|
|
Windows Biometrics |
Windows Biometrics (WinBM)
This project is aimed to develop biometric technologies for (1) secured Windows environment at the platform level, and interoperability between different biometric applications, and (2) development of reliable biometric technologies and applications. WinBM provides biometrics interfaces with the Windows platform following the Next-Generation Secure Computing Base (NGSCB) secure input specification. The interoperability makes it convenient and versatile to integrate into the Windows various biometrics applications for person identification and verification, including face, iris, speaker, signature and fingerprint, and smartcard for logon. Different levels of security and usability are supported in a unified WinBM framework in order to cater to different needs, such as Home/Standalone, Government/Enterprise, Tablet PC, and mobiles.
NGSCB-enabled devices for two-factor authentication, a smart card reader and biometric input device, are attached to the system depicted in the figure, while the user authentication software component runs as an NCA in the protected operating environment. See more details.
Reliable Biometric Technologies
Reliability or accuracy is always a top issue in biometrics research. MSRA will continue the development of reliable face, iris, voice, and signature based biometrics technologies, and integrate them into WinBM.
Primary biometric system reliability indices are FRR (False Reject Rate) which s the statistical probability that the system fails to recognize an enrolled person, FAR (False Accept Rate) which is the statistical probability that an imposter is recognized as an enrolled person, and EER (Equal Error Rate) when FRR=FAR. The ideal performance is FRR=FAR=EER=0. FRR and FAR are inversely dependent on each other and the state-of-the-art performances have been given earlier.
A highly accurate biometric system should be able to recognize or verify personal identity regardless of extrinsic factors such as lighting and head pose in the case of face, or orientation and scan quality in the case of fingerprint. This has been a big technical challenge. The crucial difficulty is that conventional distance measure in Euclidean space does not apply well enough in template matching. Consider the following schematic illustrations.
The one on the left shows how the image signal changes when the face scale changes, draw according to real data. The red, green and blue colors represent three different persons. Each person took 64 images of size 32x32=1024. Each of these images are rescaled, as illustrated on the top of the panel, giving one curve in the 2 dimensional plot, corresponding a 2D subspace of the original 1024 dimensional image space.
This example demonstrates: (1) that face manifolds are highly nonlinear and nonconvex, and (2) the Euclidean distance between two images of a same person can be larger than that between images of two different persons. While these illustrate the effects due to scale changes, they are also true when changes are caused by other factors such as lighting, pose, expression, facial ware, etc. Therefore the conventional Euclidean geometry does not apply in differentiating different people.
See also the figure on the right. The squared area denotes the space of all images. The orange area, a subset of the squared area (all possible images), comprises all face images, and is called the face manifold. Insides the face manifold are the manifolds of two different individuals. They are elongated and irregular due to the said extrinsic factors. Intra-class distances can be smaller than inter-class distances when Euclidean distance is used, causing mis-classification.
Note that similar problem exist also in other biometric methods. For example, signal in voice ID is subject to microphone channel and environmental noise; fingerprint ID is subject to the type of scanner device and finger conditions.
There are two possible solutions. The first is to construct a nonlinear classifier so that the two classes can be correctly classified. This will need abundant training data to cover all possible situations. If this is not satisfied, for example when there is only one or a few photo per person, as illustrated in the following figure, the trained classifier can lead to mis-classification for unseen situations.
A second possible solution is to extract reliable person-specific (intrinsic) features from the input invariant to extrinsic factors. This in effect performs nonlinear normalization eg in lighting and pose, such that the distribution of extracted features are normally distributed, or tends to be so, such that a linear classifier with Euclidean distance could work properly. MSRA face group is working in this direction.
Other research directions are multi-modality fusion and reinforcement learning. A fusion of fingerprint and face recognition would achieve higher accurate than anyone alone. Progressive or reinforcement learning allows for intelligent update of users’ biometrics information. This makes a system increasingly accurate.
The basic tenant is that “biometric properties are public.” Anyone could attempt to use biometrics to access someone else’s computer. The use of trusted devices means that there is some trusted connection between the device and the authentication system that certifies its performance. For example, it certifies that the face/fingerprint presented to it is a real one active at the time of the sample, rather than a replay being performed by a malicious hardware simulator attached.
Basically, there is no platform for building a trusted device. This includes smart card readers. So, the problem is that Windows cannot fully trust the data it is receiving from the sensor. Keyboards don’t have this problem because they use a trusted keyboard driver that is a kernel component. So, if biometrics is to ever take off in the enterprise, they will need to be trusted devices as well.
A possible solution is “liveliness test”. By liveliness test using signal/image processing and pattern recognition techniques, the Windows accepts or rejects the input from an un-trusted device. For example, there are changes in the pupil and iris diameters as functions of the time, due to the inevitable muscle contract in a live eye. Such fluctuations can be used for liveliness detection. Another possibility is to issue random instructions for interactive actions, such as blinking eyes, turning heads, etc.
There are also modes that combine different biometrics and secret systems. Adding a PIN or smartcard to a biometric authentification system and multi-modality fusion can also improve on the trusted device problems.
While reliability is a top concern, a highly reliable biometric system must also accompanied by the usability. For example, the current iris recognition technology has high enough accuracy already, but the usability of current iris sensing devices and user acceptance are the limit to its use. Research is needed for user friendly interfaces and devices for improving usability.