Engineers Voice

Security vendor Kaspersky Labs claims to have detected the first virus designed to infect iPod media players. But the security vendor was quick to point out that malware only affects iPods where the user has replaced Apple’s custom iPod operating system with Linux. One could therefore argue that the malware is a Linux virus rather than an iPod threat. Read more »

There are several techniques that can be applied for verifying and confirming a user’s identity. They can be broadly classified as something the user knows, such as a password or PIN; something the user has, such as a smart card or ATM card; and something that’s part of the user, such as a fingerprint or iris. The strongest authentication involves a combination of all three. The technology used for identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice or handwriting is called Biometrics.

This white paper discusses the changing landscape of IT security and suggests areas wherebusinesses should re-examine their processes. The paper concludes with a series ofquestions that provide guidelines for evaluating competing security solutions.

Biometrics have become a popular means for access control and authentication. As the processing power of embedded systems has grown, efforts have been made to perform biometrics locally on constrained devices such as smart cards. This paper presents the design and consumer application of a portable fingerprint biometric authenticator with the form factor of a key dongle (as an alternative to biometric smart cards). The paper describes a device which combines both biometrics and embedded system authentication into a portable authenticator. The device contains a fingerprint sensor, a 32-bit RISC microcontroller, a Bluetooth wireless transceiver, and memory in the form factor of a key dongle.

Client-level security is important to the integrity of the entire perimeter. Companies are aware of the technology and benefits and have begun to adopt biometric authentication. The best practice is for every company to examine its fence lines and mend the breaks. The technology is mature and affordable and ready for adoption. Your world will be a safer place if you implement client-level security.

After the tragic terror attacks of 9/11, the U.S. Congress resolved to bring about a major overhaul of the immigration process at border posts by passing the Enhanced Border Security and Visa Entry Reform Act of 2002. The Technical Advisory Group of the International Civil Aviation Organization (TAG/ICAO) has issued specifications for the deployment of Machine Readable Travel Documents (MRTD) that are equipped with a smart card processor for the purposes of biometric identification of the holder. A detailed security analysis is conducted of these specifications, and the results are presented in this paper. The paper also illustrates possible, hypothetical scenarios that in turn, could cause a compromise in the security and privacy of holders of such travel documents.