6




m
 V  
  6



P Digital Certificates provide a means of proving your

identity in electronic transactions, much like a driver

license or a passport does in face-to-face interactions.

P With a Digital Certificate, you can assure friends,

business associates, and online services that the

electronic information they receive from you are

authentic.


 M  6


P Digital Certificates are the electronic counterparts to

driver licenses, passports and membership cards.

P You can present a Digital Certificate electronically to

prove your identity or your right to access information or

services online.

?
P Digital Certificates, bind an identity to a pair of electronic

keys that can be used to encrypt and sign digital

information.

P A Digital Certificate is issued by a Certification Authority

(CA) and signed with the CA's private key.

÷
P A Digital Certificate typically contains the:
J Owner's public key
J Owner's name
J Expiration date of the public key
J Name of the issuer (the CA that issued the Digital
Certificate
J Serial number of the Digital Certificate
J Digital signature of the issuer

g
P ëhe most widely accepted format for Digital Certificates is

defined by the CCIëë .509 international standard; thus

certificates can be read or written by any application

complying with .509. Further refinements are found in

the PKCS standards and the PEM standard.

{
 M 6

  
P Digital Certificates can be used for a variety of electronic

transactions including e-mail, electronic commerce,

groupware and electronic funds transfers.

P Netscape's popular Enterprise Server requires a Digital

Certificate for each secure server.


P For example, a customer shopping at an electronic mall

run by Netscape's server software requests the Digital

Certificate of the server to authenticate the identity of

the mall operator and the content provided by the

merchant.

P Without authenticating the server, the shopper should

not trust the operator or merchant with sensitive

information like a credit card number. ëhe Digital

Certificate is instrumental in establishing a secure

channel for communicating any sensitive information

back to the mall operator. Ô




P ÿ iometricÿ come from the Greek words ÿbioÿ (life) and

ÿmetricÿ (to measure).

P iometrics are technologies used for measuring and

analyzing a person's unique characteristics.

P ëhere are two types of biometrics:

J behavioral and

J physical

0
P ehavioral biometrics are generally used for

verification

P physical biometrics can be used for either

identification.

m
 What are biometric systems
used for?
P iometrics are used for identification and verification:

P V
 is determining who a person is. It

involves trying to find a match for a person's biometric

data in a database containing records of people and

that characteristic. ëhis method requires time and a

large amount of processing power, especially if the

database is very large.

mm
P [
 is determining if a person is who

they say they are. It involves comparing a

user's biometric data to the previously recorded

data for that person to ensure that this is the

same person. ëhis method requires less

processing power and time, and is used for

access control (to buildings or data).

m
 What are the main types of
biometric systems?
P ëhe main physical biometric technologies include:
J fingerprint
J iris
J retina
J hand
J palm vein
J face

m?
 fingerprint
Principles of fingerprint biometrics:

P A fingerprint is made of a a number of ridges and valleys

on the surface of the finger.

P Ridges are the upper skin layer segments of the finger

and valleys are the lower segments.

P ëhe ridges form so-called minutia points: ridge endings

(where a ridge end) and ridge bifurcations (where a

ridge splits in two).

m÷
P Many types of minutiae exist, including dots (very small
ridges), islands (ridges slightly longer than dots,
occupying a middle space between two temporarily
divergent ridges), ponds or lakes (empty spaces
between two temporarily divergent ridges), spurs (a
notch protruding from a ridge), bridges (small ridges
joining two longer adjacent ridges), and crossovers (two
ridges which cross each other).
P ëhe uniqueness of a fingerprint can be determined by
the pattern of ridges and furrows as well as the minutiae
points. ëhere are five basic fingerprint patterns: arch,
tented arch, left loop, right loop and whorl. Loops make
up 60% of all fingerprints, whorls account for 30%, and
arches for 10%.
P Fingerprints are usually considered to be unique, with no
two fingers having the exact same dermal ridge
characteristics
mg
 Ñow does fingerprint
biometrics work
ëhe main technologies used to capture the fingerprint
image with sufficient detail are optical, silicon, and
ultrasound.
P ëhere are two main algorithm families to recognize
fingerprints:
P Minutia matching compares specific details within the
fingerprint ridges. At registration (also called enrollment),
the minutia points are located, together with their
relative positions to each other and their directions. At
the matching stage, the fingerprint image is processed to
extract its minutia points, which are then compared with
the registered template.

m{
P Pattern matching compares the overall characteristics
of the fingerprints, not only individual points.
Fingerprint characteristics can include sub-areas of
certain interest including ridge thickness, curvature,
or density. During enrollment, small sections of the
fingerprint and their relative distances are extracted
from the fingerprint. Areas of interest are the area
around a minutia point, areas with low curvature
radius, and areas with unusual combinations of
ridges.

m
P 




 




J Easy to use

J Cheap

J Small size

J Low power

J Non-intrusive

J Large database already available

P © 


 

Fingerprint sensors are best for devices such as cell

phones, US flash drives, notebook computers and other
applications where price, size, cost and low power are
key requirements. Fingerprint biometric systems are also
used for law enforcement, background searches to
screen job applicants, healthcare and welfare.

mÔ
 iris
P u







ë


 

  
ë
 

 


 



 

 




  

 ë
 



    

m0
 Ñ  



 
P © !   


 "
  
 
  


P # 
  


 

P ë 
$
  


 %%

 


"


  


P 



 

  
P Ñ
 & ë
   "      
     
P '   
 (  
   
P M

 

  
P ë
 

 
 
   " 
P ©




 


P ©  &          
 
 # 
  

    

  
  
  
  
         




m
 retina
Pu


 



P ë
 
" 



 
   


 Ñ  
 "
P )

 



  

 

     
 
m mg 



© 
 
 (

 


 *  
 

 




 

©  
 


?
P © "

   


+


 
   
 

÷
P V
 
 
P x 
 
P 


 


 
P Ñ

P ©


 



P )

 
 





# 

")



 

 


g
 hand
u





P ©,
  

-"




,

  
 
 Ñ 


  
  
 

 


 



{
Ñ  

 "
P .

  


!
 

    



 

" 

* /
 

"

1






 0



P ©

 




   " 

ë
 
 
   


 


 

P ë


 
 

 
,

 

 





    
ë


"   
ë
 
 
 "  
P ë  

 


  

,ë 
  







 

 

© 




  

 

 " 



Ô
P ©





P Ñ





 

  
P ë

P © &Ñ




  
 



 

0
 palm vein
P u






P ë
   

 2


 


  
 
   +


  
 ,



 
 

 
"ë


"

   
  
 

?
 face
P u






P ë

    

  ,
P Ñ  


 
P .
  
 

!
 

    
&3
 
 

* /
  
 "
 




   
 

 

" 
?m
P © 
" 
, 


    



+   

  

   


 


  
P ë 
$
  
 
"



 
 
"
 

© 


 
 

 
4

 ,
"5
P ë

  

&
 "
 

?
 3'©

P Ñumans have 23 pairs of chromosomes containing
their DNA blueprint. One member of each
chromosomal pair comes from their mother, the other
comes from their father. Every cell in a human body
contains a copy of this DNA. ëhe large majority of
DNA does not differ from person to person, but 0.10
percent of a person's entire genome would be unique
to each indiviual. ëhis represents 3 million base pairs
of DNA.
P Genes make up 5 percent of the human genome. ëhe
other 95 percent are non-coding sequences, (which
used to be called junk DNA). In non-coding regions
there are identical repeat sequences of DNA, which
can be repeated anywhere from one to 30 times in a
row. ëhese regions are called variable number tandem
repeats (VNëRs).
??
P ë

 

4 5 


 
+ 6'ë) 
,3'©
 
 
ë



  



   
 


3'© 
P 3'© 


 6'ë)

   
,3'© ë


 3'© & 
3'©4



 

 
5
3'© 


 " 6'ë) 
3'©

!

3'©



?÷
P M
©

 
P 3'©

  (

P &


"

 


 

  
P 7 

?g
 6 

P u






P   
 4
 5 
P Ñ  


 
P 1
 
 &

  
 4
 5

 
 4
5


  
 , 
6   


  
  

?{
P ë
   



 


  © 
  
  
  
 
   

 




P 3 


 


  
6   
!  4
 


27
 
5ë
 
    


 
 
 

P ë 
" 

 
" 



?
 1

P Ñ  
  

  
P .
  
 

!

 


 " 


1


 


 

  



 





 


?Ô
P © 
P ë


"
 


&
P 2"
  
  "
 
"   

  !

  

   
P 2 
 

  
P ë
 


 &ë



 


P ©"

 
 



&
ë
 
 



 


 

ë

 


 

( ë




 

P 7 


&ë


"  

 (

 
P ë
 
 

  

P 



?0
ë
"8 

÷