Bridging the log-in gap

Although not yet mainstream, biometrics are steadily gaining ground within the federal government as a means of network authentication. The use of biological characteristics to authenticate users offers a level of security unmatched by passwords and tokens because biological traits cannot be forgotten, lost or stolen, and they are very difficult to mimic.

Increased security concerns, maturing technology and falling costs are playing a large role in the growth rate. The attitudes of end users are another factor allowing the growth of biometrics. Since the terrorist attacks on Sept. 11, 2001, many people have accepted security measures that they previously thought were unacceptably invasive.

For network access, most agencies are interested in layered security, meaning more than one means of authentication is required to gain access. Layered security can mean two biometrics, such as a fingerprint and iris scan, but more often it means a biometric combined with a token, such as a smart card or radio frequency ID badge. Biometrics are also often combined with a public-key infrastructure.

Layered biometric authentication requires policy-based software that can manage the different devices and tokens, if necessary, on a network. This type of software integrates with the log-in process to replace passwords with biometric authentication.

Agencies should ask several questions before purchasing biometric management software. First, how well does the product integrate with the existing network infrastructure? Does the system utilize existing data storage, or do separate databases for biometric information need to be created? Scalability should also be questioned: Will the product be able to accommodate future needs?

Biometric device compatibility is also an important factor. Not all management packages are compatible with all devices. You should determine which devices you'll initially be using and also which ones you might want to use in the future.

When considering devices, check to see which, if any, industry standard the device complies with. The federal government mandates use of devices that comply with the Biometric Application Programming Interface. BioAPI is an American National Standards Institute standard and is more current than the Human Authentication Application Programming Interface (HA-API), an older standard that is not as common.

We compare the two highest-profile biometric authentication management systems, SAFLink Corp.'s SAFsolution Enterprise Edition and Computer Consultants and Merchants (CC&M) Inc.'s Trusted Space. Both products can also be used for physical access, but here we focus on network access.

SAFLink: Perfect for Windows

Trusted Space: Layered security

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.