Site home page
Get alerts when Linktionary is updated
Book updates and addendums
Get info about the Encyclopedia of Networking and Telecommunicatons, 3rd edition (2001)
Download the electronic version of the Encyclopedia of Networking, 2nd edition (1996). It's free!
Contribute to this site
Electronic licensing info
Biometric Access Devices
Note: Many topics at this site are reduced versions of the text in "The Encyclopedia of Networking and Telecommunications." Search results will not be as extensive as a search of the book's CD-ROM.
Biometrics adds another dimension to the logon/authentication process. Biometrics identifies some physical trait of the user logging on and uses that information, along with a username and password in most cases, to authenticate the user. Physical traits include fingerprints, voice, and facial and iris/retina features.
In many environments, username/password access is not strong enough to make network administrators feel comfortable that their systems are secure. To improve security, administrators may consider "smart card" token access devices (see "Token-Based Authentication") or biometric access devices, as covered here. Of course, other access methods are available, but they are somewhat esoteric and expensive. Others are just emerging or may only be applicable to certain situations. For example, the GPS (Global Positioning System) can be used to verify that a user is logging on from the location where his or her computer is located.
Biometrics identifies the actual person who has authorized access by his or her physical traits. In contrast, token-based systems are based on an external physical device that is carried by the person. Technically, both systems can be compromised with brute force-literally. For example, an attacker could force an authorized user to reveal his or her secret password, steal the token device, and then attempt to logon from any remote system that accepts the password and token code. In contrast, biometric logon usually only takes in specific locations in which the biometric devices are located. An attacker would need to force the authorized user to scan his or her fingers, eyes, face, and so on, at that location. If guards are posted or other people are around, this could be a little difficult.
Here are four types of biometric identification techniques:
The Web sites listed on the related entries page provide extensive information on biometric technologies. Many new products are emerging, and prices are sure to drop as development costs are recouped and the technologies take hold.
Copyright (c) 2001 Tom Sheldon and Big Sur Multimedia.