fbpx
Wikipedia

Identity-based security

January 01, 1970

Identity-based security is a type of security that focuses on access to digital information or services based on the authenticated identity of an entity.[1] It ensures that the users and services of these digital resources are entitled to what they receive. The most common form of identity-based security involves the login of an account with a username and password. However, recent technology has evolved into fingerprinting or facial recognition.[2]

While most forms of identity-based security are secure and reliable, none of them are perfect and each contains its own flaws and issues.[3]

History edit

The earliest forms of Identity-based security was introduced in the 1960s by computer scientist Fernando Corbató.[4] During this time, Corbató invented computer passwords to prevent users from going through other people's files, a problem evident in his Compatible Time-Sharing System (C.T.S.S.), which allowed multiple users access to a computer concurrently.[5] Fingerprinting however, although not digital when first introduced, dates back even further to the 2nd and 3rd century, with King Hammurabi sealing contracts through his fingerprints in ancient Babylon.[6] Evidence of fingerprinting was also discovered in ancient China as a method of identification in official courts and documents. It was then introduced in the U.S. during the early 20th century through prison systems as a method of identification.[7] On the other hand, facial recognition was developed in the 1960s, funded by American intelligence agencies and the military.[8]

Types of identity-based security edit

Account Login edit

The most common form of Identity-based security is password authentication involving the login of an online account. Most of the largest digital corporations rely on this form of security, such as Facebook, Google, and Amazon. Account logins are easy to register, difficult to compromise, and offer a simple solution to identity-based digital services.

Fingerprint edit

Fingerprint biometric authentication is another type of identity-based security. It is considered to be one of the most secure forms of identification due to its reliability and accessibility, in addition to it being extremely hard to fake. Fingerprints are also unique for every person, lasting a lifetime without significant change. Currently, fingerprint biometric authentication are most commonly used in police stations, security industries, as well as smart-phones.

Facial Recognition edit

Facial recognition operates by first capturing an image of the face. Then, a computer algorithm determines the distinctiveness of the face, including but not limited to eye location, shape of chin, or distance from the nose. The algorithm then converts this information into a database, with each set of data having enough detail to distinguish one face from another.[9]

Controversies and issues edit

Account Login edit

A problem of this form of security is the tendency for consumers to forget their passwords. On average, an individual is registered to 25 online accounts requiring a password, and most individuals vary passwords for each account.[10] According to a study by Mastercard and the University of Oxford, "about a third of online purchases are abandoned at checkout because consumers cannot remember their passwords."[11] If the consumer does forget their password, they will usually have to request a password reset sent to their linked email account, further delaying the purchasing process. According to an article published by Phys Org, 18.75% of consumers abandon checkout due to password reset issues.[12]

When individuals set a uniform password across all online platforms, this makes the login process much simpler and hard to forget. However, by doing so, it introduces another issue where a security breach in one account will lead to similar breaches in all remaining accounts, jeopardizing their online security.[13] This makes the solution to remembering all passwords much harder to achieve.[citation needed]

Fingerprint edit

While fingerprinting is generally considered to be secure and reliable, the physical condition of one's finger during the scan can drastically affect its results. For example, physical injuries, differing displacement, and skin conditions can all lead to faulty and unreliable biometric information that may deny one's authorization.[citation needed]

Another issue with fingerprinting is known as the biometric sensor attack. In such an attack, a fake finger or a print of the finger is used in replacement to fool the sensors and grant authentication to unauthorized personnel.[14]

Facial Recognition edit

Facial recognition relies on the face of an individual to identify and grant access to products, services, or information. However, it can be fraudulent due to limitations in technology (lighting, image resolution) as well as changes in facial structures over time.

There are two types of failure for facial recognition tests.[15] The first is a false positive, where the database matches the image with a data set but not the data set of the actual user's image. The other type of failure is a false negative, where the database fails to recognize the face of the correct user. Both types of failure have trade-offs with accessibility and security, which make the percentage of each type of error significant. For instance, a facial recognition on a smart-phone would much rather have instances of false negatives rather than false positives since it is more optimal for you to take several tries logging in rather than randomly granting a stranger access to your phone.

While in ideal conditions with perfect lighting, positioning, and camera placement, facial recognition technology can be as accurate as 99.97%. However, such conditions are extremely rare and therefore unrealistic. In a study conducted by the National Institute of Standards and Technology (NIST), video-recorded facial recognition accuracy ranged from 94.4% to 36% depending on camera placement as well as the nature of the setting.[16]

Aside from the technical deficiencies of Facial Recognition, racial bias has also emerged as a controversial subject. A federal study in 2019 concluded that facial recognition systems falsely identified Black and Asian faces 10 to 100 times more often than White faces.[17]

See also edit

References edit

  1. ^ "identity-based access control - Glossary | CSRC". csrc.nist.gov. Retrieved 2020-11-27.
  2. ^ Dastbaz, Mohammad; Halpin, Edward; Wright, Steve (2013). "Emerging Technologies and the Human Rights Challenge of Rapidly Expanding State Surveillance Capacities". Strategic Intelligence Management. pp. 108–118. doi:10.1016/B978-0-12-407191-9.00010-7. ISBN 9780124071919.
  3. ^ Pot, Justin. "Perfect Computer Security Is a Myth. But It's Still Important". How-To Geek. Retrieved 2020-12-06.
  4. ^ "Computer password inventor dies aged 93". BBC News. 2019-07-15. Retrieved 2020-11-20.
  5. ^ Yang, Yi; Yeo, Kheng Cher; Azam, Sami; Karim, Asif; Ahammad, Ronju; Mahmud, Rakib (2020). "Empirical Study of Password Strength Meter Design". 2020 5th International Conference on Communication and Electronics Systems (ICCES). pp. 436–442. doi:10.1109/ICCES48766.2020.9137964. ISBN 978-1-7281-5371-1. S2CID 220568597.
  6. ^ "The History of Fingerprinting". Crime+Investigation UK. 2018-05-06. Retrieved 2020-11-20.
  7. ^ "History of Fingerprints". www.crimescene-forensics.com. Retrieved 2020-12-06.
  8. ^ "Facial Recognition". Bloomberg.com. 2019-05-23. Retrieved 2020-11-20.
  9. ^ Sample, Ian (2019-07-29). "What is facial recognition - and how sinister is it?". The Guardian. ISSN 0261-3077. Retrieved 2020-12-06.
  10. ^ Yıldırım, M.; Mackie, I. (1 December 2019). "Encouraging users to improve password security and memorability". International Journal of Information Security. 18 (6): 741–759. doi:10.1007/s10207-019-00429-y. S2CID 108292833.
  11. ^ Johnson, Tim (June 16, 2017). "Forgot your password? You have too many and stores are losing business over it". Impact 2020.
  12. ^ "When customers forget their passwords, business suffers". phys.org. Retrieved 2020-10-29.
  13. ^ Schroers, Jessica (4 May 2019). "I have a Facebook account, therefore I am – authentication with social networks". International Review of Law, Computers & Technology. 33 (2): 211–223. doi:10.1080/13600869.2018.1475895. S2CID 65110549.
  14. ^ Ali, Media Abdul Razak (2011). "Design of an Online authentication protocol using both fingerprint identification and identity based cryptography". Al-Nahrain Journal for Engineering Sciences. 14 (2): 199–204.
  15. ^ "Face Recognition". Electronic Frontier Foundation. 2017-10-24. Retrieved 2020-12-06.
  16. ^ "How Accurate are Facial Recognition Systems – and Why Does It Matter?". www.csis.org. Retrieved 2020-12-06.
  17. ^ "Despite past denials, LAPD has used facial recognition software 30,000 times in last decade, records show". Los Angeles Times. 2020-09-21. Retrieved 2020-12-06.

January 01, 1970
identity, based, security, this, article, multiple, issues, please, help, improve, discuss, these, issues, talk, page, learn, when, remove, these, template, messages, this, article, lead, section, short, adequately, summarize, points, please, consider, expandi. This article has multiple issues Please help improve it or discuss these issues on the talk page Learn how and when to remove these template messages This article s lead section may be too short to adequately summarize the key points Please consider expanding the lead to provide an accessible overview of all important aspects of the article April 2017 This article needs additional citations for verification Please help improve this article by adding citations to reliable sources Unsourced material may be challenged and removed Find sources Identity based security news newspapers books scholar JSTOR April 2017 Learn how and when to remove this message Learn how and when to remove this message Identity based security is a type of security that focuses on access to digital information or services based on the authenticated identity of an entity 1 It ensures that the users and services of these digital resources are entitled to what they receive The most common form of identity based security involves the login of an account with a username and password However recent technology has evolved into fingerprinting or facial recognition 2 While most forms of identity based security are secure and reliable none of them are perfect and each contains its own flaws and issues 3 Contents 1 History 2 Types of identity based security 2 1 Account Login 2 2 Fingerprint 2 3 Facial Recognition 3 Controversies and issues 3 1 Account Login 3 2 Fingerprint 3 3 Facial Recognition 4 See also 5 ReferencesHistory editThe earliest forms of Identity based security was introduced in the 1960s by computer scientist Fernando Corbato 4 During this time Corbato invented computer passwords to prevent users from going through other people s files a problem evident in his Compatible Time Sharing System C T S S which allowed multiple users access to a computer concurrently 5 Fingerprinting however although not digital when first introduced dates back even further to the 2nd and 3rd century with King Hammurabi sealing contracts through his fingerprints in ancient Babylon 6 Evidence of fingerprinting was also discovered in ancient China as a method of identification in official courts and documents It was then introduced in the U S during the early 20th century through prison systems as a method of identification 7 On the other hand facial recognition was developed in the 1960s funded by American intelligence agencies and the military 8 Types of identity based security editAccount Login edit The most common form of Identity based security is password authentication involving the login of an online account Most of the largest digital corporations rely on this form of security such as Facebook Google and Amazon Account logins are easy to register difficult to compromise and offer a simple solution to identity based digital services Fingerprint edit Fingerprint biometric authentication is another type of identity based security It is considered to be one of the most secure forms of identification due to its reliability and accessibility in addition to it being extremely hard to fake Fingerprints are also unique for every person lasting a lifetime without significant change Currently fingerprint biometric authentication are most commonly used in police stations security industries as well as smart phones Facial Recognition edit Facial recognition operates by first capturing an image of the face Then a computer algorithm determines the distinctiveness of the face including but not limited to eye location shape of chin or distance from the nose The algorithm then converts this information into a database with each set of data having enough detail to distinguish one face from another 9 Controversies and issues editAccount Login edit A problem of this form of security is the tendency for consumers to forget their passwords On average an individual is registered to 25 online accounts requiring a password and most individuals vary passwords for each account 10 According to a study by Mastercard and the University of Oxford about a third of online purchases are abandoned at checkout because consumers cannot remember their passwords 11 If the consumer does forget their password they will usually have to request a password reset sent to their linked email account further delaying the purchasing process According to an article published by Phys Org 18 75 of consumers abandon checkout due to password reset issues 12 When individuals set a uniform password across all online platforms this makes the login process much simpler and hard to forget However by doing so it introduces another issue where a security breach in one account will lead to similar breaches in all remaining accounts jeopardizing their online security 13 This makes the solution to remembering all passwords much harder to achieve citation needed Fingerprint edit While fingerprinting is generally considered to be secure and reliable the physical condition of one s finger during the scan can drastically affect its results For example physical injuries differing displacement and skin conditions can all lead to faulty and unreliable biometric information that may deny one s authorization citation needed Another issue with fingerprinting is known as the biometric sensor attack In such an attack a fake finger or a print of the finger is used in replacement to fool the sensors and grant authentication to unauthorized personnel 14 Facial Recognition edit Facial recognition relies on the face of an individual to identify and grant access to products services or information However it can be fraudulent due to limitations in technology lighting image resolution as well as changes in facial structures over time There are two types of failure for facial recognition tests 15 The first is a false positive where the database matches the image with a data set but not the data set of the actual user s image The other type of failure is a false negative where the database fails to recognize the face of the correct user Both types of failure have trade offs with accessibility and security which make the percentage of each type of error significant For instance a facial recognition on a smart phone would much rather have instances of false negatives rather than false positives since it is more optimal for you to take several tries logging in rather than randomly granting a stranger access to your phone While in ideal conditions with perfect lighting positioning and camera placement facial recognition technology can be as accurate as 99 97 However such conditions are extremely rare and therefore unrealistic In a study conducted by the National Institute of Standards and Technology NIST video recorded facial recognition accuracy ranged from 94 4 to 36 depending on camera placement as well as the nature of the setting 16 Aside from the technical deficiencies of Facial Recognition racial bias has also emerged as a controversial subject A federal study in 2019 concluded that facial recognition systems falsely identified Black and Asian faces 10 to 100 times more often than White faces 17 See also editDigital Identity Attribute based access control Federated identity Identity based conditional proxy re encryption Identity driven networking Identity management system Network security Self sovereign identityReferences edit identity based access control Glossary CSRC csrc nist gov Retrieved 2020 11 27 Dastbaz Mohammad Halpin Edward Wright Steve 2013 Emerging Technologies and the Human Rights Challenge of Rapidly Expanding State Surveillance Capacities Strategic Intelligence Management pp 108 118 doi 10 1016 B978 0 12 407191 9 00010 7 ISBN 9780124071919 Pot Justin Perfect Computer Security Is a Myth But It s Still Important How To Geek Retrieved 2020 12 06 Computer password inventor dies aged 93 BBC News 2019 07 15 Retrieved 2020 11 20 Yang Yi Yeo Kheng Cher Azam Sami Karim Asif Ahammad Ronju Mahmud Rakib 2020 Empirical Study of Password Strength Meter Design 2020 5th International Conference on Communication and Electronics Systems ICCES pp 436 442 doi 10 1109 ICCES48766 2020 9137964 ISBN 978 1 7281 5371 1 S2CID 220568597 The History of Fingerprinting Crime Investigation UK 2018 05 06 Retrieved 2020 11 20 History of Fingerprints www crimescene forensics com Retrieved 2020 12 06 Facial Recognition Bloomberg com 2019 05 23 Retrieved 2020 11 20 Sample Ian 2019 07 29 What is facial recognition and how sinister is it The Guardian ISSN 0261 3077 Retrieved 2020 12 06 Yildirim M Mackie I 1 December 2019 Encouraging users to improve password security and memorability International Journal of Information Security 18 6 741 759 doi 10 1007 s10207 019 00429 y S2CID 108292833 Johnson Tim June 16 2017 Forgot your password You have too many and stores are losing business over it Impact 2020 When customers forget their passwords business suffers phys org Retrieved 2020 10 29 Schroers Jessica 4 May 2019 I have a Facebook account therefore I am authentication with social networks International Review of Law Computers amp Technology 33 2 211 223 doi 10 1080 13600869 2018 1475895 S2CID 65110549 Ali Media Abdul Razak 2011 Design of an Online authentication protocol using both fingerprint identification and identity based cryptography Al Nahrain Journal for Engineering Sciences 14 2 199 204 Face Recognition Electronic Frontier Foundation 2017 10 24 Retrieved 2020 12 06 How Accurate are Facial Recognition Systems and Why Does It Matter www csis org Retrieved 2020 12 06 Despite past denials LAPD has used facial recognition software 30 000 times in last decade records show Los Angeles Times 2020 09 21 Retrieved 2020 12 06 Retrieved from https en wikipedia org w index php title Identity based security amp oldid 1199102712, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.