Cyber-security in Smart Travel: The Case Study of Abu Dhabi Airport

Published: 2017-11-01 10:10:56
1479 words
5 pages
13 min to read
letter-mark
B
letter
Categories: 
University/College: 
Sewanee University of the South
Type of paper: 
Essay
This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

ABSTRACT

Abu Dhabi Airport became the first entity in the Middle East region to create Smart Travel. The airport implemented this initiative in partnership with Abu Dhabi Police and the Ministry of Interior. The system allows passengers to move through security and immigration after checking by interacting specifically with this innovative technology. Iris recognition has helped the country to curb global security challenges, including terror threats and repeated attempts of former expellees to re-enter the UAE through Abu Dhabi Airport. The country has since implemented various control measures to detect numerous cases of former expellees’ attempt to re-enter. The Smart Travel involves five crucial steps: Self Check-in, Self Bag Drop, E-registration, E-border Gate, and Self Boarding.

Background

The UAE has adopted state-of-the-art and trends in cyber-security to improve its transport systems. Abu Dhabi Airport became the first entity in the region to create Smart Travel. The Airport implemented this initiative in partnership with Abu Dhabi Police and the Ministry of Interior (Al Kuttab, 2016). The system allows passengers to move through security and immigration after checking by interacting with innovative technology. Meanwhile, Cyber Physical Systems (CPS) emerge from successful integration of smart objects, physical environments, people, and embedded computing devices, which are normally tied by an efficient communication infrastructure (Bordel-Sánchez et al., 2016). They include Smart Grids, Smart Cars, Smart Buildings, Smart Cities, and Smart Factories. On the other hand, the Internet of Things (IOT) is a worldwide network of heterogeneous objects that are interconnected, uniquely addressable, and often founded on standard communication protocols (O'Brien, 2016). Examples of the heterogeneous objects include actuators, RFID tags, sensors, mobile devices, smart devices, and embedded devices. The advent of Smart Travel at Abu Dhabi Airport has brought about significant advancements in transport system and security at the establishment. The country’s ever-increasing confrontation with cyber security problems led to its quest for biometric security systems and other technologies. Biometric refers to an authentication technique that uses facial scans, iris recognition, or fingerprint scans to identify and verify users (Li, 2009). Biometric data of users such as fingerprint scans and iris patterns are taken using the biometric scanning device before being converted into digital information that a computer can easily verify and interpret. Biometric data play a critical role in identity management in the United Arab Emirates and has helped the country to reduce integrity risks and fraud.

The Literature Review

The article “Iris recognition and the challenge of homeland and boarder control security in UAE” by Ahmad Al-Raisi and Ali Al-Khouri (2008) mainly focuses on the effectiveness of iris recognition technology to improve the security of Abu Dhabi Airport and border control systems in the UAE. The article asserts that the UAE deployment of the iris recognition technology is among the largest in the world. The country has prioritized security in the wake of continuous radical challenges that are related to identity verification and management. Biometric technologies remain at the forefront of transport and security related discussions because they provide a highly precise identity conformation (Al-Raisi & Al-Khouri, 2008). It is therefore considered an effective solution to various issues pertaining to identity and security management. Biometric industry has grown tremendously in the recent past, partly fueled by legislative requirements for verifications and positive identification. The false acceptance rate and false rejection rate are important factors that help to determine the accuracy of the biometric systems.

Iris recognition system

Figure 1: A block diagram showing the iris recognition system

The authors further state that the UAE’s border control system is comprehensively managed in line with strict visa issuing and pre-qualification processes. Border control strategies and other security measures have a considerable impact on transport system in the country. Apparently, the border control often forms a critical aspect of efforts to control various ports of entry and exit throughout the UAE (Al-Raisi & Al-Khouri, 2008). Although the physical processes have not been fully integrated, they have always functioned adequately at different ports of entry. These processes have helped the country to curb the major challenge it is currently facing of repeated attempts of the former expellees to re-enter the UAE. The country has since implemented various control measures to detect numerous cases of former expellees’ attempt to re-enter. Following the vast success of iris recognition technologies, the government is now considers the need to study a proposed structure that will pave way for building an integrated iris repository for verification and identification purposes. Iris plays a complementary role in supporting other biometrics for authentication and identification purposes.

The article “Vulnerabilities in Biometric Systems: Attacks and Recent Advances in Liveness Detection,” by Javier Galbally, Julian Fierrez, and Javier Ortega-Garcia also examines the benefits of biometric security systems in positive identification and authentication. It also considers the iris recognition technology as a strong biometric trait in the market. The article particularly reviews the state-of-the-art in terms of direct and indirect attacks to iris and fingerprint automatic recognition security systems (Galbally, Fierrez, & Ortega-Garcia, n.d). According to the article, biometric systems offer numerous advantages compared to classical security methods based on Passwords, PIN, or IDs. Also, a person does not need to remember difficult passwords or PIN codes during identification and verification. PIN codes can easily be forgotten or even lost when one carries it along with him.

Benefits of biometric security systems

 Figure 2: Merits of Biometrics Security Systems                     

The article further analyses some of the drawbacks resulting from the use of biometric systems. First, there is lack of secrecy since a person’s face is known to everyone around him. Others could even attempt to get their fingerprints. Second, the authorities cannot replace a biometric trait in the event that an impostor ‘steals’ it (Galbally et al., n.d). In this case, identification and verification through passwords or PIN codes would be more effective because one can easily generate a new password or PIN. Third, biometric systems are also susceptible to external attacks. Such attacks normally decrease the level of security of biometric systems. Vulnerability points of biometric systems can be divided into two broad groups: direct attacks and indirect attacks. According to this article, the first vulnerability point when using biometric security system is the possibility to produce synthetic biometric samples to fraudulently access a system. Several unscrupulous individuals in the UAE have always advantage of this vulnerability point by using face images, fingerprints or even speeches to illegally access a system. This is a typical case of direct attack as it takes place at the sensor level. Perpetrators of such fraudulent activities do not need specific knowledge about the operations of the system such as feature extraction, matching algorithm used, or even feature vector format. Besides, the attack is often carried out outside the system’s digital limits – the analog domain.

On the contrary, indirect attacks entail all the remaining vulnerability points of attack. For instance, the attacker may use the Trojan horse as it bypasses both the feature extractor and the matcher. The attacker may also manipulate the system database in order to gain full access to the application (Hofbauer et al., 2016). Other attackers may exploit possible weak points particularly in the communication channels used. For example, an intruder may extract, add, or change information from the communication channel of the system. The intruder must have some vital information about the workings (inner workings) of the recognition system and physical access to important components of the application.

Galbally et al. (2012) discusses the binary iriscode, a compact representation of an iris image. In their article dubbed “From the Iriscode to the Iris: A New Vulnerability of Iris Recognition Systems” (2012), the five authors opine that the iriscode contains sufficient information and details that would allow the process of reconstructing the original iris. It suggests a new probabilistic approach to reconstructing iris images from binary templates and analyzing the extent to which reconstructed samples resemble the original ones (Galbally et al., 2012). The chances of success of an attack executed with synthetic iris patterns against commercial iris recognition system are estimated in order to assess the overall performance of the reconstruction technique. Experimental results often demonstrate the fact that reconstructed images are incredibly realistic. The suggested methodology is also able to generate a large amount of iris-like patterns with iriscodes. In essence, the reconstruction method has several other potential applications, such as enrollment improvement and individuality studies (Bansal, Agarwal, & Sharma, 2016). The authors also concur that biometrics security system is a pushing alternative for application especially in situations where automatic recognition of people is necessary.

sheldon

Request Removal

If you are the original author of this essay and no longer wish to have it published on the SpeedyPaper website, please click below to request its removal: