Biometrics for Network Security / Edition 1

Biometrics for Network Security / Edition 1

by Paul Reid
     
 

ISBN-10: 0131015494

ISBN-13: 9780131015494

Pub. Date: 01/28/2004

Publisher: Pearson

Network security has become the latter-day equivalent of oxymoronic terms like "jumbo shrimp" and "exact estimate." Newspaper headlines are routinely peppered with incidents of hackers thwarting the security put forth by the government and the private sector. As with any new technology, the next evolution of network security has long languished in the realm of science

Overview

Network security has become the latter-day equivalent of oxymoronic terms like "jumbo shrimp" and "exact estimate." Newspaper headlines are routinely peppered with incidents of hackers thwarting the security put forth by the government and the private sector. As with any new technology, the next evolution of network security has long languished in the realm of science fiction and spy novels. It is now ready to step into the reality of practical application.

In Biometrics for Network Security, biometrics security expert Paul Reid covers a variety of biometric options, ranging from fingerprint identification to voice verification to hand, face, and eye scanning. Approaching the subject from a practitioner's point of view, Reid describes guidelines, applications, and procedures for implementing biometric solutions for your network security systems.

Coverage includes:

  • An introduction to authentication technologies and biometrics
  • Dealing with privacy issues
  • Biometric technologies, including finger, hand geometry, handwriting, iris, retina, voice, and face
  • Security concerns related to biometrics, including attempts to spoof or fake results
  • Deployment of biometric security systems, including vendor selection and roll out procedures
  • Real-life case studies

For security, system, and network administrators and managers, as well as anyone who is interested in the application of cutting-edge biometric technology, Biometrics for Network Security will prove an indispensable addition to your library!

Product Details

ISBN-13:
9780131015494
Publisher:
Pearson
Publication date:
01/28/2004
Series:
Prentice-Hall Series in Computer Networking and Distributed Systems
Pages:
320
Product dimensions:
6.98(w) x 9.02(h) x 0.71(d)

Table of Contents

Forewordxv
Prefacexvii
Acknowledgmentsxix
Part 1Introduction and Background1
Chapter 1Introduction3
What Makes This Book Different?4
The Structure of This Book4
Section 1Introduction and Background4
Section 2Biometric Technologies4
Section 3Implementing Biometrics for Network Security5
Section 4Future and Conclusions5
Everything You Need to Know about Biometrics to Understand the First Three Chapters5
What is a Biometric?5
Enrollment, Template, Algorithm, and Verification6
FAR, FRR, and FTE6
Who Should Read This Book?7
Conclusion7
Chapter 2Authentication Technologies9
Something You Know10
Something You Have12
Storage Tokens12
Dynamic Tokens12
Token Usability13
Something You Are13
The Need for Strong Authentication14
Network Convergence Role in Password Proliferation14
Mitigating Public Risk through Government Regulation16
Mitigating the Risks from an Inside Threat18
The Role of Strong Authentication with Single Sign-On (SSO)20
Biometric Technologies: An Intelligent Solution21
Conclusion22
Chapter 3Protecting Privacy with Biometrics and Policy23
Employer's Right to Privacy25
Protection of Trade Secrets and Proprietary Information25
Protection of Personal Data about Employees and Customers26
Background Checks28
External Reporting and Auditing Requirements28
Access Control32
Employee's Right to Privacy32
Protection of Personal Data Collected by the Employer32
Creating a Positive Biometric Policy35
Conclusion51
Part 2Biometric Technologies53
Chapter 4Biometric Technologies55
User Interaction with Biometric Technology55
Passive Biometrics55
Active Biometrics56
What Makes a Good Biometric?56
User Acceptance57
Ease of Use63
Technology Cost64
Deployability66
Invasiveness of the Technology68
Maturity of the Technology69
Time It Takes for a User to Become Habituated69
What Makes a Good Biometric for Network Security?70
Conclusion70
Chapter 5Finger Biometric Technologies73
General Description of Fingerprints74
Macro Fingerprint Features74
Micro Fingerprint Features77
How Is the Finger Imaged?81
Optical Scanners82
Silicon Scanners83
Types of Algorithms Used for Interpretation85
Minutia-Based Algorithm85
Pattern-Based Algorithm86
Hybrid Algorithm86
Which Algorithm Is Best?87
How Can this Biometric be Spoofed?87
Attacking the Physical Finger88
Using Artifacts91
Attacking the Communication Channels92
Compromising the Template93
Attacking the Fallback System94
Conclusion95
Chapter 6Face Biometric Technologies97
General Description of Face Biometrics98
How Is the Face Imaged?98
What Types of Algorithms Are Used for Facial Interpretation?98
Eigenface99
Local Feature Analysis100
Neural Network100
Automatic Face Processing102
Which Algorithm Is Best?102
How Can This Biometric Be Spoofed?105
Attacking the Physical Face106
Using Artifacts108
Conclusion108
Chapter 7Voice Biometric Technologies109
General Description of Voice Biometrics110
How Is the Voice Captured?110
Types of Algorithms Used for Voice Interpretation111
Which Algorithm Is Best?113
Recommended Voice Algorithm113
How Can This Biometric Be Spoofed?114
Attacking the Physical Voice114
Conclusion115
Chapter 8Iris Biometric Technology117
General Description of Iris Biometrics118
How Is the Iris Captured?118
Description of the Iris Algorithm118
How Can This Biometric Be Spoofed?119
Attacking the Physical Iris120
Using Artifacts120
Conclusion120
Part 3Implementing Biometrics for Network Security123
Chapter 9Recommended Biometric for Network Security125
Finger Biometrics126
Face Biometrics128
Voice Biometrics132
Iris Biometrics135
The Choice of a Biometric for Network Access137
Conclusion139
Chapter 10An Introduction to Statistical Measures of Biometrics141
FAR141
Definition141
The Simple Math142
Why Is This Important?143
FRR144
Definition144
The Simple Math144
Why Is This Important?146
FTE146
Definition146
The Simple Math147
Why Is This Important?148
A Quick Note on Biometric Systems149
EER149
Definition149
The Simple Math150
Why Is This Important?151
What Measure Is Most Important?152
Define the User Population152
Is the Application for Verification or Identification?152
Are Other Means of Authentication Available?153
What Is the Importance of the Biometric Authentication?153
Is It Driven by Convenience and Ease of Use?153
Conclusion154
Chapter 11The Biometric Transaction155
Securing and Trusting a Biometric Transaction155
User156
Biometric Reader157
Matching Location166
Local Host167
Authentication Server168
Match on Card (MOC)169
Conclusion171
Chapter 12Preparing for the Proof of Concept and Selecting a Vendor173
Define the Driver of the Project as Either Corporate IT or a Business Need174
Define the Business Need or Objectives176
Designate the Internal Sponsor of the Project178
Define the Stakeholders180
Define a Clear Set of Goals and Success Criteria for the Project182
Form and Charter the POC Group184
Based on the Goals and Success Criteria, Invite a Few Vendors to Pilot186
Set the Timelines for the POC and Ensure That the Implementation Activities Are Done Within the Scope of the POC188
Deploy the POC189
Monitor and Evaluate the POC191
Wrap Up the POC192
Decide on the Validity of Each Vendor's Solution194
Make a Go/No Go Decision to Move Ahead195
Announce the Results and Lay the Groundwork for the Next Phase196
Conclusion197
Chapter 13Preparing for the Pilot Deployment199
Define the Group of Stakeholders200
Put in Place a Project Management Team That Can See the Solution Through to Rollout200
Form and Charter the Pilot Group201
Develop Policy Documents203
Summarize Daily Reports Weekly and Send Them Out205
Address and Track Problems and Solutions As They Happen206
Put a Training Plan in Place207
Prepare Audit and Analysis Reports209
Build and Test an Automated Install210
Roll Out the Software and Hardware in a Practical Manner211
Provide Mechanisms for Feedback212
After Initial Pilot Rollout, Get the Executives Involved214
Start Addressing Issues of Scalability and Manageability for Rollout215
Near the End of the Pilot, Start Discussing the Next Steps217
Wrap Up the Pilot217
Make a Go/No Go Decision218
Build a Transition Book219
Conclusion220
Chapter 14Preparing for the Rollout223
Why Is This Chapter So Short?226
Conclusion226
Part 4Future and Conclusions227
Chapter 15The Future of Biometric Authentication229
Will Biometrics Be Integrated Everywhere?229
What Other Biometric Measures Will Exist?230
A Futuristic Example: New Form of "Caller ID"231
Conclusion232
Glossary233
Bibliography239
Index243

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >