ITC505 ICT Project Management

a. Different Types of Biometric System

The biometric access control system is the recognition system for humans with the help of their physical uniqueness and characteristics. The access control system is based on the substantiation (Galbally, Marcel & Fierrez, 2014). The unique biometric data is stored in the database of the organization or the secured zone, and this stored data is used to match the input to the biometric system.

Fingerprint

The fingerprint sensor is the most widely used as access control system. The fingerprints are unique, and even the fingerprints of identical twins do not have the same fingerprints.

Techniques and Technologies

The surface of the finger is made of furrows and ridges and the patterns such as arches and swirls ensure uniqueness of each pattern. The illuminated image of the fingerprint is translated into the digital codes for the authentication process, and it is stored in database. A CMOS sensor is used for the extraction and mapping of characteristics of fingerprint. There are various fingerprint scanner which can be used such as capacitive, ultrasonic and optical. Whenever a fingerprint is provided as input in the sensor, a new template of digital data is created (Sousedik & Busch, 2014). The matching algorithm is used to match the new template from the template of the database and when the input template matches the database template the user is authenticated.

Advantages and Disadvantages

The advantage of fingerprint recognition is that they are unique and provides accuracy. The disadvantages are that if the database of a system is hacked or fingerprint is stolen from surface of objects, then it can be a threat to the security.

Applications

The application of fingerprint is in security check, access and attendance in organizations and institutes. It is used to access the mobile phones and various devices.

Hand Geometry

The hand geometry identifies the user by measuring the dimensions of hand. The hand geometry recognition concept was developed in 1980.

Techniques and Technologies

The technology involved in hand geometry is using a camera for capturing an image of the hand. The input data is captured by a charged couple device camera, and both the top surface and side image of the hand is captured with the help of angle mirror. The silhouette image is used to analyze 90 measurements including the distance between knuckles, thickness and length of fingers (Ren et al., 2013). The three sequential image of the hand is stored as a template in the database. This template is used for recalling the data when a user inputs their hand geometry.

Advantages and Disadvantages

The advantage of hand geometry is public acceptance of this system, ease of using and the integration capabilities. The disadvantages of using hand geometry is that it is not as unique as fingerprints.

Applications

It is used in international banks for security and also used for recording attendance of the employees and students in organizations and institutions.

Iris Recognition

It is the automated biometric method for access control system. It uses the technique of recognition of mathematical pattern.

Techniques and Technology

 The image of the iris is captured from a distance of about 10 inches. The pattern is processed in software which extracts the pattern from the outer and inner boundary of the iris. The iris pattern is encrypted into 512 bit code using Daugman’s algorithm (Kaur & Juneja, 2014, March). This encrypted iris code is then matched with the codes contained in the database for the verification. The speed of data matching is very high about 10,000 codes can be analyzed per second.

Advantages and Disadvantages

 The advantage of Iris recognition is that are that it provides accuracy. It provides more speed and scalability. The disadvantage is that it requires high quality photographic technologies.  

Applications

The application of Iris recognition technique is in the aviation industry, airports and for records of criminals.

b. Different Privacy Enhancing Technologies

 The Privacy enhancing technologies (PET) is the standardization used for enhancing the privacy of users of information technologies. It functions in accordance with the data protection laws. The aim of the PET is the protection of confidential data of the user, and they take the responsibility of personally identifiable information. It provides the possibility to audit the terms and condition of the merchants and online service provider (Hafiz, 2013). The different types of privacy enhancing technologies can be explained as follows.

Communication Anonymizers

This privacy enhancing technology is used to hide the real identity with an identity which is non traceable. This would help in enhancing the privacy of the online identity. For instance, the online identity like IP address and email address can be replaced with a no traceable identity like random IP address and one time email id for security (Hoepman, 2014, June). This helps in empowering the cryptographic property. It can be applied to any category where data identity is required to keep private.

Enhanced Privacy ID (EPID)

The enhanced privacy id is abbreviated as EPID, and it is the digital algorithm that ensures the anonymity. The EPID provides a public verification key which is associate with a distinguishable and unique signature key. These signature keys are private in nature for ensuring the privacy. The EPID was introduced in 2008 (Gürses & Diaz, 2013). It helps the device to prove their identity to the external party. It also gives the information about the category of software running on the device. The retrieval of these information does not require revealing of data identity.

Digital Rights Management and Metadata

This technology provides the framework for describing the semantics or defining the various types of data. It can be helpful in achieving the standardization of data protection legislation. It will differentiate between the sensitive data and personal data over the internet. The controllability, transparency and auditability of the data can be set according to the different data type (Liao & Shu, 2015). The metadata and digital right management are effective in supporting the privacy of the users of information technology.

c. Wireless Sensor Networks

Wireless sensor network (WSN) is the networks of nodes which are dedicated sensors used for recording and monitoring the conditions of the network environment. It is used to organize the collected data at a central node or location. The WSN provides the measurement of various environmental conditions such as sound, temperature, pollution level, wind and humidity with the help of autonomous sensors (Yang, 2014).

Area of WSN

The areas of Wireless sensor networking are healthcare monitoring, earth sensing and Industrial monitoring. The examples of area of WSN can be given as bellows.

Environmental Sensing: The examples are air pollution monitoring, detection of forest fire, water quality monitoring and prevention of natural disaster.

Industrial Monitoring: The examples are data center monitoring, machine health monitoring, structural health monitoring and data logging (Rawat et al., 2014).

WSN Architecture and Protocol Stack

The architecture of Wireless sensor network is based on the Open system Interconnection (OSI) architecture model. It is a five layered architecture with 3 cross layers. The five layers of WSN are physical, network, data link, application layer and transport layer. The cross layers are management layers which include the task management, power management and mobility management (Pantazis, Nikolidakis & Vergados, 2013). The function of these three layers is to make the sensor work together for obtaining the efficiency of the network.

Different Types of Threat and Vulnerabilities that can attack WSN

The threats and vulnerabilities of WSN are mainly of two types namely active attack and passive attack. The passive attacks to WSN are limited to analyzing the exchanged traffic whereas the active attacks aim at removing or modification of the data transmitted over a network. The three threats and vulnerabilities that can be used to attack WSN can be described as follows

Blackmail attack: It is a malicious node that provides the fake information that another authentic node is malicious. It can affect the normal operation of the network.

Sybil attack: In this type of attack the user uses the identity of another node in order to participate in the distributed algorithm.

Wormhole Attack: In this type of attack the attackers receive the messages and use them to replay indifferent parts of the tunnels (Alrajeh, Khan & Shams, 2013).

Recommendation for Mitigation of the above explained three threats

The recommendation for the mitigation of threats and vulnerabilities of WSN attacks can be as follows.

Blackmail attack: the blackmail attack can be mitigated by encryption and authentication of data. The segmentation of networking system is also useful for the mitigation of blackmail attack.

Sybil Attack: The mitigation for Sybil attack are authentication flow, pushback and payment for network resources. The authentication flow is the re-programming process for avoiding the Sybil attack.

Wormhole attack: It can be mitigated with the implementation of distributed detection algorithm and centralized algorithm (Alrajeh, Khan & Shams, 2013). This is the detection phase which provides the information about the attack and provides relevant mitigation.

References

Alrajeh, N. A., Khan, S., & Shams, B. (2013). Intrusion detection systems in wireless sensor networks: a review. International Journal of Distributed Sensor Networks, 9(5), 167575.

Galbally, J., Marcel, S., & Fierrez, J. (2014). Image quality assessment for fake biometric detection: Application to iris, fingerprint, and face recognition. IEEE transactions on image processing, 23(2), 710-724.

Gürses, S., & Diaz, C. (2013). Two tales of privacy in online social networks. IEEE Security & Privacy, 11(3), 29-37.

Hafiz, M. (2013). A pattern language for developing privacy enhancing technologies. Software: Practice and Experience, 43(7), 769-787.

Hoepman, J. H. (2014, June). Privacy design strategies. In IFIP International Information Security Conference (pp. 446-459). Springer, Berlin, Heidelberg.

Kaur, N., & Juneja, M. (2014, March). A review on iris recognition. In Engineering and Computational Sciences (RAECS), 2014 Recent Advances in (pp. 1-5). IEEE.

Liao, X., & Shu, C. (2015). Reversible data hiding in encrypted images based on absolute mean difference of multiple neighboring pixels. Journal of Visual Communication and Image Representation, 28, 21-27.

Pantazis, N. A., Nikolidakis, S. A., & Vergados, D. D. (2013). Energy-efficient routing protocols in wireless sensor networks: A survey. IEEE Communications surveys & tutorials, 15(2), 551-591.

Rawat, P., Singh, K. D., Chaouchi, H., & Bonnin, J. M. (2014). Wireless sensor networks: a survey on recent developments and potential synergies. The Journal of supercomputing, 68(1), 1-48.

Ren, Z., Yuan, J., Meng, J., & Zhang, Z. (2013). Robust part-based hand gesture recognition using kinect sensor. IEEE transactions on multimedia, 15(5), 1110-1120.

Sousedik, C., & Busch, C. (2014). Presentation attack detection methods for fingerprint recognition systems: a survey. Iet Biometrics, 3(4), 219-233.

Yang, K. (2014). Wireless sensor networks. Principles, Design and Applications.