硬件或存储的数据而言,几乎不需要空间。

  手或手掌几何学 我们习惯于用指纹,但很少想到利用整个手做单独的识别物。该方法依赖于测量各个手指的长度和角度。虽然比起视网膜扫描该方法更加用户友好,但仍很麻烦。

  声音识别 它不同于语音识别。此概念是对照储存的声音模式来验证说话者,而不是来理解他说了什么。

  面部识别 利用面部与

标签: 数据库系统
1 2
本文标题:生物特征认证
   主编推荐
全局导航
IT认证学院
Adobe认证Cisco认证H3C认证IBM认证IT认证资讯Java认证Linux认证Microsoft认证Oracle认证华为认证
IT英语
IT新技术操作系统基础英语计算机网络软件工程软考英语数据库系统通信专业英语项目管理英语应用系统硬件数码职场英语
程序开发学院
.NETC语言_C++语言DelphiPowerBuilderWeb开发嵌入式开发移动开发游戏开发PHPPythonPerlRuby
等考学院
考试大纲二级考试经验二级模拟试题一级考试资料二级考试资料一级模拟试题三级模拟试题四级模拟试题一级考试经验三级考试经验四级考试经验四级考试资料三级考试资料等级考试动态
软件工程学院
CASE工具构件与中间件软件测试软件过程改进软件设计软件外包需求分析软件质量保证系统分析与建模系统规划业界观点敏捷开发
软考学院
程序员电子商务设计师法律法规考试大纲考试政策历年试题软件评测师软件设计师软考英语数据库系统工程师网络工程师网络管理员网络规划设计师系统分析师系统架构设计师信息技术处理员信息系统管理工程师信息系统监理师
通信学院
初级通信工程师传输与接入高级通信工程师互联网技术交换技术考试大纲考试动态考试题库设备环境通信法规终端与业务综合能力
网络工程学院
交换技术接入技术路由技术实施案例网络布线网络存储网络服务器网络管理无线网络系统应用网络协议网络设备
项目管理学院
系统集成项目管理工程师信息系统项目管理师CPMP考试IPMPPMP考试prince2认证项目采购管理项目成本管理项目范围管理项目风险管理项目沟通管理项目配置管理项目人力资源管理项目时间管理项目管理案例项目管理动态项目管理工具项目经理项目整合管理项目质量管理项目干系人管理
职称考试学院
职称考试题目职称考试指南职称考试资料
研究生院
考研英语考研题库招生信息就业指导考研经验考研政治考研数学
信息安全实验室
网络安全黑客教程杀毒防毒安全设置脚本攻防黑客入侵工具使用漏洞分析加密解密手机安全安全技术
物联网学院
生物识别二维码射频技术传感器物联网感知层物联网网络层物联网传输层物联网应用层物联网标准物联网前沿技术智能生活智慧城市物联网案例分析云计算虚拟化技术
Java学院
Javascript教程Java教程Java核心技术Java高级技术J2EE教程J2ME教程XML教程Java开源技术
Linux学院
Linux系统管理Unix教程Linux教程Linux编程Linux集群Linux内核技术Linux安全Linux服务器Solaris教程AIX教程
Windows学院
Windows系统管理Windows教程Windows安全Windows服务器Windows网络管理Windows故障Windows优化Windows动态
数据库学院
数据库开发Oracle数据库MySQL数据库Sybase数据库DB2数据库SQL Server数据库数据仓库Informix数据库