Biosecurity comes of age: retina, hand, and fingerprint scanners are emerging as new solutions to access and authentication concerns.Imagine a campus where a student enters a dorm room by waving a hand through an electronic hand scanner: where professors and teaching assistants log on to the intranet grading system with a password and electronic impressions of their fingerprints: where staff members gain access to accounts by allowing technology to "read" the unique characteristics of their retinas. Imagine no further. Today, these biometric technologies are being used by a numbers of institutions that see their benefits over traditional smart cards Example of widely used contactless smart cards are Hong Kong's Octopus card, Paris' Calypso/Navigo card and Lisbon' LisboaViva card, which predate the ISO/IEC 14443 standard. The following tables list smart cards used for public transportation and other electronic purse applications. . While most schools are grappling with the question of using smart cards to eliminate keys and upgrade campus security, a select group of schools are addressing access and authentication concerns with leading-edge technologies that simply make sense: biometrics. From palm scanners to fingerprint scanners, retinal probes to voice identification devices, biometric technologies are beginning to enter the mainstream market on a large scale. Perhaps more impressively, in most cases, once schools get past a significant investment on the front end, biometric technologies also are much less expensive than most academic officials might think, notes Bill Spence Bill Spence (born August 12, 1940 in Iowa City, Iowa) is a hammered dulcimer player from New York. Bill took up the hammered dulcimer after hearing Howie Mitchell play at the 1969 Fox Hollow Festival in Petersburgh, New York. , director of marketing for Recognition Systems (RSI (Repetitive Strain Injury) Ailments of the hands, neck, back and eyes due to computer use. The remedy for RSI is frequent breaks which should include stretching or yoga postures. ), which makes fingerprint access control readers starting at $800 (www.handreader.com). Critics of the technology raise concerns about having users identified by personal, unchangeable un·change·a·ble adj. Not to be altered; immutable: the unchangeable seasons. un·change characteristics, and argue that the very act of compiling physical identifiers is the penultimate invasion of privacy invasion of privacy n. the intrusion into the personal life of another, without just cause, which can give the person whose privacy has been invaded a right to bring a lawsuit for damages against the person or entity that intruded. . Still, a growing number of schools are turning to the new technology to improve security and to eliminate the headaches created by lost or damaged plastic ID cards. Biometrics 101 Biometric technology uses unique biological properties to identify individual users in a confined group. Since no two humans have the same handprints, fingerprints, or retinal impressions, these are the characteristics that best tend themselves to be used as identifiers. Some devices also identify users based on voice, but because this characteristic varies widely and is not necessarily unique, it does not work as well. Put another way, the comedian Dana Carvey can make his voice sound like former President George Bush's, but when inspected by the micrometer micrometer (mīkrŏm`ətər, mī`krōmē'tər). 1 Instrument used for measuring extremely small distances. , it's a good bet their fingerprints don't even come close. Whatever type of physical characteristic a biometric device biometric device - biometrics evaluates, when a user interacts with the device, the device captures an image, converts that image into as many as 100 points of data, and stores the resulting bits and bytes Bits and Bytes was the name for two Canadian television series, starring Billy Van, who teaches people the basics of how to use a computer. The first series debuted in 1983 and the second series, called Bits and Bytes 2, in 1991. on a 9-kilobyte file that gets stored in a database. Every time a user interacts with the scanner, the scanner takes a reading and compares the data to data already on file. If this comparison yields a match, the device authenticates the user and instructs the electronic lock to grant him access; if the comparison fails to yield a match, the device rejects the user and access is denied. "When you think about it, the data-matching concept behind biometric authentication See biometrics. is very similar to the concept behind password authentication," says Clain Anderson, director of marketing for wireless and security solutions at IBM (International Business Machines Corporation, Armonk, NY, www.ibm.com) The world's largest computer company. IBM's product lines include the S/390 mainframes (zSeries), AS/400 midrange business systems (iSeries), RS/6000 workstations and servers (pSeries), Intel-based servers (xSeries) in Research Triangle Park Research Triangle Park, research, business, medical, and educational complex situated in central North Carolina. It has an area of 6,900 acres (2,795 hectares) and is 8 × 2 mi (13 × 3 km) in size. Named for the triangle formed by Duke Univ. , NC (www.ibm.com/us). "The big difference is that anybody can type in a password, but your hand is yours, and no one is going to be able to copy that." As Anderson explains, most biometric scanners store their data locally, performing the comparison there on-site, instantaneously. Some scanners, however, can be hooked to a campus network, capturing data on a user from an initial interaction, then sending that data to a central database that runs the comparison, grants or denies access, and returns a red- or greenlight message back to the scanner itself. This latter approach is used by entities that wish to monitor which users are accessing a certain scanner, and is particularly popular among corporations that employ biometrics to keep tabs on who accesses a server room or other restricted areas. Not surprisingly, it also is one of the most common forms of biometrics used by the U.S. government. The Leaders In the academic environment, this highly sophisticated application of biometric technology can be found in some of the 60 biometric scanners at the University of Georgia Organization The President of the University of Georgia (as of 2007, Michael F. Adams) is the head administrator and is appointed and overseen by the Georgia Board of Regents. . Technologists here first invested in biometrics when most Trekkies only dreamed of it, way back in the 1970s. Those first systems--electronic hand scanners--were used at entrances to dining halls to verify that students who paid for meal plans were the same students that actually entered at mealtime. Today, the systems control access for 32,000 users to select facilities art over campus, from dining halls to recreational centers, dormitories to testing rooms. Fresh off a recent $50,000 investment in new hand scanners from RSI, Georgia officials such as Donald Smith Donald Smith may refer to:
"We use the devices to achieve a higher level of security," says Smith, who oversees biometrics in his job as program coordinator of the UGA UGA opal codon, one of the three stop codons. Card Services The software support for PC Cards. PC Card applications talk to Card Services. See PC Card. department. "We tried to hook access and authentication into smart cards, but people on our campus were losing their smart cards all the time, so we figured [biometrics] just made more sense." In the early days, Smith says cutting-edge biometric technology at UGA performed two-dimensional scans, inspecting the width and length of fingers as students waved their hands through the open mouth of the hand scanner. Today, though the technology works the same way, it is sophisticated enough to perform three-dimensional scans that measure the width, length, and depth of a user's entire hand, maximizing accuracy and minimizing false positives by improving the data with each scan. Inside, at entrances to facilities such as dining halls, testing centers, and laboratories, the school uses ID3DR hand scanners from RSI. Outside, at entrances to gyms and dormitories, the school uses the more durable ID3DRW DRW Drawing(s) DRW Dual Rear Wheels (pickup truck) DRW Detroit Red Wings DRW Darwin, Northern Territory, Australia (Airport Code) DRW Dr Who model from the same vendor, a model designed to withstand elements such as rain and snow. In total, UGA has spent $150,000 on its biometrics program--$2,000 for each of the indoor models and $3,000 for every outdoor model, says Smith. Costs are greater for the latter because they require steel enclosures to protect them from the weather. Technologists use identical devices at San Diego State University San Diego State University (SDSU), founded in 1897 as San Diego Normal School, is the largest and oldest higher education facility in the greater San Diego area (generally the City and County of San Diego), and is part of the California State University system. (CA), where biometric scanners handle authentication and access for 27,000 users to the Aztec Recreation Center, the school's main gym. Before the scanners, SDSU SDSU San Diego State University SDSU South Dakota State University SDSU Standard Distribution Switching Unit SDSU Smds Dsu users seeking access to the center had to wait in line to hand their ID cards to a staffer sitting at a desk, who would swipe the cards through a magnetic stripe A small length of magnetic tape adhered to credit cards, badges, permits, passes and tokens. The tape is read by magnetic stripe readers incorporated into ATMs, identification readers and payment terminals. reader, confirm authorization by matching a database record to a name on the card, and allow the users to pass. Today, the scanners sit inside turnstiles at the entrance, automating the authentication process and reducing the time users spend at the front door of the facility from minutes to seconds. Eric Huth, director of campus recreation, describes the resulting increase in customer service as "refreshing," and says he never expected the system to work so well. "Lines to get in here used to be awful," says Huth, noting that the school still employs people to sit at the door, but their function now is to troubleshoot scanner hiccups Hiccups Definition Hiccups are the result of an involuntary, spasmodic contraction of the diaphragm followed by the closing of the throat. Description . "Today, you're in the door and through the gates before you have time to even think about it." Huth estimates that SDSU spent $25,000 on its biometrics system. "We determined pay back was one-year salary for a part-timer. We saw it as an immediate win for us financially." The Innovators Biometric implementations like the ones at SDSU and UGA are large-scale implementations at huge public schools; on the flip side Flip side In the context of general equities, opposite side to a proposition or position (buy, if sell is the proposition and vice versa). , technologists at smaller institutions have incorporated biometric technologies into more vertical, niche solutions that impact no more than a handful of users at a time. At Johnson & Wales Wales, Welsh Cymru, western peninsula and political division (principality) of Great Britain (1991 pop. 2,798,200), 8,016 sq mi (20,761 sq km), west of England; politically united with England since 1536. The capital is Cardiff. University's Denver campus, officials recently purchased HandKey devices from RSI to guard the main entrances on each of the school's three residence halls. In one of the residence halls, the Pulliam dorm, the school deployed eight additional HandKeys, two on each opposing wing of the four-story building. Students use these interior scanners to gain access to their individual rooms--after students authenticate by waving their hands through the scanner, the device unlocks all individual room doors in that particular hallway for up to 20 seconds, enabling students literally to walk right in. J.D. Sawyer, the school's director of campus operations, concedes that the notion of opening all six of the individual room doors in a particular hallway at the same time isn't exactly the pinnacle of safety, but notes that the doors closest to the device relock after 10 seconds, minimizing the window of opportunity for anyone--authorized or not--to access those rooms. Sawyer adds that the hallway HandKey devices only grant passage to the 10 to 12 students living in that hall, restricting access to the point where an unauthorized user would never enter the hallway unaccompanied un·ac·com·pa·nied adj. 1. Going or acting without companions or a companion: unaccompanied children on a flight. 2. Music Performed or scored without accompaniment. by someone who wasn't supposed to be around. "In general, I think students feet safer with this access control system, and ultimately, the system is more convenient [than the keys and ID card solutions that we used in the past]," he says. "Even if the students don't realize [the benefits of the new system] right away, they will realize it the next time they lose their ID card or room key, [both of] which cost them $75 to replace." Some schools, however, aren't ready to abandon the ID card entirety. At the University of Utah The University of Utah (also The U or the U of U or the UU), located in Salt Lake City, is the flagship public research university in the state of Utah, and one of 10 institutions that make up the Utah System of Higher Education. , technologists have signed up for an application of biometric technology that combines the conventional applications of smart cards with innovative fingerprint scanning technology to deliver a multifactor authentication Using two or more forms of identification to authenticate a user. Single factor authentication, which is commonly used, employs a unique username and password combination. For more security, multifactor authentication adds at least one more form, such as a physical token or biometrics. process. With one device, the V-Smart MIFARE solution from vendor Bioscrypt (www.bioscrypt.com), this multifactor process controls access into certain facilities such as the campus networking room and the school's Animal Resource Center. Under the system, users seeking access to the facilities in question swipe their smart cards in front of a traditional short-wave radio frequency reader for initial authentication, then immediately apply their fingers to a fingerprint scanner for a secondary read. The solutions at the University of Utah store information on about 50 users locally, comparing user information against a database off-line and on-site at the point of authentication. The systems only will grant access after users have passed both authentication tests--a nice feature, but one that potentially could cause some problems. If, for instance, a user forgets his smart card at home, the system will decline to grant the user access on the basis that he or she failed one of the two critical authentication tests. Dan Black, a technician with FutureTech (www.futuretechinc.biz), the reseller that implemented the solution, admits that this quirk of the system is a bit severe, but says that at the end of the day, double-factor authentication always is best because it's inherently safer to double-check a user's identity than to check it only once. "In today's day and age, you can never be too safe," he says. "By checking both a card and a biometric, there's no question at all about who's getting past the front door, and that's enough to give anyone peace of mind." The Pilots Multifactor solutions such as the one at the University of Utah are opening eyes elsewhere, too. At Creighton University Sitting on a 108-acre campus just outside Omaha's downtown business district in the Near North Side neighborhood, the University currently enrolls about 6,800 students. Creighton is one of 28 member institutions of the Association of Jesuit Colleges and Universities. (NE), technologists are piloting a program that incorporates passwords with fingerprint scanning for a dual-factor authentication process that would guard access to the student help desk. This program, which launched earlier this year, revolves around brand new Gateway m275 Tablet PCs (www.gateway.com) with plug-in USB USB in full Universal Serial Bus Type of serial bus that allows peripheral devices (disks, modems, printers, digitizers, data gloves, etc.) to be easily connected to a computer. fingerprint scanners from vendor DigitalPersona (www.digitalpersona.com). When technical support representatives want to log on to the network, they must type in a password, and submit their index finger for a scan. Software on the fingerprint scanner integrates with a Microsoft Active Directory server Refers to the Active Directory service running in a Windows 2000 server. See Active Directory. and authenticates the user against a local database. This information is then compared with data the server already has compiled from the password entry. If the two pieces of data match, the server grants access; if they do not, the server denies access and forces the user to try again. Though Creighton is experimenting with plug-in scanners, Michael Allington, assistant director of student support, notes that the school also is considering an effort to replace all 300 of the computers in the school's public labs with new notebooks from the Gateway 450 Series that have built-in fingerprint scanning capabilities. According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. Allington, replacing the computers would cost roughly $30,000 up front, but the move greatly would reduce the threat of nefarious students or other evildoers stealing the school's plug-in scanners at $100 a pop. What's more, he says, the new Gateway devices would simplify life for technical support workers themselves, eliminating the need for these individuals to tote around plug-in fingerprint scanners forever. "These biometric devices could change everything for us," Allington says of the Gateway computers. "Right now, the big question is whether we're ready to make the kind of investment we'd have to make to do it right." Administrators at West Virginia University West Virginia University, mainly at Morgantown; coeducational; land-grant and state supported; est. and opened 1867 as an agricultural college, renamed 1868. find themselves faced with a similar dilemma. The school just completed a pilot program that introduced students to biometrics in the form of electronic hand scanners, supplied by Diebold (www.diebold.com). Beginning in the spring of 2003, residents of the institution's Borman North dormitory had the option of giving up the traditional ID card authentication procedure to test a new access control system based upon Diebold's new hand-scanning technology. The system worked much like those from RSI, storing user information locally and comparing data against it every time a student swiped his or her hand. In the end, says Amir Mohammadi, WVU's associate vice president for generated revenue, the overall acceptance rate among students was 4.1 out of 5. Now, however, comes the hard part--deciding what to do next. Mohammadi says he was pleased enough with the pilot program to consider installing biometric technology on a widespread basis across campus. The problem is a lack of funding to make it happen in a timely fashion. Mohammadi estimates that a drive to purchase and install Diebold electronic hand scanners in art of the campus dorms and dining halls would cost approximately $50,000, and that a push to integrate the devices into the campus network so they can communicate with each other could practically double that figure overnight. Until the school's funding situation changes, and until integrating the devices becomes easier and more cost-effective, Mohammadi says his solution to the problem is to try and convince Diebold to launch another pilot as soon as possible. "Someone once said that the trouble with our times is that the future isn't what it used to be," he quips. "Thanks to the first pilot, we know what the future of access control technology will be. The rest is up to us." The Future Indeed, as Mohammadi implies, at a time when university budgets are getting smaller every year, cost and integration are two significant obstacles to the widespread adoption of biometrics over the next year. Other challenges to the technology's success include mixed performance ratings See benchmark. on certain devices, and a general concern about the privacy ethics of storing data about someone's identifying physical characteristics. The first concern, performance, is fairly straightforward--no matter how accurate a scanning device See scanner. purports to be, most vendors have not figured out how to program devices to account for temporary changes in physical data, such as cuts, scabs, and in those cases that involve voice recognition, laryngitis laryngitis, inflammation of the mucous membrane of the voice box, or larynx, usually accompanied by hoarseness, sore throat, and coughing. Acute laryngitis is often a secondary bacterial infection triggered by infecting agents causing such illnesses as colds, . The second concern, privacy, is a much more complicated issue. Ethically speaking, it is risky for schools to store highly sensitive Adj. 1. highly sensitive - readily affected by various agents; "a highly sensitive explosive is easily exploded by a shock"; "a sensitive colloid is readily coagulated" personal information locally on devices that can be stolen or hacked--if any of this information were to be uncovered, the victimized school could be named defendant in countless negligence and identity theft cases. Technically, however, the data retrieved during a biometric scan is just that--data--and is used not to identify individuals, but to verify them. However these issues unfold, Spence of RSI predicts a day in the not-too-distant future when biometric technologies are as prevalent and reliable in the higher education higher education Study beyond the level of secondary education. Institutions of higher education include not only colleges and universities but also professional schools in such fields as law, theology, medicine, business, music, and art. environment as they are in science fiction movies. "All signs point to biometrics as the next big thing, both in the academic world and in the business world at large," he says. "Mark my words--with technology like this, I guarantee you, we haven't seen anything yet." RELATED ARTICLE: How biometrics work. Various technologies recognize unique human characteristics Fingerprint identification is the oldest biometric technology and one of the few currently used on campuses, notes Bob Huber, president of All Campus Card (www.allcamouscard.com), a consulting firm Noun 1. consulting firm - a firm of experts providing professional advice to an organization for a fee consulting company business firm, firm, house - the members of a business organization that owns or operates one or more establishments; "he worked for a . It is easy for a student to grasp the concept--place a finger on a pad and wait for recognition. The technology takes and stores templates of thumbprints or prints of forefingers, capturing the unique placement and proximity of each print's ridges and furrows. Some fingerprint recognition Fingerprint recognition or fingerprint authentication refers to the automated method of verifying a match between two human fingerprints. Fingerprints are one of many forms of biometrics used to identify an individual and verify their identity. readers also record the width and length between key points. Hand recognition technology, which also is called hand geometry Hand geometry is a biometric that identifies users by the shape of their hands. Hand geometry readers measure a user's hand along many dimensions and compare those measurements to measurements stored in a file. , captures and records the shape of each user's hand. A combination of features, including the length of each finger and the width of the hand, are used for identification. To date, hand recognition is the only other biometric technology known to be used on campuses. Facial recognition technologies measure distinct characteristics, such as the length of the nose, the distance between the eyes, and the angle of the jaw and use digital cameras to photograph people and match the images to stored data. Retinal and iris recognition technologies are based on characteristics found in the eye. Retinal scans read the layer of blood vessels Blood vessels Tubular channels for blood transport, of which there are three principal types: arteries, capillaries, and veins. Only the larger arteries and veins in the body bear distinct names. at the back of the eye with a small green light. Iris scans look for the unique features in the colored tissue that rings the pupil. In all there are more than 200 iris points to compare, including freckles freckles Ephilides Brown macules, often exacerbated on sun-exposed zones of the skin surface, which disappear during the winter, and most commonly affecting the fair-skinned, especially of Celtic stock. See Macule. Cf Nevus. and furrows. Voice recognition systems are used to identify the distinct tones and timbre timbre Quality of sound that distinguishes one instrument, voice, or other sound source from another. Timbre largely results from a characteristic combination of overtones produced by different instruments. of the human voice, while speech recognition systems can translate the spoken word into a digital access or account number that confirms identity. --Jean Marie Angelo Matt Villano is a freelance writer in Half Moon Bay, CA. He can be reached at mjv@whalehead.com. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion