The pace of technological development is usually inspired by the growing practical needs of users. In the context of information management, calls for greater security often become the chief vehicle of progress. The emergence of biometric applications and remote users’ authentication systems is a direct response to such calls: the changing requirements for information security demand the creation of new systems and applications. The growing popularity of biometrics is justified by its greater reliability compared to other security systems: biometric data cannot be stolen, borrowed or replaced. Not surprisingly, significant funds have been invested in the biometrics-based remote authentication technologies development. Unfortunately, not all systems are effective, and many of them are absolutely costly. The goal of this paper is to propose cost-effective biometrics-based remote users’ authentication system to enhance the security of university e-mails.
The goal of this supposed project is to set up a basic layout for a new university email system (UEL), which in essence will integrate the fundamentals of a biometric remote user authentication. The objectives include: evaluating the existing condition of biometric systems within the university, realizing the prospective of biometrics-based user authentication in the university email systems, along with recommending a new approach to protect the university email schemes from exterior threats by the use of a more cost-effective biometric validation device. As a result, the plan will embrace a comprehensive examination of the present literature on the issue of biometrics, the investigation of the recent biometrics-based user verification devices market, and a suggestion to develop the already existing university electronic mail structure with the aid of a fingerprint scanning device.
2. Problem statement
With the growing scope of information technologies, security has become one of the most problematic issues facing users. The wider diffusion of information technologies brings new challenges and demands new approaches and systems. The press regularly publishes reports of the million-dollar losses caused by computer frauds and security breaches (Whitman 2004). The system of education is not secured from these risks, since universities and colleges are getting much more open to various sorts of information technology. Colleges and universities are encouraged to adopt information security measures, but not all of them follow these recommendations (Oblinger & Hawkins 2006). Most likely, it is because universities and colleges exemplify open environments, where decisions to act securely and promote information security are not regarded as top priority activities (Johnson 2010). Simultaneously, CIOs alone cannot be responsible for the security of the information management systems used by universities (Oblinger & Hawkins 2006). Due to financial and technological limitations, most universities dream to have a convenient and cost-effective users’ authentication system to eliminate their information security concerns. These users’ authentication systems will be used to manage and protect the security of university e-mails and ensure that users (including students and educators) use e-mail technologies more responsibly.
3. Review of Literature
The present status of literature presents profuse data on remote user validation and the utilization of biometrics in PC networks and systems. This section provides an approach into the mainly crucial hypothetical and study results in the area remote user verification, biometrics, and security of university emails as well as networks systems
3.1. Defining biometrics and systems
Recent advances in information technologies have turned biometrics into one of the chief factors of improved security. Particular importance of that is the use of biometric data in remote users’ authentication schemes. They are gaining more popularity, mainly due to the fact that they reduce the risks of forgery to minimum (Zhang 2002). Biometrics is usually associated with automatic users’ identification, based on the person’s unique behavioral and/or physiological characteristics. Today, a wide range of biometric technologies is being used, including voice- and finger-scan systems (Zhang 2002). Probably, the latter are the most popular in use, due to their simplicity, convenience and relative cheapness.
This is one of the most used types of biometrics-based technologies, and it basically involves the employment of imagery of crinkle models on hand’s finger prints or even palms (Matyas & Riha 2011). These authentication systems read users’ fingerprint image, create a template, and then match the template with the user’s actual fingerprint. These systems can be minutiae-based and correlation-based (Zhang 2002). Fingerprint-based systems can be that of particular use in the environments that provide adequate opportunities for monitoring, training and control.
Voice characteristics make a huge difference for humans; actually, this is how individuals learn to recognize each other (Zhang 2002). The voice recognition biological systems apply similar approach where they use sound disparities in vocalizations or the distinctive patterns of verbal communication to recognize the users (Raina 2011). Unfortunately, voice authentication software has many flaws and needs in considerable improvements. Most such systems incorporate the principles of feature extraction, analysis of similarities, selection and matching (Zhang 2002). Due to outside noise or poor quality, the system can fail to identify the remote user, although its security potential is virtually unlimited. The complication of such schemes cannot be overlooked, since they have to reflect equally on the behavioral and anatomical models of the voice of the users (Raina 2011).
3.1.3. Facial- and palm-identification technologies.
These biometrics-based systems are similar to those which involve fingerprints and human voice. However, they are designed to recognize and match the facial and palm characteristics of individual users. Facial recognition systems present a number of technological and correlation issues since they may fail to recognize the user even if he/she has changed the hairstyle (Zhang 2002). Nonetheless, current biometrics-founded systems are planned to generate and correspond exactly to 3-dimensional images (Wayman, Jain, Maltoni & Maio 2005). Palm-identification systems have the potential to address the most common inconsistencies of fingerprint-scanning user’s authentication models, but they seem to be too complex for use in education facilities. Specific attention has to be given to the application/scanning along with transmission procedures to be employed in these systems, since they must be consistent so as to allow the initial taking and reconstruction of the first login details (Wayman et al. 2005). Despite all these complexities, remote users’ authentication with the help of biometric technologies is the issue that most universities and colleges need to consider, in order to guarantee the security of all the information exchanges via their e-mail systems.
3.2. Remote users’ authentication
Buy The Use Of Biometric Data In Remote User’s Authentication essay paper online
With the rapid expansion of users’ networks, remote access is becoming a vital component of data communications. According to Harrington (2005), the issue of remote users’ authentication is one of the most problematic and urgent. Li and Hwang (2010) refer to Lamport, who was the first to propose a remote authentication scheme in 1981. Those earliest systems were based on the use of passwords and identity (Li & Hwang 2010). However, they also required verification tables to be stored within the system, which could hardly help improve their security (Li & Hwang 2010). As a result, in 1998, another system of remote users’ authentication was proposed, based on the use of passwords but without any verification tables (Li & Hwang 2010). In 2000, remote users’ authentication systems were further improved, and using smart cards to verify remote users’ became a norm (Li & Hwang 2010). ). The method of making use of smart cards designed for safe user verification is quite straightforward where a PC has to be connected to a smart card reader, and the user ought to have a smart card coupon and also a PIN code. Once the smart card is slotted into the reader device, the PIN code is then used to authenticate the interactive login. Li and Hwang (2010) recommended that the market price of smart cards is comparatively low, but their protection prospective is among the utmost as evaluated to supplementary biometric systems.
Still, even smart cards could not satisfy the growing demand for security and efficiency over data communication networks. Smart cards could not be used in complex operations since their computational capabilities were very limited (Li & Hwang 2010). Passwords and cryptographic keys were also unsatisfactory: passwords could be lost or broken, while cryptographic keys were difficult to memorize. All those problems and inconsistencies gave rise to biometrics-based remote users’ authentication systems, which display a huge security potential.
3.3. The role and importance of biometric security
The growing popularity of biometrics-based systems is justified by the overall inconsistency of the existing information security systems. Jain, Ross and Pankanti (2006) write that the problem of information security entails the need to protect the most essential information elements, by providing sufficient guarantees that only authorized users will access and use the content. At present, content owners are not protected in any way. They lose billions of dollars since they are unable to limit the circle of users and guarantee that the content is not copied and distributed across information networks (Jainet al. 2006). Another argument in favor of biometric security is that it offers a potentially effective source of reliable, secret and high-entropy information (Boyenet al. 2005). Still, the absence of relevant studies that confirm the importance of biometrics-based security systems implies that not all the specialists are well aware of their benefits. It is possible to assume that biometric security is still new to information management and network professionals. Many professionals face considerable confusion trying to distinguish between security and secrecy. Actually, it is this security vs. secrecy dilemma that impedes the implementation of relevant biometrics-based users’ authentication mechanisms.
This secrecy versus security dilemma was discussed by Matyas and Riha (2003). The researchers claim that certain systems incorrectly assume biometric information and measurements to be secret; as a result, they cannot work effectively in the situations, when biometric users’ authentication information is accidentally disclosed (Matyas & Riha 2003). Systems that confuse secrecy with security will have a very low protection potential, because they do not allow biometric keys to be changed and, at the same time, fail to inform users that their information has been disclosed (Matyas & Riha 2003). The importance of biometric security cannot be neglected, but biometric data and measurements should not be secret (Matyas & Riha 2003). Matyas and Riha (2003) recommend that this information is kept secure to ensure the highest level of security of the biometrics-based system itself.
The importance of biometric security is justified mainly by the fact that earlier authentication systems have been inadequate. Earlier approaches to remote users’ identification usually involved the use of a password (something a person knows) or a smart/ID card (something a person has) (Monrose & Rubin 2000). Both categories of security protection can be easily compromised without any discovery, and information or object of possession can be extorted directly from its owner (Monrose & Rubin 2000). Biometrics holds the promise to enhance the information security level and provide stronger accountability and identification compared with traditional passwords (Monrose & Rubin 2000). The use of biometrics is likely to become extensive in those situations, where protection and security are that of paramount importance.
3.4. The existing biometric security systems, their advantages and problems
Matyas and Riha (2003) cite two most common types of biometric systems: automated identification systems and biometric access control systems. The former are used primarily by police professionals to identify victims and suspects (Matyas & Riha 2003). The number of users in such systems is usually strictly limited and constantly monitored. These systems are that of little value to those, who operate beyond criminal justice. Much more interesting are the so-called biometric access control systems, “which are employed by ordinary users to gain a privilege or access right” (Matyas & Riha 2003, p45). These systems are much more complicated and call for more sophisticated security protection models. Without human intervention, the functioning and operation of such systems can be quite challenging (Matyas & Riha 2003). Despite certain problems, the advantages of such systems are too obvious. They can be fairly considered as the most successful attempt to protect the security of users’ information as well as the system itself.
The main advantages of biometrics-based security systems were specified by several authors. Li and Hwang (2010) present five most essential advantages of a biometric security system:
1. Biometric keys cannot be forgotten or lost;
2. They are also difficult to share or copy;
3. Biometric keys can hardly be forged;
4. One cannot guess a biometric key easily;
5. One cannot break a biometric key quickly (Li and Hwang, 2010).
Matyas and Riha (2003) also say that biometrics-based users’ authentication systems successfully cope with their primary mission: they authenticate only the user, and nothing else. Users’ biometric characteristics are unchangeable and permanent (Matyas&Riha 2003). This is just another advantage of biometrics. Moreover, because biometric keys cannot be lost or forgotten, they eliminate the problems associated with the recovery of the lost data (Matyas&Riha 2003). In this sense, biometrics-based users’ authentication systems can also be regarded as cost-effective. Eventually, it is speed that distinguishes biometrics-based users’ authentication systems from the traditional ones (Matyas&Riha 2003). The process of authentication using iris-based information does not exceed 3 seconds, while using the right key to enter the system with the help of a smart card generally takes about or even more than 10 seconds (Matyas&Riha 2003).
Unfortunately, the use of biometrics in remote users’ authentication is not without difficulties. Researchers have developed an extensive body of information regarding the main drawbacks and weaknesses inherent in biometrics-based systems. First of all, there is still no consensus regarding the stability and accessibility of the biometric data: while Matyas and Riha (2003) write that biometric data are stable and unchangeable, Tang et al. (2008) claim that biometrics are only approximately stable. As a result, biometric data cannot be easily incorporated into the existing security systems. Error-correction concepts need to be used to address this problem (Tang et al. 2008). Second, biometric data are highly sensitive, because they are unique and exclusive. As a result, in case of disclosing the data, users’ identity will also be disclosed (Tang et al. 2008). In case if the user is registered in two or more systems and uses the same biometric data, the risks of disclosing such information also increase (Tang et al. 2008). Faundez-Zanuy (2004) also adds that, if biometric data are stolen, they cannot be replaced. This aspect adds complexity to the use of biometrics-based remote users’ authentication systems.
Biometrics-based users’ authentication systems are also associated with a number of problems that go beyond their technical characteristics. In business, biometrics is claimed to be insufficient as an instrument of data security protection (Chandra & Calderon 2005). ). In the turbulent business world, the main challenge encountered by businesses and education institutions is turning biometrics into an essential component of complex security systems,although it isn’t at all times likely to incorporate these results into the subsisting business forms (Chandra & Calderon 2005). Consequently, the protections prospective of such applications are unrealized. In business environments, biometrics-used systems also lead to higher costs and also increase the complexity of everyday use (Chandra & Calderon 2005). They often suffer from imprecise standards, making the process of remote users’ authentication very unreliable, whereas stricter standards often result in higher rates of rejection (Chandra & Calderon 2005). Maintenance costs, lab and field test issues, variations in biometric system effectiveness and protection of biometric data altogether produce heavy impacts on the efficiency of remote users’ authentication systems in organizations.
Legal issues inherent in the use of biometric data in remote users’ authentication should not be overlooked. Not all users may be willing to sacrifice their biometric data and have it stored within the system (Chandra & Calderon 2005). Users may be worried about the way how their biometric data are being stored. Some storage models may even interfere with users’ expectations and acceptance of authentication systems (Chandra & Calderon 2005). However, even experienced users who realize the essential role played by biometrics in users’ authentication may experience difficulties using the system. Input samples may be of insufficient quality; as a result, they will be unsuitable for further processing, and users will have to repeat the procedure, thus getting more annoyed (Matyas&Riha 2003). This is why the input devices used in remote users’ authentication schemes based on biometrics should be reliable and easy to implement. They should be either under human supervision or tamper-resistant (Matyas&Riha 2003). Again, these are additional complexities and costs, which not all organizations may be willing to accept. Nevertheless, biometrics-based remote users’ authentication should gain more popularity in educational institutions, where the level of information security deserves particular attention.
3.5. E-mail security and biometrics
The use of biometrics e-mail systems can be very promising. Many organizations and educational institutions lack sufficient data security within their e-mail exchange systems and databases. Information security is often the last thing senior executives choose to consider, possibly because they are worried about increased costs or cannot link information security to their profitability concerns (Dutta&McCrohan 2002). Not surprisingly, many information security systems in organizations fail, leading to catastrophic consequences. Security breaches are much more frequent ones than could be and much more damaging than necessary (Whitman 2004). However, according to Bolle, Connell and Ratha (2002), many organizations and institutions could avoid the difficulties with their e-mail systems if they chose to use biometric data. They could achieve the desired level of true users’ identification and eliminate their safety and security concerns.
Unfortunately, many e-mail security systems and models rely on nothing but fear appeals. The latter were described by Johnston and Warkentin (2010). Fear appeals are persuasive messages that apply to users’ fear in order to make them comply with the prescribed course of actions (Johnston & Warkentin 2010). These Fear pleas function as a frightening factor since they terrify people by recounting the awful things that will befall them when they don’t comply with the messages (Johnston & Warkentin 2010, p.551).
However, fear alone cannot guarantee the security of e-mail systems in organizations. Users must understand the principles on which e-mail systems rest and how they operate. The use of biometrics should also be associated with the provision of relevant information to e-mail users because many of them are unaware of the way biometrics-based remote users’ authentication can enhance their protection online. Today’s e-mail systems are not protected as well as they could be, and information professionals need to focus on the analysis of the main advantages and elimination of the chief drawbacks inherent in biometrics-based remote users’ authentication schemes.
3.6. Information security in universities
Probably, the current state of research suggests that educational institutions are the most negligent in terms of information security and the most vulnerable to users’ attacks. Logan (2008) analyzed the level of information security in a number of schools and colleges and overall found that students were not a popular target for information security information. Universities do not teach their students to be secure while using information and e-mail systems, as only a handful of universities offer information security programs for undergraduates (Logan 2008). Not surprisingly, students may face serious problems while using university e-mails.
Another problem is that universities and colleges are highly decentralized. Consequently, the major burden of information security responsibilities and procedures are being laid on end users, namely, students and teachers (Johnston &Warkentin 2010). Without biometrics, the use of traditional information security models and their outcomes can vary, depending on the environment and individual users’ characteristics. For instance, some students may reject privacy warnings, whereas others will follow security procedures fearing attacks and privacy breaches (Johnston &Warkentin 2010). In this context, the use of biometrics can become a perfect alternative to traditional passwords and an excellent way to harmonize and standardize e-mail security approaches across an organization as decentralized as university. The following are the reviews of various alternative products that can be used to develop a secure UEL university e-mail system.
4. Product Reviews
4.1. M2SYS Desktop Biometrics Suite
Today, organizations and education institutions have access to a wide range of products and data. Biometric systems are becoming more available to customers, and M2SYS Desktop Biometrics Suite is just one of them. As mentioned by the reviewer,
Neil J. Rubenking, the device enables users to forget about traditional passwords and access control applications and start using fingerprints for remote users’ authentication. At the heart of the discussed device is the so-called M2-S1 Swipe Reader. It is with the help of this reader that e-mail users will swipe their fingers in order to identify themselves and enter the system (Rubenking 2012). It is a USB-connected device that reads fingerprints “below the skin surface, where they remain consistent, even as skin damage, dirt or other problems might cause problems for another reader” (Rubenking 2012, p1).
In order to install the system, the Administrator will need Windows 2000 or XP; at present, the system does not support Windows Vista. The process also requires that the Administrator enters Windows user’s name and password and the system-specific administrator’s password and name; these can also be used to reboot the system in emergency situations (Rubenking 2012). One to five fingerprints can be enrolled to finalize the process (Rubenking 2012). In order to enroll the finger, it has to be swiped across the scanner three times in a row. The system will indicate the percentage of success. In case if the percentage is low a different finger can be tried (Rubenking 2012). With M2SYS, users will need at least 70% of verification success, but it is even better if the success percentage is above 80. In the same way, other users and their fingerprints will have to be registered. The system can register up to 32 users for a single computer, and they will not need to enter any passwords: swiping the finger across the device is enough to log in (Rubenking 2012).
There are great numbers of benefits of the system: the scanner reads fingerprints just below the skin surface, and users can expect that smudges and dirt will not impact the verification process (Rubenking 2012). The system is convenient in the sense that it replaces traditional passwords with fingerprints. The level of security protection is quite high, as the system may require using a fingerprint even when it switches from screensaver (Rubenking 2012). The system itself is not suitable for use with web-based passwords. Therefore, it can function well and be cost-effective in everything that relates to the use of Windows, not e-mails. The cost of the basic version of the fingerprint scanner is $89.99, which is somewhat expensive for a university which has 29,000 students (Rubenking 2012).
4.2. DigitalPersona Biometric Device
DigitalPersona is just another biometric application currently available at the market. More specifically, it is DigitalPersona Workstation Pro and Server 4.0 that can be used for fingerprint identification. Reviewers describe the application as “a robust single sign-on (SSO) software suite that allows an enterprise to replace passwords with biometric fingerprint readers or provide dual-factor authentication” (Huston 2007). The device consists of two pieces: DigitalPersona Pro Workstation servers and individual system components.
The workstation software operates independently, but the server component provides domain-wide single sign-on (Huston 2007).
The installation process is easy and straightforward, although the server installation process is somewhat longer than for individual systems. Once installed, the workstation wizard is used to record new fingerprints (Huston 2007). After some training, the fingerprint scanning device can be used to register a fingerprint in less than 10 seconds. Both the individual and server elements can be purchased without the fingerprint scanner. The fingerprint scanner has been found to be quite reliable, with no false positives and several false negatives (Huston 2007). The server software exemplifies a more robust version of the individual framework, which provides sufficient capabilities for effective users’ authentication. Administrators will not experience any difficulties creating a user’s template; templates can be created either with the help of password-change forms or by means of entering keystrokes into the required fields (Huston 2007). For enterprises seeking an effective biometric authentication system, DigitalPersona can become an excellent solution although the cost of the system is quite high for my university which apparently a population of 29,000, and the starting price of the device is $1,499, and it can only be used with Windows XP and Windows Server 2003.
4.3. Mantra Softech Biometric Authentication
Mantra Softechis another example of fingerprint technologies used for biometric users’ authentication. The system can be readily used to enhance the effectiveness of user’s authentication procedures in a university e-mail system. Mantra claims that its system is unique and very accurate (Mantra Softech 2012). Below is a simple scheme provided to explain the process of users’ authentication through Mantra Softech:
Mantra Softech has created the system that is equally comprehensive and simple. Like any other fingerprint identification device, Mantra will attempt to identify and verify the user, by comparing the submitted fingerprint template to the information included in the verification database (Mantra Softech2012). The system can be easily interfaced with other Biometrics systems, including BAPI and BioAPI, and will perform a series of standard verification functions, from enrolling users to discovering their identity (Mantra Softech2012). Seemingly, the Mantra Softech Company doesn’t present any records concerning the price of its device, even though it’s still accessible once a request is made and therefore I placed a request through their online forum and am yet to receive any confirmations.
4.4. Privaris biometric security systems
Privaris’ products are known for their effectiveness and reliability. One of the latest and most promising is the so-called plusID biometric security device, which helps identify and verify remote users by their fingerprints. According to Privaris (2012), the plusID biometric security device can be equally useful in individual computers and complex Internet-based networks. The plusID biometric security device can also be used to authenticate users, who access websites, computers, software, and even secured printers (Privaris 2012). All information about users and their fingerprints is stored in the plusID secure database. The process of enrollment is quick and easy: the device transmits users’ biometric information after the fingerprint scanner is used and biometric authentication is completed (Privaris 2012).
One of the greatest advantages of plusID from Privaris is that the system helps organizations reduce their IT costs by 40-60%: IT password management is one of the biggest administrative hassles facing today’s organizations (Privaris 2012). By eliminating the burden of password management, plusID can help reduce the administrative costs by more than $250 per employee (Privaris 2012). At the same time, plusID can be easily integrated with the existing password-based systems, through one-time password delivery. The system is easily integrated with SSO software applications (Privaris 2012). It is very flexible and always includes three different communication options: Bluetooth, USB and 13.56MHz. It can support both remote and local users’ access and does not require any additional expenses to create a biometric database (Privaris 2012).
Reviewers suggest that plusID from Privaris was created to provide a relevant response to the existing cyber-threats (Info Security Product Guide 2012). Another benefit of the system is that it provides both logical and physical access and, therefore, can become an excellent practical solution for commercial and not-for-profit organizations. With the help of Privaris universities can build secure e-mail networks and reduce their password management costs.
Comparative Analysis of the Fingerprint Scanning Systems
Type of system
1. Easy installation and operation.
3. Scans fingerprints below the skin, thus reducing errors.
5. Low cost
2. Easy to install.
4. Easy administration.
1. Easy interface.
2. Straightforward installation and use.
1. Equally effective with individual and network applications.
2. Quick user enrollment.
3. Reduces IT and administrative costs.
4. Can be easily integrated with the existing business systems.
1. Does not support Windows Vista.
2. Requires perfect administration.
3. Not suitable for web-based and email systems.
1. Has two components.
2. Requires training.
3. High cost.
4. Can only be used with XP and Windows 2003 server.
1. The cost is unknown.
2. Little information about the benefits and potential weaknesses of the system.
1. Not indicated.
Cost per student
6. Selection of Tools, Techniques and Methods
The plus ID90 biometric security device has several good features or rather characteristics which include superior affordability whereby it works impeccably with all the logical and physical security systems, it has long-life whereby it has about a thousand uses amid recharges. Its privacy level is top notch as every biometric process is done on the client’s personal device, and more so the security level is tamper proof as its able to endure physical and digital attack, and conveys all credentials through encryption. The device can operate multi-purposely where one of them is able to offer way in to multiple networks, computers, and facilities but all these excellent qualities are shadowed by the fact that the device is extremely expensive and therefore it would be uneconomical for the university to install it. A more affordable device for the school will be USB Biometric Fingerprint Password Lock Security which offers security to laptop computers.
This USB Biometric Fingerprint Password Lock Security lock makes use of the exceptionality of an individual’s fingerprint features so as to stop any unauthorized admittance to their computer. Through the adoption of a fingerprint scan authentication, one’s computer is left for their sole use and this enhances one’s private data through the application of sophisticated data safeguard features like file/folder encryption by fingerprint, encryption of password bank, display saver lock, Windows login, and Virtual Disk Drive. Moreover, the device is designed to amass up to ten fingerprints.
The main features of the device include: an USB 2.0 interface which can tolerate more than 100 million instances of finger sliding, a sophisticated biometric fingerprint feeler technology, and its friendly with Windows 7, Vista, XP, and Windows 2000. The appropriate working temperature is between 25 to 85 %u030AC and supports languages ranging from Chinese, Brazilian, Korean, Russian, Spanish, Portuguese, Italian, Japanese, French, German, and English amongst others.
The disabled people also ought to be offered the chance to use the USB Biometric Fingerprint Password Lock Security device since they too want to safeguard their computers and personal data. There may be students who have visual impairment, fingers missing, or even on wheelchairs and they too need to be treated well when it comes to the use of the biometric device since they have to use them too. Personal assistance will be offered by neighboring students and lecturers and were possible to install other biometric security apparatus like those which read signature, voice, iris, retina, hand geometry, and face recognition.
The USB Biometric Fingerprint Password Lock Security device creates a system which is evenly simple and comprehensive. The device attempts to recognize and validate a user once they swipe their finger onto the marked slot by matching up the presented fingerprint stencil to the data integrated in the authentication database. The software is first installed by running the BioExcess pat and then running the main setup. Afterwards, the device is connected to the computer through a USB cable. Care must be taken so that someone installs the software first before connecting the device to the computer. The device has quite a reasonable cost of £8.54 which is economical as compared to the university’s population of 29,000 students. The security offered by the device is top notch as it incorporates quite a sophisticated biometrical fingerprint feeler technology therefore any forged prints won’t be permitted.
The implementation process in the use of biometric security devices in the institution will basically cover the purchase and the use of the devices wherebyIT specialists from the firm were they have been purchased from come to the school and guide the students on their usage. Another means is by the employment of the university’s IT department in dealing with educating the students on how to apply the devices in securing their emails.
6.1. Selection mode
The mode of selection is based on the most predominant features of the biometrics-based users’ authentication systems noted in the Product Review section. This section was designed specifically to create more objective picture of the biometrics-based systems market and provide a relevant basis for choosing the most appropriate remote users’ authentication system for university e-mails. The main criteria used to select the most appropriate tool includes: (1) cost, (2) feature complexity, (3) integration difficulties, (4) security and authenticity; and (5) whether or not the system allows for the presence of alternative authentication ways and can enable IT developers to comply with the ethical and social requirements of the digital age.
The biometrics-based system was proposed to replace traditional passwords in the UEL. The choice this gadget as the central biometric device for remote users’ authentication was based on the following criteria: (a) cost, (b) complexity, (c) security, (d) integration difficulties; and (e) whether or not the system allows for the presence of alternative users’ authentication devices
6.2. Essential system requirements
6.2.1. Security requirements. The proposed biometrics-based remote user authentication scheme will meet the following security requirements:
(a) The system will withstand the most common masquerade attacks, when the adversary masquerades as a legitimate user and tries to enter the system;
(b) The system will display better resistance to replay attacks, thus preventing illegitimate users from sending fake messages and deceiving other legitimate users;
(c) The system will protect remote users from unreasonable data loss risks because no adversary will be able to retrieve the fingerprint information from a smart card, just in case if it is stolen or lost.
6.2.2. Functionality requirements. The system does not require that users memorize complex cryptographic keys or passwords. Only a fingerprint code is needed to enter the system. As a result, the system will allow reducing possible information overheads and will certainly eliminate the risks of information leaks between two users over the insecure network (Li & Hwang 2010). The system will not have the centralized server to store personal identifiable information and guarantees non-repudiation due to the use of personal biometric data (Li & Hwang 2010).
6.2. Tools to be used in the construction of the project
Based on the information provided in the Product Reviews section in Amazon, the USB Biometric Fingerprint Password Lock Security lock will become the basic instrument in the development of the UEL. The choice of this USB biometric device is primarily justified by its reasonable cost and the ease of integration into other computer and e-mail systems. The functionality of the biometrics-based device is out of question, and the system can successfully replace all traditional identification pathways, while also making the entire system more productive and efficient (Info Security Products Guide 2012). The device is the device that facilitates both logical and physical access and can be used to provide access to multiple facilities and support multiple security formats. This is particularly relevant in the context of highly decentralized academic institutions such as universities, where granting access only to one of many existing facilities can be crucial to the security of the entire e-mail network.
University IT professionals should not worry that the new system will not work with the existing e-mail networks since the USB biometric device is compatible with 85 percent of the existing systems. Network developers can choose the most appropriate users’ authentication format, from contactless smart cards to vehicle gate access and proximity cards. Below are the standards, with which USB biometric device is fully compatible:
- An USB 2.0 interface which can tolerate more than 100 million instances of finger sliding
- A sophisticated biometric fingerprint feeler technology
- Friendly with Windows 7, Vista, XP, and Windows 2000
- The appropriate working temperature is between 25 to 85 %u030AC
- Supports languages ranging from Chinese, Brazilian, Korean, Russian, Spanish, Portuguese, Italian, Japanese, French, German, and English amongst others. This shows that it can be able to identify the voice and do as to the command.
The price of a single device ranges between £8.54 and £10.50, depending on the processing capability and complexity. The most suitable is the USB Biometric Fingerprint Password Lock Security For Laptop PC Computer brd version, which is easy to use and provides remote users’ authentication within one second per user or less. The most essential feature of the model is that all of its biometric processing together with template matching and enrollment is done on the user’s private device, therefore doesn’t expose biometric information to external databases, servers, or readers. It cannot be used by anyone, in case if it is broken, stolen or lost, and it is designed to withstand any physical or digital attack (USB Biometric Fingerprint Reader Password Lock Security for Laptop Computer PC - Laptop Others (n.d.)). The only problem is that the device should be regularly recharged, preferably after every 1,000 uses. Given the number of students in the university and the frequency, with which personal e-mails are used, somebody will have to monitor the state of the device and recharge it regularly to avoid delays with users’ authentication.
7.1. Designing a university e-mail system (UEL) using the USB Biometric Fingerprint Password Lock Security device
The new remote users’ authentication system will be based on the USB Biometric Fingerprint Password Lock Security device which is also to become the central component and the basic functional element. The system will also require developing alternative authentication pathways to ensure that individuals with disabilities and those, who lack certain physical traits, can use the system on equal terms with those, who do not experience such problems. The system does not involve the use of traditional cryptographic components but, instead, allows using fingerprints as an easy and convenient method of remote authentication.
7.2.2. Performance benefits. The proposed scheme will help reduce the costs of computation since smart cards with biometric information do not usually require high computation and processing costs (Li & Hwang 2010).
7.3. System components
The system will involve the use of Graphic designers to create Graphical Users’ interfaces and the Win32 API to ensure the full compatibility of USB Biometric Fingerprint Password Lock Security and the existing e-mail network. With G-mail being the central and most common e-mail agent in universities, the system will also be based on G-mail SMTP and POP servers. The OpenSSL library will be used to reconfigure fingerprint information and facilitate users’ access to e-mails.
7.4. System processes
The process of implementing and using the system will start with enrolling new users and collecting their fingerprints to issue individual smart cards. USB Biometric Fingerprint Password Lock Security device uses a simple method of collecting users’ fingerprints to have them registered within the system.
At this stage of the system implementation, a professional representative from the respective IT firm will asked to be present, to avoid misunderstandings and false positive registrations from multiple users. Matyas and Riha (2003) suggest that the quality of the very first fingerprint is crucial to the functionality and operability of the entire system.
Once the first sample is provided, the system will need some time to process the new information and transform it into a digital code.
The fingerprint sensor shown on the diagram can use optical pressure and thermal terminologies so as to obtain figure features images. It consists of an analog to digital type of converters that help in translating analog information to a digital code.
Due to the overall effectiveness of the proposed system and the USB Biometric Fingerprint Password Lock Security device fingerprint scanning device, no additional samples will be required. The biometric characteristics obtained from the e-mail user will be transformed into a comprehensive master template, simultaneously categorizing it to facilitate fast search and matching decisions (Matyas&Riha 2003). As mentioned earlier, the system will store the master template on a smart card, as only smart cards are appropriate for use in large-scale systems. The smart card is also the only choice, when privacy concerns become too urgent.
For all the users who have been successfully enrolled, verification will be easy and fast. The verification process will involve a series of standardized steps: acquisition, creation, comparison and decision. At the acquisition stage, the system will obtain the most current biometric data from users. That is, the users will have to scan their fingerprints against the USB Biometric Fingerprint Password Lock Security device. The fingerprint device used in the UEL system does not have any features that check the user’s liveliness; consequently, it is possible to say that at the acquisition stage of the users’ verification process, the system will trust the hardware and the scanning device and assume that all measurements are proper and authentic (Matyas&Riha 2003).
Once processed, the biometric data is passed onto a new level of verification progress, which can be called as “creation and comparison.” Here, the system will create a new user’s profile and try to compare this profile to the fingerprint measurements and characteristics provided during enrollment. It should be noted, that the proposed system’s functions are limited to verification and do not involve identification. The difference between them is rather confusing but should not be ignored: while verification is the process of comparing the user’s fingerprint characteristics to the existing template, identification is about accepting and matching the new characteristics against more than one template and leading to more than one match value (Matyas&Riha 2003). The proposed system is designed primarily for verification, not identification and it will always result in only one match value. Finally, the system will make a decision to either reject or accept the user. The threshold value will be established to determine the match value at which and above which the user is considered as verified. At present, IT professionals should also test the proposed system to identify the percentage of rejection errors.
The system was tested by asking EUL students to test it first. The EUL students were then asked on their views regarding the system and below are a number of their repossesses. The responses were recorded in the table below;
Name of student
Why use biometric data?
Any drawbacks to the system?
There is no need for being memorized
It is not uniformly random
It cannot be easily compromised
It cannot be uniformly reproducible
It cannot be easily stolen
I like it the way it is
It has high entropy
I fear if it may contain radiations
8.1 Cons of using biometric data in remote user’s authentication
Although biometric data Authentication has been herald as the future of security sets, the system has its own weaknesses that include the following:
- The costs of introducing biometric authentication are extremely prohibitive in spite of the fact that has been falling.
- Sometimes the price return ratio is not very satisfactory for most clients
- Biometric data authentication may lack the necessary attributes like secrecy or the ability to update itself.
- Hand scans may not be unique to every person
- Data acquisition may be very difficult for facial access as users are required to face in the same position of access as when they were last scanned
9. Conclusion and Evaluation
This project was designed to propose a relevant practical solution to the problem of e-mail security in university systems. A biometrics-based system was proposed to replace traditional passwords in the UEL. The USB Biometric Fingerprint Password Lock Security device was chosen as the central component of the proposed e-mail system. Compared to other products reviewed in this project, USB Biometric Fingerprint Password Lock Security was found to be the most reliable, advanced, cost-effective and secure in all aspects. Our results give a suggestion that UEL will benefit from the implementation of fingerprint authentication for all e-mail users, both in terms of cost-efficiency and credibility. Simultaneously, the proposed idea will not help solve all social, ethical and legal issues.
Legal, Ethical and Social Issues
The legal, ethical and social issues of biometric identification and remote users’ access should not be disregarded. The nature of biometric identification systems and their application in university e-mail networks requires particular attention to the legal status of biometric data, possible inequities in accessing and using remote authentication systems as well as the implications of biometrics-based authentication systems for personal security and users’ privacy.
The legal significance of biometrics-based authentication systems cannot be disregarded. Many legal scholars discussed the status of biometric images and templates (Liu 2008). To a large extent, and despite certain conceptual controversies, biometric data, including fingerprints, should be treated as personal data and be protected accordingly. Biometric data are personal and sensitive data since they can uncover users’ relationships with other persons and even potentially dangerous diseases (Liu 2008). Fingerprints can become easy and effective guidance to anyone, who wants to break into the system and retrieve sensitive personal information, including the information regarding one’s ethnic origin or current health status. Additionally, the use of biometric systems may lead to human right violations, especially when users are not willing to disclose their identity and do not accept the use of fingerprints as the basic identifier (Hornung, Desoi&Pocs 2010).
Another legal problem is concerned with the way how personal biometric information is being stored. Data safety is governed by the U.K. Data Protection Act of 1998, which intents to guard persons as well as organizations from information misuse. Amongst the essential principles encoded in the Data Protection Act is that all data/information has to be safeguarded against any unofficial or illegitimate processing, and also against destruction and loss (Search Storage n.d.). Therefore, all organizations ought to have safety policies and measures so as to ensure that personal data within it is stored firmly away from any breach or exposure. Today, four major locations for biometric data are available to users and IT professionals: the server or central database, a smart card or token, a workstation, or the sensing device (Liu 2008). The latter are not as popular as the former and, hence, it is servers and smart cards that raise the most serious legal issues. Keeping fingerprints in the central database or on a server is necessarily associated with heightened risks of privacy violations (Liu 2008). The risks of privacy breaches are believed to be much lower if biometric data are not stored centrally. In organizations as large and decentralized as universities, keeping users’ fingerprints away from the central database could be easier. IT professionals should develop a relevant solution to the problem of decentralization and data storage, in order to avoid the risks of liabilities and legal costs due to poor privacy protection.
The ethical issues of biometric data systems are no less acute. The most prevalent ethical problems were highlighted by Prabhakar, Pankanti and Jain (2003). The problems, which were usually considered as purely legal (e.g. privacy violations) also have an ethical component. For example, the risks of using stolen biometrics to access the system are quite high (Prabhakaret al., 2003). Of course, it is still difficult to imagine how a hacker can present the proposed e-mail system with a copy of a user’s fingerprint, but these risks should not be totally ruled out. Very often, the hacker who decides to break into the system knows the user personally and, for this reason, can create a latent fingerprint or a three-dimensional fingerprint mold to use it for remote access (Prabhakaret al., 2003). ). Personal data stored in a smart card can be easily misused or stolen, since budding hackers requires the user’s identification ID and then he/she generates a hidden fingerprint (Mann 2002).
Biometrics-based remote users’ authentication systems also lack 100% protection from the risks of data misuse. University’s students cannot be confident that their fingerprints will not be used for the purposes other than remote users’ authentication. This is what Prabhakaret al. (2003) call as “unintended functional scope”, when the biological data collected for remote users’ authentication can be used to provide additional information about users. Also, in biometrics-based remote users’ authentication systems, users’ anonymity is never guaranteed. “Strong biometric identifiers like fingerprints allow the possibility of unwanted identifications” (Prabhakaret al. 2003, p41). Not surprisingly, even the simplest biometrics-based system can be used by organizations to collect sensitive information about users and accumulate power over their autonomy and individual decision making.
Biometric recognition also has the potential to deny users their right to anonymity, because fingerprints allow for fast and quite effective covert recognition of everyone previously enrolled in the system (Prabhakaret al. 2003). Again, it is better to use the benefits of decentralized data storage in order to avoid these ethical complexities. It is also possible to issue smart cards or tokens containing users’ fingerprint samples, to reduce the risks of privacy intrusions and guarantee that the personal information being provided is used solely for remote users’ authentication purposes.
Probably, the most interesting and complicated are the social issues associated with the use of biometrics for remote users’ authentication. Apparently, biometrics-based technologies and systems may lead to unexpected consequences and impact the entire society. Taking into account the growing interconnectedness of information users, networks and systems, even a single biometric key stolen by hackers can have devastating impacts on the public (Chinchilla 2011). ). More particularly, since the system’s login interface or rather system becomes interconnected to different systems, then it creates a weakness were malfunctioning of the software could accidentally give access to numerous databases or even systems.
Another social problem is the use of sensitive biometric data for surveillance purposes (Chinchilla 2011). As mentioned previously, fingerprints can be used to breach users’ anonymity and capture their faces, which can be used later, and without users’ consent, to monitor their activity (Chinchilla 2011). In this context, biometric technologies are no different from other users’ authentication technologies in that they do not always serve the intended purpose.
The use of biometrics-based systems, including fingerprint identifications e-mail systems, may not help reduce the existing inequities. One of the fundamental questions is in how minority users will manage to learn the basics of biometric identification, its principles and potential benefits. Some minority communities display ethnic bias with regard to using their fingerprints as a tool of authentication in remote networks (Chinchilla 2011). Even more problematic is the use of fingerprints by people with disabilities. How will individuals, who lack certain physical traits, identify themselves within the e-mail system and will they be able to enter the system and use its features without applying to fingerprints? A good biometrics-based users’ authentication system will always provide alternative ways to enroll and authenticate users, thus preserving the most appropriate social equity balance and avoiding the risks of discrimination and bias.
From above, it can be argued that biometrics-based remote users’ authentication systems bring to the surface numerous social and ethical issues. Some of the issues include stolen biometrics to access such a system are quite high, biometric-based users’ authentication lacks 100% protection, use of surveillance data for wrong purposes, if a biometric key is stolen it can have devastating effects to the whole society, or by denying genuine users the right to anonymity. In its current state, the system does not include any alternative components for those users, who have no physical ability or are not willing, for any reason, to use the proposed fingerprint system. Some users may be concerned about privacy and security risks, whereas other may have difficulties disclosing their sensitive biometric data, either due to its absence or because of the absence of certain physical traits. Our results suggest that it is difficult to imagine how the proposed system will help eliminate social inequity and even discrimination against individuals with disabilities and minority groups. Still, the system leaves sufficient room for use of alternative users’ authentication devices, which can reduce the scope of these controversies without imposing any major costs. What seems to be the most important is that the proposed system will reduce and eve
Related Free Informative Essays
- World Affairs: India
- Mobile Money
- Building an Access Control System
- A-1 Driving School Training Program
- Leadership Governance
- Pre London 2012 Paralympics Games Scenario
- Geochronology: The Problem of Metamorphism in Present Time
- The Scotch Settlement School House Impact on Henry Ford's Life and Legacy
- Men’s Blazer
- Career in Logistics