Assessing Vulnerability of Biometric Technologies for Identity Management Applications
Abstract
To address the Community of Practice (CoP) objective of evaluating the utility of potential biometrics techniques that could be used to enhance the security of Information Technology (IT) systems, including Supervisory Control And Data Acquisition (SCADA)systems and e-Government services, the Study Team for PSTP-02-336BIOM developed a framework for addressing biometric vulnerabilities, researched case study examples of existing deployed biometric systems, and conducted a small-scale evaluation to compare the utility of biometrics vs. passwords. In developing the framework, the Study Team researched existing biometric evaluation frameworks to identify gaps, and synthesized a practical framework aimed at an audience of IT security practitioners, with the intent of addressing the growing use of biometrics in government applications and the implications that it has on IT systems security. The Study Team also conducted a preliminary comparative evaluation of the utility of biometrics vs. passwords as a single-factor authentication method using experimental test trials and a user survey. Comparison criteria included: whether or not user access is granted, number of attempts, and usability. The evaluation confirmed experimentally that single-factor biometric technology is a viable and user-accepted means of authentication for IT system access that is at least as fast and reliable as username-password methods.
Document Details
- Document Type
- Technical Report
- Publication Date
- Oct 01, 2011
- Accession Number
- ADA553123
Entities
People
- A. Unwala
- B. Wong
- Connor Hart
- D. Coleman
- D. Waung
- Drew Smeaton
- Raj Nanavati
Organizations
- Defence Research and Development Canada