280 likes | 455 Views
Biometrics: Government and Public Safety Opportunities. Presented by: FRANCES ZELAZNY DIRECTOR OF CORPORATE COMMUNICATIONS. Agenda. The New Climate for Biometrics Prerequisites for Accelerated Adoption Key Legislation Standards Technology Advances Integrated Solutions
E N D
Biometrics:Government and Public Safety Opportunities Presented by: FRANCES ZELAZNY DIRECTOR OF CORPORATE COMMUNICATIONS
Agenda • The New Climate for Biometrics • Prerequisites for Accelerated Adoption • Key Legislation • Standards • Technology Advances • Integrated Solutions • The role of biometrics
The New World Networked, Global,…, Challenged! • Terrorism • Border Control • Immigration • Crime • The Internet • Mobile Access • Identity Fraud/Theft A New Framework for Security Is Needed The Decade of Security
Security Based on Trust Trust Identification Security Must Go Beyond Fences, Doors & Firewalls to Establishing Trust & Gating Human Actions Biometrics
Evolution Towards Mainstream Point of Sale Fortune 2000 Law enforcement m-commerce Financial Federal Agencies e-commerce Dept. of Defense Healthcare National ID Programs Transportation Access Transactions Government Regulated Industries Commercial (Mass Adoption)
Prerequisites for Accelerated Adoption • Clear Value Proposition • Mission & Mandate & Political Will • Legislation driven • Clearing Adoption Barriers: • End user resistance: Awareness & Education • Privacy concerns: Responsible use & IBIA principles • Validation Initiatives • Building practical technical architecture • RFI/RFP Pilots • Standards • Technology Advances & Maturation • Funding
Pre 9/11 Legislation • E-Sign Act • Recognized biometrics as a form of digital signatures • Health Insurance Portability & Accountability Act (HIPAA) • Regulations support use of biometrics as a means to protect privacy of patient records • Financial Services Modernization Act • Privacy regulations covering information sharing among financial institutions and their affiliates
9/11 Effect • By November 2001, 16 Congressional Legislative Initiatives Cited Biometric Implementation • Made Increased Deployment in Civil and Government Programs Inevitable • Mandated Use in Critical Infrastructure • Accelerated Private Sector Adoption • Key Legislation: • Aviation and Transportation Security Act (2001) • USA PATRIOT Act (2001) • Enhanced Border Security and Visa Entry Reform Act (2002) • Maritime Transportation Security Act (2002) • Defense Appropriation 2002, 2003
Clear Political Will • “…every foreign visitor desiring entrance into the United States to carry a travel document containing biometric identification -- that would be fingerprints or facial recognition “ President George W. Bush, May 14, 2002 • “Fingerprints do not lie” Attorney General, John Aschroft, June 4, 2002 • Formation of National Biometric Security Project
Initiatives • New Initiatives/Pilots for Testing Solution Architecture & Operational Scenarios: • DOD: Common Access Card (CAC) • DHS/TSA: Transportation Worker Identification Card (TWIC) • DHS: US VISIT (Entry / Exit) • GSA: Smart Access / Common ID • Continued discussions on Trusted Traveler, Drivers’ License Standard • Extensive NIST & DARPA testing programs • Expect/Hope for Government to GFE biometrics in their upcoming RFPs
Standards Activities – M1 Current Structure Ad-Hoc Group on Biometric Application Profiles Ad-Hoc Group on Biometric Data Interchange Formats Ad-Hoc Group on Biometric Interoperability in Support of the Gov. Smart Card Framework Ad-Hoc Group on Biometric Performance Testing, Quality, and Definitions
M1 Standard Standards Under Development Finger Pattern-Based Interchange Format Application Profile Verification & Identification of Transportation Workers Finger Minutiae Format for Data Interchange Application Profile Personal Identification for Border Crossing Face Recognition Format for Data Interchange Finger Image Interchange Format Application Profile Biometric Verificationin Point-of-Sale Systems Iris Image Format for Data Interchange
www.biometrics.org www.nist.gov/bcwg www.bioapi.org www.ibia.org www.biometricfoundation.org M1 Standards Incubators www.itl.nist.org www.nist.gov/cbeff
Technology Advances: FRVT 2002 • Demonstrated that facial recognition is ready for prime-time in large-scale 1 to many applications • Accuracy comparable to finger under controlled environment • Top tier technologies demonstrate maturation of industry • Need to focus our efforts on supporting large implementations, quite different than a technology race Scalability, Redundancy, Flexibility are Key
Technology Advances: Live Scan • A central component of registration and background checking process • Capturing the gold standard tenprint • New technologies like • Moisture Discriminating Optics, • Clear Trace Imaging, • Dual Beam Illumination make it possible to capture clearer prints for maximum hits, higher throughput with less maintenance issues & lower cost
Technology Advances: Mobile ID • Mobile units allow for spot checks along the border using dual biometrics (finger and face) • Huge impact on domestic agencies that are already using these types of systems • 100% of all hits verified
Technology Advances: Face & Finger Fusion • Face & Finger biometrics readily address legacy data issues • Int’l Civil Aviation Organization (ICAO) 9303 recommends face methods in travel documents • November 2002 - GAO Report (GAO-02-952) on the use of Biometrics and Border Security very positive towards face & finger • January 2003 - NIST Report (303a) supports the use of face & finger biometrics on border • Proven performance improvements through fusion logic
Integrated Solutions: The Role of Biometrics • While biometrics are critical for new security framework • Must keep in mind they: • Are merely an enabling component • Must be viewed as subservient to overall security requirements • Impose significant constraints on system design Looking at security from biometric end is tantamount to the “tail wagging the dog.”
Biometrics’ Constraints, Why? Biometric complexity creates opportunity for a new component that simplifies integration & adoption: “Identity Framework” • Imperfect technologies • Unfamiliar to end-users • Workflow change • Difficult to scale • Data security issues • Integration challenges • Complex Architecture • remote distributed systems • impact both client & server-sides • Raise legal & social issues (e.g. privacy)
Identity Framework Security Systems • Middleware play: • That provides identity information & user management to any security application • Expected to become largest IT infrastructure play over next 5 yrs • Dramatically enhances biometric value proposition • Next: Examine traditional vs. Identity Framework-based approaches to holistic security Identity Framework Biometrics
Credential Issuance Enrollment Badging, ID Cards, etc PKI ID Databases Data Capture (biometric, ID) Access Qualification Physical Transactional Logical Background Checking Trusted Identity Detection Intelligence Surveillance On Demand ID Negative Databases Data-Mining Engines Identity Processes
Traditional Security Systems: Stove-Piped • Not leveraged: significant redundancies • Many loop holes • Long term: higher total cost of ownership (more costly to maintain, upgrade, or add new capabilities) Adding Biometrics System 1 System 2 System 3 System 1 System 2 System 3 Biometrics Biometrics Biometrics
Continuity of Authentication™ • Common underlying technical architecture • Handle multiple biometrics • Handle non-biometric methods • Audit all biometric and non-biometric transactions
Using Identity Framework • Shared identity-related services with well defined API • Ties components from different vendors to create a holistic system • Same Identity data served across many different security applications • Continuity of Authentication • Universal Access System 1 System 2 System 3 … Identity Framework Biometrics
Building Holistic Systems • Multiple components invariably required to deliver overall security or identity systems • Example: • AFIS • Live scan, • Access control, • Information security, • Badging, etc. • End user may consider procuring total system from single vendor • Risks: • Single vendor is unlikely to always have “best of breed” offerings for all component • Technology vendors not necessarily best system integrators • Proprietary total solution may trap end user by eliminating choices down the line
X Lowering The Risk • Adopt • Identity Framework • Best of breed identity technologies/biometrics from various vendors • System integrator to pull overall system together • Advantages: • More competitive solution • Better solution: • Flexible, • Scalable, • Interoperable, • Interchangeable • Staged development & deployment Not locked into vendor proprietary offering
The Last Word • Biometric performance should be looked at in context of total systems • Biometric systems can meet real world requirements today! • Identity Management begins with adopting a framework -- a critical middleware that can enhance biometric value & allow staged adoption of biometrics without violating system design principles • Continue to be very upbeat about biometrics & their role in enhancing total security!
Name Frances Zelazny Title Director of Corporate Communications For More Information Phone: Fax: 201-332-9213 201-332-9313 E-Mail: Web Site: frances.zelazny@identix.com www.identix.com