Biometric refers to the life measurements but usually it is associated with the use of the different and unique physiological features for identifying an individual. There are different types of biometrics which measures the biological traits for the verification and identification purposes of an individual. Since, the passports, IDs can be copied, therefore more sophisticated methods are required to be put inti place for helping to protect the companies as well as individuals (Shrivastava, 2018).
Biometrics are classified into behavioral biometrics and physiological biometrics.
I. Physiological biometrics
Physiological biometrics of the person are used for the purpose of the identification or for the verification purpose. This method is used mainly for investigating criminals. Fingerprints, Hand geometry, Iris recognition, Face detection and DNA recognition are types of physiological biometrics.
II. Behavioral biometrics
The behavioral biometrics are used for the purpose of the verification. In this method, the certain activities of the person are identified and hence, the verification of the person is done. Keystroke, signature and voice are types of behavioral biometrics.
- Fingerprints biometrics: Fingerprints are unique for each finger of an individual which includes the identical twins. The fingerprint biometric devices for laptop access, desktop are used widely.
- Can be used in wide range of environments
- Easy to use and employs ergonomics
- Potential to enroll more than one fingerprint.
- Stable over time
- Highly reliable
- Highly distinctive
- Proven accuracy
- Difficulties with dry skin
- False readings such as it might fail to identify the authorized person and identify an unauthorized person incorrectly.
- Manual repositioning of the fingers for obtaining right reading can be time consuming.
- Used for law enforcements and are used by Large-scale Automated Fingerprint Image Systems.
- For fraud prevention in the entitlement programs.
- Physical access control such as for doors.
- Logical access to the computer systems.
- Iris Recognition: This is another type of biometric used for identifying the people based on the single patterns in the region of the ring shaped being surrounded by the eye pupil.
- Stability is maintained over lifetime frame.
- Ability for exceptionally high levels of accuracy.
- High cost
- Tendency for false rejection
- Twins cannot be distinguished
- Surgery can manipulate face
- Face change over time (UKessays, 2018).
- Airlines passenger screening
- Border security
- Computer login
- Grocery stores
- Hand geometry: Hand geometry develops estimates of particular measurements of the hands such as length, width of fingers.
- Small template
- Unaffected by condition of skin
- Large sized scanner
- Low distinctiveness
- Time and attendance applications
- Access controls
- Fingerprints: Minutiae, Ridge and Correlation
- Hand geometry: Feature attraction
- Iris Recognition: Edge detection, mathematical pattern-recognition technique.
- Face recognition: Kernel method, Trace transform, template matching (beltaief, 2018).
- Fingerprints: verification and identification is the technology which is used in the fingerprint biometrics. The identity of the person is claimed by the verification and the identification process compares the fingerprints of the user against the reference templates stored in the database.
- Hand geometry: The technology which is used for the hand geometry is the False rejection rate and False Acceptance Rate. False Acceptance technology is the ratio of the number of authorized users that are rejected by the biometric system to the total number of attempts made. Where False Acceptance is the ratio of the number users who are not authorized and the total number of identification attempts required to be made.
- Iris Recognition: Retina scanning is an ocular based biometric technology which uses the unique patterns on the retina blood vessels of the person.
Answer 2: PET’s: Privacy enhancement Technologies
Privacy Enhancement technologies are abbreviated as PET which is the standardized term which refers to the particular method which act as per the laws of the data protection. PET helps the online users to protect the privacy of the Personal Identifiable information which is provided to or by the services or the applications.
The main objective for which the Privacy Enhancement Technologies are used is to protect the personal data as well as ensuring the users of the technology that their information is more confidential.
Following are the three types of Privacy Enhancing Techniques:
Encryption: Encryption is the type of Privacy Enhancing Technique which is used relatively in today’s scenario. Encryption helps in supporting the security as well as the proportionality principles of data protection laws. From the last few years, it has been analyzed that there is an increasing trend for the regulators for becoming more prescriptive in their approach to the encryption. Such as PCI DSS Standards also known as Payment Card Industry Data Security Standard which is responsible for increasing the controls around the cardholder for reducing the fraud of the credit cards. Encryption is considered as the highly simple technique which can be implemented as an effective tool.
Metadata and Digital Rights Management: In the Privacy Enhancing Technologies, the Metadata and Digital Rights Management are the new technologies as compared to the Encryption. A framework is used by the metadata which refers to the data about data. This framework is used for describing the semantics which refers to the different types of data. In order to achieve the compliance with the data protection legislation, Metadata can be used. This is because, one can differentiate between the personal data, sensitive personal data and data. There are certain types of data which can be considered as sensitive data such as religious information. Such type of information is said to be a sensitive information so that different rules of processing can be triggered automatically. More advanced applications of the metadata mainly revolve around the uses of the DRM- Direct Rights Management applications. This is used for protecting the electronic copyright. In order provide the users with the high level of control over the usage of the personal information, Direct Rights Management applications can be used. when it is deployed in the infrastructure, the strong auditability, controllability and transparency is provided that is privacy equivalent of the information security integrity, confidentiality and availability. Such technologies tend to support in specific the purpose of the transparency, binding and principles of data protection law. For structured data, the Metadata schemes are known as to be implemented in simple manner and can be considered as highly effective.
Identity management: Data Minimization is the fundamental principle of the data protection. Data minimization can be applied to the separate authorization from identification. For partitioning the access to the specific categories, tables of the personal data or for keeping separate different identities encryption can be applied separately. This tends in empowering the people with the cryptographic property.
Answer 3: WSN-Wireless Sensor Network Architecture and Protocol Stack
The most common architecture of the Wireless Sensor Networks follows the OSI model. There are total five layers in the WSN architecture which are named as Physical Layer, Data link layer, network layer, Transport layer and Application layer. Along with all these five layers of the OSI Model, there are three layers which forms the part of the WSN architecture which are known as the cross layers. These cross layers are named as Power Management plane, Mobility management plane and Task management plane (Alkhatib, 2018).
The protocol stack of the WSN consists the five layers of the OSI model, three cross layer and the localization plane, synchronization plane and topology management plane.
Cross layers: These cross layers are responsible for performing the management of the network that helps in making the sensors work together so that the overall efficiency of the network can be increased.
Following are layers of the WSN architecture that contains the layers of the OSI model:
- Physical Layer: This layer is responsible for signal detection, carrier frequency, modulation, frequency selection, data encryption. Signal detection as well as the frequency generation is responsible for the managing the hardware as well as the design of the transceiver. (sindarku, 2018).
- Data Link Layer: The main function performed by this layer is to multiplex the data streams, medium access, data frame detection and error control. It helps in ensuring the point to point connections in the communication network.
- Network Layer: This layer is basically based on the functioning of the principles such as power efficiency. The sensor nodes in the network layer are mostly data centric. The data is aggregated in the network layer, in addition to the routing from multiple neighbors via the processing.
- Transport layer: This layer is needed when the network is planned already to be accessed through the internet or through some of the external networks.
- Application layer: This layer contains the different types of application layer protocols which are responsible for performing the network applications such as node localization, query dissemination, network security and time synchronization.
Threats and vulnerabilities in WSN:
Threats and vulnerabilities
Eavesdropping attack: In this attack, the confidential data packets are intercepted by the third person in the network.
In order to mitigate this attack, the cryptographic technique ca be used in the WSN.
Jamming: This attack interrupts the legitimate interruption of the transmission of data.
For mitigating this attack, the spread spectrum techniques such as DSSS (Direct Sequence Spread Spectrum, THSS (Time Hopping Spread Spectrum) and FHSS (Frequency Hopping Spread Spectrum) can be used (Sinha, Jha, Rai & Bhushan, 2017).
Denial of Service attack: This is responsible for the radio interference and for the physical tampering. Moreover, this attack denies the channel and generated the black holes.
The denial of service attack in the WSN can be protected by using spread spectrum and making the nodes tamper resistant.