Home
Search
Login
<mosaic.cnfolio.com>

Authentication - The what, the how and the why


Fingerprints

Fingerprint Types. (Watson, 2008)Perhaps no form of identification has been more significant in recent history, than the use of fingerprints in the criminal justice system. Since their first official recorded use in the solving of a murder case by Juan Vucetich, a statistician and the head of the Argentine Bureau of Anthropometric Identification (Thompson, 2007) in 1892, fingerprints have been used by police forces around the world to identify criminals and place them at crime scenes, bringing countless numbers of criminals to justice (Horswell, 2004). As a result of this first recorded case, in 1896 Argentina became the first country to file criminal records using fingerprint classification (Thompson, 2007). Previous to this, anthropometric records, which listed some of the unchanging dimensions of the adult human body (such as finger length and head width), had often been used for identification purposes (Krishan, 2007).

Using fingerprints as a form of identification at a crime scene, is achieved by a method of comparing two fingerprint impressions. This is done by analysing the similarities and differences between each print's friction ridge characteristics, which are the attributes that constitute a unique print. The first fingerprint impression is retrieved from a surface in a crime scene, capable of retaining an invisible impression of the ridges when touched (i.e. a hard, smooth surface). In order to aid comparison, the fingerprint ridges can be made visible by applying a developing agent (e.g. aluminium powder). The friction ridges of this print can then be compared to those of a print on permanent record, taking into account the position, direction, and orientation of each ridge characteristic in relation to another. Providing that the entire characteristics match and none are in disagreement, the prints can be confirmed as a match (Thompson, 2007).

However, the true benefits of using fingerprints obtained from a crime scene are not realised until a fingerprint database is added. The UK's National Fingerprint Database (IDENT1), contains approximately 16.6 million sets of prints (as of October 2008), and facilitates the search and comparison of crime scene prints with the prints on permanent record. The database contains prints of every person arrested in England, Scotland and Wales for a recordable offence, thus allowing police investigators to quickly identify a known criminal and place them at the scene of a crime (National Policing Improvement Agency, 2008).

The use of fingerprint identification in the legal system has been hugely successful in convicting criminals, due to fingerprints being discovered at crime scenes and on critical pieces of police evidence, such as on murder weapons. As a result, fingerprints have become hugely decisive pieces of evidence in court cases, resulting in the conviction of criminals who would have otherwise been let free. Fingerprints have therefore not only been of great benefit to police forces but also to whole communities, by removing criminals from society and in turn, helping to reduce crime.

With such vast numbers of fingerprints on record, storage becomes a major issue, but perhaps more significantly, searching for matching records has become a sizable challenge. As a result, more and more advanced searching algorithms have been devised, which categorise prints in order to narrow down searches and speed up the verification process. This however, does not solve the problems of fingerprint enrolment. Due to differing enrolment techniques, the quality of fingerprints on record often vary, thus increasing the challenge of finding a matching set of prints (O'Gorman, 1999).

Passports

A passport is a document, intended for the purpose of international travel. Issued by national governments to their citizens, passports are primarily used to verify a person's nationality, but are also used to confirm their identity. This is achieved by listing a number of personal details, or attributes, which include:


Earliest Passport. (Miller, 2009)Principally, it is the photograph that is used to confirm the identity of the individual, through a simple act of visually comparing the facial features of the claimant and their passport photograph. In addition to this, the gender, date of birth and nationality printed in the passport, can be used to analyse the appearance of the individual, and clarify whether or not they are the rightful owner of the passport.

The first recorded use of a document to grant the right of international travel can be found in the Bible. Around the year 450BC, Nehemiah, who was working as a royal cup-bearer, was granted letters from the King requesting the governors of the lands beyond the Euphrates to grant him safe passage to Judah (Benedictus, 2006; Nehemiah 2:7-9, New International Version). According to the UK Home Office however, the first reference to passports, in the form of "Safe-Conducts", was made in an Act of Parliament in 1414, during the reign of King Henry V (Home Office, n.d.a). The earliest existing example of a British passport, in it's historical context, is a letter signed by King Charles I in 1641, granting a Captain Bradshagh along with his family and servants, to travel the oceans on behalf of the King (pictured: left) (Miller, 2009; BBC, 2009). However, it wasn't until around 1914 that passports first began to contain a photograph of the holder, and at which time, they could become a usable form of identification, to formally distinguish a person's identity (Home Office, n.d.a).

Today, passports are machine readable and electronic and are valid for ten years. They comply with the standards set by the International Civil Aviation Organization (ICAO) in 1980 (International Organization for Migration, n.d.). These passports contain a "series of code numbers and markings" that represent all of the information usually presented within a passport (i.e. name, nationality, etc.), and an electronic microchip that stores biometric data, which allows for the document to be "instantly checked by computer" (International Civil Aviation Organization, 1980). Nevertheless, the method of identification remains the same, but technology is simply used to confirm the validity of a passport and maintain travel records.

In its historical context, the primary benefit of owning a passport was that it granted the right to travel the world and legally enter foreign countries. Today, however, this has changed somewhat. Indeed, with strict immigration laws put in place by some national governments, it would perhaps be more sensible to say that today's passports merely facilitate international travel and at least, permit the holder to return to the country that issued the passport. Furthermore, in its capacity as a form of identification, it can enable the owner of a passport to purchase age-restricted goods, or enter age-restricted venues. In addition, this can benefit the company that is giving access to the age-restricted goods or services, as they pass some responsibility and liability onto the government, when accepting a passport as proof of age.

Passports also benefit the government of a country in that they are able to keep track of the location of both their own citizens and foreign nationals who are visiting or living in the country. Also, with modern passports, convicted criminals or people on bail, can have their passport automatically revoked, thus assisting police forces to keep track of them. However, as with fingerprints, these benefits also come with some key challenges, not least, with the storage, search and retrieval of information. Currently, the Identity & Passport Service (IPS), a British government Home Office agency, maintains a database of all passport information, which it is currently in the process of updating, in order to accommodate the introduction of the much maligned National ID cards. In a statement released on April 7 2009, IPS stated that it will be a "new secure database for storing the facial and fingerprint images" (Home Office, n.d.b).

One of the impacts of storing such data, however, is that because The Freedom of Information Act 2000 states that anybody has the right to access information held by government departments (Home Office, n.d.), the IPS must provide an information request and retrieval service, to enable people to freely access the information held. Failure to do so could result in legal action being taken against them, as a breach of human rights (How to be a Civil Servant, 2008).

Comparison

As with all forms of information collection, storage becomes a challenge. With both fingerprints and passports, the data collected must be stored in an easily accessible and searchable format. This provides concurrency, networking, database, searching and performance challenges that must all be solved successfully. Furthermore, data protection is of vast importance, to ensure that any data collected remains secure and free from corruption. With regard to passports, data collection, retention and protection laws must be adhered to, whereas the collection of fingerprint data is covered by the Criminal Justice Act 2003, which extends the powers of police to enable them to "take fingerprints without consent upon arrest for a recordable offence" (McCartney, 2006).

To conclude, it is suggested that fingerprints are a better form of identification than passports. The reason being that despite a seemingly endless number of preventative measures, such as holograms and microchips, passports continue to be cloned and forged, thus casting their credibility into doubt (Leyden, 2006), whereas fingerprint forgery remains somewhat rare (Champod, Lennard, Margot and Stoilovic, 2004). Furthermore, while fingerprint friction ridge comparison and identification is a hugely mature science, that has seen much research and technical advancements, it seems quite astonishing that the methods of identification using passports, as seen in ports and airports around the globe, have seen little change since the photo-passport was introduced nearly 100 years ago.

Iris recognition systems

Iris recognition is a highly accurate method of biometric authentication, based on the unique and persistent characteristic of the iris, the coloured part of the eye that surrounds the pupil. Iris recognition algorithms have been shown to produce "perfect recognition rates" (Masek, 2003), and it is suggested that the probability of two irises producing the same digital irises code is as low as 1 in 1078 and it is claimed that iris recognition can identify people more accurately than by DNA identification (Sanderson and Erbetta, 2000).

Technologies

How Iris Scanners Record Identities (Biometric technology, n.d.)VeriEye is a proprietary SDK platform for the development of iris recognition solutions (NEUROtechnology, 2009). The product is based on the systems and techniques developed and patented by Professor John Daugman of the University of Cambridge (Daugman, 1994), which are today owned by L1 Identity Solutions (University of Cambridge, n.d.). Daugman's techniques are based on an integro-differential equation which uses first derivatives of the iris image and performs a search to find geometric parameters.

As an alternative to the VeriEye development platform, Masek, a student of The University of Western Australia, developed an open source alternative to the systems based upon the patents of John Daugman. The system, which was developed using MATLAB, consists of an automatic segmentation system, based on the Hough transform, and encodes digital iris images into a bit-wise biometric template (Masek, 2003). Experiments on the system resulted in false accept rates of just 0.005% and false reject rates of 0.238%, thus suggesting that Masek's techniques are comparatively reliable to the Daugman techniques employed by the proprietary VeriEye system.

However, using the Hough transform method introduces a number of problems. Firstly, it requires threshold values to be chosen for edge detection. As a result, critical edge points may be omitted and thus iris characteristics may not be detect. Furthermore, the Hough transform method requires large computation power, due to its "brute-force" approach, meaning that its use in a real-time system may be limited. Professor Daugman's techniques, however, are not without fault. Because they make use of the integro-differential, the results of the algorithm can be corrupted by excessive noise in the eye images, which often occur due to reflections or eye lashes and eyelids obscuring the iris (Masek, 2009).

Cost

In order to implement the VeriEye iris recognition system, a number of components would be required. Initially, a VeriEye SDK license would be needed together with a VeriEye supported eye iris camera, such as the Retica Mobile-Eyes or CrossMatch I Scan 2.

Furthermore, the development of the authentication system would be needed in order to implement the camera hardware APIs, capture the iris images, connect to and store the iris templates in a database and invoke the VeriEye "Matcher" and "Extractor" components. This system would be able to process the images and compare them to those on permanent record in the database. This system could be developed using any of a number of programming languages, but a Java development on a Linux platform might be preferable, in order to minimise costs.

In addition a database server would obviously be required, in order to store the digital iris templates, however, the VeriEye SDK does support open source database integration, thus eliminating the cost of purchasing proprietary database software. The main costs associated with implementing the system can therefore be defined, thus:


In comparison, the cost of developing an iris recognition system, using the open source techniques developed by Masek, would require similar stages to those for the VeriEye implementation. In addition, a MATLAB installation would be required to invoke the open source iris image processing and matching algorithms - MATLAB commercial license: £1,400 (The MathWorks, n.d.). The remainder of the project could be completed using open source technologies, such as Java or PHP, with an open source database such as MySQL, running on a Linux distribution. Furthermore, a camera to capture the eye iris images would need to be chosen. This could either be an advanced iris camera, such as those supported by the VeriEye SDK, or a far less expensive solution, perhaps with the addition of software image processing, in order to improve the quality of the digital iris images, prior to the extraction and matching stages.

In addition to the cost of setting up these systems, one should also consider the costs associated with maintaining such a system. For instance, if a British citizen were to lose their passport, they could simply complete an online form, and a new passport would be sent to their home (Home Office, n.d.c). However, the problem with iris authentication, and indeed all forms of biometric authentication, is that if the user loses or damages their form of identification, i.e. their eye, then there is no simple and cheap way to replace it. The issue, therefore, with implementing either of the discussed iris recognition systems, is that both would need to offer an alternative backup system, at an additional cost, to enable users to authenticate without using iris recognition. This however, also introduces another potential point at which the system could be exploited.

Vulnerabilities

Possible biometric vulnerability points (Ruiz-Albacete, 2008)To date, there have been no documented successful attacks on iris detection systems (Ruiz-Albacete, 2008). However, this is not to say that there have been no attempts, or that there are no vulnerabilities to iris recognition systems. In fact, Ruiz-Albacete, Tome-Gonzalez, Alonso-Fernandez, Galbally, Fierrez and Ortega-Garcia suggest that there are eight distinguishable vulnerability points in any iris recognition system (diagram, right), and that the potential attacks can be categorised into one of two groups:



In order to assess how susceptible iris recognition techniques are, Ruiz-Albacete et al. performed a number of tests on Masek's iris recognition system. In their experiments, they used commercial desktop inkject and laser printers to print images of irises and simply scanned them using a commercial iris scanning camera. Their first attack scenario considered the enrolment and access to a system using fake irises, and their second represented an attacker trying to gain access to a genuine account, but with fake iris images. Their results showed that the system was highly vulnerable to both attack methods, with a staggering 40% of the fake iris images being correctly segmented by the system, thus granting access to the intruder.

Ruiz-Albacete et al. have suggested that liveness detection procedures could be employed as a countermeasure against direct attacks of this form. For example, light reflections, eye movement and pupil responses to sudden lighting changes, could be detected by the system, in order to ensure that it is a real eye that is being scanned, and not simply an image.

Personal privacy issues

One of the major issues with iris authentication is that of the personal privacy of the end users. With the advancements in the field of iridology - the study of the iris - the diagnosis of physical and mental illnesses by studying the iris has become possible. Furthermore, medical examination of the human iris can often lead to early diagnosis of an illness. This could be an illness which the person had experienced no symptoms and was blissfully unaware of (Summers, 1995; Guild of Naturopathic Iridologists International, n.d.).

The fact that such a vast amount of medical information can be gained simply from the eye, may well be considered an undesirable side effect of iris recognition technology. An employer using iris recognition could detect illness in their current or potential employees and discriminate against them. Much in the same way, a company may have chosen not to employ a pregnant woman, due to the cost of having to pay her maternity leave, prior to the introduction of the Employment Rights Act 1996 (Office of Public Sector Information, 1996).

Another issue with using irises as a form of identification is something that sets it apart from traditional forms of identification and most other forms of biometrics. With traditional forms of identification, such as a passwords, passports or even fingerprints, the owner is able to make a conscious decision as to when and to whom he wants to offer his identification. However, with iris recognition, digital images can be taken at any time, without warning or authorisation, with the person being identified, totally unaware. This could not only result in security vulnerabilities with systems employing iris recognition, but could also assist in the theft of personal identities.

Uses and benefits

The potential uses of iris recognition technology are far reaching. As iris recognition systems advance and general acceptance increases, a huge number of system that currently require authentication may well choose to switch to iris technology, either as a replacement or in addition to their current authentication system. However, it is more likely that it will initially be introduced as an optional addition, until the systems have gained greater public acceptance and any "teething problems" have been resolved.

The potential for iris recognition technology is huge. Any system, from a website currently using username and password login, to an international border using passport authentication, could possibly adopting the technology. With built-in webcams becoming cheaper, of a higher quality and more common in people's homes, virtually any computer system requiring authentication could potentially offer iris recognition authentication in the near future.

The benefits of using irises are also significant compared with traditional forms of identification. Not only does the end user not have to choose a password, remember it and keep it safe and confidential, but also the organisation implementing the iris technology benefits, as they no longer have to deal with forgotten password support calls. This benefit could result in huge financial savings, given that an estimated 20 to 40 percent of all helpdesk calls are apportioned to resetting passwords, with an estimated cost of £15 per call (Hayday, 2003).

Freedom of information legislation

Freedom of information or government transparency legislations take many different forms, with acts having been passed in over fifty countries and a number of countries with acts pending (Staples, 2007). The purpose of legislation for the freedom of information is quite intuitive - they intend to grant any person the right to obtain information held by public and government authorities" (Information Commissioner's Office, n.d.a). The basis of the legislations is that "democracy works most effectively when the public has as much information as possible about the government" (Staples, 2007).

UK Freedom of Information Act 2000. (Office of Public Sector Information, 2000)Specifically, the UK Freedom of Information Act (FOIA) 2000 states that "any person making a request for information to a public authority is entitled to be informed in writing by the public authority whether it holds information of the description specified in the request, and if that is the case, to have that information communicated to him... promptly and in any event not later than the twentieth working day following the date of receipt" (Office of Public Sector Information., 2000). However, within the Act, a number of exemptions are listed, which include the National Criminal Intelligence Service and crucially, the Secret Intelligence Service and the tribunals established under the Security Service Act 1989 and Intelligence Services Act 1994.

Similarly, the Irish Freedom of Information Act 1997 was passed to "enable members of the public to obtain access... to information in the possession of public bodies" (Department of Finance, 1997). However, in contrast to the UK Act, the Irish Act creates a far broader presumption that the public can access all information held by government bodies, stating that information should be accessible "to the greatest extent possible" and also clarifies that people should be able to correct any information held about themselves. This is something that is not covered by the UK Freedom of Information Act, but instead by the UK Data Protection Act (DPA) 1998 (Information Commissioner's Office, n.d.b). Furthermore, the Act also states that "a head may refuse to grant a request... if... it could reasonably be expected to affect adversely the security of the State, the defence of the State...", which is in line with the security exemptions outlined in the UK Act.

Government spending

As a result of these laws being passed, both the UK and Irish governments have had to put in place, appropriate processes for the receiving and granting of information requests, at their own cost. As stated by the Department for Constitutional Affairs, information requests from central government may be denied, or payment may be requested, should the retrieval of the information cost more than £600, or £450 for requests to other public authorities (Department for Constitutional Affairs, n.d.). Given that in 2008, 34,950 information requests were made to UK central government authorities (Ministry of Justice, 2009a), it is clear that the resultant government spending is considerable. Furthermore, as suggested by MP Gordon Prentice, "the span of responsibilities [of the Information Commissioner’s Office; the department responsible for dealing with information requests] is very wide, but the... office is simply not coping" (Prentice, 2009). As a result, the UK government made an additional £500,000 of funding available to the Information Commissioner’s Office's (ICO) in 2009, in addition to the baseline funding of £5 million (Wills, 2009).

In comparison, the Office of the Information Commissioner for Ireland received a total of only 12,672 requests in 2008 (Office of the Information Commissioner Ireland, 2009), but given their relative populations - Ireland: 4.5 million, UK: 61 million (World Bank, 2008) - the Irish government is clearly spending more per head than the UK. However, following an amendment to the law in April 2003, all requests for information, which do not contain only personal information relating to the requester, are now subject to a fee of €15 (Office of the Information Commissioner Ireland, n.d.). As a result of this change, an initial decline in information requests of over fifty per cent was recorded. This therefore suggests that the Irish government may perhaps be providing less funding than the UK, in relation to their FOIA.

Successes

With regards to personal privacy, the UK Freedom of Information Act 2000 can be seen as going "hand-in-hand" with the UK Data Protection Act 1998. As with the FOIA, the DPA gives people the right to find out what information is held about them, but it also gives them the right to prevent a "data controller" from processing information relating to them, should it be considered to cause "substantial unwarranted damage or distress to them or anyone else" (Aim Higher, n.d.). The Freedom of Information Act should therefore be seen as having a positive effect on personal privacy as it, in cohesion with the DPA, not only offers transparency with regards to personal information, but also upholds people's rights to correct, remove and protect their personal information, when held by government or private authorities, and offers provisions for imposing sanctions on public authorities and employees, in cases where information is unlawfully processed, distributed or withheld from the requester.

In addition, the resultant increase in access to information has led to benefits for a number of people, as it provides them with the ability to see what government benefits or services they are entitled to and whether they are receiving them, and in some cases, request backdated payments. Furthermore, in the interest of personal safety and confidence in the legal system, court records and information that is about the personal life of individuals, relating to the security services, cannot be disclosed (Banisar, 2006).

Another success of the UK FOIA specifically, is the introduction of comprehensive whistleblowing laws. These laws attempt to change the culture of organisations, by making it acceptable to disclose information on corrupt activities and protect the so called "whistle-blowers", offering them an incentive to come forward (Banisar, 2006).

Failures

Despite their successes, there without doubt remain a number of "teething" problems with these relatively young laws, and some outright failures. Firstly, both the UK and Ireland have, as a constituent of their FOIAs, introduced "public-interest tests", which allows for individual information requests to be judged on their own merits in the interest of the public. This may appear to be a positive feature, however, it does mean that certain individuals, such as convicted criminals, may well have their personal privacy and confidentiality forfeited and their personal details and criminal history released, in the interest of public safety. Having discussed these issues with a prison officer working at HMP Winchester, it has become clear this also manifests itself within the prison setting, with the safety of prisoners coming under threat when other inmates become aware through the media of the crimes they have committed. In the past, this has resulted in prisoners requesting to be relocated, due to fears for their safety.

Another criticism of the UK FOIA is that since 2004, the Department of Constitutional Affairs have run the Access to Information Central Clearing House, for assisting government departments to respond to sensitive and complex freedom of information requests (Banisar, 2006). This has lead to criticism that government officials are trying to control the release of information that could potentially embarrass them, and has since been partially blamed for the MP expenses scandal that marred UK politics in 2009.

The shortcomings of the Irish FOIA have also been criticised in the media, with perhaps the most significant issue ironically being a lack of government transparency since the law's passing in 1997. It has been noticed that since the law came into force, government ministers have been choosing to no longer sign and annotate the policy and report documents that they have read, due to the openness of the law and the possibility of them being held directly accountable for government decisions. Previously, the system had been used as a "paper trail", enabling the public to see the processes behind the government's decision making (Molony, 2006). For this fact, it could therefore be seen that the Irish FOIA has failed in one of its primary objectives, thus suggesting that of the two, the UK has been the most successful. However, neither is without their faults and as is often seen with new legislation, a number of amendments will be needed in order to resolve these initial flaws, and help them to effectively achieve their initial objectives.

Achieving political objectives through business markets

An alternative method of achieving the objectives of freedom of information legislation, namely access to information and transparency, can be seen in the private sector, in the operations of Companies House in Great Britain. Companies House is a UK government agency, tasked with the job of publishing the details of the two million plus limited companies in England, Wales, Northern Ireland and Scotland (Companies House, n.d). Although it is run and funded by the government and runs in accordance with the Companies Act 2006, the information it holds is not covered by the UK FOIA, and thus is not publicly available by default. Instead, requests for company details can be made to Companies House, and the information is delivered on payment of a nominal fee (Companies House, 2006).

Word Count: 4,668

References

Aditech Ltd. (n.d.a). Iris Recognition Solutions. Retrieved December 17, 2009, from
http://www.aditech.co.uk/downloads/IrisMembership.pdf

Aditech Ltd. (n.d.b). Iris Recognition first for Sussex healthcare. Retrieved December 17, 2009, from
http://www.aditech.co.uk/downloads/Iris%20Recognition%20for%20Sussex%20Healthcare.pdf

Aditech Ltd. (n.d.c). What do your eyes say about you. Retrieved December 17, 2009, from
http://www.aditech.co.uk/downloads/jmlFINAL.pdf

Aditech Ltd. (n.d.d). Case Study - British Telecom, UK. Retrieved December 17, 2009, from
http://www.aditech.co.uk/btirisrecognition.html

Aim Higher. (n.d.). Data Protection Act Factsheet. Retrieved January 22, 2010, from
http://www.aimhigher.ac.uk/practitioner/resources/Data_protection_fact_sheet.pdf

Banisar, D. (2006). Freedom of Information around the World 2006. Retrieved January 21, 2010, from
http://www.privacyinternational.org/foi/foisurvey2006.pdf

BBC. (2009). BBC show unearths 1641 'passport'. Retrieved October 28, 2009, from
http://news.bbc.co.uk/1/hi/england/wear/8036982.stm

BBC. (n.d.). Biometric Technology. Retrieved December 7, 2009, from
http://news.bbc.co.uk/1/shared/spl/hi/guides/456900/456993/html/nn3page1.stm

Benedictus, L. (2006). A brief history of the passport. Retrieved October 28, 2009, from
http://www.guardian.co.uk/travel/2006/nov/17/travelnews

Champod, C., Lennard, C., Margot, P., & Stoilovic, M. (2004). Fingerprints and Other Ridge Skin Impressions. Florida: CRC Press. Retrieved October 25, 2009, from
http://books.google.co.uk/books?id=n9out--0RRkC&pg=PP1&dq=Fingerprints+and+other+ridge+skin+impressions

Companies House. (2006). Companies Act 2006 price list. Retrieved January 25, 2010, from
http://www.companieshouse.gov.uk/toolsToHelp/ourPrices.shtml

Companies House. (n.d). About Us. Retrieved January 25, 2010, from
http://www.companieshouse.gov.uk/about/functionsHistory.shtml

Daugman, J. G. (1994). US Patent 5291560 - Biometric personal identification system based on iris analysis. Retrieved December 5, 2009, from
https://www.patentstorm.us/patents/5291560/fulltext.html

Department for Constitutional Affairs. (n.d.). How requests for information are handled. Retrieved January 18, 2010, from
http://www.foi.gov.uk/yourRights/handlingrequests.htm#8

Department of Finance. (1997). Freedom of information act, 1997. Retrieved January 18, 2010, from
http://www.finance.gov.ie/viewdoc.asp?DocID=837

Fulcrum Biometrics. (n.d.). Eye Iris Cameras. Retrieved December 5, 2009, from
http://www.fulcrumbiometrics.com/en/products/group/eye-iris-cameras/

Guild of Naturopathic Iridologists International. (n.d.). About Iridology. Retrieved December 17, 2009, from
http://www.gni-international.org/about-iridology1.htm

Hayday, G. (2003). Counting the cost of forgotten passwords. Retrieved December 17, 2009, from
http://news.zdnet.co.uk/itmanagement/0,1000000308,2128691,00.htm

Home Office. (2009). Contracts bring identity cards and more secure passports closer. Retrieved November 1, 2009, from
http://www.ips.gov.uk/cps/rde/xchg/ips_live/hs.xsl/734.htm

Home Office. (n.d.a). Passport history timeline. Retrieved November 1, 2009, from
http://www.ips.gov.uk/cps/rde/xchg/ips_live/hs.xsl/1080.htm

Home Office. (n.d.b). Freedom of information. Retrieved November 1, 2009, from
http://www.ips.gov.uk/cps/rde/xchg/ips_live/hs.xsl/31.htm

Home Office. (n.d.c). IPS online passport application. Retrieved December 19, 2009, from
https://passports.ips.gov.uk/epa1r1a/index.aspx?c=1

Horswell, J. (2004). Practice of Crime Scene Investigation. London: CRC Press. Retrieved October 25, 2009, from
http://site.ebrary.com/lib/portsmouth/Doc?id=10099973

How to be a Civil Servant. (2008). Human Rights, Freedom of Information and Data Protection. Retrieved November 21, 2009, from
http://www.civilservant.org.uk/c23.pdf

Information Commissioner's Office. (n.d.a). Freedom of Information Act. Retrieved January 18, 2010, from
http://www.ico.gov.uk/what_we_cover/freedom_of_information.aspx

Information Commissioner's Office. (n.d.b). Freedom of information and data protection – what’s the difference?. Retrieved January 18, 2010, from
http://www.ico.gov.uk/for_the_public/whats_the_difference.aspx

International Civil Aviation Organization. (1980). ICO unveils computer-aged passport. Retrieved November 1, 2009, from
http://www.icao.int/icao/en/nr/1980/pio198009_e.pdf

International Organization for Migration. (n.d.). FAQs: Machine Readable Passport. Retrieved November 1, 2009, from
http://www.iom.int/pbmp/PDF/faqs_mrp.pdf

Komarinski, P., Higgins, P. T., Higgins, K.M., & Fox, K. F. (2004). Automated Fingerprint Identification Systems (AFIS). London: Academic Press. Retrieved October 25, 2009, from
http://site.ebrary.com/lib/portsmouth/docDetail.action?docID=10187311

Krishan, K. (2007). Anthropometry in Forensic Medicine and Forensic Science-'Forensic Anthropometry'. The Internet Journal of Forensic Science, 2003(2). Retrieved October 26, 2009, from
http://www.ispub.com/ostia/index.php?xmlFilePath=journals/ijfs/vol2n1/forensic.xml

Leyden, J. (2006). e-passport cloning risks exposed. Retrieved November 21, 2009, from
http://www.theregister.co.uk/2006/08/04/e-passport_hack_attack/

Masek, L. (2003). Recognition of Human Iris Patterns for Biometric Identification. Retrieved December 3, 2009, from
http://www.csse.uwa.edu.au/~pk/studentprojects/libor/LiborMasekThesis.pdfhttp://mosaic.cnfolio.com/M591CW2010A101/edit

McCartney, C. (2006). Forensic Identification and Criminal Justice. Devon: Willan Publishing. Retrieved October 26, 2009, from
http://site.ebrary.com/lib/portsmouth/docDetail.action?docID=10305977&p00=identification

Miller, J. (2009). Earliest Passport? Retrieved October 28, 2009, from
http://www.millersantiquesguide.com/blog/2009/06/earliest-passport

Ministry of Justice. (2009a). Freedom of Information Act 2000 – Annual Statistics on the operation of the FOI Act in Central Government 2008. Retrieved January 19, 2010, from
http://www.justice.gov.uk/publications/docs/foi-statistics-report-2008.pdf

Ministry of Justice. (2009b). Freedom of Information Act 2000 – Statistics on implementation in central government Q1: January – March 2009. Retrieved January 18, 2010, from
http://www.justice.gov.uk/publications/docs/foi-quarterly-stats-jan-mar-09.pdf

Molony, S. (2006). Harney accused over 'new culture of secrecy' in Health. Retrieved January 18, 2010, from
http://www.independent.ie/national-news/harney-accused-over-new-culture-of-secrecy-in-health-108599.html

National Policing Improvement Agency. (2008). Fingerprint Database. Retrieved Novemver 12, 2009, from
http://www.npia.police.uk/en/10504.htm

NEUROtechnology. (2009). VeriEye SDK. Retrieved December 3, 2009, from
http://www.neurotechnology.com/download/VeriEye_SDK_Brochure_2009-12-01.pdf

O'Gorman, L. (1999). Fingerprint Verfification. In A. Jain, R. Bolle & S. Pankanti (Eds.), Biometrics Personal Identification in Networked Society (pp. 44 - 64). New York: Kluwer Academic Publishers. Retrieved October 26, 2009, from
http://site.ebrary.com/lib/portsmouth/docDetail.action?docID=10053018&p00=identification

Office of Public Sector Information. (1996). Employment Rights Act 1996. Retrieved December 17, 2009, from
http://www.opsi.gov.uk/acts/acts1996/Ukpga_19960018_en_1

Office of Public Sector Information. (2000). Freedom of Information Act 2000. Retrieved January 18, 2010, from
http://www.opsi.gov.uk/Acts/acts2000/ukpga_20000036_en_1

Office of the Information Commissioner Ireland. (2009). Launch of the Information Commissioner's Annual Report 2008. Retrieved January 19, 2010, from
http://www.oic.gov.ie/en/MediaandSpeeches/PressReleases/2009/Name,9975,en.htm

Office of the Information Commissioner Ireland. (n.d.). Fees. Retrieved January 19, 2010, from
http://www.oic.gov.ie/en/MakeanFOIRequest/Fees/

Prentice, G. (2009). Freedom of Information Requests. Retrieved January 18, 2010, from
http://www.parliament.the-stationery-office.co.uk/pa/cm200910/cmhansrd/cm091214/debtext/91214-0026.htm

Ruiz-Albacete, V., Tome-Gonzalez, P., Alonso-Fernandez, F., Galbally, J., Fierrez, J., and Ortega-Garcia, J. (2008). Direct attacks using fake images in iris verification. Retrieved December 7, 2009, from
http://cost2101.org/BIOID2008/papers/19_BIOID_paper25.pdf

Sanderson, S., and Erbetta, J.H. (2000). Authentication for secure environments based on iris scanning technology. IEE Colloquium on Visual Biometrics. Retrieved December 7, 2009, from
http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=847019&isnumber=18346

Schulman, A. (2007). Top 10 database attacks. Retrieved December 7, 2009, from
http://www.bcs.org/server.php?show=ConWebDoc.8852

Staples, R. W. (2007). Encyclopedia of privacy. Connecticut: Greenwood Publishing Group. Retrieved January 18, 2010, from
http://books.google.co.uk/books?id=sFv1ZltBhR0C&lpg;

Summers, C. (1995). A Boy, an Owl and a Broken Wing. Retrieved December 17, 2009, from
http://azer.com/aiweb/categories/magazine/34_folder/34_articles/34_iridology.html

The MathWorks. (n.d.). The MathWorks Store. Retrieved December 7, 2009, from
http://www.mathworks.co.uk/store/default.do

Thompson, T. (2007). Forensic Human Identification : An Introduction. Boca Raton, FL: CRC Press. Retrieved October 26, 2009, from
http://site.ebrary.com/lib/portsmouth/docDetail.action?docID=10154933

University of Cambridge. (n.d.). Introduction to Iris Recognition. Retrieved December 5, 2009, from
http://www.cl.cam.ac.uk/~jgd1000/iris_recognition.html

Watson, S. (2008). How Fingerprinting Works. Retrieved October 26, 2009, from
http://science.howstuffworks.com/fingerprinting.htm/printable

Wills, M. (2009). Freedom of Information Requests. Retrieved January 18, 2010, from
http://www.parliament.the-stationery-office.co.uk/pa/cm200910/cmhansrd/cm091214/debtext/91214-0026.htm

World Bank. (2008). Population. Retrieved January 22, 2010, from
http://www.google.com/publicdata?ds=wb-wdi&met=sp_pop_totl&idim=country:IRL&dl=en&hl=en&q=ireland+population#met=sp_pop_totl&idim=country:IRL:GBR
Page revised 2010-01-25 23:52 • ©2012 University of Portsmouth • This website uses wikkawiki.org software.