• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Biometrics and authentication webinar v3
 

Biometrics and authentication webinar v3

on

  • 1,221 views

This slide presentation provides an overview of biometric and authentication technology and the overall issues, benefits and impact of these type of solutions.

This slide presentation provides an overview of biometric and authentication technology and the overall issues, benefits and impact of these type of solutions.

Statistics

Views

Total Views
1,221
Views on SlideShare
1,209
Embed Views
12

Actions

Likes
1
Downloads
30
Comments
0

1 Embed 12

http://www.techgig.com 12

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Biometrics and authentication webinar v3 Biometrics and authentication webinar v3 Presentation Transcript

    • City of Winter Park, Florida Biometrics and Authentication George Maldonado Systems Administrator MCSE, CCNA, MCP, Net+
    • Lets Define !
      • “ biometric: is a physiological or behavioral characteristic of a human being that can distinguish one person from another and that theoretically can be used for identification or verification of identity.”
      • “ authentication: Positive verification of identity (man or machine), verification of a person’s claimed identity”
      • FBI CJIS Requires: That Each person who is authorized to store, process, and/or transmit FBI CJIS/CHRI data must be authenticated by use of a unique user ID and password or a form of advance authentication. Advance authentication is required for devices that access FBI CJIS data/CHRI from non secure locations or via the internet, wireless or dial-in connections.
      • Advance authentication is the term describing added security functionality, in addition to the typical use identification and authentication of login ID and password.
      • Who are you? Prove it.
    • Why Biometrics?
      • Biometrics is the simplest and most inexpensive way to accurately identify or verify individuals based upon each person’s unique physical or behavioral characteristics. Biometrics work by unobtrusively matching patterns of live individuals in real time against enrolled records.
      • It fits the basic security principal:
      • “ What You Have, What You Know, What You Are”
      • Biometric-based solutions are able to provide for confidential financial
      • transactions and personal data privacy. The need for biometrics in the enterprise
      • wide network security infrastructure is a must technology, because single-factor
      • authentication methods are easy to break and therefore inherently important to
      • our citizens.
      • Identity thefts
      • Something you know can be stolen
      • Shared, predicted or hacked
      • Fingerprints – mature enough to deter crime and even terrorism
    • Implementation Summary
      • User Statistics
      • Total Users: 545
      • Users with registered fingerprints: 364
      • Readers deployed: 364
        • City Hall
        • Emergency Vehicles (Police and Fire Trucks)
        • Electric Division & Water Plants
        • Central Facilities including vehicle maintenance
    • Fingerprints as a Biometric
      • High Universality
      • A majority of the population (>96%) have legible fingerprints
      • Even identical twins have different fingerprints (most biometrics fail)
      • Individuality of fingerprints established through empirical evidence
      • High Permanence
      • Fingerprints are formed in the fetal stage and remain structurally unchanged through out life.
      • High Performance
      • One of the most accurate forms of biometrics available
      • High Acceptability
      • Fingerprint acquisition is non intrusive. Requires no training.
      • .
    • What We Are Using
      • DigitalPersona Pro for Active Directory
        • Installed on desktops
        • Installed on existing servers
      • Hardware
        • DigitalPersona U.are.U 4500 fingerprint readers
        • Existing “swipe readers” embedded in various models of popular notebooks and PCs.
    • IT Environment (Past & Present)
      • Current Environment
      • Single Active Directory Domain
      • Password Authentication
      • Applications
      • Login to:
        • Windows Domain or Network Access
        • Naviline
        • iSeries (AS400 Green Screen)
        • Outlook
      Any application setup for biometric logon at the City will have this icon on the logon screen
    • Driving Forces
      • Pain Points
      • Resolve password related issues
        • Needed Security that couldn’t be shared
        • Eliminated desktop sharing
        • Excellent opportunity to put in place Password and screen saver Policies
      • Meet CJIS Mandate Requirements
      • Advance authentication is required for devices that access FBI CJIS data/CHRI from non secure locations or via the internet, wireless or dial-in connections.
      • Advance authentication is required for devices that access FBI CJIS data/CHRI from non secure locations or via the internet, wireless or dial-in connections.
    • Available Solutions
      • Solutions Considered
      • Inflexis DesktopID
      • Why other solutions were not selected
      • No real AD integration
      • “ Petting” reader
      • No centralized fingerprint storage
      • No different than a token device (can get expensive)
    • Why DigitalPersona
      • Easy for Users
          • Employees embraced it
          • Best trade off between convenience and security
          • Faster than recalling and typing very complex passwords
          • Intuitive to use – visual cues
          • Simple user registration process
          • Single Sign on function
          • Automatic Wizard detects login fields in applications and web sites
      • Easy for the IT Administrators
        • Easily create login templates for applications the Wizard cannot detect
        • Push out the templates via GPOs
    • Why DigitalPersona
      • Robust, Centralized Server Software
        • Tight Active Directory Integration
        • Single or Two-factor authentication options
        • Flexible Authentication Policies
      • Secure and Compliant
          • Met CJIST mandate of requiring Two-Factor Authentication
          • Event Logs of who accessed what and when
          • Protect sensitive information through digital signing and encryption of email and documents
      • Reader is well constructed
    • Implementation Summary
      • Benefits to IT:
      • Met federal and state requirements
        • Avoid fines and penalties
      • Compliance’s intrinsic benefit
        • Creates a more definitive baseline for data sharing and protection.
        • Improve security, communications, and overall business practices.
      • Create Flexible Group Policies
    • Implementation Summary
      • CJIS Compliance Impact
      • Criminal Justice Information System
        • FBI Requirement
        • Two-factor Authentication
      • Create and maintain criminal justice information system
        • For authorized state, local criminal justice, and noncriminal justice users
        • Supports operations, policy analysis, and public safety
        • Must be accurate, timely, complete, appropriately secured to protect privacy rights, cost-effective, and accessible.
    • General Issues
      • Low humidity areas may require hand moisturizer
      • During initial set up, shield the fingerprint reader from direct sunlight
    • Thank You!! George Maldonado Systems Administrator MCSE, CCNA, MCP, Net+