1 / 16

Making aircraft more secure against terrorism without impacting convenience

Making aircraft more secure against terrorism without impacting convenience. Steve Kirsch stk@propel.com. About me. Entrepreneur Founder, 4 Silicon Valley companies "Top 10 Entrepreneurs of 2000" Red Herring magazine. Philanthropist “100 Most Generous Americans” Worth magazine

delta
Download Presentation

Making aircraft more secure against terrorism without impacting convenience

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Making aircraft more secure against terrorism without impacting convenience Steve Kirsch stk@propel.com

  2. About me • Entrepreneur • Founder, 4 Silicon Valley companies • "Top 10 Entrepreneurs of 2000" • Red Herring magazine. • Philanthropist • “100 Most Generous Americans” • Worth magazine • I have no financial interest in any of this

  3. The goal • “hassle factor” of intense security is #1 obstacle to returning to normalcy - Delta CEO • The most efficient way to stop terrorists is not let them in the country in the first place • Goal: security convenience.

  4. Process suggestions • Look at each check we do today: Is it redundant or required? • More isn’t better. Re-examine and simplify. • Must we really waste time searching for an confiscating nail scissors? Do security questions really work or is a reminder sufficient? Who are we trying to catch? Amateurs or professionals? • Don’t limit thinking to airport boundaries • World ID give us a foolproof “foreign key” to allow us to accumulate information from disparate sources and analyze to detect suspicious behavior patterns, e.g., a suspicious wire transfer + flight school suspicions + “CIA watch list” • Make suggestions easy • Test it! • Challenge the FAA red team to penetrate it (on paper). What was effective? What wasn’t. • Propose a solution and have a separate group create 200 hypothetical attacks against the solution

  5. Most effective are also cheap, simple, fast • Train the crew for how to handle terrorism • Fortify cockpit door • Scan carry-on luggage for bombs and guns; scan checked luggage for bombs • Arm crew with pepper spray/foam • Train passengers to be vigilant for suspicious behavior + a way to report this • Police officers fly free • Background check and validate identity of security personnel and anyone with access to the planes • Professionally interview suspicious passengers =doing =not doing… why?

  6. What else? • Criteria: • Minimal inconvenience AND • Significant value add • What’s the first thing a terrorist learns?

  7. World ID card World ID World ID • Facilitates background checks • Authenticates identity • Authenticates uniqueness so aliases are useless • Provides mechanism to track and catch people wanted by law enforcement wherever there is a mag card reader • Protects privacy! No less private than what we have today • Information stored centrally to eliminate possibility of tampering Steve Kirsch 563-456-345 Magnetic strip has room for 200 bytes so keep it simple: Name, unique ID • Local cache has all but most recent data & local iris code stoplist in case communication disrupted • Process backlog when communication restored

  8. Core concept • Enrollment station: • Once per lifetime, person enrolls iris and is assigned a unique serial number. Serial number of iris enrollment is permanent for life. • If smart card, person may add additional biometrics and PIN. Change these options at any time. Use iris to authenticate changes in central databank and digitally signs these changes. • If traveler loses card, just re-enroll, and system will issue replacement card with info from central database. • Swipe card to issue boarding pass with seat # • Swipe card to get past security • Swipe card + present iris to board plane (card centrally verified in realtime usually, but can also be shortly thereafter) • Federal agencies can “flag” a World ID for “agency notification” or “apprehension” or “travel denied” • With iris, it is impossible to evade detection. Iris scan-number association can NEVER be hacked. That is impossible.

  9. A simple example • I hire an employee • I ask to see his World ID card number (the name might be phony but the number is invariant) • I can validate via Internet: type in his number and pull up his photo or use a $200 iris scanner (the latter is foolproof) • He steals $100K worth of equipment and “disappears” • I give the police his World ID card number • If he ever travels by plane, applies for a driver’s license, or gets pulled over by a cop for a traffic violation, for the rest of his life anywhere in the world, we’ll catch him. Phony ID will NOT protect him. • If people know they will be caught, there will be less crime.

  10. Some facts about biometrics • 2 biometrics are NOT better than 1 ! • FAR decreases, but FRR increases • Smart cards are not required • A dumb card with just an ID number is fine for our purpose • Most innovative would be to use a smart card with a dumb stripe which provides compatibility with an upgrade path and keep the card spec open. This would allow offline validation while still being secure. • Use of one biometric to authenticate uniqueness and another to authenticate identity is subject to fraud • Must use iris whenever security is important

  11. Iris is “the gold standard” • Iris is stable for life after age 1 • Camera can’t be fooled by contacts or photographs or dead people • No physical contact required • 1 second iris capture time • The perfect (and only) biometric for authenticating uniqueness • CER less than 1 in 1,000,000 • 240 degrees of freedom: everyone has a unique value • Can determine uniqueness in a 1B member database within a fraction of second • There has never been a false iris recognition • Iris codes are small (512 bytes) • Fast: 100,000 comparisons/sec on a desktop computer; ONE desktop computer could validate everyone in the country in <1 hour • To do: optimize packaging for mass use

  12. Benefits • Enables us to reliably stop a known terrorist from boarding a plane, entering the country, entering SuperBowl, … • We can alert silently and have a SWAT team ready when the plane lands without arousing suspicion of the suspect • Enables us to track suspicious behavior across disparate sources • Compatible with government requirements • Patriot Act • Border Security bill • Driver’s License bill • Minimal cost: iris stations are a PC and $200 iris scanner • Proven technology (used in airports today) • More convenient for customers: only iris scan at boarding gates where absolute identity authentication is critical; use card otherwise; don’t need a boarding pass

  13. Summary • Evaluate each step for cost effectiveness • Do simple things first • Passenger vigilance training • Pepper spray/foam • Make it EASY to submit ideas • Test to see which are really cost effective in stopping FAA red team • World ID • Permanently associates iris & number • 100% available, zero wait time, can’t be hacked, private • Technically straightforward. Dumb or smart w/dumb. • Politically possible now …carpe diem! • Be visionary…huge positive for law enforcement

  14. References • National Academies report on national IDhttp://www4.nationalacademies.org/news.nsf/isbn/030908430X?OpenDocument • Creating PhotoIDs with mag stripe from a PC:http://www.atlantekinc.com/mag_str.htm

  15. General observations • People are terrible at matching a photo ID with a boarding pass • If this is important, we need a better way • Terrorists are expert at ID forgery to evade detection • Fix: Associate a permanent and unique serial number (World ID) to each person and require World ID lookups at airports, etc.

More Related