Bridging the log-in gap

Although not yet mainstream, biometrics are steadily gaining ground within the federal government as a means of network authentication. The use of biological characteristics to authenticate users offers a level of security unmatched by passwords and tokens because biological traits cannot be forgotten, lost or stolen, and they are very difficult to mimic.

Increased security concerns, maturing technology and falling costs are playing a large role in the growth rate. The attitudes of end users are another factor allowing the growth of biometrics. Since the terrorist attacks on Sept. 11, 2001, many people have accepted security measures that they previously thought were unacceptably invasive.

For network access, most agencies are interested in layered security, meaning more than one means of authentication is required to gain access. Layered security can mean two biometrics, such as a fingerprint and iris scan, but more often it means a biometric combined with a token, such as a smart card or radio frequency ID badge. Biometrics are also often combined with a public-key infrastructure.

Layered biometric authentication requires policy-based software that can manage the different devices and tokens, if necessary, on a network. This type of software integrates with the log-in process to replace passwords with biometric authentication.

Agencies should ask several questions before purchasing biometric management software. First, how well does the product integrate with the existing network infrastructure? Does the system utilize existing data storage, or do separate databases for biometric information need to be created? Scalability should also be questioned: Will the product be able to accommodate future needs?

Biometric device compatibility is also an important factor. Not all management packages are compatible with all devices. You should determine which devices you'll initially be using and also which ones you might want to use in the future.

When considering devices, check to see which, if any, industry standard the device complies with. The federal government mandates use of devices that comply with the Biometric Application Programming Interface. BioAPI is an American National Standards Institute standard and is more current than the Human Authentication Application Programming Interface (HA-API), an older standard that is not as common.

We compare the two highest-profile biometric authentication management systems, SAFLink Corp.'s SAFsolution Enterprise Edition and Computer Consultants and Merchants (CC&M) Inc.'s Trusted Space. Both products can also be used for physical access, but here we focus on network access.

SAFLink: Perfect for Windows

Trusted Space: Layered security

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.