Sunday, 17 May 2009

NEXT GENERATION SECURITY - VEIN RECOGNITION BIOMETRICS

Next Generation Security is advancing biometrics security with new vein mapping recognition technologies and its diverse applications which address businesses' growing security concerns with the ultimate in security and monitoring.


Security and convenience are key factors driving increased adoption of biometric techniques for personal authentication in both physical access and IT applications.

A biometric is a personal charaacteristic that is unique to an individual. Well known biometric characteristics (such as fingerprints, iris, voice patterns, face) have a different level of accuracy and security. Some do not vary significantly enough between individuals to be reliable, while others are too easily forged!

Using a biometric technique to identify individuals is convenient. By definition, you always have your biometric credentials with you, you cannot lose them, forget them or leave them at home. Biometric scanners can relieve users of the need to carry keys and cards and remember a whole hosts of passwords and pin numbers.

With the right choice, using biometrics can also be extremely secure. You cannot lend your biometric to another person, and your biometric cannot be guessed like a password. The aim of using a biometric is to guarantee that the person claiming to be present really is present, which is the prime goal of security, whether in physical or logical IT applications.
Clearly this is essential for a time and attendance system, but no less important for remote login access to a computer network...

VEIN PATTERNS AS A BIOMETRIC

A relatively recent development in the field has been the development of practical devices for capturing vascular biometrics.
Vascular biometrics rely on identifying the differences between blood vessel structures between individuals. Some superficial blood vessel networks can be seen by looking at the inside of the wrist or the palm of the hand.

Whilst they are indistinct under normal light, using near infrared light, these blood vessels can be seen more clearly since the haemoglobin in blood is a strong absorber of near-IR.
An advance on this technology is to shine infrared light through a body part i.e. palm, hand, finger, in order to acquire an image of the sub-surface venous network.

With a well-chosen infrared wavelength, the flesh is translucent, but the blood vessels are strong absorbers. Using a CCD camera with sensitivity in the infrared, a unique shadow pattern of the veins can be captured.

This is the principle behind Biotecnix's vein biometric scanning technology applications for the security of business assets.
The vein biometrics technique is essentially unique in being a truly internal biometric. By using transmitted light, vein scanners reveal the true internal structure of the venous network which is completely unique from person to person, hand to hand where no one is the same.

Since the vein scanner captures the hidden structure of the vein patterns within the body, it has a natural security advantages over normal, external biometric techniques.

In order to attack a biometric system to take someone else's identity, you need to do two things...

First, you need to capture the required biometric feature from the person being impersonated, then you need to replicate it to the scanner.

Since all the more 'traditional' techniques are external, capturing the biometric does not present too many problems. For example, a person does not even need to to be present for his or her 'fingerprints' to be captured. They can be quite easily lifted and replicated from a surface that has been touched by the person sometime previously. In addition to this, as fingerprint biometrics is a contact biometric system then the security of this solution is also questonable due to the silicon which is used for capturing and authenticating fingerprints can wear down and/or erode with use and cleaning.

Similarly, a voice print can be captured without the person being present. Facial and iris recognition biometrics are also external - they can be captured from a considerable distance using a suitable camera. A person need not even know that his or her biometric has been stolen.

An internal biometric based on vein structures, however is impossible to capture from a distance. Capturing the vein structure in the finger or the palm of the hand, relies on the individual placing their 'living' finger or palm over a device in extreme close proximity without contact. This cannot be done unless the person is physically present and is difficult to do without their knowledge.

The second stage of an attack is to take the person's biometric and try to replicate it to a reader. This is very easy to accomplish with commodity fingerprint scanners and requires no specialist knowledge. And successful attacks have been demonstrated against fingerprint, facial, iris, voice and other scanners without using sophisticated techniques.

In contrast, it is difficult to see how an internal vein pattern of a living person could be replicated to a vein scanner - scanners only work on living individual users of the system. In addition, liveness detaction is automatic, in a severed finger the blood pressure drops instantly and the veins collapse, so they no longer visible to the reader.

The Biotecnix vein biometric applications has a number of characteristics that sets it apart as an ideal biometric for enhancing both security and convenience.

As an internal biometric, vein recognition offers significant advantages over the alternatives!!

www.biotecnix.ltd.uk





Sunday, 3 May 2009

Five Tips For Securing Information and Mitigating Risk

Adopt Single Sign On: Connecting people to resources and allowing access to authorised data is one of the main issues facing the IT department, and one that has the biggest security implications. Single sign on uses strong authentication measures such as biometrics to ensure the identity of the person connecting to central services and accessing corporate data.



Use Encryption: Rather than fire fighting to keep the perimeter safe, organisations are increasingly looking to secure data where it resides through encryption. However, to do this successfully, companies will need to understand the value and sensitivity of data it holds in order to apply the appropriate levels of protection.



Deploy Multiple Virus Checkers: Viruses, trojans, malware and spyware will never go away, so constant vigilance is a must. Invest in market leading security software applications to ensure risk is significantly reduced.



Develop a Security Culture: Social networking has the potential to become one of the greatest threats to enterprise security. Any technology that allows employees to mix their work and personal life could be dangerous if not carefully managed. However, many companies are employing people for their social networking skills and contacts, so this is an area that needs to be addressed rather than feared. Using education to establish security as an integral parts of the corporate culture is the easiest way to minimise risk and make everybody aware of the level of security required.



Audit Information Assets: Organisations have to define what constitutes an information asset in terms that reflect its value to the business. The only people who can do this are the creators and owners of the data, the IT department does not have the ability to fully comprehend the commercial value of the corporate data it looks after, but it can advise on the best way to keep it safe and secure.

BIOTECNIX LIMITED'S 10 Top Tips For Avoiding Data Loss within Today’s Corporate Environment

Implement a strong employee joining and exit process: Revoke email and network access quickly when an employee leaves. Give new members of staff access only to the resources they need.

Educate staff: Ensure data is only accessible to staff on a need-to-know basis or push data to relevant people.

Avoid remedial action: Don’t plug holes with a point security product – implement systematic controls between the data not on the network or gateway.

Identify assets and information flows: Map intellectual property and the way it is accessed to help identify and prioritise your security approach.

Restrict the manipulation of data: Plan who needs access, print authorisation, data alteration and export rights to email, online messaging or removable devices. Apply restrictions to specific documents or content by time and location.

Watch the gatekeepers: Subject system administrators and privileged users to change management and critical server file integrity checks.

Don’t overlook the obvious: Block data export on removable data storage/transfer devices and scan outgoing email for confidential attachments. Restrict copy and paste for instant messaging and other social networking media.

Use encryption: Where you permit data export to removable media, ensure it is encrypted.

Use multi factor authentication: Always combine a password with secondary method of authentication, such as biometric readers.

Combine your security arsenal: Integrate physical biometric access systems, CCTV and even RFID, with virtual data network security systems to provide more effective evidence and protection against security breaches.