INF80043 IT Risk Management

1. Various Types of the Biometric System

The various kinds of the biometric authentication system are given below:

i) Face Recognition Systems: The most significant kind of the biometric system is the respective face recognition system that helps in the verification or better identification of the person from several digital images, by the analysis or comparison of the patterns (Anisi et al., 2017).

The few techniques that are utilized for the face recognition system are given below:

a) Geometry Based: The most important technique for this particular face recognition system is geometry based. The few relative poses as well as edge detection could be easily done with the technique. Eyes, nose and mouth are considered while matching the faces.

b) Feature Based: The next technique of face recognition system is the feature based system (Zhao, Yu & Leung, 2015). The lips, nose and eyes are utilized as the specific predominant features to find the correct face.

ii) Fingerprint Recognition Systems: This particular kind of biometric system takes the images of the fingerprints of that specific person and then records the features like the arches, whorls and loops by taking the outlines of minutiae, edge and furrow.

The few techniques that are utilized for the fingerprint recognition system are as follows:

a) Correlation: The most popular and significant technique for fingerprint recognition is correlation, which eventually overlays two distinct fingerprint images with a proper association in equivalent pixels (Meng et al., 2016).

b) Minutiae: The next technique of fingerprint recognition is minutiae that significantly store the plane only after the inclusion of point set in the I/O minutiae.

iii) Voice Recognition System: The third important and significant kind of the biometric authentication system is the voice recognition system (Lei et al., 2013). This particular system is used to produce the speech pattern by the simple combination of behavioural and the physiological factors. All of the behavioural and the physiological factors are subsequently captured by the processing of the speech technology.

The few techniques that are utilized for the voice recognition system are as follows:

a) Automated Detection of Voice Signals: This particular technique is responsible for automatically detecting the several voice signals.

b) Feature Extraction: The second technique of voice recognition system is responsible for extracting the voice features of that particular individual (Jiang, Xu & Lv, 2016).

iv) Iris Recognition System: Another significant type of the biometric authentication system is the iris recognition system. The proper verification of individuals that is done based on single patterns in the ring shaped regions within the pupil of the eyes. The eye colours are also checked in this system.

The few techniques that are utilized for the iris recognition system are as follows:

a) Normalization: The first technique of this typical iris recognition system is normalization (Kumar, Sivalingam & Kumar, 2013). Here, the specific remapping is promptly done of iris region with the significant normalized and non centric polarized representations.

b) Segmentation: The next significant and noteworthy technique of the particular iris recognition systems is segmentation. As the name suggests, this technique is responsible for segmenting the specific iris of an individual into smaller circular images. Finally, this helps in verifying that individual.

v) Hand Geometry: The fifth significant biometric system type, which helps in the verification of an individual by a simple procedure of identification of the shapes of hands (Zhao et al., 2015). This hand geometry could be easily measured with the help of numerous dimensions and finally these dimensions could be compared with the last measurements.

The few techniques that are utilized for the hand geometry system are as follows:

a) False Acceptance Rate: The false acceptance rate evaluates the total ratio of the unauthenticated number of users with the sum of number of attempts.

b) False Rejection Rate: The false rejection rate evaluates the total ratio of the authenticated number of users, which is being rejected by this biometric system with the total number of attempts made.

c) Equal Error Rates: The final technique is the equal error rate, which matches false acceptance rate with the respective false rejection rate (Yang et al., 2013).

i) Fingerprint Recognition System: The several significant benefits of this biometric system are given below:

a) Extremely Cost Effective: The first and the foremost benefit of this biometric system is that it is extremely cost effective and could be afforded by everyone.

b) Better Security: The next significant benefit of this system is that it provides data security to the users.

c) Simple Architecture: The overall structural design of this system is extremely simplified (Zhao et al., 2016).

The several disadvantages of this biometric system are given below:

a) Inaccurate Data: This biometric system often provides inaccurate data to the users.

b) Requires Additional Hardware: The biometric system requires implementation of additional hardware.

The significant application of this fingerprint recognition system is while registration and identification for voter’s card (Xie & Zhang, 2014).

ii) Hand Geometry: The several benefits of this biometric system are given below:

a) Cost Effective: The major benefit of this biometric system is that it is extremely cost effective and could be afforded by everyone.

b) Easy Data Collection: The collection of data could be done easier.

The several disadvantages of this biometric system are given below:

a) Bulky Data: The data size is both bulky and huge.

b) Not Utilized Broadly: The data is often inaccurate and hence it is not used broadly (Ali-Ahmad et al., 2013).

Application example is mainly in offices or schools.

iii) Iris Recognition System: The several benefits of this biometric system are given below:

a) High Security: This system provides high security to data.

b) Data Accuracy: The data is always accurate.

The several disadvantages of this biometric system are given below:

a) Costly: It is costly and hence could not be easily afforded (Wu et al., 2015).

b) Obscure: It is often obscured either by eyelashes or lenses.

Application of it is in police and army grounds.

2. Three PETs with Examples

The three distinct Privacy-Enhancing Technologies are given below:

i) EPID: Enhanced-Privacy ID or EPID is a algorithm of specific digital signature that supports the distinct anonymity. Moreover, the public verification key or the private signature key is also provided by the enhanced privacy ID. The EPID is eventually created to provide any typical device for the external parties (Anisi et al., 2017). This even identifies the kind of device is being used or the procedure to use this privacy ID. The most significant benefit of the enhanced privacy ID is that the real identity is not revealed by this and hence the user’s privacy is affected.

The basic example of this PET is the utilization of PKI within the digital signature algorithm. This helps to maintain security and privacy eventually.

ii) Wrong Online Data: When an account is being created for MSN, wrong data is being provided wither for the name, contact details or addresses. Then, a specific user’s ID as well as password is eventually published on Internet. Thus, this user could easily use the account, without any problem and he is ensured that all of his private details are safe and secured and are not shared over the Internet (Zhao et al., 2015). Moreover, this type of privacy-enhancing technology is helpful for making the confidential data preserved in a database and thus maintenance of data integrity is possible.

The example of this PET could be that whenever any user is sharing forged data online to make sure that the original data is secured.

iii) Communication Anonymizers: The PET helps in hiding the real online identity by simple replacement of the identity with a non-traceable identity. Communication anonymizer is applied in the instant messaging, emails, P2P networking and various others (Meng et al. 2016).

The typical example of the PET could be disguising the IP addresses in the anonymising networks.

3. WSN and the Three Threats for WSN with Proper Recommendations

Wireless sensor networks are the collection of sensors that helps in monitoring and recording environmental physical conditions. The WSN architecture significantly follows the basic OSI architecture. This particular architecture as well as the protocol stack comprises of five distinct and five cross layers. These layers are physical, data link, network, transport and application and the five cross layers are power, mobility, task, QoS management and security management (Jiang, Xu & Lv, 2016). The five distinct WSN layers could be used to accomplish the network objective and thus making these sensors to work together to hoist the network effectiveness and efficiency. On the other hand, the five cross planes of the WSN protocol stack is used for managing the features of power, mobility, task, quality of services and security.

Figure 1: Wireless Sensor Network Architecture and Protocol Stack

(Source: Zhao et al., 2015)

The three types of vulnerabilities, which are utilized to attack WSN, are as follows:

i) Denial of Service: This is the most common type of vulnerability for WSN, where the attacker seeks in the machine for making it unavailable for the user (Kumar, Sivalingam & Kumar, 2013). It happens in physical layer in WSN architecture.

ii) Tampering: In this type of attack of tampering, the adversary compromises few sensor nodes in the network for utilization of the nodes to mislead these network activities.

iii) Injecting Erroneous Data: Another significant threat for the WSN architecture is injecting erroneous data. This data is being routed in the erroneous manner; hence previous data is being replayed.

The suggestions for these threats are given below:

i) Denial of Service: The only suggestion is the prioritization of the messages for jamming spread spectrum and hence the attack would be stopped (Xie & Zhang, 2014).

ii) Tampering: The utilization of tamper proofing to hide the sensitive data and to maintain integrity is the only way out.

iii) Injecting Erroneous Data: Implementation of cryptography in the network is the suggestion for injection of erroneous data.

References

Ali-Ahmad, H., Cicconetti, C., De la Oliva, A., Mancuso, V., Sama, M. R., Seite, P., & Shanmugalingam, S. (2013, November). An SDN-based network architecture for extremely dense wireless networks. In Future Networks and Services (SDN4FNS), 2013 IEEE SDN for (pp. 1-7). IEEE.

Anisi, M. H., Abdul-Salaam, G., Idris, M. Y. I., Wahab, A. W. A., & Ahmedy, I. (2017). Energy harvesting and battery power based routing in wireless sensor networks. Wireless Networks, 23(1), 249-266.

Jiang, D., Xu, Z., & Lv, Z. (2016). A multicast delivery approach with minimum energy consumption for wireless multi-hop networks. Telecommunication systems, 62(4), 771-782.

Kumar, A. K., Sivalingam, K. M., & Kumar, A. (2013). On reducing delay in mobile data collection based wireless sensor networks. Wireless networks, 19(3), 285-299.

Lei, L., Zhong, Z., Zheng, K., Chen, J., & Meng, H. (2013). Challenges on wireless heterogeneous networks for mobile cloud computing. IEEE Wireless Communications, 20(3), 34-44.

Meng, T., Wu, F., Yang, Z., Chen, G., & Vasilakos, A. V. (2016). Spatial reusability-aware routing in multi-hop wireless networks. IEEE Transactions on Computers, (1), 244-255.

Wu, J., Cheng, B., Yuen, C., Shang, Y., & Chen, J. (2015). Distortion-aware concurrent multipath transfer for mobile video streaming in heterogeneous wireless networks. IEEE Transactions on Mobile Computing, 14(4), 688-701.

Xie, X., & Zhang, X. (2014, April). Does full-duplex double the capacity of wireless networks?. In INFOCOM (pp. 253-261).

Yang, J., Chen, Y., Trappe, W., & Cheng, J. (2013). Detection and localization of multiple spoofing attackers in wireless networks. IEEE Transactions on Parallel and Distributed systems, 24(1), 44-58.

Zhao, N., Yu, F. R., & Leung, V. C. (2015). Opportunistic communications in interference alignment networks with wireless power transfer. IEEE Wireless Communications, 22(1), 88-95.

Zhao, N., Yu, F. R., Li, M., Yan, Q., & Leung, V. C. (2016). Physical layer security issues in interference-alignment-based wireless networks. IEEE Communications Magazine, 54(8), 162-168.

Zhao, N., Yu, F. R., Sun, H., Yin, H., Nallanathan, A., & Wang, G. (2015). Interference alignment with delayed channel state information and dynamic AR-model channel prediction in wireless networks. Wireless Networks, 21(4), 1227-1242.