Arts & Photography
Audio CDs
Audiocassettes
Biographies & Memoirs
Business & Investing
Children's Books
Christianity
Comics & Graphic Novels
Computers & Internet
Cooking, Food & Wine
Entertainment
Gay & Lesbian
Health, Mind & Body
History
Home & Garden
Horror
Literature & Fiction
Mystery & Thrillers
Nonfiction
Outdoors & Nature
Parenting & Families
Professional & Technical
Reference
Religion & Spirituality
Romance
Science
Science Fiction & Fantasy
Sports
Teens
Travel
Women's Fiction
|
 |
Biometrics and Network Security |
List Price: $44.99
Your Price: $40.61 |
 |
|
|
|
| Product Info |
Reviews |
<< 1 >>
Rating: 
Summary: The barriers to effective implementation of biometrics
Review: Even though I am well aware of the problems of "simple" passwords, quite frankly I have no choice but to use them. Like nearly everyone else, keeping even a small number of strong passwords in my mind is close to impossible and I rarely remember them. Most people in this situation write them down and place them near their terminal, effectively rendering the strong password weaker than the simple one. Since the lack of an appropriate password ceases your activity on that system, it is a case where the cure of strong passwords is probably worse than the disease. The best solution is to have a single sign-on system, where one data point is used to grant access to all computer systems.
In this environment, the use of a biometric, or unique characteristic of our bodies as a logon authentication mechanism is very attractive. Clearly, it is most unlikely, although not completely impossible, for anyone to be without a particular biometric. Furthermore, in certain circumstances, our society is comfortable with using biometrics as an identifier. The fingerprint has been accepted as evidence in a court of law for decades and DNA is regularly used to overturn convictions and set the innocent free. While biometrics is not yet a mature technology, the purpose of this book is to examine the current state of the art, describe how they can be used and the weaknesses still present in the technology.
There are some problems with the use of biometrics, some are technical, others are social and some are biological. In this book, the biometrics most commonly considered for authentication are examined and the problems detailed. The biometrics covered are fingerprints, face recognition, voice analysis and blood vessel patterns in the iris of the eye. Face recognition and voice analysis are the two most susceptible to biological changes. People age, some faster than others and as that happens, their face changes, sometimes rapidly and dramatically. There are some people whose face changes a great deal even from day to day depending on how much sleep they got the night before. We have all experienced a situation where we meet someone we have not seen for a few years and do not recognize them. Temporary illness can also alter a voice, rendering the voice recognition mechanism ineffective. These situations of a false negative would be difficult to avoid, unless the authentication data is periodically updated.
Fingerprints and patterns in the iris are the most permanent. However, they also have their problems. To get a precise fingerprint, the hand has to be very steady and most people in the United States equate the taking of fingerprints with a trip to the police station. This is a significant social barrier that will delay the implementation of any general identification system. Scanning the patterns of the iris requires close proximity to the sensor and it is necessary for a light to be focused on the eye. Many people are made uncomfortable with the light shining in their eyes and it generates fear of potential eye damage. The sections describing the problems with the current state of biometric recognition technology should be read by anyone pondering the implementation of such a system.
However, even if all of the social and biological barriers can be overcome, it still may be possible to spoof the recognition devices. Each chapter that describes a biometric has a section on how to fool the sensor. While some of it reads like to modern spy novel, in many cases no sophisticated technology was needed to perform the spoof. In the case of face recognition, simply taking a high quality digital picture may be all that is needed to get data that will be accepted by the face scanner. High quality digital recordings of your voice may also be enough to fool a voice recognition system. Fingerprints and iris patterns are harder to spoof, but we touch many surfaces during the day, and some keep fingerprints very well.
In the final analysis with biometrics, it comes down to what levels of false positives and false negatives are considered acceptable. These two must both be part of the analysis, as clearly a false positive will let a malicious entity in and if there are too many false negatives then legitimate users will be denied access and productivity will drop. There is a chapter on statistics where many of the critical questions concerning these areas are examined.
The book closes with a chapter detailing a scenario where a biometric system is implemented at a large company. Every step of process, from the proof of concept to the final rollout are examined. The emphasis is on dealing with the internal political and social conditions, as clearly that will be a significant barrier everywhere except in places such as the military.
Authentication methods based on biometrics are attractive, in that they apparently can be used to solve some of the most difficult problems in limiting access to secure systems. However, there are still many problems to be overcome and in this book you learn what those problems are. With that information, you will be able to make a reasoned decision whether such a system is appropriate for your business.
<< 1 >>
|
|
|
|
