Authentication gets personal with biometrics - Signal Processing Magazine, IEEE

Halmstad University Post-Print

Authentication gets personal with biometrics

Javier Ortega-Garcia, Josef Bigun, Douglas Reynolds, and Joaquin Gonzalez-Rodriguez

N.B.: When citing this work, cite the original article.

©2004 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE. Ortega-Garcia J, Bigun J, Reynolds D, Gonzalez-Rodriguez J. Authentication gets personal with biometrics. IEEE, The Institute of Electrical and Electronics Engineers; IEEE signal processing magazine (Print). 2004;21(2):50-62. DOI: http://dx.doi.org/10.1109/MSP.2004.1276113 Copyright: IEEE Post-Print available at: Halmstad University DiVA http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-236

Increasing security in DRM systems through biometric authentication.

IEEE SIGNAL PROCESSING MAGAZINE50 MARCH 2004

ecuring the exchangeof intellectual propertyand providing protectionto multimedia contents in

distribution systems have enabled theadvent of digital rights management(DRM) systems [5], [14], [21], [47],[51], [53]. Rights holders should be able tolicense, monitor, and track the usage of rightsin a dynamic digital trading environment, espe-cially in the near future when universal multimediaaccess (UMA) becomes a reality, and any multimediacontent will be available anytime, anywhere. In suchDRM systems, encryption algorithms, access control,key management strategies, identification and tracingof contents, or copy control will play a prominent roleto supervise and restrict access to multimedia data,avoiding unauthorized or fraudulent operations.

A key component of any DRM system, also knownas intellectual property management and protection(IPMP) systems in the MPEG-21 framework, is user

authentication to ensure thatonly those with specific rights are

able to access the digital informa-tion. It is here that biometrics can

play an essential role, reinforcing securi-ty at all stages where customer authentica-

tion is needed. The ubiquity of users anddevices, where the same user might want to

access to multimedia contents from differentenvironments (home, car, work, jogging, etc.) and

also from different devices or media (CD, DVD,home computer, laptop, PDA, 2G/3G mobile phones,game consoles, etc.) strengthens the need for reliableand universal authentication of users.

Classical user authentication systems have beenbased in something that you have (like a key, an identi-fication card, etc.) and/or something that you know(like a password, or a PIN). With biometrics, a newuser authentication paradigm is added: something thatyou are (e.g., fingerprints or face) or something thatyou do or produce (e.g., handwritten signature or

Javier Ortega-Garcia, Josef Bigun, Douglas Reynolds,and Joaquin Gonzalez-Rodriguez

S

1053-5888/04/$20.00©2004IEEE

LOG

O C

OM

PO

SIT

E:©

1995

PH

OTO

DIS

C, I

NC

., ©

DIG

TIA

L S

TOC

K, ©

CO

RE

L

voice). Biometric recognition, as a means of personalauthentication, is an emerging signal processing areafocused on increasing security and convenience of usein applications where users need to be securely identi-fied. Biometric characteristics are inherently associatedwith a particular individual, making them insusceptibleto being forgotten or lost.

There are many different biometric traits that can beused, each with various benefits and drawbacks,depending on the application scenarios and requiredaccuracy. In this article, we outline the state-of-the-artof several popular biometric modalities and technolo-gies and provide specific applications where biometricrecognition may be beneficially incorporated. In addi-tion, we discuss integration strategies of biometricauthentication technologies into DRM systems so thatthe whole process meets the needs and requirements ofconsumers, content providers, and payment brokers,securing delivery channels and contents.

Personal AuthenticationThrough BiometricsThe process of automatically associating an identitywith an individual by means of some inherent personalcharacteristic is called biometric recognition [15], [31],[39], [52]. Traditionally, person authentication hasbeen accomplished by associating to the person’s iden-tity something that he/she possesses (e.g., a key, acard, etc.) or knows (e.g., a password, a PIN).Biometric recognition adds a new dimension by associ-ating a person’s identity with something that he/she is(or produces). Something that a person is indicates aphysiological characteristic inherently associated withthe person, while something that a person producesindicates a trained act or skill that the person uncon-sciously does as a behavioral pattern.

Although there are several technologically maturephysiological modalities, like fingerprint, iris, face,hand/finger(s) geometry, or palmprint recognition,other modalities are also described in the literature, suchas retina or ear analysis, body (parts) thermograminspection, vein structure (of the wrist), face/hand sweatpores, or objective odor measures. Regarding behavioralmodalities, voice, handwriting, signature, and key-stroking are the focus of most major research efforts,though modalities like gait recognition are also gaininginterest. Despite its tremendous importance in modernforensic investigation, DNA-based authentication is notyet considered to be an automated means of authentica-tion, since it requires manual intervention and is cur-rently far from producing (near) real-time results.

Beyond sheer accuracy, there are many other factorsto consider when examining a biometric solution for anapplication [15], [52], such as vulnerability to fraud,the degree of distinctiveness or uniqueness of the bio-metric, the intrinsic short- and long-term variabilityassociated with the biometric, the intrusiveness of thesystem to collect the biometric sample (and the

required user cooperativeness), the ease of user enroll-ment/recognition, and the long-term support required(database management, re-enrollment, template updat-ing). Moreover, biometric authentication cannot beconsidered as producing error-free verification deci-sions under any application condition, making multilay-ered security a general condition for most applications.The need for increasing security, convenience, andaccountability through biometrics has concentrated agreat deal of research activities on these practical issues,which will be presented in this article.

Characterization of Biometric SystemsBiometric recognition is a generic term that encompass-es the two main modes in which biometric systems oper-ate: Biometric identification is the task of associating atest biometric sample with one of N patterns or modelsthat are available from a set of known or registered indi-viduals. It is also known as the one-to-many (specifically,one-to-N ) task, and the output of this operation modeis normally a sorted list of candidate models, based ontheir degree of match with respect to the test sample.Biometric verification is the task of authenticating that atest biometric sample matches the pattern or model of aspecific user. It is also known as the one-to-one problem,and the output is a binary decision (accept or reject),that is usually based on comparison of the match scorebetween the test sample and the claimed user’s model orpattern to a decision threshold.

Most biometric systems in commercial applicationsoperate under the verification mode, as one-to-onematching is the main task facing security concerns (isthe user who he/she claims to be?). Identificationmode is mainly used for database searches, such as incriminal fingerprint matches, or for a small-scale usergroup (N on the order of 5–10) searches. All biometricsystems operate in two separate stages: the enrollmentphase and the testing phase. During enrollment, bio-metric samples from a user are used to produce, gener-ate, or train a pattern or model from the user. This is akey process, as the resultant pattern or model repre-sents the biometric “identity card” of each enrolleduser. Care must be taken to ensure the true identity ofthe enrollee is established at this stage (generally usinghuman inspection of various trusted documents), oth-erwise the whole system is compromised. In the testingphase a biometric sample from a person is identified orverified against the enrolled models.

Biometric verification can be considered as a detec-tion task, involving a tradeoff between two types oferrors: Type I error, also denoted as false rejection (FR),false nonmatch or miss (detection), occurring when atrue user (also referred to as the client, target, genuineor authorized user) is rejected by the system, and TypeII error, known as false acceptance (FA), false match orfalse alarm, taking place when an impostor is acceptedas being a true user. These two types of errors can betraded off against each other by varying the decision

IEEE SIGNAL PROCESSING MAGAZINEMARCH 2004 51

threshold. A more secure system aims for low FAs at theexpense of higher FRs, while a more convenient systemaims for low FRs at the expense of higher FAs. Thedesired operating point is highly dependent on the finalapplication and so, generally, the complete tradeoffcurve over many operating points is often used to char-acterize biometric performance.

Performance capabilities have been traditionallyshown in the form of ROC (receiver- or relative-oper-ating characteristic) plots, in which the probability of afalse-acceptance is plotted versus the probability of afalse-rejection for varying decision thresholds. Anexample of an ROC plot is given in Figure 1(a), wherethe desired area is at the lower left of the plot, in whichboth types of errors are minimized. Unfortunately, withROC plots, curves corresponding to well-performingsystems tend to bunch together near the lower left cor-ner, impeding a clear visualization of competitive sys-tems. More recently, a variant of an ROC plot, thedetection error tradeoff (DET) plot [26] has beenused, which plots the same tradeoff using a normaldeviate scale. This has the effect of moving the curvesaway from the lower left corner when performance ishigh and producing linear curves, making system com-parisons easier. In Figure 1(b), the DET plot corre-sponding to the same data in the ROC plot in Figure1(a) is shown.

Although the complete DET curve is needed to fullydescribe system error tradeoffs, it is desirable to reportperformance using a single number. Often the equal-error-rate (EER), the point on the DET curve wherethe FA rate and FR rate are equal, is used as this singlesummary number. However, the suitability of any sys-tem or techniques for an application must be deter-mined by taking into account the various costs andimpacts of the errors and other factors such as imple-mentations and lifetime support costs and end-useracceptance issues.

Overview of Biometric ModalitiesThis section provides a brief description of state-of-the-art biometric modalities that are considered as suitablefor incorporation into DRM systems. Suitability refersto both the applicability for DRM schemes and thematurity of the technology. Modalities are divided intophysiological traits, including fingerprint, face, handgeometry, palmprint, and iris biometrics, and behav-ioral ones, including voice, handwriting, and off- andonline signature. Finally, we will also define multimodalbiometrics as a promising way of enhancing perform-ance through the combination of multiple modalities.

Physiological BiometricsFingerprint BiometricsFingerprint matching [15], [16], [23] is one of themost widespread biometric solutions and is based onthe ridge structure of the epidermis of each fingertipand its peculiar distribution of minutiae points, which ispreserved almost unalterable all through a person’s life.Traditional ink-and-roll fingerprint images have beenreplaced by electronic scanning through different tech-nologies (optical, capacitive, ultrasonic, etc.)Unfortunately, these devices may introduce somedegree of variability on fingerprint patterns, due to sev-eral effects, like the sensitivity to finger temperature orsweat, the distortion due to pressing on the planar sur-face, fingertip placement, or the size-limited nature ofthe device that adds position variability to the finger-print. Moreover, there are some population groupswith special problems, like some manual workers thatmake intensive use of manual tools that can lead to fin-gerprint damaging by friction and erosion, an issue thatcan affect up to 5% of the population [30].

Features used to represent fingerprints for personauthentication purposes are predominantly minutiaebased [15], [16], [23]. These are typically end pointsor bifurcation ridges. The relative position of these

minutiae points constitute a person-al trait. A common way of extractingminutiae by image processing is byuse of a lack of linear symmetry,introduced independently in [4] for(N-D) and in [17] (for 2-D). First,smoothed outer products of gradi-ents are computed yielding 2×2symmetric matrices (tensors). In thecase of ill-defined orientations, typi-cally caused by bifurcations, or endof lines, the smallest eigenvalue ofthe matrix tends to be large; other-wise, it is close to zero. A threshold-ing of the smallest eigenvalueusually gives satisfactory results toextract the minutiae.

For poor-quality fingerprints,however, it has been shown that theimage enhancement by imposing the


� 1. Example of verification performance comparison for same hypothetical systems, Aand B, for both (a) ROC and (b) DET plots.

Pro

babi

lity

of F

alse

Rej

ect (

in %

)

DecreasingThreshold

Probability of FalseAccept (in %)

Receiver OperatorCharacteristic

(ROC)

DetectionError Tradeoff

(DET)

DecreasingThreshold

BetterPerformance

50

50

45

45

40

40

35

35

30

30

25

25

20

20

15

15

10

10

5

50

0

Probability of FalseAccept (in %)

40

40

20

20

10

10

5

5

2

2

1

1

0.5

0.5

0.2

0.2

0.1

0.1Pro

babi

lity

of F

alse

Rej

ect (

in %

)

(a) (b)


linear symmetry orientations back to local neighbor-hoods improves the fingerprint-based authentication sig-nificantly [40]. Recently [1] and [28] introducedlandmark (arch, deltas) based alignment and identifica-tion results that completely bypass minutiae extraction.This is interesting for consumer electronic fingerprintsensors that tend to be small and hence the number ofminutiae is necessarily less than ink-rolled-based imagingtechniques.

Results of the 2000 and 2002 Fingerprint Verifi-cation Competitions (FVC2000 and FVC2002, repec-tively) [23] reveal that even with medium- to high-quality images, only a few technologies show good per-formance. This means there is still room for algorith-mic improvement in terms of image processing toextract the salient features and match them despiteintra-class variability. An improvement is also neededregarding acquisition devices, which provide size-reduced, rather poor-quality images.

Face BiometricsThe face of a person is considered to be the mostimmediate and transparent biometric modality forphysical authentication applications. As far as adequatecamera positioning can mitigate issues with users prop-erly looking into the camera, cooperativeness is not insome cases a crucial issue. Nevertheless, in otheruncontrolled situations, like when trying to detect aparticular face in a crowd, cooperativeness is an impor-tant issue. This makes face recognition a highly desir-able biometric modality, and extraordinary researchefforts have been undertaken in the last decade.

A wide choice of techniques has been proposed tomeet the demands of automatic person authenticationby their faces. Despite its intrinsic complexity, face-based authentication still remains of particular interestbecause it is perceived psychologically and/or physical-ly as noninvasive. Significant motivations for its useinclude the following:� Face is a modality that humans largely depend on toauthenticate other humans; consequently, every humanis a putative expert in face recognition from infancy.� Face is a modality that requires no or only weakcooperation to be useful.� Face authentication can be advantageously includedin multimodal systems, not only for authentication pur-poses but also to confirm the liveness of the signalsource of fingerprints, voice, etc.

Unfortunately, face is a three-dimensional (3-D)modality that is usually captured through a 2-D device(photo or video camera), causing problems related tothe subject’s pose. Background and illumination arealso problems not yet fully solved, and inherent vari-ability, like aging, must also be considered. Of course,factors producing external variability in the face, likemake-up, hairdressing (also beards or mustaches), andartifacts (glasses, jewelery, piercing, etc.), will causedegradation in performance.

Features used for description of faces are either geo-metric metrics of the face, like distances between thenose and mouth [8], or more abstract features, like filterresponses on a grid [19]. To extract geometric metrics,subparts of the face must be extracted. A commonapproach to do this is by using scalar products (correlateimage templates) that attempt to match well-definedportions of the face (eye, mouth, etc.) with a referencetemplate [8]. Therefore, geometric metrics are alsoknown as being scalar product approaches. The eigen-face approach [44] describes a face image in terms oflinear combinations of basis images that also belongs tothis class. The eigenface matching can be performed as ascalar product between the reference face image coeffi-cients and the test image coefficients. But since thescalar products are conserved in orthogonal transforma-tions, this result can also be obtained from a scalarproduct (i.e. pixelwise multiplication and summation)of the approximately reconstructed reference face imageand the approximately reconstructed test face image.The number of basis images used is set empirically.Although early studies [44] indicated a face-space ofdimensionality of approximately 20, later studies indi-cate a dimensionality of the order of hundreds [42] forrelatively large face corpora. Finally, other face detectionapproaches related to the eigenface approach is the dis-tance-from-feature-space [33] and Fischerfaces [2].

Methods that constrain local, highly nonlinear fea-tures by adding geometrical constraints can be consid-ered as a mixture of both geometric and scalar productapproaches. These include the dynamic link architecture(DLA) [19] and related graph-based feature matchingapproaches [24], as well as methods based on neuralnetworks, and feature-based approaches where featuresare geometrical measures [8]. In DLA, the mechanismfor assessing connections between the image and modeldomain turns out to be complex and time consuming.A simplified implementation called elastic graph match-ing (EGM) is often preferred for finding objects in thescene with a known reference [49]. However, as theattributed graph is a 2-D representation of 3-D objects,this tolerance is limited. Extensions have been pro-posed for rotations in facial depth [50]. In Duc et al.[11], local discriminant measures for face images areproposed. This leads to significantly improved perform-ance for face authentication applications. In that contri-bution, subsets of the data are considered separately,

Biometric recognition adds anew dimension by associatinga person’s identity withsomething that he/she is(or produces).

leading to a faster training, as the solution to the opti-mization problem is known analytically.

The main regions of interest for the face recogni-tion/authentication task are well known: the eyes andthe mouth of a subject. A biologically inspired methodto locate such facial landmarks using a Saccadic searchstrategy built around a rigid log-polar retina, which isused to sample the Gabor decomposition of the image[41], as shown in Figure 2, has recently been proposed.The Saccades make use of a priori knowledge of theface components in the form of appearance-based mod-els of the eyes and the mouth. The models describe theGabor signature of the target features. Face authentica-tion is achieved using experts of each facial region, i.e.,the two eyes and the mouth. The results report signifi-cant improvement on the Gabor features extracted ongrids spanning the full face that have been employedpreviously [11], [19].

Iris BiometricsIris verification is based on the stability of the so-calledtrabecular pattern during a person’s lifespan. This tra-becular pattern is formed by an elastic connective tissuecalled trabecular meshwork, which gives to the iris itsappearance of radial divisions. It consists of pectinateligaments adhering into a tangled mesh revealing stria-tions, ciliary processes, crypts, rings, furrows, freckles,vasculature, and a corona. The iris is protected by thecornea and the aqueous humor, so the iris pattern isalmost unaffected by environment, except for pupillaryreflex to light. This stretching of the iris tissue as thepupil dilates produces elastic deformations. Locatingthe inner and outer iris boundaries can lead to a linearcompensation for this effect.

The segmentation of the inner and outer boundaries,together with the detection of the eyelids (if theyintrude into the iris pattern), require the application ofimage processing techniques [10], [48]. A first approachto the problem solution [10] is accomplished by extract-ing concentric coronas from the iris. On each of thesecoronas, a 2-D Gabor wavelet transform is applied torepresent image texture by the arguments of the com-plex filter responses. Each of these phasor angles is quan-

tized into just the quadrant in which it lies. This opera-tion is repeated for all filters and regularly selected spatialsites on concentric circles of the iris. In case some sitesfall in nonvisible places due to an eye-lid covering theGabor filter measurement site, the site is marked as non-valid by a sites of interest mask. This site mask togetherwith the Gabor-filter-based local phase measurementsjust described constitute the iris code.

Left and right iris patterns of a given person are dif-ferent. Also, iris patterns between identical twins aredifferent. However, a nontrivial issue is securing theliveness of the signals and obtaining the high-qualityimages that are required to represent the iris patternsthat make them so personal. Unlike face scan technolo-gy, which can leverage existing photo- or video-cameratechnology, iris scan deployments require specializeddevices including, in some cases, infrared illuminationand may be perceived as invasive by users who arerequired to be very collaborative. The iris code, and forthat matter iris features reported by other researchers,relies on the exceptionally high-quality images that acombination of the iris image acquisition software anduser collaboration allows.

Hand BiometricsPalmprint RecognitionPalmprints are stable and show high accuracy in repre-senting each individual’s identity [52]. Thus, they havebeen commonly used in law enforcement and forensicenvironments. Since the surface of the palmprint islarger than the fingerprint itself, a higher quantity ofidentifying features can be extracted from the palm-print. Moreover, users consider hand biometrics asbeing user friendly, easy to use, and convenient.Palmprint acquisition is based on standard charge-cou-pled device (CCD)-based optical scanning. Althoughsome acquisition procedures imply pressing on a glasspanel (inducing an elastic distortion on the palmprint),some others do not. Those who do not however, mustsolve the liveness issue separately.

Palmprint features can be divided into three differ-ent categories: a) point features, which include minuti-ae features from ridges existing in the palm, and delta

point features, from delta regions found inthe finger-root region; b) line features,which include the three relevant palmprintprincipal lines, due to flexing the hand andwrist in the palm, and other wrinkle linesand curves (thin and irregular); and, c) tex-ture features of the skin.

Hand GeometryHand geometry recognition [15] is based onthe extraction of a hand pattern that incor-porates parameters like finger length, width,thickness, curvatures, or relative location. Toobtain these features, an image of the silhou-etted hand is needed. The process of captur-


� 2. A biologically inspired method to locate facial landmarks using a Saccadicsearch strategy built around a rigid log-polar retina (a), which is used to samplethe Gabor decomposition of the image (b).

(a) (b)

ing this information is normally accomplished throughCCD cameras and infrared illumination; the user putshis/her hand on a highly reflective surface, such as aplaten, performing an orthographic scanning, consist-ing of top and side views of the hand shape. Surfacedetails like texture and fingerprints are ignored for thispurpose. Specific hand positioning is forced by usinginter-finger pegs or locator pins.

Hand geometry requires high collaboration fromthe users as the hand must be kept flat while scanning.Fingernails (e.g., on females) that can potentially dete-riorate intra-class variability must also be coped with bythe system.

Behavioral BiometricsVoice BiometricsThe speech signal conveys many levels of informationto the listener. At the primary level, speech conveys amessage via words, but at other levels speech conveysinformation about the language being spoken and theemotion, gender, and, generally, the identity of thespeaker. While speech recognition aims at recognizingthe words spoken in speech, the goal of automaticspeaker recognition systems is to extract, characterize,and recognize the information in the speech signal con-veying speaker identity. In this section we provide abrief overview of the area of speaker recognition,describing underlying techniques and some indicationsof performance. This is not a comprehensive review,and readers should see, for example, [9], [35], andtheir references for more details.

Depending on the level of user cooperation andcontrol in an application, the speech used for thesetasks can be either text dependent or text independent.In a text-dependent application, the recognition systemhas prior knowledge of the text to be spoken and it isexpected that the user will cooperatively speak this text.In a text-independent application, there is no priorknowledge by the system of the text to be spoken, suchas when using extemporaneous speech. Text-independ-ent recognition is more difficult but also more flexible,for example, allowing verification of a speaker whilehe/she is conducting other speech interactions (back-ground verification).

Research and development on speaker recognitionmethods and techniques continues to be an active areafor well over four decades. Approaches have spannedfrom human aural and spectrogram comparisons, tosimple template matching, to dynamic time-warping(DTW) approaches, to more modern statistical patternrecognition approaches, such as neural networks andhidden Markov models (HMMs). Over this same time,research and development corpora have evolved fromsmall, private corpora (five to ten speakers) under labo-ratory clean, controlled conditions (single session, readspeech) to large, publicly available corpora (500+speakers) reflecting more realistic and challenging con-ditions (extemporaneous speech from landline and cel-

lular telephone channels). Benchmark evaluations usingcommon corpora and paradigms have been conductedfor several years (e.g., YOHO, CAVE project, NIST[29]) allowing comparison of technical approaches andfocusing effort on common challenges.

Although there are no exclusive speaker identitycues in the speech signal, information about the speak-er’s anatomical structure is generally conveyed in theamplitude spectrum, with the location and size of spec-tral peaks (formants) related to the vocal tract shapeand the fine structure (pitch striations) related to theglottal source. Typically, the amplitude spectrum is esti-mated using 20 ms of speech and a physiologicallymotivated mel-scale filter-bank every 10 ms so as tocapture the evolving nature of the vocal apparatus. Theamplitude spectrum is then further processed through aform of cepstral analysis and appended with time deriv-atives to produce the feature vector that is used to cre-ate a speaker model. Recent research, which is beyondthe scope of this article, is focused on using otheraspects of speech, such as pronunciations, prosody, andword usage, to help better characterize and recognizespeakers [36].

In most speaker recognition systems, the speakermodels are generally some form of HMMs. From pub-lished results, the use of HMMs has been described asgenerally producing the best performance compared toother models. HMMs encode the temporal evolutionof the features and efficiently model statistical variationof the features, providing a statistical representation ofhow a speaker produces sounds. For text-dependentapplications, whole phrases or phonemes may be mod-eled using multistate left-to-right HMMs. For text-independent applications, single-state HMMs, alsoknown as Gaussian mixture models (GMMs), are used.

For speaker verification systems, the decision is usu-ally made by a likelihood ratio test computed betweenthe claimed speaker’s model and a model representingimpostor or generic speech. This alternative model isoften called an impostor, background, or cohortmodel. The use of an impostor model is widespreadand can be crucial to obtaining good performance.Basically it acts as a normalization to help minimizenonspeaker related variability (e.g., text, microphone,noise) in the likelihood ratio score [35].

Speech is a natural signal to produce that is not con-sidered threatening or intrusive by users to provide. Inmany applications, such as telephone applications,speech may be the main, or even the only, modality.The telephone system provides a ubiquitous, familiarnetwork of sensors for obtaining and delivering thespeech signal. Moreover, there is no need for specialtransducers to be installed at application access points.Even for nontelephone applications, like PC-basedones, sound cards and microphones are low cost andreadily available. Combined with utterance verification,speaker verification is one of the few biometrics thatsupports a natural “challenge-response” to help thwart


spoofing attacks. A system can present a user with aseries of randomized phrases to repeat so the system canverify not only the voice matches but also the requiredphrases match. Additionally, it is possible to use formsof automatic knowledge verification where a person isverified by comparing the content of his/her spokenutterance against the stored information in his/her per-sonal profile (e.g., “What is your pet’s name?”).

On the other hand, speech is a behavioral signal thatmay not be consistently reproduced by a speaker andcan be affected by a speaker’s health (cold or laryngi-tis). Also, the varied microphones and channels thatpeople use can cause difficulties since most speaker ver-ification systems rely on low-level spectrum featuressusceptible to transducer/channel effects. Further-more, the mobility of telephones means that people areusing verification systems from more uncontrolled andharsh acoustic environments (cars, crowded airports),which can stress accuracy.

Handwritten BiometricsThe convenience for paper and pen in the electronicera is the reason why people still use handwriting as amean to convey, retain, and facilitate communication.Together with this kind of information, handwriting isalso a skill that individualizes people [34]. From thispoint of view, the process of automatically determiningwho the specific author of a given handwritten text is iscalled writer recognition. Handwritten recognition canbe accomplished from two different points of view,depending on whether there is electronic access to thehandwriting process or not. If there is, one can digitizethe pen’s instantaneous information trajectories, andinformation like pressure, speed, or pen-up movementscan be captured; if not, just shape-based image recogni-tion is feasible. The former is also known as online ordynamic handwriting recognition, whereas the latter isoften called offline or static recognition.

A particularly relevant component in handwritingbiometrics is signature recognition, because of the socialand legal acceptance and widespread use of the writtensignature as a personal authentication method.Regardless of the handwritten content, signature verifi-cation is entirely focused on extracting writer-specificinformation. It has also to be taken into account thatFA refers in this modality mainly to the impostor’s abili-ty to mimic the target signature by producing a forgery.Moreover, devices like PDAs, pocket PCs, tablet PCs,or 3G mobile phones might offer handwriting capabili-ties, due to the fact that handwriting is considered asbeing more natural for humans and also to the possibili-ty of size reduction by eliminating the keyboard.

Online Signature Verification: In online signatureverification systems [20], [32], different approachescan be considered to extract signature information;they can be divided into: i) function-based approaches,in which signal processing methodology is applied tothe dynamically acquired time sequences (i.e., velocity,

acceleration, force, or pressure), and ii) feature-basedapproaches, in which statistical parameters are derivedfrom the acquired information. One can also specifydifferent levels of classification, so it is possible to useand combine shape-based global static (i.e., aspectratio, center of mass, or horizontal span ratio), globaldynamic (i.e., total signature time, time down ratio, oraverage speed) or local (stroke direction, curvature orslope tangent) parameters.

The use of complete sequences have so far yieldedbetter results, since reducing time sequences just to sta-tistical features diminishes our ability to make a precisecharacterization of this dynamic process. This time-based sequence characterization process is stronglyrelated to the way in which a reference model is estab-lished. HMMs have shown this capability regardingother behavioral-based biometric traits, outperformingother classical approaches like distance measure,(weighted) cross correlation, or dynamic time warping(dynamic string matching). Online signature verificationoffers reliable identity protection, as dynamic informa-tion is not available on the signature image itself but inthe process of signing. Also, pen-up dynamic informa-tion can be acquired, and these pen-up trajectories donot leave even their shapes in the final image.

Offline Signature Verification: Offline signature veri-fication relies on extracting writer-specific informationjust from the shape of the image and the luminance ofthe trace [20], [34]. Once the signature has beenextracted from the document background, several tech-niques have been used for offline signature verificationincluding minimal distance classifier, nearest neighbor,dynamic programming, neural networks, and HMMs.

Unlike online signature verification, off-line signa-ture verification cannot take full advantage of thedynamic handwriting process. Performance results ofoffline systems are expectedly lower than that based ononline information, although false accepts rely entirelyon the ability of the forger to produce a highly skilled,shape-based forgery. The extraction from offline signa-tures of pseudodynamic information, like recovery ofthe stroke sequence, or deriving the instantaneous pres-sure from the stroke width, is now the focus of someadditional research efforts.

Multimodal BiometricsThe performance of any single-trait verification systemcan be improved by unimodal (or monomodal) fusion,i.e., the combination of several verification strategiesapplied on the same input data. Even greater verifica-tion performance improvement can be expectedthrough the use of multiple biometric characteristics,due to their statistical independence [3], [37]. Inspiredby this potential, great effort has been made to demon-strate the benefits of the multimodal fusion approach[3], [8], [18], [37].

Biometric multimodality can be studied under thegeneral field of data fusion or under the particular


frame of classifier combination. Bigun et al. in [3] com-bined machine expert opinions (applied to the frontalface and speech) in a probabilistic Bayesian framework,whereas Kittler et al. in [18] showed that weightedsummation of machine expert opinions outperformsother strategies, including product rule, by usingBayesian arguments. Interestingly, both approachesindependently show results in favor of weightedmachine expert summation rules, via Bayesian method-ologies, by using both real data (speech, frontal, andprofile images modalities) and simulated data. Theapproach of [3] is based on Bayesian results obtainedfrom catastrophe studies where human expert opinionsmust be combined to do assessment on probability of(undesired) events. In an analogous manner, (machine)experts’ future opinions where no true data are avail-able (operational state of an authentication systemwhen the true identity is not available) are predicted byusing the Bayes’ theorem from the past performance ofeach expert by weight optimization. In this approachexpert opinions are automatically calibrated by their“historical bias” they have shown in the past. In theapproach of [18], R modalities, two classes (ω1 forclients and ω2 for impostors), and a given pattern Zthat generates the feature vector xi for modality i, theclassifiers (or experts) are considered to give the a pos-teriori probability for each class k: P (ωk | xi ). Severalways to implement the fusion of the modalities are thenobtained (sum, product, max, min, etc.), based on theBayes’ theorem. The sum rule outperformed theremainder in the experimental comparison, due to itsrobustness to errors in the estimation of P (ωk | xi )

made by the individual classifiers.Multimodal fusion can also be treated as a pattern

classification problem. Under this point of view, thescores given by individual expertmodalities are considered as inputpatterns to be labeled asaccepted/rejected (for the verifica-tion task). Verlinde et al. followedthis approach and compared in [45]the following pattern classificationtechniques for multimodal fusion(sorted by relative decreasing per-formance): logistic regression, maxi-mum a posteriori, k-nearestneighbors classifiers, multilayer per-ceptrons, binary decision trees, max-imum likelihood, quadraticclassifiers, and linear classifiers. Morerecently [13], support vectormachines (SVMs) have been com-pared with all the above-mentionedtechniques carrying out the sameexperiments, showing very promis-ing results. From now on, this per-spective will be referred to aslearning-based (or trained) fusion,

because it requires sample outputs from the experts totrain the pattern classifiers.

Performance Characterizationin BiometricsAlthough there have been some attempts to directlycompare performance of different biometric modalities(for example, see Figure 3, used with permission from[25]), it is still difficult to characterize the performanceof different biometric recognition systems in a consistentway. One reason for this is that there are many factorsthat produce degradation in recognition performance,and these factors are not homogeneous throughout bio-metric modalities. Factors like the type of application,enrollment and/or testing scenario, size of the popula-tion under study, controlled situations versus uncon-trolled situations, etc., introduce a heterogeneousassessment framework. There are also intra-modality fac-tors (e.g., type of acquisition device, fingertip position,or finger humidity in fingerprint matching; illumination,pose, face artifacts, or background in face recognition;transmission channel, noise, or type of handset in speak-er verification; online versus offline acquisition, ordegree of skill of forgeries in signature biometrics, etc.)that are almost impossible to equalize between modali-ties to make absolute comparisons.

One observed theme in these cases is that perform-ance tends to improve with increasing constraints onthe application (more biometric samples, less distor-tion/noise/artifacts, well-performing acquisitiondevices, cooperative users, etc.). Determining acceptableperformance for a particular application will dependon the benefit of replacing any current verificationprocedure, the threat model (claimant to impostorattempts), and the relative costs of errors.


� 3. From [39], DET plot showing biometric performance for six different modalities,namely, face, fingerprint, hand geometry, iris, veins, and voice. Regarding fingerprints,results include performance with three different sensors, two of them being capacitivechips and the third being optical.

Face FP-Chip FP-Chip (2) FP-Optical Hand Iris Vein Voice

Fal

se R

ejec

t Rat

e

False Accept Rate

100%

10%

1%

0.1%0.0001% 0.001% 0.01% 0.1% 1% 10% 100%

Integrating Biometrics in DRM Systems

Security Analysis of NonbiometricDRM ApproachesA content provider has mainly two ways to assure thatcontent is delivered only to appropriate authorizedclients [47]. The first way is to set up a secure connec-tion with the client and to authenticate him as a trustedclient before delivering any content. This type of con-tent delivery is most suited to the scenario of a con-sumer obtaining content in a session, which is animportant but very limited part of the DRM world andhas the problems associated with key management(e.g., storing, password-based access to the encryptionkeys). The second way to deliver content only toauthorized clients is to deliver contents in an encryptedform that can only be decrypted by a trusted client.This approach is particularly suited to store-and-for-ward content delivery systems, allowing for super-dis-tribution (any user can redistribute with no rightsviolation) while the consumer remains anonymous tothe content provider. A further advantage is that it sep-arates the content payment and authorization from thecontent delivery, simplifying the content distribution.However, there are issues with ensuring that onlyauthorized clients obtain and use the decryption keys.

Most current DRM systems are realized in software,so there is nearly no protection against serious attacks.Technical components of DRM systems consist of specialadapted and well-known IT security functions. As shownin [12], pirates can reverse-engineer DRM systems, mak-ing them independent of hardware/software specificdevices/tools (e.g., useable on other platforms) and pro-liferating this knowledge via freely available tools.

Existing DRM systems base their security structureon different combinations of the following technologies.� Watermarking: This technique enables the inclusionof imperceptible information within audio/video/doc-ument digital content. It is primarily used for copy con-trol and illegal distribution detection, usually includingright-holder information. A secret key must be used toreveal the watermark allowing later extraction by thecontent provider.� Fingerprinting: The digital content is watermarkedwith the consumer’s identity for every client. Usuallyused in multicast encrypted streaming of content, usershave individual decryption keys containing fingerprints(personal data). It enables fair use copies (e.g., copiesbetween members of a family) providing control of theorigin in case of illegal copies.� Tamper-resistant software/hardware: This is responsi-ble for securely handling the decryption and renderingof the content for the end consumer. It must preventthe consumer from gaining access either to the decryp-tion key or to the decrypted digital content.� Encryption: This is the process of data locking basedon encryption/decryption keys. Both symmetric andpublic key infrastructure (PKI) approaches have been

shown extraordinary useful in a wide range of applica-tions from secure communications to e-commerce.

Many successful DRM and non-DRM systems relyon these technologies, but they are still susceptible toserious attacks to crack or circumvent them. The mainvulnerability is in key management. First, there aremany keys (for encryption, decryption, watermarking,and fingerprinting) needed by many people (individualconsumers, system administrators, dealers and distribu-tors, payment brokers, etc.) increasing the potential forcompromise. Second, since cryptographically strongkeys are not amenable for people to remember andenter, at one point, key entry is reduced to some easilyremembered passcode. Thus, the security of theencryption system, and so that of the DRM, is only asgood as the passcode, with all its well-known problems(the FBI ranks problems with “accounts with no pass-words or weak passwords” as second in its “Top 20Security Holes”).

One of the main problems with passcodes is the lackof direct connection between users and passcodes, so alegitimate user and an impostor who fraudulentlyacquires the user passcode are indistinguishable to thesystem. Biometric authentication provides this linkagebetween users and passcodes for key security using abiometric technology to secure the cryptographic key.Apart from the different biometric technologies thatcan be adopted, each one of them can be applied in dif-ferent ways, as discussed below, adding another securitylayer to the system giving access to the encryption keys,or directly generating keys from biometric data.

Overview of DRM SystemsIntegrating BiometricsIn the first part of this article, different biometricmodalities and technologies, most of them commercial-ly available, together with their respective levels of per-formance for different application scenarios, werepresented. However, it is not easy to select a single bio-metric trait for a target application. For instance, endusers might not accept invasive authentication tech-niques, or system vendors might not desire expensiveacquisition sensors. Moreover, a specific biometric traitcannot be considered as a standalone technology but asa component in the overall global solution, adapted tothe target application by the biometric technologyprovider, and easy to integrate into the DRM system.

The selection of the adequate biometric modality isjust the first task to integrate biometrics in this newframework. DRM systems are extremely complex, withboth local and distributed resources and processes anddifferent types of clients and providers. For instance, acontent distributor (such as a TV station, an Internetpay-per-download music site, or a wireless 3G enter-tainment provider) acts simultaneously as a client fromcontent creators (e.g., a Hollywood film studio or agame software company) and as a provider for end cus-tomers or additional distribution layers. Consequently,


there are two main kinds of consumers of intellectualrights, namely people (as individuals, groups, or com-panies) acting as end users, and distribution clients act-ing as intermediaries, and both kinds of entities need tobe securely authenticated.

Moreover, some DRM applications concern trans-actions between companies, which have to be author-ized and signed off by chief executives (for example, anew catalog from a content provider that is to beoffered by a content distributor). The use of biomet-ric tokens as electronic signatures in electronic docu-ments, as well as the access to reserved executive keysby means of biometric verification, are both viableways to offer instantaneous access to protected con-tent just offered to your company.

However, the biggest area of interest for biometricsinto DRM systems is that of key management. In com-plex structures such as DRM systems, many keys, pass-words, digital certificates, and electronic signatures,each one of them with different levels of permissions,have to be managed properly, and here biometrics pro-vides a natural way to guarantee that only the real indi-vidual has access or can generate his correspondentspecific key.

Biometric-Based DRM Approaches Both the “secure the pipe” and the “secure the con-tent” scenarios apply to biometric user authenticationwhen users are humans. Biometric technologies willwork to provide secure authentication of the user inevery task or target application where a human con-sumer of multimedia content is involved, either as astandalone technology or as passport to other well-established technologies (i.e., by using biometrics tounlock your Internet digital certificate).

Several commercial biometric solutions exist thatare applicable to those target scenarios, ranging fromonline signature recognizers in tablet PC environ-ments, to fingerprint readers in USB keys, to integrat-ed cameras on 3G mobile phones, to multimodalspeaker verification integrated in vocal portals and dia-logue systems. This is just the beginning, as manyother applications will be available in the near futurewhen new devices will integrate high processing capa-bilities with multimodal acquisition devices.Applications are countless, and system designers mustlook for the best biometric solution (in terms of per-formance, acceptability, and cost-effectiveness) foreach specific target application.

Below we outline several examples of biometrictechnologies in DRM systems, but a complete listing ofall existing systems or proposals is out of the scope ofthis work. The selection is based both on covering thewide variety of biometric technologies and easy-to-access documentation of the reported systems.

We will differentiate two kinds of biometric systemapplications in the two next subsections. The first set ofapplications involves the use of conventional biometric

systems as an additional security layer for access torestricted data. The second set of applications involvesthe use of biometrics for encryption key generation,which gives an extra security layer compared to mereaccess control, as the encryption key is never stored andis dynamically generated from the biometric data bothfor encryption and decryption of content.

DRM Systems with Biometric-Added SecurityIn this case, when a user wishes to access a securedkey, he/she will be prompted to provide a biometricsample. If the user is accepted after matching of theinput biometric sample with the enrollment data, thekey is released and can be used to encrypt or decryptthe desired data. Biometric authentication is generallycoupled with password and, occasionally, tokenauthentication.

Here any existing biometric technique or system canbe adapted to work in the DRM environment as anadditional security layer. The usability of biometrics forthe creation and retrieval of electronic signatures,strongly linked with DRM and encryption, has beenextensively studied in [38]. In this work most existingbiometric technologies are analyzed in the environmentof smartcard technologies, one of the most prominentrepresentatives of technologies for secure signature cre-ation devices (SSCDs), as it is capable to execute signa-ture algorithms and to provide storage and access tocertificates. The pros and cons of each technology arethoroughly studied, with conclusions oriented to thesmartcard and electronic signature environment, whichcan directly be extended to DRM systems.

However, even if providing an added security layerrelative to nonbiometric password-based systems, bio-metric-based systems are still not perfect. First, the bio-protected key is (securely) stored somewhere in apassword-protected system, so it could probably beaccessed by a software attacker or by physical access tohardware/disks. Second, a compromised biometric pat-tern (fingerprint spoofing, voice recording, etc.) isimpossible to replace.

To mitigate the compromise problem, a form of aninteractive response system is often used. These proce-dures cannot be applied to static biometrics, such asfingerprints or iris recognition, but are primarily usefulfor dynamic biometrics, such as voice or online writing.A very interesting solution in the voice domain isknown as conversational biometrics, as shown, forexample, where the speaker is authenticated not justfrom the acoustic characteristics of his/her voice, as inconventional voice biometric systems, but also fromhis/her particular way of interaction with a dialoguemanager capable of natural language understanding ina restricted domain (e.g., access to the catalogue of acontent provider). In this sense, the process of authen-tication is never the same, and even recordings of thetrue speaker from previous access attempts will not giveaccess to the system in a different trial.


DRM Systems with Biometric Key GenerationA first approach to integrate biometric patterns andencryption keys is to hide the cryptographic key in theenrollment template via a secret bit-replacement algo-rithm [43]. If the user is authenticated through biomet-rics, then it looks into the enrollment template in thespecified positions for the bits that constitute the key.However, an attacker can learn from different userenrollment templates the positions or algorithm thatgives access to the key bits, thus compromising the keys.

A second approach is discussed in [6], where the keyis directly obtained from the biometric template, fromdirect template coding. In this proposal, two mainproblems appear. The first one is that as a result ofchanges in the biometric template due to environmen-tal and physiological factors, the biometric template isgenerally not consistent enough to be used as a crypto-graphic key. The second problem is that if the key isever compromised, then the use of that particular bio-metric is irrevocably lost. Note that this is the sameconsequence as above but from different origin.

A similar approach in [46] uses statistical features ofonline signatures instead of biometric images. Thismethod allows obtaining a biometric hash vector basedon an individual interval matrix, where cryptographickeys can be directly obtained from that hash vector.The idea relies on establishing confidence intervals,based in the user intra-variability, in 24 different fea-tures of a signature, and checking with the test signa-ture if every feature is or is not between thecorresponding limits, accepting (bit = 1) or rejecting(bit = 0) the feature as original from the author,obtaining finally the 24-bit hash vector if the signaturecomes from the true signer. Another interesting exam-ple using voice [27] uses text-dependent (fixed) pass-words to generate the cryptographic key. Thus,segmental vector quantization is used to define m con-secutive clusters that are represented by their centroids.During tests, every aligned segment is distance-basedchecked as accepting (1) or rejecting (0) the segment.An additional error correction procedure is implement-ed to allow for insertions/deletions up to 3 or 4 bits,for a total length of m = 46 bits. So, a double objectiveis achieved, obtaining unpredictable and reproduciblekeys. Unpredictability is achieved from the entropyfrom how the user speaks the password; that is, animpostor knowing the password will not obtain the

(correct) key after uttering it. As happened in [6], usersare generally not consistent in all features, so the chal-lenge to obtain reproducible keys from biometricsrelies on accommodating variations in those features inwhich a user is inconsistent while still generating thesame key each time.

The same idea regarding the generation of the bio-metric key is presented for fingerprints in [43], allowingfor reproducible keys with different images (rotation,translation, elastic skin distortions) from the same fin-gerprint. But the innovation in this approach comesfrom the fact that during enrollment the biometricimage is combined with a digital key to create a secureblock of data. This data block is secure in that neitherthe fingerprint nor the key can be independentlyobtained from it. During verification, the cryptographickey is retrieved by combining the biometric image withthe secure block of data. Thus, it does not simply pro-vide an accept/reject authentication decision to releasethe key but instead retrieves a key that can only berecreated by combining the input biometric image withthe secure block of data. In this way, the key is com-pletely independent of the biometric data, which meansthat, first, the use of the biometric is not forfeited if thekey is ever compromised, and, second, the key can beeasily modified or updated at a later date.

ConclusionWe have outlined some sample applications where bio-metric technologies can successfully be applied toDRM applications. However, extreme care has to betaken with respect to the customers’ rights, in particu-lar when dealing with sensitive personal data and specif-ically regarding biometric data. Identification patternscannot be transmitted, saved, or watermarked into digi-tal contents without extreme security measures(secured communication channels, encryption, datahiding, etc.) and according to applicable personal dataregulatory laws. Consumer-rights organizations aresensitive to biometric data management, and all pre-ventive measures should be addressed to hold back seri-ous planning errors in the first systems to be deployed,which could provoke greater damages to the DRMindustry in the future.

DRM systems are ready to be extensively used, asseveral proprietary solutions already exist, and openstandards are ready, like the MPEG-21 IPMP and thefull standard [7]. In this deployment process, biomet-rics should play a crucial role to guarantee the neces-sary mutual trust in the chain from right holders tocontent distributors and consumers. We believe that aproper use of biometric technologies will constituteone of the key issues for DRM technologies to succeedin the near future.

AcknowledgmentJ. Ortega-Garcia and J. Gonzalez-Rodriguez wish toacknowledge the partial support of the Spanish Ministry


The face of a person isconsidered to be the mostimmediate and transparentbiometric modality for physicalauthentication applications.

of Science and Technology under projects TIC2000-1669-C04-01 and TIC2000-1683-C03-02, respectively.D. Reynolds was sponsored by the U.S. Department ofDefense under Air Force contract F19628-00-C-0002.

Javier Ortega-Garcia received the Ph.D. degree “cumlaude” in electrical engineering (Doctor Ingeniero deTelecomunicación) in 1996 from UniversidadPolitécnica de Madrid, Spain. He has been an associateprofessor since 1999 at the Audio-Visual andCommunications Engineering Department, Universi-dad Politécnica de Madrid, where he is director of theBiometrics Research Laboratory. His research interestsare focused on biometric signal processing: speakerrecognition, fingerprint recognition, online signatureverification, data fusion, and multimodality in biomet-rics. He has published over 60 international contribu-tions. He is general chair for Odyssey’04—The ISCASpeaker and Language Recognition Workshop to beheld in Toledo, Spain, in June 2004.

Josef Bigun obtained his Ph.D. degree from LinkoepingUniversity in 1988. In 1988, he joined the SwissFederal Institute of Technology in Lausanne (EPFL)where he worked until 1998 as adjoint scientifique. Hewas elected professor to the signal analysis chair, his cur-rent position, at Halmstad University and ChalmersInstitute of Technology in 1998. He is a Fellow of theIEEE and IAPR. He has contributed significantly to theformation of biometric research in Europe, includingthe M2VTS consortium. He cochaired the FirstInternational Conference on Audio and Video-BasedBiometric Person Authentication (AVBPA) in 1997. Hehas been an editorial member of several journals in pat-tern recognition. His interests include biometrics, tex-ture analysis, motion analysis, and understanding of thebiological processing of audio-visual signals.

Douglas Reynolds received the B.E.E. degree and Ph.D.degree in electrical engineering, both from the GeorgiaInstitute of Technology. He joined the InformationSystems Technology Group at the MassachusettsInstitute of Technology Lincoln Laboratory in 1992.Currently, he is a senior member of the Technical Staffand his research areas cover robust speaker identifica-tion and verification, language recognition, speechrecognition, and speech-content-based informationretrieval. He has over 50 publications in the area ofspeech processing and three patents related to securevoice authentication. He is a Senior Member of theIEEE Signal Processing Society and has served on theSpeech Technical Committee.

Joaquin Gonzalez-Rodriguez received the Ph.D. degree“cum laude” in electrical engineering (Doctor Ingenierode Telecomunicación) in 1999 from UniversidadPolitécnica de Madrid, Spain. He has been an associateprofessor since 2002 at the Audio-Visual and

Communications Engineering Department, UniversidadPolitécnica de Madrid, where he is head of the Speechand Signal Processing Group (ATVS). His researchinterests are focused on signal processing, biometrics andforensics: speaker recognition, forensic biometrics, datafusion in biometrics, robustness in speech/speakerrecognition, and speech enhancement (auditory criteria,microphone arrays, binaural modeling). He has pub-lished over 50 international contributions. He is an invit-ed member of ENFSI (European Network of ForensicScience Institutes) and will be acting as vice-chairmanfor Odyssey’04—The ISCA Speaker and LanguageRecognition Workshop, to be held in Toledo, Spain, inJune 2004.

References[1] M. Bazen and S.H. Gerez, “Systematic methods for the computation of the

directional fields and singular points of fingerprints,” IEEE Trans. PatternAnal. Machine Intell., vol. 24, no. 7, pp. 905–919, July 2002.

[2] P.N. Belhumeur, J.P. Hespanha, and D.J. Kriegman, “Eigenfaces vs. fisher-faces: Using class specific linear projection,” IEEE Trans. Pattern Anal.Machine Intell., vol. 19, no. 7, pp. 711–720, July 1997.

[3] E.S. Bigun, J. Bigun, B. Duc, and S. Fischer, “Expert conciliation for multimodal person authentication systems by Bayesian statistics,” in Proc. Intl.Conf. Audio and Video Based Person Authentication, AVBPA’97, LNCS-1206, Springer, 1997, pp. 291–300.

[4] J. Bigun and G.H. Granlund, “Optimal orientation detection of linear sym-metry,” First Int. Conf. Computer Vision, ICCV-87, Washington, DC, June8–11, 1987, pp. 433–438.

[5] J.A. Bloom, I.J. Cox, T. Kalker, J.-P. M.G. Linnartz, M.L. Miller, andC.B.S. Traw, “Copy protection for DVD video,” Proc. IEEE, vol. 87, no.7, pp. 1267–1276, July 1999.

[6] A. Bodo, “Method for producing a digital signature with aid of a biometricfeature,” German patent DE 42 43 908 A1, 1994.

[7] J. Bormans, J. Gelissen, and A. Perkis, “MPEG-21: The 21st century mul-timedia framework,” IEEE Signal Proc. Mag., vol. 20 no. 2, pp. 53–62,Mar. 2003

[8] R. Brunelli and T. Poggio, “Face recognition: features versus templates,”IEEE Trans. Pattern Anal. Machine Intell., vol. 15, pp. 1042–1043, Oct.1993.

[9] J. Campbell and J. Schroeder, Eds., Special issue on speaker recognition,Digital Signal Proces., vol. 10, Jan. 2000 [Online]. Available:http://www.sciencedirect.com/science/journals

[10] J. Daugman, “Recognizing persons by their iris patterns,” in Biometrics—Personal Identification in Networkwed Society, K. Jain, R. Bolle, and S.Pankanti, Eds. Norwell, MA: Kluwer, 1999, pp. 103–121.

[11] B. Duc, S. Fischer, and J. Bigun, “Face authentication with Gabor infor-mation on deformable graphs,” IEEE Trans. Image Proc., vol. 8, no. 4, pp.504–516, 1999.

[12] H. Federrath, “Scientific evaluation of DRM systems,” [Online].Available: http://www.inf.tu-dresden.de/~hf2/

[13] B. Gutschoven and P. Verlinde, “Multi-modal identity verification usingsupport vector machines (SVM),” in Proc. 3rd Int. Conf. InformationFusion, July 2000, vol. 2, pp. 3–8.

[14] F. Hartung and F. Ramme, “Digital rights management and watermark-ing of multimedia content for m-commerce applications,” IEEE Commun.Mag., vol. 38, pp. 78–84, Nov. 2000.

[15] A.K. Jain, R. Bolle, and S. Pankanti (Eds.), Biometrics—PersonalIdentification in Networkwed Society. Norwell, MA: Kluwer, 1999.

[16] A.K. Jain and S. Pankanti, “Automated fingerprint identification and


imaging systems,” in Advances in Fingerprint Technology, 2nd ed. NewYork: Elsevier Science, 2001.

[17] M. Kass and A. Witkin, “Analyzing oriented patterns,” Computer Vision,Graphics, Image Proc., vol. 37, 1987, pp. 362–385.

[18] J. Kittler, Y.P. Li, J. Matas, and M.U. Ramos-Sanchez, “Combining evi-dence in multimodal personal identity recognition systems,” in Proc. 1stInt. Conf. Audio and Video-Based Person Authentication, AVBPA’97, vol.LNCS-1206, pp. 327–334, 1997.

[19] M. Lades, J.C. Vorbruggen, J. Buhmann, J. Lange, C. von der Malsburg,R.P. Wurtz, and W. Konen, “Distortion invariant object recognition in thedynamic link architecture,” IEEE Trans. Comput., vol. 42, pp. 300–311,Mar. 1993.

[20] F. Leclerc and R. Plamondon, “Automatic signature verification: The stateof the art, 1989–1993,” Intl. J. Pattern Rec. Machine Intell., vol. 8, no. 3, pp. 643–660, 1994.

[21] M. Maes, T. Kalker, J.-P.M.G. Linnartz, J. Talstra, G.F.G. Depovere, andJ. Haitsma, “Digital watermarking for DVD video copy protection,” IEEESignal Proc. Mag., vol. 17, pp. 47–57, Sept. 2000, .

[22] D. Maio and D. Maltoni, “Direct gray-scale minutiae detection in finger-prints,” IEEE Trans. Pattern Anal. Machine Intell., vol. 19, no. 1, pp.27–40, 1997.

[23] D. Maltoni, D. Maio, A.K. Jain, and S. Prabhakar, Handbook ofFingerprint Recognition. New York: Springer-Verlag, 2003.

[24] S. Manjunath, R. Chellappa, and C.v.d. Malsburg, “A feature basedapproach to face recognition,” in Proc. IEEE Computer Society Conf.Computer Vision and Pattern Recognition, June 1992, pp. 373–378.

[25] T. Mansfield, G. Kelly, D. Chandler, and J. Kane, “Biometric producttesting final report,” Technical Report, CESG contract X92A/4009309.Available : http://www.cesg.gov.uk/site/ast/biometrics/media/BiometricTestReportpt1.pdf

[26] A. Martin, G. Doddington, T. Kamm, M. Ordowski, and M. Przybocki,“The DET curve in assessment of decision task performance,” in Proc.ESCA 5th Eur. Conf. Speech Comm. and Tech., EuroSpeech ’97, Rhodes,Greece, 1997, pp. 1895–1898.

[27] F. Monrose, M.K. Reiter, Q. Li, and S. Wetzel, “Using voice to generatecryptographic keys,” in Proc. Odyssey 2001, 2001, pp. 237–242.

[28] K. Nilsson and J. Bigun, “Prominent symmetry points as landmarks in fin-gerprint images for alignment,” in Proc. ICPR-16, Int. Conf. PatternRecognition, Quebec, Canada, Aug. 11–15, 2002, vol. III, pp. 395–398.

[29] NIST, National Institute of Standards and Technology [Online].Available: http://www.nist.gov/speech/tests/spk/index.htm

[30] NIST, “Summary of NIST Standards for Biometric Accuracy, TamperResistance, and Interoperability,” Report to U.S. Congress, Nov. 13, 2003.[Online]. Available: http://www.itl.nist.gov/iad/894.03/NISTAPP_Nov02.pdf

[31] J. Ortega-Garcia, J. Gonzalez-Rodriguez, D. Simon-Zorita, and S. Cruz-Llanas, “From biometrics technology to applications regarding face, voice,signature and fingerprint recognition systems,” in Biometric Solutions forAuthentication in an E-World, D.D. Zhang, Ed. Norwell, MA: Kluwer,July 2002, pp. 289–337, ch. 12.

[32] J. Ortega-Garcia, J. Fierrez-Aguilar, J. Martin-Rello, and J. Gonzalez-Rodriguez, “Complete signal modeling and score normalization for func-tion-based dynamic signature verification,” in Proc. 4th Int. Conf. Audio-and Video-Based Person Authentication, AVBPA 2003, LNCS 2688, June2003, pp. 658–667.

[33] A. Pentland, B. Moghaddam, and T. Starner, “View-based and modulareigenspaces for face recognition,” in Proc. 1994 IEEE Computer Soc. Conf.Computer Vision and Pattern Recognition, Seattle, WA, June 1994, pp. 84–90.

[34] R. Plamondon and S.N. Srihari, “On-line and off-line handwritting recog-nition: A comprehensive survey,” IEEE Trans. Pattern Anal. Machine

Intell., vol. 22, no. 1, pp. 63–84, Jan. 2000.

[35] D.A. Reynolds, T.F. Quatieri, and R.B. Dunn, “Speaker verification usingadapted gaussian mixture models,” Dig. Signal Proc., vol. 10, pp. 181–202, Jan. 2000.

[36] D.A. Reynolds et al., “The SuperSID project: Exploiting high-level infor-mation for high-accuracy speaker recognition,” in Proc. IEEE Int. Conf.Acous. Speech Signal Processing, ICASSP 2003, Hong Kong, 6–10 April2003, vol. 4, pp. 784–787.

[37] A. Ross, A.K. Jain, and J.Z. Qian, “Information fusion in biometrics,” inProc. 3rd Audio and Video-Based Person Authentication, AVBPA’01, 2001,LNCS-2091, pp. 354–359.

[38] D. Scheuermann, S. Schwiderski-Grosche, and B. Struif, “Usability ofbiometrics in relation to electronic signatures,” EU Study 502533/8,GMD Report 118, July 2000 [Online]. Available: http://www.sit.fraun-hofer.de/english/SICA/sica_projects/project_pdfs/eubiosig.pdf

[39] W. Shen and R. Khanna (Eds.), “Special issue on automated biometrics,”Proc. IEEE, vol. 85, no. 9, Sept. 1997.

[40] D. Simon-Zorita, J. Ortega-Garcia, S. Cruz-Llanas, J.-L. Sanchez-Bote,and J. Gonzalez-Rodriguez, “An improved image enhancement scheme forfingerprint minutiae extraction in biometric identification,” in Proc. 3rdAudio and Video-Based Person Authentication, AVBPA’01, LNCS-2091,Halmstad, Sweden, 6–8 June 2001.

[41] F. Smeraldi and J. Bigun, “Retinal vision applied to facial features detec-tion and face authentication,” Pattern Recognit. Lett., vol. 23, pp. 463–475, 2002.

[42] F. Smeraldi, J. Bigun, and W. Gerstner, “On the role of dimensionality inface recognition,” in Proc. 2002 Workshop on SVM’s, S.W. Lee and A. Verri,Eds., LNCS-2388, 2002, pp. 249–259.

[43] C. Soutar, D. Roberge, A. Stoianov, R. Gilroy, and B.V.K. VijayaKumar, “Biometric encryption” [Online]. Available: http://www.bio-scrypt.com

[44] M. Turk and A. Pentland, “Eigenfaces for recognition,” J. Cogn.Neurosci., vol. 3, pp. 71–86, 1991.

[45] P. Verlinde, G. Chollet, and M. Acheroy, “Multi-modal identity verifica-tion using expert fusion,” Inf. Fusion, no. 1, pp. 17–33, 2000.

[46] C. Vielhauer, R. Steinmetz, and A. Mayerhofer, “Biometric hash based onstatistical features of online signatures,” in Proc. 16th Conf. PatternRecognition, vol. 1, Aug. 2002, pp. 123–126.

[47] A.O. Waller, G. Jones, T. Whitley, J. Edwards, D. Kaleshi, A. Munro, B.MacFarlane, and A. Wood, “Securing the delivery of digital content overthe Internet,” Electron. Comm. Eng. J., vol. 14, no. 5, pp. 239–248,Oct. 2002.

[48] R.P. Wildes, “Iris recognition: An emerging biometrics technology,” Proc.IEEE (Special Issue on Automated Biometrics), vol. 85, no. 9, pp. 1348–1363, 1997.

[49] L. Wiskott, “Labeled graphs and dynamic link matching for face recogni-tion and scene analysis,” Reihe Physik, 53, 1995.

[50] L. Wiskott, J.-M. Fellous, N. Kruger, and C.v.d. Malsburg, “Face recogni-tion and gender determination,” in Proc. Int. Workshop Automatic Face-and Gesture Recognition, M. Bichsel, Ed. Zurich, Switzerland: MultiMediaLab., Dept. Comput. Sci., Univ. Zurich, June 1995, pp. 92–97.

[51] H. Yu, D. Kundur, and C.-Y. Lin, “Spies, thieves, and lies: The battle formultimedia in the digital era,” IEEE Multimedia, vol. 8, no. 3, pp. 8–12,Jul.-Sep. 2001.

[52] D.D. Zhang, Ed., Biometrics Solutions for Authentication in an E-World.Norwell, MA: Kluwer, July 2002.

[53] T. Zhang and C.-C. Jay Kuo, “Audio content analysis for online audiovi-sual data segmentation and classification,” IEEE Trans. Speech and AudioProcessing, vol. 9, no. 4, pp. 441–457, May 2001.


Authentication gets personal with biometrics - Signal Processing Magazine, IEEE

Documents

Transcript of Authentication gets personal with biometrics - Signal Processing Magazine, IEEE