Biometrics Institute
Encyclopedia
The Biometrics Institute is the independent Not for profit association providing information, education, research and testing of biometrics
. It is predominately a user group representing government departments and private organisations who are using or looking at using biometrics, but suppliers also form part of the membership. The organisation is based in Australia and has over 100 member organisations from around the world.
The association holds three Biometrics Institute conferences every year: the Biometrics Institute Australia Conference in May in Sydney, the Biometrics Institute New Zealand Conference in March in Wellington and a Technology Exhibition in November in Canberra every year. It runs regular networking meetings around Australia, in New Zealand, Singapore and the UK.
The Biometrics Institute has an office in Sydney, Australia and in London, UK.
The Biometrics Institute constitution
was designed that way that it allows those user organisations (governments, financial services, transport etc.) double the voting rights than the suppliers. Its Board of Directors also has to have a majority of those user organisations. This set up is very different from most other biometrics associations.
The Biometrics Institute has been working on two government co-funded projects, a Biometrics Institute Privacy Code and a Biometrics Vulnerability Assessment Methodology.
For example the Biometrics Institute addresses the responsible use of Biometrics in schools
by encouraging organisations to consider any issues that may impact on a person's privacy before implementing biometrics and recommends Privacy Impact Assessments.
, there is as yet no generally agreed method of assessing the degree of vulnerability in a principled fashion.
Since 2007, the Biometrics Institute has been working on this problem, partly co-funded by the Australian Government through the Department of Prime Minister and Cabinet. The goal is to develop a general methodology for vulnerability
assessment applicable to any biometric system, and to apply it to a number of biometrics. A methodology has been developed and applied to a number of face
and fingerprint biometric systems. Testing of a voice biometric system will begin in the near future.
The aim of the methodology is to provide, for a given system and method of attack, a level of assurance about the maximum proportion of attacks likely to succeed. This is a practical measure which is readily incorporated into system design. Suggested countermeasures to identified risks are also provided.
Biometrics
Biometrics As Jain & Ross point out, "the term biometric authentication is perhaps more appropriate than biometrics since the latter has been historically used in the field of statistics to refer to the analysis of biological data [36]" . consists of methods...
. It is predominately a user group representing government departments and private organisations who are using or looking at using biometrics, but suppliers also form part of the membership. The organisation is based in Australia and has over 100 member organisations from around the world.
The association holds three Biometrics Institute conferences every year: the Biometrics Institute Australia Conference in May in Sydney, the Biometrics Institute New Zealand Conference in March in Wellington and a Technology Exhibition in November in Canberra every year. It runs regular networking meetings around Australia, in New Zealand, Singapore and the UK.
The Biometrics Institute has an office in Sydney, Australia and in London, UK.
History
The Biometric Institute was founded in October 2001 by Ted Dunstone in October 2001 with initial funding from the Australian government. The objective of the Biometrics Institute is to provide a forum for information and education on biometric technologies for users, suppliers, academia and other key stakeholders.The Biometrics Institute constitution
Constitution
A constitution is a set of fundamental principles or established precedents according to which a state or other organization is governed. These rules together make up, i.e. constitute, what the entity is...
was designed that way that it allows those user organisations (governments, financial services, transport etc.) double the voting rights than the suppliers. Its Board of Directors also has to have a majority of those user organisations. This set up is very different from most other biometrics associations.
The Biometrics Institute has been working on two government co-funded projects, a Biometrics Institute Privacy Code and a Biometrics Vulnerability Assessment Methodology.
The Biometrics Institute Privacy Code
A concern is how a person's biometric, once collected, can be protected. The Biometrics Institute addressed this issue in 2004 with the development of a Privacy Code. This Code was approved by the Australian Privacy Commission in September 2006 in order to protect consumer personal data beyond the current protections offered by the Australian Privacy Act.For example the Biometrics Institute addresses the responsible use of Biometrics in schools
Biometrics in schools
Biometrics in schools have been used worldwide since the early first decade of the 21st century to address truancy, to replace library cards, or to charge for meals...
by encouraging organisations to consider any issues that may impact on a person's privacy before implementing biometrics and recommends Privacy Impact Assessments.
The Biometrics Vulnerability Assessment Methodology
Although there has been significant recent research into the vulnerability of various biometric systems to spoofing attacksAttack (computer)
In computer and computer networks an attack is any attempt to destroy, expose, alter, disable, steal or gain unauthorized access to or make unauthorized use of an asset.- IETF :Internet Engineering Task Force defines attack in RFC 2828 as:...
, there is as yet no generally agreed method of assessing the degree of vulnerability in a principled fashion.
Since 2007, the Biometrics Institute has been working on this problem, partly co-funded by the Australian Government through the Department of Prime Minister and Cabinet. The goal is to develop a general methodology for vulnerability
Vulnerability (computing)
In computer security, a vulnerability is a weakness which allows an attacker to reduce a system's information assurance.Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw...
assessment applicable to any biometric system, and to apply it to a number of biometrics. A methodology has been developed and applied to a number of face
Facial recognition system
A facial recognition system is a computer application for automatically identifying or verifying a person from a digital image or a video frame from a video source...
and fingerprint biometric systems. Testing of a voice biometric system will begin in the near future.
The aim of the methodology is to provide, for a given system and method of attack, a level of assurance about the maximum proportion of attacks likely to succeed. This is a practical measure which is readily incorporated into system design. Suggested countermeasures to identified risks are also provided.
Mission & Objectives
The Biometrics Institute promotes the responsible and ethical use of biometrics, including due consideration to privacy concerns, it is a forum for discussion about biometrics between members, potential users and vendors, it educates and informs members, business and the community about biometrics, it promotes the development and awareness of standards, benchmarks and test regimes for the industry and provides policy input to governments in partnership with members and key stakeholders biometrics.See also
- Attack (computer)Attack (computer)In computer and computer networks an attack is any attempt to destroy, expose, alter, disable, steal or gain unauthorized access to or make unauthorized use of an asset.- IETF :Internet Engineering Task Force defines attack in RFC 2828 as:...
- AuthenticationAuthenticationAuthentication is the act of confirming the truth of an attribute of a datum or entity...
- Computer securityComputer securityComputer security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to...
- IdentificationIdentificationIdentification or Identify may refer to:* Body identification* Combat Identification* Eyewitness identification* Forensic identification* Gender identity* Hazard Identification...
- Information securityInformation securityInformation security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction....
- IT riskIT riskInformation technology risk, or IT risk, IT-related risk, is a risk related to information technology. This relatively new term due to an increasing awareness that information security is simply one facet of a multitude of risks that are relevant to IT and the real world processes it...
- PrivacyPrivacyPrivacy is the ability of an individual or group to seclude themselves or information about themselves and thereby reveal themselves selectively...
- Threat (computer)Threat (computer)In Computer security a threat is a possible danger that might exploit a vulnerability to breach security and thus cause possible harm.A threat can be either "intentional" or "accidental" In Computer security a threat is a possible danger that might exploit a vulnerability to breach security and...
- Vulnerability (computing)Vulnerability (computing)In computer security, a vulnerability is a weakness which allows an attacker to reduce a system's information assurance.Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw...