Biometrics is another security technology that is used to 100% confirm the identity of an individual in question.
The tools that are utilized can do this either by taking a snapshot of one of your physiological traits (such as capturing an image of a fingerprint, an image of an iris, an image of your face, etc.) or behavioral traits (such as the way you sign your signature, or the way in which you type on a computer keyboard).
It is important to note that these snapshots are also technically referred to as “raw images”.
The Identification Process
First, an individual must have an Enrollment Template taken by the appropriate biometric device.
This is actually the unique features that are extracted from the raw template, and from there, they are then converted over into a mathematical file.
An example of this would be fingerprint recognition.
After the raw image of the fingerprint is actually captured, it is then closely examined by the system to extract the unique features.
This would include such items as the breaks, deltas, and bifurcation features that are found in the ridges, whorls, and valleys in the fingerprint.
An example of this is illustrated below:
Once these have been identified by the fingerprint recognition system, these unique features are then converted over into a binary mathematical file, as illustrated below:
Contrary to popular belief, it is not the actual raw image that is stored in the database, rather it is the above type of mathematical file.
This now becomes specifically known as the “enrollment template”, and is stored permanently into the database of the fingerprint recognition system.
In order to confirm the identity of the individual, he or she then must go through this entire process all over again, and have what is known as a “verification template” created.
Once the latter has been created, both the enrollment template and the verification template are then compared amongst one another to determine the degree of statistical correlation.
If the two templates are deemed to be statistically close to one another, the identity of the individual is then 100% confirmed by the fingerprint recognition system.
However, if the degree of statistical correlation between the two templates is not deemed to be close enough, then the identity of the individual cannot be confirmed by the fingerprint recognition system, and he or she must then go through this entire process again.
If, however this individual’s identity still cannot be confirmed by the fingerprint recognition system, then another identity mechanism must be utilized.
Logical Access Entry
In the world of cyber security today, one of the most sought-after prizes of the cyber attacker is a password.
Once he or she has this in their possession, they can gain access to all sorts of banking and credit card account websites.
As of late, there have been many problems with using passwords, and thus, businesses and corporations are mandating for all employees, even those in upper management, to create long and complex passwords that are difficult to crack as well.
Because many employees will probably not remember these passwords, they often write them down and stick to their workstation monitor via a Post It Note.
This has been appropriately called the “Post It Syndrome”.
As a result, password managers are now being used, but these software packages also have some security issues with them as well.
Although they do store passwords quite securely, the caveat here is that in order to access the password manager, another password must be created, and this cannot be stored in the password manage itself.
It is the responsibility of the employee to keep this master password safe.
So, the use of biometric technology is now being seen as an alternative to the password for “logical access” types of scenarios in order to gain access to shared resources on the server / network drives, etc.
So, in a literal sense, an individual’s fingerprint becomes their password in this regard.
Instead of having to enter their password each and every time in order to gain access to the files and resources that the employees need to do their every day job functions, just one swipe of the finger or even a quick scan of the iris will gain them “logical access entry”.
Conclusions
Our next blog post of the series will examine how both fingerprint recognition and iris recognition can used as a means a means of logical access entry for the network infrastructure at your business.
