Linda Musthaler's CIO-level look at the latest networking technologies and their benefits and pitfalls.
There’s usually an inverse relationship between enterprise security and end user convenience. When you tighten security, it often means more hoops for users to jump through – more complex passwords to remember, more sign-ons to endure, more tokens or cards to carry. That’s when you end up with passwords on Post-its, completely defeating your attempts at stronger security.
Forget all that. Biometrics as a means of authentication has gotten so reliable and easy to implement that it is now a mainstream enterprise technology. This week I attended the Digital Identity Showcase hosted by UPEK and Pay By Touch, and I was able to put my finger on some interesting biometric solutions that are both convenient for the end user and highly secure.
UPEK is the developer of the biometric technology that uses a fingerprint to identify an individual. Pay By Touch is a partner company that has embedded UPEK’s technology into devices used in retail settings. In today’s article, I’ll focus on the state of the technology and next week, I’ll cover some of the myriad uses, including the Pay By Touch solution and several others.
Up until about a decade ago, fingerprint scanning technology was based on optics. This meant the scanners were large and the results of a scan were sometimes distorted, making the use of a solution based on optical scanning somewhat clumsy and unreliable. In the late 1990’s, a real breakthrough in technology took place. Silicon chip companies began to explore capturing fingerprint images on silicon. This technology uses capacitive sensing instead of light (optics), yielding high resolution and density in a fingerprint scan and resulting in a much more reliable and accurate identification of the individual. In addition, the size of the scanners shrunk to something small enough to fit on a cell phone or a USB thumb drive, and that’s where we are today.
Most if not all major notebook PC manufacturers now have models with embedded fingerprint scanners. Gateway, Dell, Toshiba, ASUS and Lenovo all use UPEK’s technology to add another layer of security to their notebooks, or to replace passwords all together.
The UPEK module includes the fingerprint sensor plus a separate security chip embedded in the notebook hardware. Together they can be used to do pre-boot authentication of the user. For example, before Windows will boot, the user has to swipe an enrolled finger across the sensor. The “template” of his fingerprint is compared to the master template stored in the security chip. If there is a match, the user is authenticated.
Linda Musthaler is a principal analyst with Essential Solutions Corporation.
Rss FeedRss Feed
Diagnosing why an application is slow is hard, at times taking days or weeks to isolate and resolve. This paper explains the challenges involved using current management tools, provides a 'wish list' for application management and analysis, and explains the need for an application system-wide approach that monitors entire applications, not components.
This paper highlights the impact of virtualization on application performance. "Managing Application Performance in Virtual Environments" states: "Best-in-Class organizations are predominately taking actions around improving visibility across both physical and virtual systems, assessing the business impact of application performance and understanding interdependencies of applications in virtualized environments."
Forrester Research analyst Glenn O'Donnell and BlueStripe co-founder Vic Nyman discuss a breakthrough approach to application problem management. Learn the new approach for ITSM problem management, which provides: Rapid isolation of application slow-downs to specific components for quick problem resolution, 24/7 monitoring for proactive notification of potential issues before end users are impacted and much more.
The Leader in Network Knowledge
Partner Content
Blue Stripe Software
www.bluestripe.com/
Improving Application Performance Troubleshooting
Diagnosing why an application is slow is hard, at times taking days or weeks to isolate and resolve. This paper explains the challenges involved using current management tools, provides a 'wish list' for application management and analysis, and explains the need for an application system-wide approach that monitors entire applications, not components.
Download Whitepaper
Virtual Vigilance: Managing Application Performance in Virtual Environments
This paper highlights the impact of virtualization on application performance. "Managing Application Performance in Virtual Environments" states: "Best-in-Class organizations are predominately taking actions around improving visibility across both physical and virtual systems, assessing the business impact of application performance and understanding interdependencies of applications in virtualized environments."
Download Whitepaper
Application Service Requests: The Missing Link for Pragmatic ITSM
Forrester Research analyst Glenn O'Donnell and BlueStripe co-founder Vic Nyman discuss a breakthrough approach to application problem management. Learn the new approach for ITSM problem management, which provides: Rapid isolation of application slow-downs to specific components for quick problem resolution, 24/7 monitoring for proactive notification of potential issues before end users are impacted and much more.
Register for Webcast
Comments (5)
Time to separate identification and authenticationBy Anonymous on June 25, 2007, 9:42 pmI think the two things should be seperated: identification and authentication. Re: Biometrics make user authentication convenient and secure – at the same time! Fingerprint...
Reply | Read entire comment
Show me the mathBy Paul Dodd on June 26, 2007, 11:10 amIt's easy to say "biometrics are secure" but where is the math to explain how secure? With regular passwords, digital certificates, and one-time passwords we can...
Reply | Read entire comment
Authoriziation, Identification, Authentication - and BiometricsBy Greg Faust on June 26, 2007, 3:15 pmRole confusion and silly semantics reign supreme in the world of IT security. Each function - who is Authorized to use a resource, who is Identified as the user,...
Reply | Read entire comment
Show me the (biometric) mathBy Greg Faust on June 26, 2007, 3:30 pmStatistic don't lie, but liars use statistics? I can use numbers make a five digit PIN look like child's play - or practically impervious. It all depends on what...
Reply | Read entire comment
NIST (National Institute ofBy Anonymous on June 28, 2007, 6:40 pmNIST (National Institute of Standards and Technology) has plentiful numbers on relevant statistics - for fingerprints the data is decades old and systems just keep...
Reply | Read entire comment
View all comments