Researchers use fingerprints to secure networks

University of Buffalo researchers say they have put their fingers on a way to improve security of wireless handheld devices and Web sites.

The findings could also help eliminate the need to remember a dizzying array of passwords and aid forensics specialists, according to Venu Govindaraju, a University of Buffalo professor of computer science and engineering, and director of the school’s Center for Unified Biometrics and Sensors (CUBS).

The research specifies how big a keypad sensor needs to be and how big a fingerprint image should be, as a key shortcoming of biometric systems now is that sensors often only can take partial fingerprints, Govindaraju says. Enabling more complete fingerprinting will let companies better gauge the level of security they can provide, he says.

“For the first time, we have determined the minimum surface area required for fingerprint scanning in order to achieve a level of security that is roughly comparable to the security achieved with a six-letter password,” Govindaraju says in a statement regarding the researchers’ Automated Partial Fingerprint Identification algorithm.

The algorithm also takes into account the fact that even a legitimate fingerprint doesn’t always look the same due to the way a person presses on a pad or because of moisture or other factors.

The researchers’ work has been published in the journal Pattern Recognition and a patent has been filed on this technology.

Concerns about fingerprinting in biometrics were raised recently on a security panel at the Demo 2006 conference in Phoenix. The problem with biometrics, agrees the panel, is that once a thief learns how to reproduce a fingerprint, the owner can’t change the original.

Technology is being developed that doesn’t take a picture of the finger but some small measurements of the finger’s characteristics, says panelist Charles Palmer, manager of the security, networking and privacy departments at IBM’s Thomas J. Watson Research Center. He adds that four per cent of people can’t produce good fingerprints and that pineapple juice can temporarily remove a person’s fingerprint.

Another promising area is challenge-response biometrics, says panelist Partha Dasgupta, an associate professor with Arizona State University’s Fulton School of Engineering.

Instead of matching a spoken word or phrase to one previously recorded, the phrase is changed every time so a thief can’t record the phrase and replay it over and over to gain access to protected data. “That’s much more sophisticated, and much more complicated,” he says.

Universities are a hotbed for network security research these days. Among recent advances are those in the use of “photonic decoys” to thwart hackers and “active cookies” to foil phishers and pharmers.

QuickLink 064509

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Article

ADaPT connects employers with highly skilled young workers

Help wanted. That’s what many tech companies across Canada are saying, and research shows that as the demand for skilled workers...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now