1 / 16

Executive Post Graduate Programme in e-Governance (EPGP-EG), 2013-14 Identity Management

Executive Post Graduate Programme in e-Governance (EPGP-EG), 2013-14 Identity Management. Cyber Security Through Biometrics in e-Gov Projects. Presented by. GROUP # 2 Pravin Kolhe M. Jyothi Rani Sanjay Singh Vivek Srivastava Chandan Kumar Jha. July-2013, IIM Indore.

erv
Download Presentation

Executive Post Graduate Programme in e-Governance (EPGP-EG), 2013-14 Identity Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Executive Post Graduate Programme in e-Governance (EPGP-EG), 2013-14 Identity Management Cyber Security Through Biometrics in e-Gov Projects Presented by GROUP # 2 PravinKolhe M. JyothiRani Sanjay Singh VivekSrivastava Chandan Kumar Jha July-2013, IIM Indore

  2. On Internet, nobody knows who you are… • A terrorist… or a student… or a spy…?

  3. Issues in Cyber security in eGov Projects • Compromised Digital Certificate • Denial of Service • Data Leakage • Malware • Hacking • Cyber Squatting • Phishing • Vishing • Identity Theft • Cyber Terrorism

  4. Cyber crime in India • The majority of cybercrimes are cantered on forgery, fraud and Phishing, • India is the third-most targeted country for Phishing attacks after the US and the UK • Social networks as well as ecommerce/govsites are major targets • 6.9 million bot-infected systems in 2011 • 14,348 website defacements in 2011 • 6,850 .in and 4,150 .com domains were defaced during 2011 • 15,000 sites hacked in 2011 • India is the number 1 country in the world for generating spam.

  5. How Biometrics can help? • A single identity is associated with each individual and is fixed in time. • Individuals are not on a list of known criminals or terrorists. • Individuals have not been previously excluded (e.g., are ineligible for services, have been deported, etc.). • The claimed identity may be verified (i.e., at a point of service). • Cyber Security is about establishing trust in entities accessing your networks and ensuring that they perform functions consistent with the role you define for them. • The fundamental capability necessary for any cyber security solution is Identity Management. • Biometrics is a key enabling technology in the fight to strengthen the security of systems against cyber crime. • “Automated measurement of Physiological and/or behavioural characteristics to determine or authenticate identity” • Biometrics provide a clear benefit to counteracting cyber security threats.

  6. RECOMMENDED STANDARDS & DESIGN • ISO/IEC JTC 1 SC 37 • ISO/IEC JTC 1 SC 27 • ISO/IEC 24761:2009, Information technology - Security techniques - Authentication context for biometrics (ACBio) • ISO/IEC 19792:2009, Information technology - Security techniques - Security evaluation of biometrics • ISO/IEC 24745 - Information technology - Security techniques - Biometric template protection • ISO/IEC 24760, Information technology - Security techniques - A Framework for Identity Management • ISO TC 68

  7. Identification Authentication It determines the identity of the person. It determines whether the person is indeed who he claims to be. No identity claim Many-to-one mapping. Cost of computation  number of record of users. Identity claim from the user One-to-one mapping. The cost of computation is independent of the number of records of users. Captured biometric signatures come from a set of known biometric feature stored in the system. Captured biometric signatures may be unknown to the system. Identification vs. Authentication

  8. PHYSIOLOGICAL IDENTIFICATION Biological/chemical based • Finger prints • Iris, Retinal scanning • Hand shape geometry • blood vessel/vein pattern • Facial recognition • ear image • DNA

  9. BEHAVIOURAL IDENTIFICATION A reflection of an individual’s Psychology • Hand written signatures • Voice pattern • Mouse movement dynamics • Gait (way of walking) • Keystroke dynamics

  10. Why biometric? • Eliminate memorization – • Users don’t have to memorize features of their voice, face, eyes, or fingerprints • Eliminate misplaced tokens – • Users won’t forget to bring fingerprints to work • Can’t be delegated – • Users can’t lend fingers or faces to someone else • Often unique – • Save money and maintain database integrity by eliminating duplicate enrolments • Liveliness detection & multimodal systems to combat spoofing. • Data signing, time stamp and session token mechanisms for minimizing hacking. • Coarse scoring, trusted sensors and secured channel for Denial of service.

  11. authentication framework for data security • Securely manage sensitive biometric data. • Ensuring the privacy of users’ personal (e.g. biometric) data. • Resisting attacks launched by insiders/outsiders. • Providing for non-repudiation of activities. • Integrating with 3rd party applications. • Scaling enterprise-wide deployments.

  12. BUSINESS CASE - ROI

  13. Disadvantages of biometric • Expensive • Change with Age • Privacy Concerns • Hygiene perception • False Reading& copying • Reliability Issues

  14. conclusion • Biometrics offer the ability to both improve security and increase higher degrees of convenience. • Biometrics can supplement existing authentication mechanisms such as tokens and passwords. • ROI on eGov Projects may not show an picture as it is still in its infancy.

  15. Contact: - Pravin Kolhe, Executive Engineer Water Resources Department, Government of Maharashtra Email:- pravinkolhe82@gmail.com www.pravinkolhe.com PPT downloaded from www.pravinkolhe.com

  16. Thank You…! GROUP # 2, EPGP-EG, IIM Indore, 2013-14

More Related