So far, this series has introduced the concept of the Zero Trust Framework (ZTF), how it compares to other Cybersecurity measures, its advantages and implementation considerations, and multi-factor authentication and the use of biometrics. But no discussion of biometrics and authentication would be complete without mentioning facial recognition technology. Here, the authors tackle this controversial topic and its role in the Zero Trust Framework.
The Most Controversial Biometric – Facial Recognition
Facial recognition technology relies upon the physical features of the face of which are determined by genetics. Also, this technology can either be deployed either as a fully automated system, or as a semi-automated system. With the latter, no human interaction is needed, all of the verification and identification decisions are made by the technology itself. With the latter, human intervention to a certain degree is required, and this is actually the preferred method for deploying a facial recognition system.
Facial recognition systems focus upon those parts of the face which are not as easily prone to obstacles. These facial regions that are collected for a raw sample include the following:
- The ridges between the eyebrows
- The cheekbones
- The mouth edges
- The distances between the eyes
- The width of the nose
- The contour and the profile of the jawline
- The chin.
The methodology to capture the raw images of the face differs substantially to the other Biometric technologies. Although facial recognition is a non-contactless technology, the image capture process is significantly more complex, and more cooperation is required on part of the end user. To start the process of raw image collection, the individual must first either stand before a camera, or unknowingly, have their face captured with covert surveillance methods, such as using a CCTV camera system.
Once the raw images are collected by the camera, the data is then either aligned or normalized to help refine the raw images at a granular level. The refinement techniques involved include adjusting the face to be in the middle of the pictures which have been taken, and adjusting the size and the angle of the face so that the best unique features can be extracted and later converted over to the appropriate verification and enrollment templates.
All of this is done via mathematical algorithms. As mentioned previously, facial recognition is countered by a number of major obstacles, but even more so at the raw image acquisition phase. These include a lack of subtle differentiation between the faces and other obstructive variables in the external environment, various different facial expressions and poses in subsequent raw image captures, and capturing a landmark orienting feature such as the eyes.
To help compensate for these obstacles, substantial research and development has been done in the area of 3-Dimensional imaging. In this technique, a shape is formed and created, and using an existing 2-Dimensional image, various features are created, resulting in a model which can be applied to any 3-Dimensional surface and used to help compensate for the above-mentioned differences.
However, it should be noted that these types of 3-Dimensional facial recognition systems are not widely deployed in commercial applications yet, because this technique is still pending further research. Right now, 2-Dimensional facial recognition systems are primarily used in the commercial market. 3-Dimensional facial recognition systems are only used as a complement to the 2-Dimensional ones, in which higher imaging requirements are dictated, and the capture environment is much more challenging.
The Techniques of Facial Recognition
To help alleviate these obstacles and to provide a solution in which a single facial image can be detected in just one frame, various techniques have been developed and applied to facial recognition. These techniques fall under two categories:
- Appearance based
- Model based.
With appearance based facial recognition techniques, a face can be represented in several object views, and it is based on one image only with no 3-Dimensional models used. The specific methodologies here include Principal Component Analysis, and Linear Discriminant Analysis. Model based facial recognition techniques construct and create a 3-Dimensional model of the human face, and subsequently, the facial variations can be captured and computed. The specific methodology here includes Elastic Bunch Graph Mapping.
Principal Component Analysis (this is linear based, also known as PCA) dates back to 1988, when it was first used for facial recognition. This technique primarily uses what is known as “Eigenfaces”. Simply put, Eigenfaces are just merely 2-Dimensional spectral facial images, which are composed of grayscale features.
There are literally hundreds of Eigenfaces which can be stored in the database of a facial recognition system. When facial images are collected by the system, this library of Eigenfaces is superimposed over the raw images. At this point, the level of variances between the Eigenfaces and the raw images are then subsequently computed, averaged together, and then different weights are assigned.
The end result is a 1-Dimensional image of the face, which is then processed by the facial recognition system. In terms of mathematics, PCA is merely a linear transformation in which the facial raw images get converted over into a geometrical coordinate system. Imagine a quadrant-based system. With the PCA technique, the data set with the greatest variance lies upon the first coordinate of the quadrant system (this is also termed the first PCA), the next data set with the second largest variance falls onto the second coordinate, and so on, until the 1-Dimensional face is created.
The biggest disadvantages with this technique are that it requires a full-frontal image, and as a result, a full image of the face is required. Thus, any changes in any facial feature requires a full recalculation of the entire Eigenface process. However, a refined approach has been developed, thus greatly reducing the calculating and processing time which is required.
Linear Discriminant Analysis (this is linear based, also known as LDA) projects the face onto a vector space, with the primary objective being to speed up the verification and identification processes by cutting down drastically on the total number of features which need to be matched.
The mathematics behind LDA is to calculate the variations which occur between a single raw data point from a single raw data record. Based on these calculations, the linear relationships are then extrapolated and formulated. One of the advantages of the LDA technique is that it can actually take into account the lighting differences and the various types of facial expressions which can occur, however a full-face image is still required.
After the linear relationship is drawn from the variance calculations, the pixel values are captured, and statistically plotted. The result is a computed raw image, called a Fisher Face, which is just simply a linear relationship of the various pixel values. Despite the advantages, a major drawback of the LDA technique is that it does require a large database. Elastic Bunch Graph Matching (this is model based, also known as EBGM) looks at the nonlinear mathematical relationships of the face, which includes factors like lighting differences, and the differences in the facial poses and expressions. This technique uses a similar technique which is used in iris recognition, known as Gabor Wavelet Mathematics.
With the EBGM technique, a facial map is created. The facial image on the map is just a sequencing of graphs, with various nodes located at the landmark features of the face, which include the eyes, edges of the lips, tips of the nose, etc. These edge features become 2-Dimensional distance vectors, and during the identification and verification processes, various Gabor mathematical filters are used to measure and calculate the variances of each node on the facial image.
Then, Gabor mathematical wavelets are used to capture up to five spatial frequencies, and up to eight different facial orientations. Although the EBGM technique does not require a full facial image, the main drawback with this technique is that the landmarks of the facial map must be marked extremely accurately.
Next up: The next article in this series will wrap up by explaining how the biometric modalities covered so far fit into the Zero Trust Framework. The authors will also provide a brief review of Bio Cryptography and other factors for multi-authentication in the ZTF.