Management of Biometric Data in a Distributed Internet Environment

Similar documents
Building the Enterprise

SCRIPT: An Architecture for IPFIX Data Distribution

Developing Applications with Java EE 6 on WebLogic Server 12c

Cisco Unified Presence 8.0

Introduction to MySQL. Database Systems

An Open Source Java Framework for Biometric Web Authentication based on BioAPI

Fingerprint Security and Access Tracking System

Introduction to Cisco UCS Central

Enhydra Shark. What is Enhydra Shark? Table of Contents

How To Get Database Schema In Java Using >>>CLICK HERE<<<

Database code in PL-SQL PL-SQL was used for the database code. It is ready to use on any Oracle platform, running under Linux, Windows or Solaris.

Rensselaer and UWCalendar2 an institute-wide open-source Java events calendar. Communication & Collaboration Technologies

open source community experience distilled

Oracle - Developing Applications for the Java EE 7 Platform Ed 1 (Training On Demand)

Sysgem Enterprise Manager

Java EE Application Assembly & Deployment Packaging Applications, Java EE modules. Model View Controller (MVC)2 Architecture & Packaging EJB Module

Meeting the requirements of PCI DSS 3.2 standard to user authentication

Fusion Registry 9 SDMX Data and Metadata Management System

Introduction to MySQL. Database Systems

1Z Oracle. Java Enterprise Edition 5 Enterprise Architect Certified Master

SPEC Enterprise Java Benchmarks State of the Art and Future Directions

HP0-J20. HP Storage Essentials SRM Enterprise Edition.

Product Data Sheet: Ignition 8 Industrial Application Platform. A Whole New View

SUN Sun Certified Enterprise Architect for J2EE 5. Download Full Version :

Oracle Business Intelligence Publisher. 1 Oracle Business Intelligence Publisher Certification. Certification Information 10g Release 3 (

What is it? What does it do?

Apica ZebraTester. Advanced Load Testing Tool and Cloud Platform

IBM WebSphere Application Server V3.5, Advanced Edition Expands Platform Support and Leverages the Performance of the Java 2 Software Development Kit

Oracle Database and Application Solutions

Update on EZ-Grid. Priya Raghunath University of Houston. PI : Dr Barbara Chapman

PCI DSS Compliance. White Paper Parallels Remote Application Server

ICAT Job Portal. a generic job submission system built on a scientific data catalog. IWSG 2013 ETH, Zurich, Switzerland 3-5 June 2013

EnterSpace Data Sheet

ESPRIT Project N Work Package H User Access. Survey

Type of Classes Nested Classes Inner Classes Local and Anonymous Inner Classes

Open ESB v2, Open ESB.next and Project Fuji. Andreas Egloff Lead Architect SOA / Business Integration Sun Microsystems

You Might Know Us As. Copyright 2016 TierPoint, LLC. All rights reserved.

Java Enterprise Edition

A non-technical, business introduction to OpenCms 6. Alkacon Software GmbH March, 2006

The most common type of certificates are public key certificates. Such server has a certificate is a common shorthand for: there exists a certificate

Prototype 1.0 Specification

Product Data Sheet: TimeBase

External Database Requirements

Agenda Time (PT) 8:45 a.m. Event Platform Opening 9:00 a.m. Keynote - Java: Present and Future Java EE 7 Java SE 8 Java Embedded

Sentences Installation Guide. Sentences Version 4.0

CoreMax Consulting s Cyber Security Roadmap

<Insert Picture Here> MySQL Web Reference Architectures Building Massively Scalable Web Infrastructure

External Database Requirements

"Web Age Speaks!" Webinar Series

SAP NetWeaver Process Integration 7.1

HIBERNATE MOCK TEST HIBERNATE MOCK TEST IV

SailPoint IdentityIQ Integration with the BeyondInsight Platform. Providing Complete Visibility and Auditing of Identities

Database Visual ARCHITECT 5.2

What s New in Ignition v7.9

WebCenter Interaction 10gR3 Overview

Jdbc Connection In Java Example For Oracle 10g

IBM Host Access Client Package for Multiplatforms, V5 IBM Personal Communications and IBM WebSphere Host On-Demand Migrate to the Web at your own pace

LIT Middleware: Design and Implementation of RFID Middleware based on the EPC Network Architecture

IBM Lotus Domino Product Roadmap

Pandora FMS Welcome to monitoring heaven

Sphinx Feature List. Summary. Windows Logon Features. Card-secured logon to Windows. End-user managed Windows logon data

UA-5200 IIoT Communication Server

(a.k.a.uwcalendar) an institute-wide open-source Java events calendar

ASP.NET on zlinux: A New Workload

BioPassport TM Enterprise Server

F-Interop Online Platform of Interoperability and Performance Tests for the Internet of Things

Deploy. A step-by-step guide to successfully deploying your new app with the FileMaker Platform

Remote power and console management in large datacenters

Flex2SQL. Contents. Mertech s ISAM to SQL Database Connectivity (ISDBC) Drivers For DataFlex

ASP.NET on zlinux: A New Workload

SEM-BPS Enhancements. Product Management BI

Analytics with IMS and QMF

ADM960. SAP NetWeaver Application Server Security COURSE OUTLINE. Course Version: 15 Course Duration: 5 Day

PROVIDING YOU LOG INFRASTRUCTURE LOG COLLECTION SOLUTIONS TO BUILD A SECURE, FLEXIBLE AND RELIABLE

Database Explorer Quickstart

NEW FEATURES ENTIREX OCTOBER. Juergen Lind, Dir. Product Management November 2017

Overview. Introducing Cisco UCS Central. This chapter includes the following sections: Introducing Cisco UCS Central, page 1

ForeScout CounterACT. Configuration Guide. Version 3.4

SAP Automation (BC-FES-AIT)

Overview. Premium Data Sheet. DigitalPersona. DigitalPersona s Composite Authentication transforms the way IT

Practical Aspects of CTI WSN Testbed

Cisco Integration Platform

Java Card Technology-based Corporate Card Solutions

A non-technical, business introduction to OpenCms 7. Alkacon Software GmbH August, 2007

SAS ODBC Driver. Overview: SAS ODBC Driver. What Is ODBC? CHAPTER 1

Cisco Configuration Engine 2.0

Biometrics. Overview of Authentication

Upgrade to Webtrends Analytics 8.5: Best Practices

Bedework 3.0 (a.k.a. UWCalendar)

Certification Authority

IBM iseries Models 800 and 810 for small to medium enterprises

Progress DataDirect For Business Intelligence And Analytics Vendors

Hitachi Converged Platform for Oracle

JVA-163. Enterprise JavaBeans

Advanced Biometric Access Control Training Course # :

AXIAD IDS CLOUD SOLUTION. Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure

About Database Adapters

Unleash the Power of Secure, Real-Time Collaboration

PostgreSQL and REST API s The Easy Way

Developing ASP.Net MVC 4 Web Application

Transcription:

Submission to: IEEE/IFIP IM 2007, Application Sessions, May 21-25, 2007, München, Germany Management of Biometric Data in a Distributed Internet Environment B. Stiller 1,2, T. Bocek 1, P. Ming 1, F. Eyermann 3, J. Sauerland 3, J. Angrabeit 4, M. Völkl 5, J.-C. Tylka 5 1 University of Zürich, Department of Informatics IFI, Zürich, Switzerland 2 ETH Zürich, Computer Engineering and Networks Lab TIK, Zürich, Switzerland 3 University of Federal Armed Forces, Information Systems Lab IIS, Munich, Germany 4 Codecasters, Niedermoosen, Germany 5 Biometronix GmbH, Munich, Germany This application track paper describes the key technology advances achieved through a component-based design process, meeting right on track all key requirements of management systems for biometric data, such as data protection acts, flexible user and device handling, installation, and operation functions, and grouping functionality for users and devices according to dedicated office environmental needs. 1

Outline Introduction Motivation and Project Goals BioLANCC (Biometric Local Area Network Control Center) Scenario Architecture BioLANCC Implementation JBioDC Components, Java SE, Java EE Screenshots Key Features and Conclusions The key technology advances have been implemented in an application called BioLANCC. BioLANCC (Biometric Local Area Network Control Center) is a component based application and highly modular. Another key technology is the new Java-based biometric interface JBioDC, which will be discussed together with BioLANCC. 2

Motivation Integrated access control for buildings, function rooms, laboratories for personnel Traditionally use of hard keys Drawbacks of traditional approaches: Large overhead: Employee turnover Loss of keys Change of room access rights The use of biometric data to enable a personalized access control to resources, typically rooms, software packages, or systems, emerges due to a number of advantages. Those include a fine-grained tailored control, avoiding the problem of lost keys, or providing for customized access schedules for resources and persons. 3

Authentication Options Authentication by Personal Characteristics/ Biometric Properties Knowledge Physical Ownership Static Dynamic Head Hand -Iris -Face -Teeth -Other - Finger Print - Line of Hand -Other - Signature -Voice -Gesture -Other -PIN - Password - Slogan -Other -Key - Smart Card - Slogan - Certificate of Authority Authentication may be performed by a number of different means. While knowledge and ownership describe the traditional measures, the use of personal characteristics, typically termed biometric properties, becomes much more realistic in its broad and widespread use. Technology has emerged, prices of biometric devices are decreasing, and the Internet as a means of world-wide communications across domains, serves as a transport medium of access control data and its supervision. 4

BioLANCC Existing solutions for biometric access management No integration of other manufacturers Single platform solution Lock-In Future use for any resource access control intended BioLANCC Administration software for Biometric data / devices Access management Presence control Single, distributed, networked, platform-independent, userfriendly management application While multiple remote biometric devices are integrated across potentially arbitrary distances, BioLANCC is logically central management application. However, access to BioLANCC can be distributed, which allows remote administration. Existing applications for managing biometric data (VeriAdmin, FingerLAN) do only offer management for a particular manufacturer and cannot be combined with devices from different manufacture. Thus, integration is not possible with current biometric management application. While local access control systems using biometrics are available today, e.g., in support of a single room access, mainly by applying finger print scanners, the interconnection of multiple of such local systems into a centralized management system has been developed partially in vendor-dependent systems. Thus, to cover a wide range of physical distances, e.g., for rooms scattered across a campus or many users located in different company offices around the world, and to cope with a large number of different biometric devices, such as finger print, iris, or face scanners, a new, flexible, and distributed approach became necessary. Therefore, the communication based on Internet protocols serves as a bridge for the physical distance and a suitable as well as new control center manages the biometric data as well as user-specific and device-dependent management data. 5

Overall BioLANCC Project Goals Device-independent Integration of devices from different manufacturers Support for many DBs Hibernate: Object/relational mapping MySQL, PostgreSQL, Oracle,... Platform-independent Windows, Mac OS X, Linux, Solaris,... Open standards-based TCP/IP Documented interfaces Integration into existing applications The new management application development termed BioLANCC (Biometric Local Area Network Control Center) determines an important step beyond current management software packages for biometric devices, data, and users. This approach undertaken marks a revolution in biometric administration software due to a number of reasons. Firstly, the TCP/IP-based networked collection and distribution of access control details of manifold biometric devices provides for a location-independent and device-unspecific integrative system. Multi-biometric support is enabled by BioLANCC through the integration of different biometric data into a single, per user-oriented and per device-driven management application. Secondly, the use of object relational mapping libraries allow for a wide range of databases. In combination with the documented interfaces, external data sources from existing applications can be integrated. 6

BioLANCC Scenario The remote scenario envisions a world-wide interconnection of access rules, associated to humans and users, where BioLANCC serves as the communication bus and exchange point for access control, supervising, and enrollment data. The example presented shows three locations, which operate independently, and use a single BioLANCC system to maintain all personnel and visitor access data. The grouping concept of locations (biometric devices) and users is highly flexible for subgroups, overlaps, and monitoring groups. 7

BioLANCC Architecture User, Operator, Administrator View (Swing / HTML) Controller Model PostgreSQL... Hibernate Log4j JBioDC User Hand Gesture Finger p. Face Iris Other MySQL Java 1.5 Operating System, e.g., Linux, Windows, MacOS, Solaris Additionally, the BioLANCC control center has been designed as a fully platformindependent management application, running on operating systems such as Windows 2000/XP, Linux, various Unix, MacOS, Sun Solaris 10, and others. These possibilities have been achieved due to a standardized architecture using the Java platform, which is combined with a flexible and time-driven access rights and device management scheme for users and devices. In support of the data storage for user and device data, BioLANCC integrates Hibernate and supports common SQL databases, e.g., MySQL, HypersonicSQL, Oracle, Microsoft SQL Server, DB2, Sybase, SAP DB, or PostgreSQL. Various new biometric devices can be integrated via the open interface JBioDC (Java-based Biometric Device Connectivity). 8

Component-based Architecture Model View Controller Data exchange with Java Persistence Framework (Entity beans with Hibernate) Java SE 5 with a swing GUI Java EE 5 with facelets for HTML rendering Interfaces For other management applications Interfaces for all kinds of biometric devices (JBioDC) Scalability BioLANCC logically centralized growing devices = growing resource usage Access is distributed / Java EE for scalability BioLANCC uses the MVC pattern for the core components. The model is backed with the Java persistence framework using the Hibernate implementation. The view is split into a Java SE version and a Java EE version. The application server for the Java EE version is JBoss. BioLANCC uses many new features of Java 5 such as generics or annotations. One key feature that makes BioLANCC flexible is the definition of interfaces to allow other applications to communicate. Report and user information can be stored / provided by any data source as long as it conforms to the interface defined in BioLANCC. Scalability is an important requirement. As BioLANCC is logically centralized and the default setup does not consider scalability issues explicitly, the Java EE framework has be used to increase scalability by distributing components. 9

JBioDC Java Biometric Device Connectivity High level abstraction layer for biometric devices BioAPI / JBioAPI: low and high level abstraction Interface definition 5 interfaces abstract base device functionalities (Connection, Storage, Smart card, Enrollment, Access schedule) 1 interface for biometric data handling (Template) Not a protocol definition Key features of JBioDC Integrate heterogeneous devices Unified biometric device administration JBioDC stands for Java Biometric Device Connectivity and it is a high level API for communicating with biometric devices. In contrast to BioAPI and its wrapper JBioAPI which defines low an high level interfaces, JBioDC has a reduced set of interfaces. It is important to mention that JBioDC is not a standard, but future work focus on submitting JBioDC as a JSR. JBioDC consists of 5 interfaces. The only mandatory is Connection due to the different nature of biometric devices. In contrast to SNMP which also defines a protocol, JBioDC only defines an interface. One major problem is that no standardized biometric templates exist. Every vendor uses its own format and converting is often not possible. Therefore, the interface Template has only 2 mandatory fields: UserID and TemplateID and everything else is optional. 10

Key BioLANCC Features Summary A Java-based access rights management system Platform independency (Java) IP-based communications between centralized user data server and multiple remote biometric devices An open device architecture with manufacturer-independent hardware interfaces (JBioDC) A set of configurable reporting features (including CSV export) An open data base interface (Hibernate) Secure communication (SSL/TLS) Finally, all events and actions performed at access control devices and within the management application are traced and tracked within BioLANCC to offer a powerful reporting and maintenance functionality. Besides a CSV-based export functionality a number of interfaces for a time management and reporting system have been integrated as well. 11

Screenshots BioLANCC has been implemented with ease of use in mind. To achieve this goal, intensive usability tests have been conducted and the result has enhanced the appearance and the user experience. 12

Conclusions Highly flexible and distributed biometric management system First system world-wide independent of devices (JBioDC) and OS (Java) Lower costs instead of physical key handling No loss of keys and no sharing of personal resources Target Markets SMEs (few devices, small number of resources/doors) Industry (many devices, many locations world-wide) In summary, the BioLANCC management application for biometric data provides the first world-wide platform-independent system in support of multiple biometric devices, flexible user and devices grouping, integration, and installation, and a TCP/IP-based network connectivity for resources across the world. BioLANCC is still under development, but it has already been deployed multiple times. 13

Thank you for your attention! Questions? http://www.csg.uzh.ch/research/biolancc/ 14

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback