The measures of Mankind
Is your computer monitor adorned with little yellow notes full of passwords? Wouldn't it be nice to do away with all this when you turn on the computer and log on? It could happen sooner than you might think. Recent advances in biometric techniques, abetted by the availability of inexpensive computer power, promise to change the face of security systems.
A fingerprint reader might be good enough to let you into a computer network, but it isn't much help in recognising a terrorist walking down the road with gloves on. But the way we walk is another unique personal characteristic, which is why the Defense Advanced Research Projects Agency (DARPA) of the USA has put money into a group of researchers at Southampton University studying gait, the technical term for the way we walk. You can see what this is all about at the group's web site http://www.gait.ecs.soton.ac.uk.
It turns out that there is a sizeable community of gait researchers. The Southampton site has links to about half a dozen other groups. For example, in the same 'Human ID' programme that supports Southampton, DARPA also funds a group in the Columbia Automated Vision Environment (CAVE) at Columbia University working on the problem of identifying people in bad weather http://www1.cs.columbia.edu/CAVE/HIDweather/.
So that they can see if they are doing better than alternative approaches, people working on image recognition like to test their approaches on sets of standard data. CAVE, which is clearly into wacky acronyms, hosts WILD, the Columbia Weather and Illumination Database. This has high-quality calibrated colour images of an outdoor scene captured every hour for more than six months. One of the more popular biometric techniques uses the iris of the eye to identify people. You peer into a camera and the computer looks through its database of iris images to see if you are allowed through the doors of a building, for example. Iris recognition even has its own organisation and web site http://www.iris-recognition.org/. A particularly useful area here could be the list of relevant patents and systems.
It turns out that lots of things shelter under the broad umbrella of biometrics. For an easy to follow description of the field, start at the home page of the biometrics groups at Michigan State University http://biometrics.cse.msu.edu. 'Biometrics refers to the automatic identification of a person based on his/her physiological or behavioural characteristics,' we read. Then there is an account of why biometrics beats passwords and PIN numbers in the security game.
The Michigan group, in the Pattern Recognition and Image Processing Lab, shows that there is actually still plenty of mileage in working with fingerprints. The group also works on face recognition but perhaps the most interesting idea is the combination of a number of individual markers. This turns out to be a way of dealing with noisy and incomplete data. It may be a simple text-based web site, but it has plenty of links to research papers on the group's research.
Another clean but thorough source of links to information on biometrics is the 'dmoz', the Open Directory Project. The companies' section alone had nearly 200 entries when I looked http://dmoz.org/Computers/Security/Biometrics/.
With its implications for crime prevention and security, biometrics is a growing business area. So it naturally attracts its share of national and international organisations and trade bodies. In the UK, the Association for Biometrics offers some interesting documents, along with a glossary of terms http://www.afb.org.uk. Studying a field's jargon can always provoke a small chuckle. For example, what are we to make of their special use of the term 'binning'? This is, we learn, 'the process of classifying biometric data. This allows a database of biometric data to be pre-sorted in order to speed up the process of matching captured biometric data with comparison data.'
Talking about terminology prompts a, perhaps belated, pointer to the fact that even the word 'biometrics' has rival uses. Got to the web address http://www.biometrics.com, for example, and you end up at 'the site for the Biomedical Data Sciences department within GlaxoSmithKline Pharmaceuticals'. This doubtless stems from the earlier definition of biometry as the application of statistical techniques to biological studies.
The Biometrics Consortium, on the other hand, is firmly in the area under discussion http://www.biometrics.org. This US government organisation has been in business since 1992. The idea is that the consortium acts as 'a Government focal point for research, development, test, evaluation and application of biometric-based personal identification/authentication technology'.
A particularly interesting link here took me to a site deep within the bowels of the web site of the National Institute of Standards and Technology, NIST. It turns out that the research community has been working towards a Common Biometric Exchange File Format (CBEFF) http://www.itl.nist.gov/div895/isis/bc/cbeff/. The idea is to make it easier to exchange biometric information. A more international approach to biometrics comes through the International Biometric Group http://www.biometricgroup.com/. Unfortunately, this turns out to be a marketing-oriented organisation that wants a lot of money for doubtless excellent reports. There is some free information, but that requires you to sign up for an account. Maybe they are trying to tell us something about the need for their subject.
I decided to look into biometrics because of the relationship with computing, which became apparent on my visit to Southampton. When looking for more information on computation and biometrics I came across one of the more comprehensive resources on the web. Down in the depths of another consultant's site, Bromba Biometrics, you can find a very detailed biometrics FAQ http://www.bromba.com/faq/biofaqe.htm.
One statement in this FAQ helps to explain the connections with computing and why the field is so active. The page tells us that biometric analysis requires 'computation speeds adequate for pattern recognition'. We then learn that 'This is about 100 million operations per second, which have only recently been attained by affordable hardware.' Add that to recent security worries and it is easy to understand the recent explosion in the subject.