Vulnerability Assessment of Multi Biometric Systems

The objective of this study was to provide vulnerability analysis for multi biometric systems and their performance against the known attacks. The report helps in identifying and analyzing risks that may have detrimental outcomes on the security provided by multi biometric systems. The risk assessment process was based on the standards of Risk Management (ISO 31000). Investigation of various research papers, experiments and whitepapers on risk analysis of biometric systems provided major insights in determining the overall risk associated with biometric systems in general, and the performance and security gains obtained from implementing multi biometric systems, in particular. Multi biometric systems provide performance gains in terms of increased reliability, accuracy and security. These gains come at the cost of increased constraints on operating environments, cost of operation, comparatively high computational costs (as compared to unimodal systems) and user convenience and these need to be taken into consideration while developing the systems. The report provides an introduction to the various biometric modalities and fusion rules available for the system designers, which can be implemented in order to obtain best performance in terms of reliability and accuracy for that particular implementation scenario. The functional, operational and technical requirements of the proposed biometric systems can be used for assessment of whether the intended security level can be obtained by implementing multiple sensors or comparing the signals from various samples; if additional computational power can be used by implementing multiple algorithms to obtain a reliable decision or to implement multiple modalities in order to make the system more robust. After further analysis of the risks and detailed study of previously carried research, it was concluded that more rigid, robust controls and better fusion rules were required to increase the security of the system. Various interoperability standards and testing frameworks for multi biometric systems need to be developed to make the process of integration of various systems more streamlined and to help remove the vulnerabilities present in loosely coupled biometric systems. As the technology changes rapidly and new techniques keep emerging to subvert the biometric systems, effort should be made, on the part of system designers and system developers, to keep an eye for emerging vulnerabilities along with keeping a check on existing ones in order to develop more secure and robust biometric authentication systems in the future. Table of