Page 75 - DCAP516_COMPUTER_SECURITY
P. 75

Unit 6: User Authentication




          Biometric authentication systems generally operate in the following manner:           Notes
          Prior to any authentication attempts, a user is “enrolled” by creating a reference profile (or
          template) based on the desired physical attribute. The reference profile is usually based on the
          combination of several measurements. The resulting template is associated with the identity of
          the user and stored for later use.

          When attempting to authenticate themselves, the user enters his login name or, alternatively,
          the user may provide a card/token containing identification information. The user’s physical
          attribute is then measured.
          The previously stored reference profile of the physical attribute is then compared with the
          measured profile of the attribute taken from the user. The result of the comparison is then used
          to either accept or reject the user.
          Biometric systems can provide an increased level of security for IT systems, but the technology
          is still less matures than memory or smart cards. Imperfections in biometric authentication
          devices arise from technical difficulties in measuring and profiling physical attributes as well as
          from the somewhat variable nature of physical attributes. Many physical attributes change
          depending on various conditions. For example, a person’s speech pattern may change under
          stressful conditions or when suffering from a sore throat or cold.
          Biometric systems are typically used in conjunction with other authentication means in
          environments requiring high security.




              Task  Describe what steps are being taken by Government of India for generating Unique
            Identification Number of citizens of India

          6.9 Summary

               Authentication means that users are who they claim to be. Strong user authentication is
               costly and off-putting because no user authentication method is secure when employed
               alone. Experts agree that real information security requires a combination of tests (multi-
               factor user authentication) to verify who the user is, what the user knows, what the user
               has or where the user is.
               User authentication methods are costly to acquire. Strong user authentication is an expensive
               and daunting management proposition. Authentication policies are needed to govern
               how the authentication methods interoperate. Once a user is authenticated, the user’s
               identity is securely established.
               More user authentication creates complex new management issues to make efficient use
               of the authentication investment. The new user authentication management tools will
               arbitrate between users and devices, the authentication methods being used, and the
               information resources and applications being accessed.
               Biometric devices authenticate users to access control systems through some sort of personal
               identifier such as a fingerprint, voiceprint, iris scan, retina scan, facial scan, or signature
               dynamics.

          6.10 Keywords

          Authentication: It means that users are who they claim to be.





                                           LOVELY PROFESSIONAL UNIVERSITY                                   69
   70   71   72   73   74   75   76   77   78   79   80