Biometric MODalities - Assignment Example

? MOD (Ministry of Defence) Question a Biometrics is fundamentally regarded as an automated procedure of distinguishing a particular individual on the basis of behavioural feature. The technologies related to biometrics are incessantly becoming the base of a widespread assortment of extremely secure identification as well as personal authentication solutions. In this similar context, it has been apparently observed that the requirement for greater personal verification along with secure identification is constantly becoming apparent (TNS, 2012). In relation to the case study, a dedicated biometric “solution” is needed for the purpose of carrying out difficult roles within life threatening military battleground circumstance of use. Moreover, dedicated biometric solutions facilitate to provide smooth secret financial transactions as well as personal data privacy. It has been viewed in the case study that Biometric Identification Verification (BIV) System was the initial UK biometric access control system that was deployed and designed especially for the military users. This particular system was mainly designed in order to deliver a high availability as well as reliable security solution (Business Reporter, 2011). The perception of a role based authentication is typically regarded as a system in which the users possess certain major roles that are allotted to them. The roles can demonstrate the capabilities as well as the limits of making any significant change and access various areas in the technological process (Choukse & Singh, 2011). One of the leading edge approaches to role based authentication is that it is correlated with information security that significantly aids in lessening the complexities of security administration. The other leading edge approach of role based authentication is that it determines the risk exposure from the employees who access efficient Information Technology (IT) system. However, the idea of role based authentication has been currently criticised due to certain problems that have risen in constructing an initial role arrangement as well as owing to its inflexibility in quickly transforming domains (Kuhn, Coyne, & Weil, 2010). Spring Security is regarded as one of the alternative solutions that can be applicable to the context of using biometric solutions. It is principally viewed to be a greatly customisable authentication and a strong access-control framework (Mularien, 2010). Moreover, another alternative that can be pertinent within the background of using biometric solutions is Apache Shiro. This particular alternative has been observed to be an easy as well as a powerful security framework that significantly deals with cryptography, authorisation, session management and authorisation functions (The Apache Software Foundation, 2012). In relation to determine the distinction between the two aforementioned alternatives i.e. Apache Shiro and Spring Security to rule-based authentication mechanism, it has been observed that the aforesaid alternatives are quite easy to learn, manage as well as deploy as compared to role based authentication (The Apache Software Foundation, 2012). Question b Computer security is incessantly becoming a crucial concern for all. In this regard, biometric solutions are playing an imperative part in providing utmost security as well as authenticity by validating the individuality of a person through various media such as fingerprints, facial features and hand geometry among others. Similarly, in this connection, PALM biometrics also plays a decisive role in increasing security along with authenticity by a significant extent. It can be affirmed that this particular system i.e. PALM vein system of biometrics is viewed to be a modern progression in the systems of biometric security (Lee, 2012). PALM biometrics performs its operational functions quite differently as compared to other biometric systems. It generally takes the digitalised image of the veins of the users and evaluates it with the templates that have been stored in a particular system (Ladoux, Rosenberger, & Dorizzi, 2009). One of the major strengths of PALM biometrics is that the vascular patterns of each individual or user are quite unique that extensively delivers stable and robust biometric facets, which ultimately raises the security level by a considerable level. Moreover, it contains a broad assortment of differentiating features for personal authentication. The other important strengths of PALM biometrics include non-invasive, hygienic and most importantly accurate features. Conversely, PALM biometrics also possesses certain crucial weaknesses. One of the key weaknesses of PALM biometrics is regarding the factors that largely affect the quality of the captured image. In this regard, the different factors include humidity, body temperature and ambient temperature (IEEE, 2012). There exists an indicator which suggests that such a non-intrusive contactless authentication mechanism i.e. PALM biometrics delivers greater reliability within the context of biometric solutions. This is owing to the fact that the notion of PALM biometrics captures the image of the palm instead of fingerprints and other facial facets, which ultimately does not affect the result of the process. Moreover, it can be stated that PALM biometrics does not necessitate the requirement for establishing a physical contact between the system and the user that eventually enables better public acceptance (Ladoux, Rosenberger, & Dorizzi, 2009). Question c Spring Security and Apache Shiro can be viewed as suitable alternatives to biometric templates that MOD can use. The rationale behind using Spring Security by MOD is that this particular framework provides flexible as well as strong security solutions particularly for different enterprise applications. In relation to the case, it can be affirmed that Spring Security can help MOD by ensuring the deliverance of stable, robust as well as powerful features uplifting military battlefield conditions (Mularien, 2010). It can be suitable for MOD due to its significant facets that include non-invasive, effective event as well as remote support and supportive authentication backend. With regard to the usage in MOD, one of the limitations of Spring Security would be regarding its cost. The notion of Spring Security is often considered to be a costly security solution. Apart from this significant limitation, Spring Security also involves crucial risks. In this regard, inappropriate password encoding is one of the major risks, which has been identified to be involved with Spring Security (Raible, 2011). Thus, the aforementioned risk and limitation engaged with Spring Security can put the battlefield conditions of the military systems of MOD in a vulnerable situation by a significant level. The rationale behind employing Apache Shiro in MOD is that this particular security framework would develop particularly the authentication systems of MOD. This is owing to the reason that the framework of Apache Shiro generally performs authorisation on the basis of using pluggable data sources. In relation to the suitability of using Apache Shiro in MOD, it can be affirmed that this security framework is much easy to comprehend as well as convenient as compared to others. Moreover, it broadly supports authentication along with authorisation by introducing and implementing advanced technological programs and software. One of the vital limitations of Apache Shiro which can deteriorate the military battlefield conditions is that this framework does not actively support ‘multi-stage’ authentication, wherein, login systems of the users are handled efficiently. Conversely, there are certain risks that are involved with Apache Shiro. One of the major risks of this framework is that the authentication cannot be increased due to its inefficiency in performing logins as well as access control (The Apache Software Foundation, 2012). Thus, it can be stated that by taking into concern the aforesaid limitation and risk, the military systems of MOD may be hampered by a greater extent. Question d One of the major MOD contractors of biometric technologies to the MOD i.e. Steria realised that it is quite essential to employ certain optimal protection means as a part of the security policy. In this similar context, the optimal means of protection at the end-user level (PC) that Steria can employ are Contractors on Deployed Operations (CONDO) and Biometric Data Capture System (BDCS). CONDO can be suitable in this particular scenario of Steria in relation to the case study because of its quality features. In this regard, the features of CONDO include delivering assured services particularly for the military commanders, offering attractive as well as profitable capabilities for signifying effective value for money and securing different operational functions that are performed by the militaries. The main objective of CONDO is that it improves the capabilities of the militaries in a cost-effective manner. However, proper execution and timely monitoring along with evaluation is needed in order to attain the aforementioned facets of CONDO (Higginson Associates, 2012). This optimal protection means can ultimately perform considerable changes to the military systems and support MOD to attain continuous improvement. On the other hand, apart from CONDO, Steria can also employ BDCS as a part of the security policy imposed. In this connection, BDCS employs cutting edge technologies as well as demonstrates pioneering utilisation of different biometric technologies in order to provide superior access for controlling different military systems. This particular framework i.e. BDCS is principally regarded as an imperative instrument in securing different military facilities. In accordance with the case study, it has been viewed that Steria had evolved the idea of BDCS in the year 2009, but it needs to be implemented continuously. However, different matching images can significantly affect the suitability of employing BDCS by a significant level (Steria, 2009). Thus, on the basis of the above discussion, it can be stated that the aforementioned optimal protection means can be incessantly employed by Steria as a part of the security policy imposed. References Business Reporter. (2011). Defence IT made easier. Retrieved from http://business-reporter.co.uk/2011/09/defence-it-made-easier/ Choukse, D., & Singh, U. K. (2011). Role based authentication schemes for security automation. International Journal of Computer Theory and Engineering 3(1), pp.58-63. Higginson Associates. (2012). Contractors on deployed operations (CONDO). Retrieved from http://www.higginsonassociates.com/contractors-on-deployed-operations IEEE. (2012). Biometric MODalities. Retrieved from http://www.ieeebiometricscertification.org/free-demo/IEEE_CBP_MODule2_sample.pdf Kuhn, D. R., Coyne, E. J., & Weil, T. R. (2010). Adding attributes to role-based access control. IEEE Computer 43(6), pp.79-81. Lee, J. C. (2012). A novel biometric system based on palm vein image. Retrieved from http://dl.acm.org/citation.cfm?id=2325112 Ladoux, P. O., Rosenberger, C., & Dorizzi, B. (2009). Palm vein verification system based on SIFT matching. Advances in Biometrics: Third International Conference, pp.1290-1298. Mularien, P. (2010). Spring security 3. Getting started with spring security, Birmingham: PACKT Publishing, pp.21-23. Raible, M. (2011). Presentations. Retrieved from http://static.raibledesigns.com/repository/presentations/Java_Web_Application_Security_UJUG2011.pdf Steria. (2009). Assets. Biometric Data Capture System, pp.1-4. TNS. (2012). Introduction. Retrieved from http://www.tns.com/biometrics.asp The Apache Software Foundation. (2012). Welcome to Apache Shiro. Retrieved from http://shiro.apache.org/ The Apache Software Foundation. (2012). Apache Shiro features overview. Retrieved from http://shiro.apache.org/features.html Read More