Bridging the log-in gap

Although not yet mainstream, biometrics are steadily gaining ground within the federal government as a means of network authentication. The use of biological characteristics to authenticate users offers a level of security unmatched by passwords and tokens because biological traits cannot be forgotten, lost or stolen, and they are very difficult to mimic.

Increased security concerns, maturing technology and falling costs are playing a large role in the growth rate. The attitudes of end users are another factor allowing the growth of biometrics. Since the terrorist attacks on Sept. 11, 2001, many people have accepted security measures that they previously thought were unacceptably invasive.

For network access, most agencies are interested in layered security, meaning more than one means of authentication is required to gain access. Layered security can mean two biometrics, such as a fingerprint and iris scan, but more often it means a biometric combined with a token, such as a smart card or radio frequency ID badge. Biometrics are also often combined with a public-key infrastructure.

Layered biometric authentication requires policy-based software that can manage the different devices and tokens, if necessary, on a network. This type of software integrates with the log-in process to replace passwords with biometric authentication.

Agencies should ask several questions before purchasing biometric management software. First, how well does the product integrate with the existing network infrastructure? Does the system utilize existing data storage, or do separate databases for biometric information need to be created? Scalability should also be questioned: Will the product be able to accommodate future needs?

Biometric device compatibility is also an important factor. Not all management packages are compatible with all devices. You should determine which devices you'll initially be using and also which ones you might want to use in the future.

When considering devices, check to see which, if any, industry standard the device complies with. The federal government mandates use of devices that comply with the Biometric Application Programming Interface. BioAPI is an American National Standards Institute standard and is more current than the Human Authentication Application Programming Interface (HA-API), an older standard that is not as common.

We compare the two highest-profile biometric authentication management systems, SAFLink Corp.'s SAFsolution Enterprise Edition and Computer Consultants and Merchants (CC&M) Inc.'s Trusted Space. Both products can also be used for physical access, but here we focus on network access.

SAFLink: Perfect for Windows

Trusted Space: Layered security

Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.