CBK#1 Access Control Systems & Methodology

CBK#1 Access Control System & Method. - Page 1 2 3 4 5 6 7 8

Security principles
Confidentiality:
The assurance that information is not disclosed to unauthorized individuals, programs or processes.
Integrity:
Information must be accurate, complete and protected from unauthorized modification.
Availability:
Information, systems and resources need to be available to users in a timely manner so productivity will not be affected.

Identification
Describes a method of ensuring that a subject (user, program or process) is the entity it claims to be. Identification can be verified through the use of a credential.
Biometics:
Verifies an individual's identity by a unique personal attribute, which is one of the most effective and accurate methods of verifying identification.
Three main performance measures -
- FRR / False Rejection Rate or Type I Error - The percentage of valid subjects that are falsely rejected.
- FAR / False Acceptance Rate or Type II Error - The percentage of invalid subjects that are falsely accepted.
- CER / Crossover Error Rate - The percent in which the False Rejection Rate equals the False Acceptance Rate.
Other factors that must be considered -
- Enrolment time - The time it takes to initially "register" with a system by providing samples of the biometric characteristic to be evaluated.
- Throughput rate - The rate at which individuals can be processed and identified or authenticated by a system.
- Acceptability - Considerations of privacy, invasiveness and psychological and physical comfort when using the system.

Types of biometric systems -
Fingerprints: Are made up of ridge endings and bifurcations exhibited by the friction ridges and other detailed characteristics that are called minutiae.
Palm Scan: The palm has creases, ridges and grooves throughout it that are unique to a specific person.
Hand Geometry: The shape of a person's hand (the length and width of the hand and fingers) measures hand geometry.
Retina Scan: Scans the blood-vessel pattern of the retina on the backside of the eyeball.
Iris Scan: Scan the colored portion of the eye that surrounds the pupil.
Signature Dynamics: Electrical signals of speed and time that can be captured when a person writes a signature.
Keyboard Dynamics: Captures the electrical signals when a person types a certain phrase.
Voice Print: Distinguishing differences in people's speech sounds and patterns.
Facial Scan: Takes attributes and characteristics like bone structures, nose ridges, eye widths, forehead sizes and chin shapes into account.
Hand Topology: Looks at the size and width of an individual's hand and fingers.

CBK#1 Access Control System & Method. - Page 1 2 3 4 5 6 7 8

CISSP Summary 2002Related links | References

CBK#1 Access Control Systems & Methodology | CBK#2 Telecommunications & Network Security | CBK#3 Security Management Practices | CBK#4 Applications & Systems Development Security | CBK#5 Cryptography | CBK#6 Security Architecture & Models | CBK#7 Operations Security | CBK#8 Business Continuity Planning & Disaster Recovery Planning | CBK#9 Law, Investigations & Ethics | CBK#10 Physical Security

Contact:

E-mail: john.wallhoff@mailbox.swipnet.se
Written by: J.Wallhoff January - April 2002
Updated by: J.Wallhoff April 2002