Monday November 24, 2008 3:48 AM AEST
Vulnerability Alerts
SANS
 
Microsoft
 
CERT/CC
 
 
Latest Comments
"it's good one "
on SanDisk taps McAfee for USB drive security
by khanbhai | Nov 22, 2008 9:00 PM
 
"when i login to face book it tells me i am cookies enabled what does this mean"
on Ads on Facebook serving up adware
by celeste | Nov 21, 2008 5:15 PM
 
"Hi this is the mail I received Brett Karpman show details Nov 17 (3 days ago) Reply Atten..."
on Yahoo and Microsoft take aim at lottery scams
by Rodney Churchyard | Nov 20, 2008 6:13 PM
 
"security through obscurity...shows how detached HIPAA is from reality."
on Privacy breaches causing business instability
by priceOfFishInChina | Nov 20, 2008 1:19 PM
 
"Umm. no. The 6.5 product is mounting the offline VM image and performing a scan for patch ..."
on Shavlik Technologies to broaden its patch management offerings
by eric | Nov 20, 2008 8:15 AM
Biometrics

Biometric tools (2007)

  • Email a Friend
  • Print Page
Products Tested
Related Articles
By Patrick Love, Head of Fiduciary Support, Global Wealth Sol
Oct 16, 2007 11:23 AM
Tags: Biometric | tools | (2007)
Today's biometric products have come a long way from their unreliable, cumbersome early incarnations. They are innovative, work well and are acceptably easy to implement.

We found that it is quite common to be able to perform multiple tasks with current biometrics. You can gain logical access to computers and networks, you can gain physical access to doors, and you can create biometric profiles of individuals using facial recognition. The only disappointment was that we did not have the current version of a hand geometry product and a retinal scanner.

In the area of false acceptance and rejection rates we saw an interesting trend: adjustability. Many products allow you to determine your tolerance for these two anomalies. This is important because, in order to tighten these parameters, you must sacrifice usability. You have to balance your appetite for security with your patience for supporting high rejection rates if you set the acceptance rates too low.

If you tolerate low rejection rates - perhaps in the name of ease of user support - you may find that the false acceptance rate becomes too high and you sacrifice security for convenience. Adjustability allows individualisation of the biometric access controls to fit the environment in which they are to be used.

WHAT TO LOOK FOR
There are some important considerations when you are planning to add biometrics to your network access-control plans. The most important, of course, is what you plan to use the technology for. Biometrics solutions are still a bit costly, even if prices have come down over the years and continue to fall, so you need to apply the right tool where it really is needed.

There are less expensive alternatives to biometrics, but for high-security applications biometric access control still is the platinum standard.

The second issue is what type of biometric tool is the right one for your application. Fingerprint scanners are the least expensive, and you have the most vendors to choose from in this field.

However, there are products that combine fingerprint scanning with some other form of authentication such as a PIN or a smart card. Occasionally a product will support all three for extremely secure access control, sometimes called strong authentication service or SAS.

For robust authentication pick a solution that employs multiple authentication methods. It is useful if the product supports access to both the enterprise and physical locations using biometrically controlled locks. This allows centralised logging of accesses. Often different methods are used depending on requirements.

For example, the door access may use SAS while computers use only fingerprint scanners. However, some tools allow you to combine the types of sensors into a single system and even to integrate with existing authentication infrastructures.

HOW WE TESTED
This month saw the most individually customised testing we have done so far. This was necessary because we had several types of products in the lab and they had different purposes.

Generally speaking, we installed the biometric software - client and/or server plus appropriate databases; plugged in the sensor - fingerprint scanner, facial recognition, etc; and performed a suite of functionality tests. These were mostly concerned with whether the product performed as advertised.

We were interested in how easy the product was to implement and administrate, whether it did the things its developer claimed it could do and whether we experienced large numbers of false rejection and acceptance rates. Those measurements were very unscientific since time did not permit the thousands of physical tests needed to obtain a statistically valid sample.

Overall, we found that biometric products have increased in number, quality and standardisation. Although they are useful today for specialised applications, we foresee the day when pricing will make them the universal replacement for other kinds of authentication in moderate to high-security environments rather than being restricted to very high-security applications as is still the case now.

We also found that most of the products we reviewed were highly competent. We had a very hard time selecting our Best Buy and Recommended products from this herd of winners.

 
Ads by Google
Thoughts on this article? Add a comment below.
Be the first to comment on this article.

Report this comment as offensive:

   * Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.  
Name:
*
 
Email:
(will not be displayed)
*
 
Comment:
(HTML not permitted)
*
 
Validation
*

Enter the code you see below:

 

 
 
 
 
 
Tripwire - Click here to win an iTouch
 
 
 
Biometrics & Forensics Whitepapers
 
Popular Tags
acquision antivirus attack doctor forensics hackers malware obsolete purchase spyware symantec tools traditional virus