RE: CDSA-biometrics

From: Yonatan Bokovza (Yonatanat_private)
Date: Wed Jun 27 2001 - 05:40:37 PDT

  • Next message: George Milliken: "RE: Principle of Inclusion?"

    > -----Original Message-----
    > From: KuroiNeko [mailto:evpopkovat_private]
    > Sent: Tuesday, June 26, 2001 06:41
    > To: secprogat_private
    > Subject: Re: CDSA-biometrics
    > 
    > 
    > > I'm  doing   a  thesis  in   implementing  CDSA  (Common   
    > Data  Security
    > > Architecture)
    > > in a program used for secure authentication. I'm going to 
    > use biometric
    > > devices for this purpose.
    > 
    >  Don't expect  biometrics to be  all-it-takes. A real-life 
    > example.  A bank
    > had a dactiloscopic  scanner to authenticate users of  rented 
    > private vault
    > cells. A woman came to rent a  cell, but they simply could 
    > not establish an
    > account for her  because she was a  typist and her fingertips 
    >  were so soft
    > and papillar  pattern was so  blurry (very  thin skin) that  
    > scanner simply
    > could not identify her.
    >  Also, marketoids  of biometric  systems tend  not to  tell 
    > you  one really
    > important thing: you should  not assume that a part of  human 
    > body used for
    > auth will always remain and always be the same. A person can 
    > loose a finger
    > in  a  disaster, ditto  an  eye.  Skin  tends  to change  
    > fast,  especially
    > fingertips, voices change, even adults' voices.
    >  Provided that  biometric scanners  and recognition  software 
    > still  cost a
    > fortune, and they  still have to be backed up  by traditional 
    > auth methods,
    > real advantage of biometrics is still questionable.
    > 
    Just one more:
    You can't revoke a biometric key. If a BadGuy(tm) gets a
    hold of the digital representation of, say, your finger- he
    might be able to impersonate you. And poor you, you
    can't revoke your finger, right?
    
    Best Regards, 
    
    Yonatan Bokovza
    IT Security Consultant
    Xpert Systems
    



    This archive was generated by hypermail 2b30 : Thu Jun 28 2001 - 09:24:01 PDT