A Colloquium Report on

IRIS Biometric for Person Identification

Submitted for the curriculum of the degree of Bachelor of technology In Computer and science Engineering By KOMAL SINGH
Roll no. 0916110053

ANITA GUPTA
Roll no. 0916110014

Krishna Engineering College, Ghaziabad Gautam Buddha Technical University

ACKNOWLEDGEMENT
Completing a task is never one-mans effort. It is team effort. Teamwork divides the task and multiplies the success. It is often the result of invaluable contribution of number of individuals in a direct or indirect manner that helps in sharing and making success. We take this opportunity to express a deep sense of gratitude and whole hearted thanks to our guide Ms.Surbhi Sharma for his valuable guidance, keen interest, affection and encouraging inputs throughout the work. We also do not like to miss the opportunity to acknowledge the contribution of all faculty members of the department for their kind assistant and co-operation during the development of our project. Last but not the least, the acknowledge our friends for their contribution in the completion of project.

Signature: Name: Roll No. Date:

Signature: Name: Roll No. Date:

Signature:

TABLE OF CONTENTS

DECLARATION CERTIFICATE ACKNOWLEDGEMENTS ABSTRACT LIST OF TABLES LIST OF FIGURES LIST OF ABBREVIATION

INTRODUCTION SCOPE TECHNOLOGIES USED

FUTURE ENHANCEMENTS CONCLUSION REFRENCES

ABSTRACT
Biometrics refers to the automatic identification of a person based on his/her physiological or behavioural characteristics. Physical characteristics such as fingerprints, retinas and irises, palm prints, facial structure, and voice recognition are just some of the many methods of biometric encryption. Depending on the context, a biometric system can be either a verification (authentication) system or an identification system. Biometrics is a rapidly evolving technology which has been widely used in forensics such as criminal identification and prison security. Recent advancements in biometric sensors and matching algorithms have led to the deployment of biometric authentication in a large number of civilian applications. With the increased use of computers as vehicles of information technology, it is necessary to restrict access to sensitive/personal data. Real-time biometric systems can be used to prevent unauthorized access to ATMs, cellular phones, smart cards, desktop PCs, workstations, computer networks and electronic banking. In this report an attempt has been made to present to the reader an understanding of this rapidly evolving technology. It includes a brief overview followed by details of components and processes involved, leading Biometric Technologies, the encryption process, benefits, their applications, comparison and future scope.

INTRODUCTION
Reliable user authentication is becoming an increasingly important task in the Web-enabled world. The consequences of an insecure authentication system in a corporate or enterprise environment can be catastrophic, and may include loss of confidential information, denial of service, and compromised data integrity. The value of reliable user authentication is not limited to just computer enhanced security. The prevailing techniques of user authentication, which involve the use of either passwords and user IDs (identifiers), or identification cards and PINs (personal identification numbers), suffer from several limitations. Passwords and PINs can be illicitly acquired by direct covert observation. Once an intruder acquires the user ID or network access. Many other applications in everyday life also require user authentication, such as banking, e- commerce, and physical access control to computer resources, and could benefit from and the password, the intruder has total access to the users resources. In addition, there is no way to positively link the usage of the system or service to the actual user, that is, there is no protection against repudiation by the user ID owner. For example, when a user ID and password is shared with a colleague there is no way for the system to know who the actual user is. A similar situation arises when a transaction involving a credit card number is conducted on the Web. Even though the data are sent over the Web using secure encryption methods, current systems are not capable of assuring that the rightful owner of the credit card initiated the transaction. In the modern distributed systems environment, the traditional authentication policy based on a simple combination of user ID and password has become inadequate. Fortunately, automated biometrics in general, and fingerprint technology in particular, can provide a much more accurate and reliable user authentication method. Biometrics is a rapidly advancing field that is concerned with identifying a person based on his or her physiological or behavioral characteristics.

Examples of automated biometrics include fingerprint, face, iris, and speech recognition. User authentication methods can be broadly classified into three categories as shown in Table 1.1. Because a biometric property is an intrinsic property of an individual, it is difficult to surreptitiously duplicate and nearly impossible to share. Additionally, a biometric property of an individual can be lost only in case of serious accident Biometric readings, which range from several hundred bytes to over a megabyte, have the advantage that their information content is usually higher than that of a password or a pass phrase. Simply extending the length of passwords to get equivalent bit strength presents significant usability problems. It is nearly impossible to remember a 2K phrase, and it would take an annoyingly long time to type such a phrase (especially without errors). Fortunately, automated biometrics can provide the security advantages of long passwords while retaining the speed and characteristic simplicity of short passwords. Even though automated biometrics can help alleviate the problems associated with the existing methods of user authentication, hackers will still find there are weak points in the system, vulnerable to attack. Password systems are prone to brute force dictionary attacks. Biometric systems, on the other hand, require substantially more effort for mounting such an attack. Yet there are several new types of attacks possible in the biometrics domain. This may not apply if biometrics is used as a supervised authentication tool. But in remote, unattended applications, such as Web-based e-commerce applications, hackers may have the opportunity and enough time to make several attempts, or even physically violate the integrity of a remote client, before detection. A problem with biometric authentication systems arises when the data associated with a biometric feature has been compromised. For authentication systems based on physical tokens such as keys and badges, a compromised token can be easily canceled and the user can be assigned a new token. Similarly, user IDs and passwords can be changed as often as required. Yet, the user only has a limited number of biometric features (one face, ten fingers, two eyes). If the biometric data are compromised, the user may quickly run out of biometric features to be

used for authentication. Only the biometric authentication is based on an intrinsic part of a human being. So unlike a password or PIN or Smart Card, it can't be forgotten, misplaced, lost or stolen. We are having our identification with ourselves and therefore there is no need to carry any card or remember passwords for our identification. A biometric template is unique for an individual for whom it is created. Biometrics ensures that the person trying to access your network and applications is actually a sanctioned user, and not in a possession of a stolen smartcard or someone who found, hacked or cracked password.

Biometrics
What is Biometrics? Biometrics are automated methods of recognizing a person based on a physiological or behavioural characteristic. The word biometrics means Biological Measurements. Therefore in this way we can use computers to recognize persons. Physiological characteristics means Fingerprints, Retinal and Iris Patterns, Hand and Finger Geometry, Facial recognition etc. Behavioural characteristics means Voice Patterns, Signature etc. There are different biometric solutions. Some of them are Finger Print Recognition, Iris Pattern recognition, Facial Recognition, Voice Pattern Recognition, Hand and Finger Geometry etc. In all these biometricsolutions the details about the physiological/behavioural characteristics are entered into a database. When the user uses the sytem the characteristics required for the system are scanned and a template is

formed. It is checked whether there exists a match for this template with any of the records already stored in the database. If a match is found, the user is allowed access. Otherwise the user is denied access. Each biometric solution can be used in two different modes. In Identification mode, where the biometric system identifies a person from the entire enrolled population by searching a database for a match. In Verification mode, where the biometric system authenticates a person's claimed identity from his/her previously enrolled pattern. Applications of Biometrics. Improving airport security. Strenghthening our national borders in travel documents, visas, passports etc. In peventing ID theft. e-banking, e-commerce and other financial transactions. Law enforcement. Health and Social Services. In Network security infrastructures, etc. In Enterprise and Government networks. Biometrics based authentication applications include workstation, network and domain access, single sign-on, application logon, data protection, remote access to resources, transactionsecurity and web security etc.

Advantages of using biometrics in various applications.

Only the biometric authentication is based on an intrinsic part of a human being. So unlike a password or PIN or Smart Card, it can't be forgotten, misplaced, lost or stolen. We are having our identification with ourselves and therefore there is no need to carry any card or remember passwords for our identification. A biometric template is unique for an individual for whom it is created.

Biometrics ensures that the person trying to access your network and applications is actually a sanctioned user, and not in a posession of a stolen smartcard or someone who found, hacked or cracked password.

Disadvantages of using biometric solutions.

It is not only the intial cost that of the sensor or the matching hardware that is involved. Often the life cycle support cost can overtake the intial cost of the hardware. Most of the biometric systems like firnger print recognition, iris recognition etc. are accurate. But someothers like facial recognition etc. are not that accurate.

Accuracy of a biometric system include

False Acceptance Rate Percentage of impostors accepted. False Rejection Rate Percentage of authorised users rejected. Equal-Error Rates When the decision threshhold is adjusted so that the false-acceptance rate equal the false-rejection rate. Conclusion An important point to be noted in constructing a biometric system is that it should be based upon a distiguishable triat. For eg: Law enforcement has used finger prints to identify people. There is a great deal of scientific data supporting the idea that no fingerprints are alike. All biometric systems capture data from individuals. Once these date have been captured by the system, they can be forwarded to any location and put to many different uses which are capable of compromising on an individual's privacy. A good biometric system is one that is of low cost, fast, accurate, and easy to use.

Techniques Used In Identification

 Fingerprint Scanning Retinal Scanning Iris Scanning Facial Recognition Voice Recognition

Working Of Biometric Processes

The concept of biometric verification is simple. The system already has some prestored data. When you approach the system, say a fingerprint scanner, your finger is scanned & matched with a record of fingerprint already in its database. Only when it finds a match access is granted. The concept might be simple, but the process is quite ingenious. Fingerprint Scanning Fingerprint is a unique feature to an individual. It stays with the person throughout his or her life. This makes the fingerprint the most reliable kind of personal identification because it can not be forgotter, misplaced or stoles. A fingerprint is made up of ridges and valleys (lines and gapes separating them) & it is these ridges & valleys which are scanned to verify the authenticity of a print. The most commonly used method of scanning is optical scanning. An optical scanner has a CCD (Charge Coupled Device) sensor similar to the ones used in digital cameras. There is an array of light sensitive diodes (photosites). When these diodes come in contact with light, they generate an electrical signal. Every photosites record a pixel representing the light it came in contact with. An analog to digital converter (ADC) system in the scanner processes

the electrical signals to generate digital representations of the image. It is not necessary that the same kind of light falls on all diodes. So what is generated is a mix of dark & light areas, which together make up the image. It is not necessary that the same kind of light falls on diodes. So what is generated is a mix of dark and light areas, which together make up the image. The process begins as soon as you place your finger on the glass plate. The scanner has its own source of light (mostly an array of LEDs) which illuminate the finger & the CCD inside takes a picture of the finger. After that it checks for the integrity of the image in terms of contrast, sharpness & sheer quality. The system checks the average pixel darkness. If the image is too dark or too light, it is rejected. Exposure settings are then accordingly adjusted and the print rescanned. If the exposure level is found to be correct, it goes on to check the sharpness of the fingerprint. It does so by analyzing severals straight lines moving horizontally & vertically across the image. If the definition is good, a line running perpendicular to ridges will comprise alternating segments of light and dark pixels. If this is found to be in order, the scanner will compare the fingerprint with those in the database. Matching of prints is a fairly complex process in itself & is far removed from the super-imposing method commonly shown in films. This is so because smudging (due to scan surface or oily fingers) can make the same print appear different photos. Also, scanning and matching the entire finger consumes a lot of processing power. An individual can even fool a fingerprint detector by using a piece of sticky tape gelatin with an authentic fingerprint on it.

Retinal Scanning
Retinal scanning is rather old in the chronology of technology innovations. For the retina to be scanned, the user looks through s small hole in the scanning device and focuses on a particular point for the time period during which, a low intensity light and a CCD analyse the layer of blood vessels at the back of the eye for matching patterns and then validate the person identity. This technology is still not in public domain (unlike fingerprint recognition, which is) and is used only to secure highly sensitive security areas. Unlike fingerprints, there is absolutely no known method of replicating a persons retina.

Facial Recognition
A Facial recognition system is a computer drives application for automatically identifying a person from a digital image, it does meant by comparing selected facial features in the live image and a facial database. Fingerprinting and retinal scanning are relatively easy to administer, since the people going through the process are aware of it and are consenting to subject themselves to these measures, the main application of facial recognition is in security where the software is expected to pick

a face out of, say, thousands of passengers at the airport, and match it with a database of wanted criminals and positively state whether or not that face belong to the guilty party. To make the computer recognize a face from a picture or a video feed is quite an achievement in itself, but the bigger achievement is to identify clearly if the face is that of wanted man or not. If you look in the mirror, or at a persons face for that manner, you will notice that every face has certain characteristics and distinguishable feature, which allows us to differentiate between two people. The facial recognition software divides the face into 80 nodes, some of common ones being distance between eyes, width of nose, and depth of eye sockets, cheekbones, jaw lines, and the chin. The system generally needs to match between 14-25 nodes in order to obtain a positive ID. Now, obviously these are a lot of people coming in and out of a place where this system is setup (stadiums, airports etc.).The real challenge is to recognize face instantaneously. To facilitate this, a database is created with the help of an algorithm, which goes through the characteristics of the faces and stores them as a string of numbers. This string is called a face print.

Following are the steps processed by the facial recognition software: Face Detection First of all the camera pans around looking for a face, as it e1ncounters a face, it starts scanning it and than proceeds to identifying the various nodes. Detection Of Orientation Once the face is detected, the system determines the size of the head and position. Generally, a face needs to be around 40 degree towards the

camera for the system to register and analyse it. Mapping The facial image is scaled down to the level of the images in the database and is then rotated and otherwise adjusted to match the formatting of the images in the database. Encoding The algorithm then converts the face into a face print based on the predefined criteria programmed into the algorithm. Matching This new data is then used as a fitter to sort through the database of faces at a very fast speed to find a match. Since it uses a variety of nodes, simple alternations of the face will not fool it. However, twins might; so the system certainly not infallible.

Voice Recognition
Like fingerprints and face attributes, every person has a unique speech pattern. Voice recognition works by first storing voice pattern and then using them as a database to authenticate a subject. Voice recognition is often confused with speech recognition, which is technology that converts speech to text and conversion software were needs to go through extensive training by the user before any suitable and acceptable result are obtained. Voice recognition works by nothing a persons voice (physical characteristics of the vocal tract, the harmonic and the resonant frequencies) and converts it into an audio file which is known as voice print

IRIS
Iris is the area of the eye where the pigmented or colored circle, usually brown, blue, rings the dark pupil of the eye.

NORMAL EYE

EXAMPLE OF IRIS

Iris Scan
Iris scans, though relating to the eye (like retinal scan) uses a completely different method of identification. The Iris scan is the colored ring surrounding the pupil. The scan analyses the features that exist in this colored tissue. Over 200 points can be used for comparison such as rings, furrows and freckles. The scan is done with a regular camera and the subject stands about a foot from the lens of the camera. The Iris pattern is much more unique than a fingerprint. A statistical analysis puts the probability of two irises matching at 1 in 10 to the power 78 while the population of humans on earth is 7 billion that is 7 to the power 9 of the iris. And it is encoded by image-processing technologies.

Iris recognition
In less than few seconds, even on a database of millions of records, the iris code template generated from a live image is compared to previously

enrolled ones to see if it matches to any of them.

Major characteristics of iris recognition

Iris is thin membrane on the interior of the eyeball. Iris pattern remains unchanged after the age of two and does not degrade overtime or with the environment. Iris patterns are extremely complex than other biometric patterns

Typical iris system configuration for taking a picture

An iris recognition camera takes a black and white picture from 5 to 24 inches away. The camera uses non-invasive, near-infrared illumination that is barely visible and very safe. And this iris recognition cannot take place without the person permission

Techniques used
Iris Localization Iris Normalization Image Enhancement

Iris Localization
Both the inner boundary and the outer boundary of a typical iris can be taken as circles. But the two circles are usually not co-centric. Compared

with the other part of the eye, the pupil is much darker. We detect the inner boundary between the pupil and the iris. The outer boundary of the iris is more difficult to detect because of the low contrast between the two sides of the boundary. We detect the outer boundary by maximizing changes of the perimeter- normalized along the circle. The technique is found to be efficient and effective.

Iris Normalization
The size of the pupil may change due to the variation of the illumination and the associated elastic deformations in the iris texture may interface with the results of pattern matching. For the purpose of accurate texture analysis, it is necessary to compensate this deformation.

Image Enhancement
The original image has low contrast and may have non-uniform illumination caused by the position of the light source. These may impair the result of the texture analysis. We enhance the iris image reduce the effect of non-uniform illumination.

Comparison Of Iris Recognition With Other Biometrics

Accurate Stability Fast Scalability

Conclusion
Iriscameras perform recognition detection of a persons identity by mathematical analysis of the random patterns that are visible within the iris of an eye from some distance. It combines computer vision, pattern recognition, statistical inference and optics. Of all the biometric devices and scanners available today, it is generally conceded that iris recognition is the most accurate. The automated method of iris recognition is relatively young, existing in patent since only 1994. The iris is the coloured ring around the pupil of every human being and like a snowflake, no two are alike. Each are unique in their own way, exhibiting a distinctive pattern that forms randomly in utero, n a process called chaotic morphogenesis. The iris is a muscle that regulates the size of the pupil, controlling the amount of light that enters the eye. Iris recognition is rarely impeded by glasses or contact lenses and can be scanned from 10cm to a few meters away. The iris remains stable over time as long as there are no injuries and a single enrolment scan can last a lifetime. Even blind people can use this scan technology since dependent.

iris

recognition technology is iris pattern-dependent not sight

Iris scanning is an ideal way of biometric identification since

the iris is an internal organ that is largely protected by damage and wear by the cornea. This makes it more attractive then fingerprints which can be difficult to recognize after several years of certain types of manual labour. The iris is also mostly flat and controlled by 2 muscles so it helps make the iris movements more predictable then facial recognition. Even genetically identical twins have completely different iris patterns. Iris cameras, in general, take a digital photo of the iris pattern and recreating an encrypted digital template of that pattern. That encrypted template cannot be re-engineered or reproduced in any sort of visual image. Iris recognition therefore affords the highest level defence against identity theft, the most rapidly growing crime. The imaging process involves no lasers or bright lights and authentication is essentially non-contact. Todays commercial iris cameras use infrared light to illuminate the iris without causing harm or discomfort to the subject.

References
Y.Zhu,T.Tan and Y.Wang,Biometric Identification Based on Iris Pattern. Anil K Jain,Biometric Authentication: How Do I Know Who You Are. D Maltoni, D.Maio, Anil K Jain, and S prabhakarHandbook of Finger print Recognition.