Encyclopedia of Biometrics [1 ed.] 0387730028, 9780387730028

Citation preview

Encyclopedia of Biometrics

Stan Z. Li Editor Anil K. Jain Editorial Advisor

Encyclopedia of Biometrics

With 683 Figures* and 88 Tables

*For color figures please see our Electronic Reference on www.springerlink.com

Editor Stan Z. Li Professor Center for Biometrics and Security Research Chinese Academy of Sciences Beijing China Editorial Advisor Anil Jain Professor Department of Computer Science & Engineering Michigan State University East Lansing, MI USA

Library of Congress Control Number: 2009929415 ISBN: 978‐0‐387‐73002‐8 This publication is available also as: Electronic version under ISBN 978‐0‐387‐73003‐5 Print and electronic bundle under ISBN 978‐0‐387‐73004‐2 ß 2009 Springer Science+Business Media, LLC All rights reserved. This work may not be translated or copied in whole or in part without the written permission of the publisher (Springer Science+Business Media, LLC., 233 Spring Street, New York, NY 10013, USA), except for brief excerpts in connection with reviews or scholarly analysis. Use in connection with any form of information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed is forbidden. The use in this publication of trade names, trademarks, service marks, and similar terms, even if they are not identified as such, is not to be taken as an expression of opinion as to whether or not they are subject to proprietary rights. springer.com Printed on acid‐free paper

SPIN: 11878742 — 5 4 3 2 1 0

Preface The Encyclopedia of Biometrics provides a comprehensive reference to concepts, technologies, issues, and trends in the field of biometrics. The volume covers all important aspects – research, development, and applications, including biometric sensors and devices, methods and algorithms, sample quality, system design and implementation, databases, performance testing, information security, and standardization. Leading experts around the world contributed to this collection of over 200 in-depth essays accompanied by more than 600 definitional entries. The focus of the encyclopedia is on immediate, yet comprehensive, information in an easy-to-use format which is accessible to researchers and scientists, system designers, engineers, programmers, students, practitioners, and government agents working in the broad field of biometrics. It is available as a print edition as well as a fully searchable version with extensive cross-referencing and updates as new trends and terms arise.

Key Features at a Glance  Serves as an immediate point of entry into the field for in-depth research  Covers biometrics of face, fingerprints, iris, vein, voice, hand, ear, gait, skin, tongue, dental, odor, skull, and DNA  A–Z format allows intuitive and easy-to-use access  Cross-referenced entries  Internationally renowned editorial board, from across the scientific and engineering disciplines and geographies  Balanced coverage

Acknowledgments I am grateful to all the people who have played a part in the production of this encyclopedia. First of all, my deep gratitude to Anil K. Jain, Editorial Advisor for sharing his knowledge and expertise, and important advice and suggestions for this encyclopedia. Our stellar team of area editors has done excellent work in writing, inviting, and reviewing the contributions from many leaders of the field. My sincere thanks to Andy Adler, Joseph Campbell, Raffaele Cappelli, Christophe Champod, Stephen Elliott, Julian Fierrez, Jean-Christophe Fondeur, Carmen Garcia-Mateo, Josef Kittler, Hale Kim, Ajay Kumar, Davide Maltoni, Aleix Martinez, Mark Nixon, Geppy Parziale, Fernando Podio, Salil Prabhakar, Arun Ross, Marios Savvides, Yoichi Seto, Colin Soutar, Wei-Yun Yau, Pong C. Yuen, and David Zhang. I would like to thank these area editors for their help in creating this book and the numerous authors for their individual contributions. Special thanks are due to people at Springer for their enthusiasm, advice, and support. Jennifer Evans, Susan Lagerstrom-Fife, Michaela Bilic, Tina Shelton, and Anil Chandy have played key roles at different times in the development of this book. Stan Z. Li Editor-in-Chief

#

2009 Springer ScienceþBusiness Media, LLC

Editor Stan Z. Li Professor Center for Biometrics and Security Research Chinese Academy of Sciences Beijing China [email protected]

Editorial Advisor Anil K. Jain Professor Department of Computer Science & Engineering Michigan State University East Lansing, MI USA [email protected]

Area Editors ANDY ADLER Systems and Computer Engineering Carleton University 1125 Colonel By Drive Ottawa, ON K1S 5B6 Canada [email protected] JOSEPH P. CAMPBELL Information Systems Technology Group Massachusetts Institute of Technology 244 Wood Street Lexington, MA 02420-9108 USA [email protected] RAFFAELE CAPPELLI Department of Electronics, Informatics and Systems (DEIS) University of Bologna Via Gaspare Finali 56 Cesena Italy [email protected] CHRISTOPHE CHAMPOD Institut de Police Scientifique Ecole des Sciences Criminelles Universite’ de Lausanne 1015 Lausanne Switzerland [email protected] STEPHEN ELLIOTT Department of Industrial Technology Purdue University West Lafayette, IN 47907-2021 USA [email protected] JULIAN FIERREZ Escuela Politecnica Superior Universidad Autonoma de Madrid 28049 Madrid Spain [email protected] #

2009 Springer Science+Business Media, LLC

JEAN-CHRISTOPHE FONDEUR Sagem Se´curite´ Le Ponant de Paris - 27, rue Leblanc - 75512 Paris Cedex 15 France [email protected] CARMEN GARCIA-MATEO Telecommunication Engineering School University of Vigo 36310 Vigo Spain [email protected] JOSEF KITTLER Faculty of Engineering & Physical Sciences University of Surrey Guildford, GU2 7XH UK [email protected] HALE KIM School of Information & Communication Engineering 253 Yonghyun-dong Nam-ku, Incheon, 402-751 Korea [email protected] AJAY KUMAR Department of Chemical Engineering & Chemistry The Hong Kong Polytechnic University Hung Hom, Kowloon Hong Kong [email protected] DAVIDE MALTONI Department of Electronics, Informatics and Systems (DEIS) University of Bologna Viale Risorgimento, 2 Bologna Cesena Italy [email protected]

x

Area Editors

ALEIX MARTINEZ Department of Electrical and Computer Engineering The Ohio State University 2015 Neil Avenue Columbus, OH 43210 USA [email protected]

MARIOS SAVVIDES Department of Electrical and Computer Engineering Carnegie Mellon University 4720 Forbes Avenue Pittsburg, PA 15213 USA [email protected]

MARK NIXON Department of Electronics and Computer Science University of Southampton SO17 1BJ UK [email protected]

YOICHI SETO Advanced Institute of Industrial Technology Tokyo Metropolitan University Tokyo Japan [email protected]

GEPPY PARZIALE iNVASIVE CODE Avda Passapera 17 - 17310 Lloret de Mar (GI) Barcelona Spain [email protected]

COLIN SOUTAR 273, Broadway Avenue Toronto, ON M4P 1W1 Canada [email protected]

FERNANDO PODIO Computer Security Division National Institute of Standards and Technology (NIST) Gaithersburg, MD USA [email protected]

WEI-YUN YAU Agency for Science, Technology & Research Institute for Infocomm Research 1 Fusionopolis Way #21-01 Connexis (South Tower) Singapore 138632 Singapore [email protected]

SALIL PRABHAKAR Algorithms Research Group DigitalPersona Redwood City, CA 94063 USA [email protected] ARUN ROSS Lane Department of Computer Science and Electrical Engineering West Virginia University Morgantown, 26506 WV USA [email protected]

PONG C. YUEN Department of Computer Science Hong Kong Baptist University Kowloon Tong Hong Kong [email protected] DAVID ZHANG Department of Computing The Hong Kong Polytechnic University Hung Hom, Kowloon Hong Kong [email protected]

List of Contributors MONGI ABIDI The University of Tennessee Knoxville, TN 37996–2100 USA [email protected] MATHIAS M. ADANKON University of Quebec 1100, Notre-Dame Street West Montreal Canada [email protected] ANDY ADLER Carleton University 1125 Colonel By Drive K1S 5B6 Ottawa, ON Canada [email protected] GAURAV AGGARWAL University of Maryland College Park, MD 20742 USA [email protected] JONATHAN AGRE Fujitsu Laboratories of America 5801 North Sheridan Road, Suite 19A College Park, MD 20740 USA [email protected] THOMAS ALBRECHT Computer Science Department University of Basel Bernoullistrasse 16, 4056 Basel Switzerland [email protected] PETAR S. ALEKSIC Google Inc. 76 9th Avenue New York, NY 10011 USA [email protected] #

2009 Springer ScienceþBusiness Media, LLC

NIGEL M. ALLINSON University of Sheffield Mappin Street Sheffield, S1 3JD UK [email protected] FERNANDO ALONSO-FERNANDEZ Biometric Recognition Group - ATVS Escuela Politecnica Superior Universidad Autonoma de Madrid Campus de Cantoblanco Madrid Spain [email protected] NICK BARTLOW West Virginia University Morgantown, WV 26506 USA [email protected] ALEX BAZIN Fujitsu Services London, W1U 3BW UK [email protected] GEORGE BEBIS University of Nevada Reno, NV 89557 USA [email protected] HERMAN BERGMAN Certified Fingerprint Expert San Francisco, USA [email protected] BIR BHANU Center for Research in Intelligent Systems University of California Riverside, CA 92506 USA [email protected]

xii

List of Contributors

JOSEF BIGUN Halmstad University IDE, SE–30118 Halmstad Sweden [email protected] VANCE BJORN DigitalPersona Inc. 720 Bay Road Redwood City, CA 94063 USA [email protected] JEAN-FRANCOIS, BONASTRE Amtel-France University of Avignon 339 chemin des Meinajarie`s BP1228 Cedex 9, Avignon France [email protected] JEFFREY E. BOYD University of Calgary Calgary, AB T2N 1N4 Canada [email protected]

TAIHEI MUNEMOTO Carnegie Mellon University 5000 Forbes Avenue Pittsburgh, PA 15213-3890 USA DOUGLAS J. BUETTNER The Aerospace Corporation P.O. Box 92957 Los Angeles, CA USA [email protected] ANNE M. BURROWS Duquesne University Pittsburgh, PA 15282 USA [email protected] CHRISTOPH BUSCH Fraunhofer Institute Graphische Datenverarbeitung Fraunhoferstraße 5D-64283 Darmstadt Germany [email protected]

MICHAEL C. BROMBY Glasgow Caledonian University Cowcaddens Road G4 0BA Glasgow UK [email protected]

THOMAS A. BUSEY Psychological and Brain Sciences Program in Cognitive Science Indiana University Bloomington Indiana, IN 47405 USA [email protected]

RANDY P. BROUSSARD United States Naval Academy 121 Blake Rd Annapolis MD 21402-5000 USA [email protected]

JAMES L. CAMBIER Cross Match Technologies 3960 RCA Boulevard Palm Beach Gardens, FL 33410 USA [email protected]

KELVIN BRYANT North Carolina A&T State University 1601 East Market Street Greensboro, North Carolina 27411 USA [email protected]

JOHN W. M. CAMPBELL Bion Biometrics Inc. 8283 Greensboro Drive, H8056 Ottawa, ON Canada [email protected]

List of Contributors

PATRIZIO CAMPISI Applied Electronics Department University of Roma TRE via della Vasca Navale, 84 Rome 00146 Italy [email protected]

GREG CANNON Cross Match Technologies 3960 RCA Boulevard Palm Beach Gardens, FL 33410 USA [email protected]

KAI CAO Institute of Automation Chinese Academy of Sciences 95 Zhingguancun Donglu Beijing 100 190 People’s Republic of China [email protected]

RAFFAELE CAPPELLI Department of Electronics, Informatics and Systems (DEIS) University of Bologna Via Gaspare Finali 56 Cesena Bologna Italy [email protected]

CHRISTOPHE CHAMPOD Institut de Police Scientifique Ecole des Sciences Criminelles Universite´ de Lausanne 1015 Lausanne Switzerland [email protected] RAMA CHELLAPPA University of Maryland College Park, MD 20742-3275 USA [email protected] HONG CHEN Michigan State University East Lansing, MI 48824 USA chenhon2 @cse.msu.edu HUI CHEN Center for Research in Intelligent Systems University of California Riverside, CA 92506 USA [email protected] YI CHEN Michigan State University Apt 2B, 3200 Trappers Cove Trail Lansing, MI 48910 USA [email protected]

CARLOS D. CASTILLO Department of Computer Science University of Maryland College Park, MD 20742 USA [email protected]

MOHAMED CHERIET Department of Automated Manufacturing Engineering E´cole de technologie supe´rieure Montre´al, Que´bec H3C 1K3 Canada [email protected]

ANN CAVOUKIAN Office of the Information and Privacy Commissioner 2 Bloor St. E., Suite 1400 Toronto, ON M4W 1A8 Canada [email protected]

GIRIJA CHETTY National Centre for Biometric Studies University of Canberra ACT 2601 Australia [email protected]

xiii

xiv

List of Contributors

ALEX HWANSOO CHOI Department of Information Engineering Myongji University Seoul 137-060 South Korea [email protected] SEUNGJIN CHOI Department of Computer Science Pohang University of Science and Technology San 31 Hyoja-dong Nam-gu, Pohang 790-784 Korea [email protected] MICHAL CHORAS´ Institute of Telecommunications University of Technology and Life Sciences Bydgoszcz 85-225 Poland [email protected] JEFFREY F. COHN University of Pittsburgh Pittsburgh, PA USA [email protected] RAPHAEL COQUOZ Institut De Police Scientifique Ecole Des Science Criminelles 1015 Laussane Switzerland [email protected] BOJAN CUKIC West Virginia University Morgantown, WV 26506 USA [email protected] ALLISON M. CURRAN Department of Chemistry and Biochemistry International Forensic Research Institute Florida International University Miami, FL 33199 USA [email protected]

QIONGHAI DAI Automation Department Tsinghua University Beijing Pepole’s Republic of China [email protected] SARAT C. DASS Michigan State University East Lansing, MI 48824 USA [email protected] JOHN DAUGMAN University of Cambridge William Gates Building 15 JJ Thomson Avenue Cambridge CB3 0FD UK [email protected] JAMES W. DAVIS The Ohio State University Columbus, OH 43210 USA [email protected] DAVID DAY International Biometric Group New York, NY 100 04 USA [email protected] FARZIN DERAVI University of Kent Canterbury, Kent, CT2 7NZ UK [email protected] LAURA DOCIO-FERNANDEZ University of Vigo 36310 Vigo Spain [email protected] CATHRYN DOWNING University of Cambridge 15 JJ Thomson Avenue Cambridge CB30FD UK [email protected]

List of Contributors

GERRY VERNON DOZIER College of Engineering North Carolina A & T State University 1601 E Market Street Greensboro NC 27411 USA [email protected]

JULIAN FIERREZ Escuela Politecnica Superior Universidad Autonoma de Madrid C/ Fco Tomas y Valiente 11 28049 Madrid Spain [email protected]

ANDRZEJ DRYGAJLO Swiss Federal Institute of Technology Bureau ELE 233 Lausanne CH-101 Switzerland [email protected]

JEAN-CHRISTOPHE FONDEUR Sagem Se´curite´ Le Ponant de Paris - 27 rue Leblanc - 75512, Paris cedex 15 France [email protected]

NICOLAE DUTA Nuance Communications Gold Coast Campus Burlington, MA 01803 USA [email protected] AHMED ELGAMMAL Department of Computer Science Rutgers University 110 Frelinghuysen Road Piscataway, NJ 08854 USA [email protected] STEPHEN J. ELLIOTT Purdue University West Lafayette, IN 47907 USA [email protected] NICHOLAS W. D. EVANS Swansea University Singleton Park, Swansea, SA2 8PP UK and Institut Eure´com 2229 route des cretes Sophia-Antipolis 06 560 France [email protected]

MARC FRIEDMAN Retica Systems Inc. 201 Jones Road, Third Floor West Waltham, MA 02451 USA [email protected]

PASCAL FUA School of Computer and Communication Science Ecole Polytechnique Federale de Lausanne IC-CVLab, Station 14 Lausanne CH-1015 Switzerland [email protected]

KENNETH G. FURTON Department of Chemistry and Biochemistry International Forensic Research Institute Florida International University Miami, FL 33199 USA [email protected]

JIHYEON JANG Inha University 253, Yonghyun-dong Nam-gu Incheon 402-751 Korea [email protected]

xv

xvi

List of Contributors

IOANNIS PATRAS Department of Electronic Engineering Queen Mary University of London Mile End Rood London E1 4NS UK [email protected] WEN GAO Institute of Computing Technology Chinese Academy of Sciences Beijing, People’s Republic of China and Peking University Beijing, People’s Republic of China [email protected] LU GAO CDM Optics, Inc. 4001 Discovery Dr., Suite 130 Boulder, CO 80303 USA [email protected] CARMEN GARCIA-MATEO University of Vigo 36310, Vigo Spain [email protected] SONIA GARCIA-SALICETTI TELECOM SudParis 9 Rue Charles Fourier Evry 91011 France [email protected] XIN GENG Deakin University Melbourne, VIC 3125 Australia xgeng @deakin.edu.au SHAOGANG GONG Queen Mary University of London Mile End Road London E1 4NS UK [email protected]

JAVIER ORTEGA-GARCIA Biometric Recognition Group - ATVS Escuela Politecnica Superior Universidad Autonoma de Madrid Campus de Cantoblanco Madrid 28049 Spain [email protected] JOAQUI´N GONZA´LEZ-RODRI´GUEZ Area de Tratamiento de Voz y Sen˜ales (ATVS) Escuela Polite´cnica Superior Universidad Auto´noma de Madrid Madrid 28049 Spain [email protected] DMITRY O. GORODNICHY Laboratory and Scientific Services Directorate Canada Border Services Agency 79 Bently Ave. Ottawa, ON, K1A OL5 Canada [email protected] JOSEPH VAN DER GRACHT Holospex Inc., Columbia, MD 21044 USA [email protected] PATRICK GROTHER National Institute of Standards and Technology 100 Bureau Drive, MS 8930 Gaithersburg, MD 20899 USA [email protected] LEON GU Carnegie Mellon University Pittsburgh, PA 15217 USA [email protected] DAVID L. GUYTON The Wilmer Ophthalmological Institute The Johns Hopkins University School of Medicine Baltimore, MD 21287-9028 USA [email protected]

List of Contributors

ABDENOUR HADID Machine Vision Group Department of Electrical and Information Engineering University of Oulu P.O. Box 4500 Oulu 90014 Finland [email protected] ONUR C. HAMSICI The Ohio State University 205 Dreese Laboratory 2015 Neil Avenue 43210 Columbus, OH 43210 USA [email protected] SEIICHIRO HANGAI Department of Electrical Engineering Tokyo University of Science 1-3 Kagurazaka, Shinjyuku-ku Tokyo 162-8601 Japan [email protected] MASANORI HARA NEC Corporation 5–7–1 Shiba, Minato-ku Tokyo 108-8001 Japan [email protected] DOMINIQUE, HARRINGTON Tygart Technology Inc. 1543 Fairmont Ave Fairmont, WV 26554 USA [email protected] JEAN HENNEBERT Department of Informatics, University of Fribourg 1700 Fribourg Switzerland [email protected] and Institute of Business Information Systems HES-SO Valais, TechnoArk 3, 3960 Sierre Switzerland [email protected]

OLAF HENNIGER Fraunhofer Institute for Secure Information Technology Rheinstr. 75, 642957 Darmstadt Germany [email protected] JAVIER HERNANDO Technical University of Catalonia Building D5, Campus Nord UPC Jordi Girona 1–3 Barcelona 08034 Spain [email protected] FRED HERR NIST Contractor - Identification Technology Partners Inc. North Potomac, MD 20878 USA [email protected] R. AUSTIN HICKLIN Noblis 3150 Fairview Park Drive Falls Church, VA 22043 USA [email protected] TACHA HICKS Ecole des Sciences Criminelles / Institut de Police Scientifique Universite´ de Lausanne Baˆtiment Batochime Lausanne CH-1015 Switzerland [email protected] PETER T. HIGGINS Higgins, Hermansen, Banikas LLC 2111 Wilson Blvd, Suite 607 Arlington, VA 22201 USA [email protected] MITSUTOSHI HIMAGA Hitachi-Omron Terminal Solutions, Corp. 1-6-3 Osaki, Shinagawa Ward Tokyo 141-8576 Japan [email protected]

xvii

xviii

List of Contributors

TOM HOPPER (retired) Criminal Justice Information Services Division FBI [email protected] NESMA HOUMANI TELECOM SudParis 9 Rue Charles Fourier Evry 91011 France [email protected] WEN-HSING HSU National Tsing Hua University Taiwan People’s Republic of China [email protected] DUNXU HU Department of Computer Science Rutgers University Piscataway, NJ, 08902 USA [email protected] DAVID J. HURLEY School of Electronics and Computer Science University of Southampton SO 17 1BJ UK [email protected] KRISTINA IRSCH The Wilmer Ophthalmological Institute The Johns Hopkins University School of Medicine Baltimore, MD 21287-9028 USA [email protected] DAVID W. JACOBS Department of Computer Science University of Maryland College Park, MD 20742 USA [email protected]

ANIL K. JAIN Department of Computer Science and Engineering Michigan State University 3115, Engineering Building East Lansing, MI 48824 USA [email protected] KUI JIA Shenzhen Institute of Advanced Integration Technology CAS / CUHK Shenzhen People’s Republic of China [email protected] XUDONG JIANG School of Electrical and Electronic Engineering Nanyang Technological University Nanyang Link 639798 Singapore [email protected] ZHONG JIN School of Computer Science and Technology Nanjing University of Science and Technology Nanjing 210094 Peoples Republic of China [email protected] JUERGEN SCHROETER AT&T Labs – Research 180 Park Ave., Room D163 Florham Park, NJ 07932–0971 USA [email protected] IOANNIS A. KAKADIARIS Department of Computer Science Department of Electrical and Computer Engineering and Department of Biomedical Engineering University of Houston MS CSC 3010, 4800 Calhoun Houston, TX 77204-3010 USA [email protected]

List of Contributors

NATHAN KALKA West Virginia University Morgantown WV 26506 USA [email protected]

JONG KYOUNG KIM Department of Computer Science Pohang University of Science and Technology San 31 Hyoja-dong Nam-gu, Pohang 790-784 Korea [email protected]

TAKEO KANADE Robotics Institute Carnegie Mellon University 5000 Forbes Avenue Pittsburgh, PA 15217 USA [email protected]

KYE-HYEON KIM Department of Computer Science Pohang University of Science and Technology San 31 Hyoja-dong Nam-gu, Pohang 790-784 Korea [email protected]

VIVEK KANHANGAD Hong Kong Polytechnic University Hung Hom, Kowloon Hong Kong [email protected]

NAOHISA KOMATSU Waseda University Shinjuku-ku, Tokyo 169–8555 Japan [email protected]

MARK KECK The Ohio State University Columbus, OH 43210 USA [email protected]

ERIC P. KUKULA Purdue University Knoy Hall of Technology, Room 377D 401 N. Grant Street West Lafayette, IN 47906–2021 USA [email protected]

ROBERT B. KENNEDY (RETIRED) Royal Canadian Mounted Police Ottawa, ON K1A OR2 Canada [email protected]

AJAY KUMAR Department of Computing The Hong Kong Polytechnic University Hung Hom Hong Kong [email protected]

LAUREN R. KENNELL The John Hopkins University Applied Physics Laboratory Mail Stop 24-W211 11100 John Hopkins Rd. Laurel, MD 20723-6099 USA [email protected] HALE KIM Inha University Incheon, 402–751 Korea [email protected]

J. H. LAI Department of Mathematics Sun Yat-sen University P.O. Box 4500 Guangzhou 510275 People’s Republic of China [email protected] KIN-MAN LAM Department of Electronic and Information Engineering The Hong Kong Polytechnic University Hong Kong People’s Republic of China [email protected]

xix

xx

List of Contributors

JOHN LARMOUTH University of Salford Salford, Greater Manchester UK [email protected] PETER K. LARSEN Laboratory of Biological Anthropology Institute of Forensic Medicine University of Copenhagen DK–2200 Copenhagen Denmark [email protected] RICHARD T. LAZARICK CSC Identity Labs Fairmont, WV 26554 USA [email protected] VICTOR LEE International Biometric Group One Battery Park Plaza New York, NY 10004 USA [email protected] GRAHAM LEEDHAM School of Information and Communication Technology Griffith University Gold Coast Campus Queensland 4222 Australia [email protected] ZHEN LEI Centre for Biometrics and Security Research & National Laboratory of Pattern Recognition Institute of Automation Chinese Academy of Sciences Beijing People’s Republic of China [email protected] YUNG-HUI LI Language Technology Institute Carnegie Mellon University Pittsburgh, PA 15213 USA [email protected]

STAN Z. LI Centre for Biometrics and Security Research Chinese Academy of Sciences 95 Zhongguancun Donglu Beijing People’s Republic China [email protected] PENG LI Institute of Automation Chinese Academy of Sciences 95 Zhongguancun Donglu Beijing 100190 China [email protected] JIANJIE LI Institute of Automation Chinese Academy of Sciences 95 Zhongguancun Donglu Beijing 100190 China [email protected] ZHOUCHEN LIN Microsoft Research Asia Beijing People’s Republic of China [email protected] JAMES J. LITTLE University of British Columbia Vancouver, BC V6T 1Z4 Canada [email protected] LAURA L. LIU Biometrics Research Centre The Hong Kong Polytechnic University Kowloon Hong Kong [email protected] ZONGYI LIU Amazon.com Seattle, WA 98104 USA [email protected]

List of Contributors

MARCEL LUTHI University of Basel Bernoullistrasse 16, 4056 Basel Switzerland [email protected] GUANGMING LU School of Computer Science and Technology Shenzhen Graduate School Harbin Institute of Technology Shenzhen People’s Republic of China [email protected] NIELS LYNNERUP Laboratory of Biological Anthropology Institute of Forensic Medicine University of Copenhagen Copenhagen DK-2200 Denmark [email protected] EMANUELE MAIORANA University of Roma TRE via della Vasca Navale, 84 Rome 00146 Italy [email protected] SOTIRIS MALASSIOTIS Informatics and Telematics Institute Center for Research and Technology Hellas Thermi-Panorama Road Thermi-Thessaloniki, 57001 Greece [email protected] DAVIDE MALTONI Department of Electronics, Informatics and Systems (DEIS) University of Bologna Viale Risorgimento 2 Bologna, Cesena Italy [email protected] JUDITH MARKOWITZ J. Markowitz, Consultants 5801 North Sheridan Road

Suite 19A Chicago, IL 60660 USA [email protected] ALVIN F. MARTIN National Institute of Standards and Technology 100 Bureau Drive, Stop 8940 Gaithersburg, MD 20899-8940 USA [email protected] ALEIX M. MARTINEZ Department of Electrical and Computer Engineering The Ohio State University 2015 Neil Avenue Columbus, OH 43210 USA [email protected] MARCOS MARTINEZ-DIAZ Biometric Recognition Group - ATVS Escuela Politecnica Superior Universidad Autonoma de Madrid Campus de Cantoblanco Madrid 28049 Spain [email protected] JOHN S. D. MASON Swansea University Singleton Park Swansea, SA2 8PP UK [email protected] JAMES R. MATEY Electrical and Computer Engineering Department Maury Hall, MS 14B Annapolis, MD 21402 USA [email protected] DRISS MATROUF University of Avignon LIA - BP1228, 339 Ch. des Meinajari‘es Avignon 84911 France [email protected]

xxi

xxii

List of Contributors

TAKASHI MATSUMOTO Waseda University Shinjuku-ku Tokyo 169–8555 Japan [email protected] RENE MCIVER 389 Keewatin Avenue Toronto, ON M4P 2A4 Canada [email protected] GERARD G. MEDIONI Department of Computer Science University of Southern California Los Angeles, CA USA [email protected] DIDIER MEUWLY Nederlands Forensisch Instituut PO Box 6109 The Hague Netherlands [email protected] KRYSTIAN MIKOLAJCZYK Faculty of Engineering & Physical Sciences University of Surrey 3115 Engineering Building Guildford UK [email protected] FENG MIN Institute for Pattern Recognition and Artificial Intelligence Huazhong University of Science and Technology 1037 Luoyu Road, Wuhan People’s Republic of China and Lotus Hill Institute for Computer Vision and Information Science People’s Republic of China [email protected]

PHILIPPOS MORDOHAI University of Pennsylvania Philadelphia, PA 19146 USA [email protected]

KEN MOSES Forensic Identification Services 130 Hernandez Avenue San Francisco, CA 94127 USA [email protected]

CRYSTAL MUANG Department of Computer Science Rutgers University Piscataway, NJ 08902 USA

ROBERT MUELLER Giesecke & Devrient GmbH Prinzregentenstr. 159 Muenchen 81677 Germany [email protected]

TANVIR SINGH MUNDRA Biometrics Research Laboratory Department of Electrical Engineering Indian Institute of Technology New Delhi India [email protected]

MANABU NAKANO Information-technology Promotion Agency (IPA) Bunkyo-ku Japan Tokyo 113–6591 [email protected] KARTHIK NANDAKUMAR Institute for Infocomm Research, A*STAR Fusionopolis Singapore [email protected]

List of Contributors

RAMKUMAR NARAYANSWAMY Omni Vision CDM Optics, Inc. 4001 Discovery Dr. Boulder CO 80303 USA [email protected] ALESSANDRO NERI University of Roma TRE via della Vasca Navale, 84 Rome 00146 Italy [email protected] MARK S. NIXON School of Electronics and Computer Science University of Southampton SO17 1BJ UK [email protected] JAVIER ORTEGA-GARCIA Biometric Recognition Group - ATVS, Escuela Politecnica Superior Universidad Autonoma de Madrid Madrid Spain [email protected] LISA OSADCIW Department of Electrical Engineering and Computer Science Syracuse University Syracuse, NY USA [email protected]

PANKANTI SHARAT IBM T.J. Watson Research Center Hawthorne, NY 10532 USA [email protected] MAJA PANTIC Imperial College London Department of Computing London SW7 2AZ UK [email protected] SUNG W. PARK Carnegie Mellon University Pittsburgh, PA 15213 USA [email protected] GEPPY PARZIALE iNVASIVE CODE Avda Passapera 17-H310 Lloretde Mar (GI) Barcelona, Spain [email protected] GEORGIOS PASSALIS University of Houston Houston, TX 77204 USA [email protected] V. PAU´L PAUCA Department of Computer Science Wake Forest University 4001 Discovery Dr. Suite 130 Winston-Salem, NC USA [email protected]

HISAO OGATA Hitachi-Omron Terminal Solutions Corp. Owari-asahi City Aichi 488-8501 Japan [email protected]

NIKOLA PAVESIC Faculty of Electrical Engineering University of Ljubljana Trzaska 25 SI-1000 Ljubljana Slovenia [email protected]

CHEN TAI PANG Institute for Infocomm Research, A*STAR 21 Heng Mui Keng Terrace, 119613 Singapore Singapore [email protected]

MARIA PAVLOU Department of Electronic and Electrical Engineering University of Sheffield Mappin Street, Sheffield UK [email protected]

xxiii

xxiv

List of Contributors

XIAOMING PENG College of Automation University of Electronic Science and Technology of China Chengdu, Sichuan Province People’s Republic of China [email protected]

TAKIS PERAKIS Department of Electrical and Computer Engineering and Department of Biomedical Engineering University of Houston Houston, TX 77204 USA [email protected] MATTI PIETIKA¨INEN Department of Electrical and Information Engineering University of Oulu Oulu Finland [email protected]

PRABHAKAR S. Algorithms Research Group DigitalPersona Redwood City, CA 94063 USA [email protected] RYAN RAKVIC Department of Electrical Engineering United States Naval Academy 105 Maryland Avenue Annapolis, MD USA [email protected] NARAYANAN RAMANATHAN University of Maryland College Park, MD 20742 USA [email protected] DANIEL RAMOS ATVS Universidad Auto´noma de Madrid Ciudad Universitaria de Cantoblanco Madrid Spain [email protected]

FERNANDO PODIO Security Technology Group, Computer Security Division National Institute of Standards and Technology 12208 Pueblo Road Gaithersburg, MD USA [email protected]

MAREK REJMAN-GREENE Biometrics Centre of Expertise Home Office Scientific Research Branch St Albans, Hertfordshire AL4 9HQ UK [email protected]

NORMAN POH CVSSP, FEPS University of Surrey Guilford Surrey, GU2 7XH UK [email protected]

DOUGLAS REYNOLDS Information Systems Technology Group Massachusetts Institute of Technology 244 Wood Street Lexington, MA USA [email protected]

FRANK POLLICK Department of Psychology University of Glasgow 58 Hillhead Street Glasgow UK [email protected]

DAMON L. WOODARD School of Computing Clemson University Clemson, SC 29634-0974 USA [email protected]

List of Contributors

KARL RICANEK Department of Computer Science University of North Carolina at Wilmington Wilmington, North Carolina USA [email protected]

RAUL SANCHEZ-REILLO Electronics Technology University Carlos III of Madrid Avda. Universidad, 3028911 Leganes, Madrid Spain [email protected]

RUBEN VERA RODRIGUEZ Swansea University Singleton Park, Swansea, SA2 8PP UK [email protected]

ASWIN SANKARANARAYANAN Center for Automation Research Department of Electrical and Computer Engineering University of Maryland College Park, MD 20742 USA [email protected]

FABIO ROLI Department of Electrical and Electronic Engineering University of Cagliari Pizza d’Armi, I 09123 Cagliari Italy [email protected] ARUN ROSS Lane Department of Computer Science and Electrical Engineering West Virginia University Morgantown, 26506 WV USA [email protected] BESMA ROUI-ABIDI The University of Tennessee Knoxville, TN 37996–2100 USA [email protected]

SUDEEP SARKAR Computer Science and Engineering University of South Florida Tampa, FL USA [email protected] MARIOS SAVVIDES Electrical and Computer Engineering Carnegie Mellon University 737 Engineering Sciences Building Pittsburgh, PA 15213-3890 USA [email protected] NATALIA A. SCHMID West Virginia University Morgantown, WV 26506 USA [email protected]

AMIT K. ROY-CHOWDHURY Department of Electrical Engineering University of California Riverside, CA USA [email protected]

BETHANY SCHNEIDER Psychology Department Indiana University P.O. Box 530 Bloomington, IN 47405 USA [email protected]

ANTHONY RUSSO Atrua Technologies, Inc. 1696 Dell Avenue Campbell, CA 95008 USA [email protected]

ADEE A. SCHOON Animal Behavior Group Leiden University P.O. Box 9516, 2300RA Leiden The Netherlands [email protected]

xxv

xxvi

List of Contributors

MICHAEL SCHUCKERS Department of Mathematics, Computer Science and Statistics St. Lawrence University 401 N. Grant Street Canton, NY USA [email protected] STEPHANIE SCHUCKERS Department of Electrical and Computer Engineering Clarkson University PO Box 5720 Potsdam, NY USA [email protected] DALE SETLAK AuthenTec, Inc. PO Box 6109 Melbourne, FL USA [email protected] YOICHI SETO Laboratory 162-a Advanced Institute of Industrial Technology Kita 14, Nishi 9, Kita-ku Tokyo Japan [email protected] SHIGUANG SHAN Institute of Computing Technology Chinese Academy of Sciences Beijing People’s Republic of China [email protected] VINAY SHAMA The Ohio State University Columbus, OH 43210 USA [email protected] KOICHI SHIMIZU Bioengineering and Bioinformatics Graduate School of Information S&T

Hokkaido University Kita 14, Nishi 9, Kita-ku Sapporo 060-0814 Japan [email protected] PAULO E. X. SILVEIRA CDM Optics, Inc. 4001 Discovery Dr. Suite 130 Boulder, CO 80303 USA [email protected] TERENCE SIM School of Computing National University of Singapore East Road 95#, Haidian Dist., Zhongguancun Singapore [email protected] RICHA SINGH West Virginia University Morgantown, WV 26506 USA [email protected] KELLY SMITH West Virginia University Morgantown, WV 26506 USA [email protected] KATE SMITH-MILES Deakin University Melbourne, VIC 3125 Australia [email protected] JUNG SOH Sun Center of Excellence for Visual Genomics University of Calgary Calgary, Alberta Canada [email protected] COLIN SOUTAR 273, Broadway Avenue Toronto, ON M4P 1W1 Canada [email protected]

List of Contributors

PHILIP STATHAM Biometrics Consultant 1 Blueberry Road Charlton Kings Cheltenham UK [email protected] ALEX STOIANOV Office of the Information and Privacy Commissioner 2 Bloor St. E., Suite 1400 Toronto, ON M4W 1A8 Canada [email protected] JINLI SUO Lotus Hill Institute for Computer Vision and Information Science City of Ezhou, Hubei Province Public Republic of China [email protected] MATTHEW SWAYZE Daon, Inc. 11955 Freedom Dr., Suite 16000 Reston, VA USA [email protected] ELHAM TABASSI Information Access Division National Institute of Standards and Technology 100 Bureau Drive Stop 1020 Gaithersburg, MD USA [email protected] SAMIR TAMER Ingersoll Rand Recognition Systems Inc. 1520 Dell Avenue Campbell, CA USA [email protected] XUNQIANG TAO Centre for Biometrics and Security Research The key Laboratory of Complex System and Intelligence Science Chinese Academy of Sciences Institute of Automation 95 Zhingguancun Denglu, Beijing 100190

People’s Republic of China [email protected] CHIN-HUNG TENG Yuan Ze University Taiwan People’s Republic of China [email protected] ANDREW BENG JIN TEOH Biometrics Engineering Research Center (BERC) School of Electrical and Electronic Engineering Yonsei University Seoul South Korea [email protected] THEOHARIS THEOHARIS Department of Computer Science Department of Electrical and Computer Engineering and Department of Biomedical Engineering, University of Houston Houston, TX 77204 USA [email protected] MICHAEL THIEME International Biometric Group New York, NY 10004 USA [email protected] JASON THORNTON Electrical & Computer Engineering Carnegie Mellon University 19 William Road Pittsburgh, PA 15213 USA [email protected] JIE TIAN Center for Biometrics and Security Research Science Chinese Academy of Sciences Institute of Automation, 95 Zhingguancun Donglu Beijing 100190 People’s Republic of China [email protected]

xxvii

xxviii

List of Contributors

CATHERINE J. TILTON Daon, Inc. 11955 Freedom Drive, Suite 16000 Reston, VA USA [email protected] MASSIMO TISTARELLI Computer Vision Laboratory, Facolta` di Architettura di Alghero, Dipartimento di Universita` di Sassari palazzo del Pou Salit - Piazza Duomo 6 Alghero (SS) Italia [email protected] GEORGE TODERICI Department of Computer Science Department of ECE and Department of Biomedical Engineering University of Houston Houston, TX 77204 USA [email protected] DOROTEO T. TOLEDANO Universidad Autonoma de Madrid (UAM) Ciudad Universitaria de Cantoblanco Madrid Spain [email protected] TED TOMONAGA Konica Minolta Technology Center, Inc. Tokyo 191–8511 Japan [email protected] TODD C. TORGERSEN Wake Forest University Winston-Salem, NC 27109 USA [email protected] YASUNARI TOSA Retica Systems, Inc. Waltham, MA 02451 USA [email protected]

BORI TOTH Deloitte & Touche LLP London, EC4A ATR UK [email protected] ALESSANDRO TRIGLIA OSS Nokalva, Inc. 22 Baker St Somerset, NJ 08873 USA [email protected] RYAN TRIPLETT Biometric Services International, LLC A National Biometric Security Project Company 150 Clay Street, Suite. 350 Morgantown, WV USA [email protected] VITOMIR SˇTRUC Faculty of Electrical Engineering University of Ljubljana, Trzˇasˇka 25 SI–1000, Ljubljana Slovenia [email protected] TINNE TUYTELAARS Department of Electrical Engineering Katholieke Universiteit Leuven Kasteelpark Arenberg 10 B–3001 Leuven Belgium [email protected] AMBRISH TYAGI The Ohio State University Columbus, OH 43210 USA [email protected] KAORU UCHIDA Mobile Terminals Technologies Division NEC Corporation 211 Valentine Hall Kawasaki Japan [email protected]

List of Contributors

DAVID USHER Retica Systems Inc. 201 Jones Road Third Floor West Waltham MA 02451 USA [email protected] MAYANK VATSA West Virginia University Morgantown, WV 26506 USA [email protected] KALYAN VEERAMACHANENI Syracuse University Syracuse, NY 13244 USA [email protected] ASHOK VEERARAGHAVAN University of Maryland College Park, MD 20742 USA [email protected] THOMAS VETTER Departement Informatik Universitaet Basel Bernoullistr. 16 Basel, 4056 Switzerland [email protected] B. V. K. VIJAYA KUMAR Department of Electrical and Computer Engineering Carnegie Mellon University Pittsburgh, PA 15213 USA [email protected] MICHAEL WAGNER School of Information Sciences University of Canberra, ACT, 2601 Australia michael.wagner @canberra.edu.au LIANG WAN Department of Electronic Engineering City University of Hong Kong Kowloon

Hong Kong [email protected] MASAKI WATANABE Fujitsu Laboratories Ltd. 1–10–40 Higashi-oi Shinagawa-ku Kawasaki Japan [email protected] JAMES L. WAYMAN College of Engineering San Jose State University San Jose, CA 95192-0205 USA [email protected] LIOR WOLF The Blavatnik School of Computer Science Tel-Aviv Ramat Aviv, Tel Aviv 69978 Israel [email protected] DAMON L. WOODARD School of Computing Clemson University Clemson, SC USA [email protected] XUDONG XIE Automation Department Tsinghua University Beijing People’s Republic of China [email protected] YILEI XU Department of Electrical Engineering University of California Riverside, CA USA [email protected] ASAHIKO YAMADA Toshiba Solutions Corporation 9 Belland Drive Tokyo Japan [email protected]

xxix

xxx

List of Contributors

BRIAN A. YAMASHITA Forensic Identification Operations Support Services National Services and Research Royal Canadian Mounted Police Ottawa, ON Canada [email protected] CHEW-YEAN YAM University of Southampton Southampton, SO17 1BJ UK [email protected] WEILONG YANG Center for Biometrics and Security Research & National Laboratory of Pattern Recognition Institute of Automation Chinese Academy of Sciences Beijing People’s Republic of China [email protected] JIAN YANG School of Computer Science and Technology Nanjing University of Science and Technology Nanjing People’s Republic of China [email protected] JINGYU YANG School of Computer Science and Technology Nanjing University of Science and Technology Nanjing, 210094 People’s Republic of China [email protected] XIN YANG Center for Biometrics and Security Research Chinese Academy of Sciences Institute of Automation 95 Zhingguancun Donglu Beijing 100190 People’s Republic of China [email protected] MING-HSUAN YANG Honda Research Institute 800 California Street

Mountain View, CA USA [email protected] WEI-YUN YAU Institute for Infocomm Research Agency for Science, Technology & Research Singapore 119613 Singapore [email protected] DONG YI Biometrics and Security Research & National Laboratory of Pattern Recognition Institute of Automation Chinese Academy of Sciences Beijing People’s Republic of China [email protected] ISAO YOSHIMURA Tokyo University of Science Shinjuku-ku, Tokyo 162–8501 Japan [email protected] MITSU YOSHIMURA Ritsumeikan University Sakyo-ku, Kyoto 603–8577 Japan [email protected] PONG C. YUEN Hong Kong Baptist University Kowloon Tong Hong Kong [email protected] ARIE ZEELENBERG Fingerprint Department National Police Force, Natuursteenlaan 73 27 19TB Zoetermeer The Netherlands [email protected] DAVID ZHANG Department of Computing The Hong Kong Polytechnic University Hung Hom, Kowloon Hong Kong [email protected]

List of Contributors

YANGYANG ZHANG Center for Biometrics and Security Research & The Key Laboratory of Complex System and Intelligence Science, Chinese Academy of Sciences Institute of Automation 95 Zhingguancun Donglu, Beijing 100190 People’s Republic of China [email protected] GREGORY ZEKTSER U.S. Department of Defence Biometrics Task Force, 8283 Greensboro Drive, H8056 McLean, VA 22102 USA [email protected] WEI-SHI ZHENG Sun Yat-sen University Guangzhou, 510275 People’s Republic of China [email protected] SUJING ZHOU Center for Biometrics and Security Research & The Key Laboratory of Complex System and Intelligence Science, Chinese Academy of Sciences Institute of Automation 95 Zhingguancun Donglu, Beijing 100190 People’s Republic of China [email protected] MINGQUAN ZHOU Institute of Information Science and Technology Beijing Normal University #19 Xinjiekouwai Street, Beijing People’s Republic of China [email protected]

S. KEVIN ZHAO Siemens Corporate Research, Princeton, NJ 08540 USA [email protected] ZHI-HUA ZHOU National Key Laboratory for Novel Software Technology Nanjing University Nanjing 210093 People’s Republic of China [email protected] SONG-CHUN ZHU Lotus Hill Institute for Computer Vision and Information Science People’s Republic of China and Department of Statistics and Department of Computer Science University of California Los Angeles, CA USA [email protected] ZHU YENGFANG Discover Financial Services Riverwoods, IL 60015 USA [email protected] JASENKO ZIVANOV University of Basel 4056 Basel Switzerland [email protected]

xxxi

A Abstract Syntax Notation One A notation commonly used to define abstract syntax and semantics of the data structures (formats), to convey messages in computer communication (similar to XSD, but using a simpler syntax and allowing binary as well as XML encodings of the data). The definitions are independent of any programming language, but it is common for tools to map them into specific programming languages such as C, C++ and Java, and to provide run-time modules that will allow values of those data structures to be encoded in a standardized form and sent to other computer systems. Once defined at the abstract level, ASN.1 messages can be conveyed (through standards and tool support) into a variety of encodings, including very compact binary encodings and human-readable XML encodings. ▶ Biometric Technical Interface, Standardization

ACBio instance An ACBio instance is a data structure generated by a Biometric Processing Unit (BPU) and contains data that can be used by an external ‘‘validator’’ process of a biometric verification process to authenticate the BPU and its functional transaction data and other information. The validating data is typically in the form of digitally signed certificates that authenticate the BPU entity and, where appropriate, security relevant aspects of its performance. Examples include: authentication of stored biometric references (templates) used for verification, and certification of the performance capabilities of the biometric technology used in the recognition process. The ACBio instance is digitally signed and bound to #

2009 Springer Science+Business Media, LLC

the functional transaction data from the BPU. The digitally signed certificates are provided by a trusted 3rd party organisation through an evaluation and certification procedure that is not defined by the ACBio standard. A BPU is a functional component of a biometric transaction system that operates at a uniform security level. It contains one or more subprocesses, the last of which generates the ACBio instance for the BPU and outputs it together with the functional transaction data from the BPU. The ACBio instance can be used by a subsequent ‘‘validator’’ process of a biometric verification process to authenticate the BPU and its functional transaction data and other information. ▶ Biometric Security, Standardization

Acceleration Acceleration of pen-movement during the signing process. This feature is used for on-line signature verification. There are two ways to obtain the acceleration feature. One way is to measure the pen acceleration directly with accelerometers integrated into the pen. The other way is to compute the acceleration from other measurements, for example, from the second-order derivative of the pen position signal with respect to time. ▶ Signature Recognition

Access Control ▶ Access Control, Logical ▶ Access Control, Physical

2

A

Access Control, Logical

Access Control, Logical VANCE B JORN DigitalPersona Inc., Redwood City, CA, USA

Synonym Logon, Password management

Definition Logical access control is the means and procedures to protect access to information on PCs, networks, and mobile phones. A variety of credential types may be used, such as passwords, tokens, or biometrics, to authenticate the user. These credentials may represent something the user knows (password), something the user has (token), or a physical trait of the user (biometrics). A logical access control system will implement a method to enroll and associate credentials with the user, and then to request that one or more of the user’s credentials be authenticated for access to the resource (application, network, device, or operating system). The logical access control system may also log all access attempts for use in auditing who and when someone accessed a specific resource.

Introduction The key used to open almost any door in the digital realm has traditionally been the password. This was the natural consequence of the fact that somewhere someone manipulated data, from a desktop personal computer (PC) and to prevent this, using passwords began. Furthermore, from a theoretical standpoint, a password can offer extremely strong security since the only place a password needs to be stored is in the user’s mind. In practice however, the mind is a terrible place to store complex secrets; people cannot easily remember complex passwords so they write them down or reveal them to others, and most people end up using the same password everywhere. Exploiting the human factors which affect security is increasingly the quickest path for hackers to break into computer systems. In addition, there are many automated points of attacks on password-based security systems. For instance, a user’s password can be compromised via insertion of a

hardware or software-based keylogger to trap the keystrokes as they are being entered. And, as computers gain speed, it has become easy to reverse a cryptographic hash, or any other cryptographic representation of a password stored in the computer, even if the password is very complex. End users do not want to be encumbered with complexities and inconveniences that slow them down while doing their job. On the other hand, businesses increasingly find out that they must implement strong authentication to satisfy industry and government auditors. It is fairly straightforward for a system administrator to patch a piece of software or install a firewall, but it is not trivial to tackle the human factors of security. A secure password policy, such as requiring users to change their passwords every month enforces complexity in construction but in reality makes it more likely that users will find ways to simplify and recall, such as by writing their passwords down on a note under their keyboard. Information technology support costs also go up as more people forget their passwords and need to call the helpdesk. In the end, since passwords are chosen not by the system administrator in a corporation, but by the end users, the system administrator must rely on each user to follow the policy. This typically becomes the weakest link in network security. Other methods, such as tokens and smartcards, succumb to the same challenge – it remains the end user who bears the responsibility of maintaining the security of the credential. The need to move away from password-based systems can be summarized as follows: 

Weak passwords are easy to crack. Most people set their passwords to words or digits they can easily remember, for example, names and birthdays of family members, favorite movie or music stars, and dictionary words. In 2001, a survey of 1,200 British office workers conducted by CentralNic found that almost half chose their own name, a pet’s name, or a family member’s name as a password. Others based their passwords on celebrity or movie character names, such as ‘‘Darth Vader’’ and ‘‘Homer Simpson’’. Such passwords are easy to crack by guessing or by simple brute force dictionary attacks. Although it is possible, and even advisable, to keep different passwords for different applications and to change them frequently, most people use the same password across different

Access Control, Logical

applications and never change it. Compromising a single password can thus cause a break in security in many applications. For example, a hacker might create a bogus Web site enticing users with freebies if they register with a login name and password. The hacker could then have a good chance of success in using the same login name and password to attack the users’ corporate accounts.  Strong passwords are difficult to remember. In an effort to address weak passwords, business often enforce policies to make passwords strong, for example, a business may require that a password is at least 8 characters long, contains at least one digit and one special character, and must be changed every couple of weeks. Such policies backfire. Certainly, longer complex random passwords are more secure, but they are so much harder to remember, which prompts users to write them down in accessible locations such as Post-It notes hidden under the keyboard, an unprotected electronic file on their computer, or other electronic devices such as cellular phones or personal digital assistants (PDAs), creating a security vulnerability. Else, people forget their passwords, which create a financial nightmare to businesses as they have to employ helpdesk support staff to reset forgotten or expired passwords. Cryptographic techniques can provide very long passwords (encryption keys) that the users need not remember; however, these are in turn protected by simple passwords, which defeat their pu