NETWORK WORLD NEWSLETTER: M. E. KABAY ON SECURITY
08/09/05
Today's focus: Lend me your ears
Dear security.world@gmail.com,
In this issue:
* Methods for authentication
* Links related to Security
* Featured reader resource
_______________________________________________________________
This newsletter is sponsored by SafeNet
SafeNet Borderless Security Executive Report: Includes Exclusive
Interview with Gartner analyst John Pescatore
Learn how to improve security and usability by safely removing
the constraints of traditional perimeter security products. Read
an interview with one of the leading authorities on Information
Security - John Pescatore, Vice President and Distinguished
Analyst at Gartner. It addresses the most significant security
challenges facing IT organizations.
http://www.fattail.com/redir/redirect.asp?CID=110009
_______________________________________________________________
GARTNER'S SECURITY HYPE-O-METER
What is hype and has it influenced your network security
efforts? At a recent Gartner security summit, analysts described
what they say are "The Five Most Overhyped Security Threats,"
risks that have been overblown and shouldn't be scaring everyone
as much as they seem to be. For more, click here:
http://www.fattail.com/redir/redirect.asp?CID=109835
_______________________________________________________________
Today's focus: Lend me your ears
By M. E. Kabay
When screening large numbers of people, linking identification
to real-world identity (that is, authentication) is a tough
problem. As readers probably know, there are four basic methods
for authentication:
* What you know that others don't (e.g., passwords).
* What you have that others don't (e.g., tokens such as keys or
smart cards).
* What you do that others can't (e.g., the way you sign your
name or the phrase on a keyboard).
* What you are that others aren't (e.g., your fingerprints,
retinal patterns, iris characteristics, or face).
Passwords don't work very well for crowds. Tokens are used all
the time - consider airline tickets and passports - but in
today's digital scanning and printing world, they are easy to
counterfeit (I'll be looking at new mechanisms for safeguarding
passports in another article).
A report last year by Jonathan Krim of the Washington Post
pointed out that facial recognition systems using photographs
can have serious problems: "... [F]ederal researchers who have
tested face-recognition technology say its error rate is
unacceptably high - up to 50% if photographs are taken without
proper lighting." <http://www.networkworld.com/nlsec4671> An
American Civil Liberties Union (ACLU) report revealed that in
face recognition trials at the Palm Beach Airport in 2002,
"...the system failed to match volunteer employees who had been
entered into the database fully 503 out of 958 times, or 53% of
the time."
<http://www.aclu.org/Privacy/Privacy.cfm?ID=10340&c=130>
Unlike fingerprint and retinal scans, both facial and ear
recognition can be relatively non-intrusive, requiring little
interference with or involvement by the subject (no physical
contact or unusual procedures such as staring into a lens).
Iris recognition is another biometric technology that has
required some cooperation by the subject; however, there have
been reports that new technology should permit iris recognition
at a distance. Tabassum Zakaria, reporting for the Australian
Broadcasting Corporation in 2003
<http://abc.net.au/science/news/stories/s982770.htm> quoted U.S.
CIA officials as working on new biometric systems with a
ten-fold improvement in recognition rates.
A July 14, 2005 report by Duncan Graham-Rowe explains that
University of Southampton (U.K.) biometrics researcher Mark
Nixon is finding that ears may provide excellent features for
biometric identification systems
<http://www.newscientist.com/channel/mech-tech/dn7672>. Nixon
points out that ears are relatively stable compared with other
facial features and do not change with people's expressions. His
initial trials used pictures of 63 people and found 99.2%
accuracy - an error rate much lower than for facial recognition
systems.
So unfortunately for us in the snow belt, ear muffs may
eventually be seen as threats to security.
The top 5: Today's most-read stories
1. Questions dog Cisco routers
<http://www.networkworld.com/nlsec4672>
2. First family of Windows Vista viruses unleashed
<http://www.networkworld.com/nlsecuritynewsal4592>
3. Anti-spyware firm warns of massive ID theft ring
<http://www.networkworld.com/news/2005/080505-id-theft.html?t5>
4. Crashing the 'Net
<http://www.networkworld.com/columnists/2005/080805buzz.html?t5>
5. Cisco vulnerability posted to Internet
<http://www.networkworld.com/nlsec4417nlsecuritynewsal4489>
_______________________________________________________________
To contact: M. E. Kabay
M. E. Kabay, Ph.D., CISSP, is Associate Professor in the
Division of Business and Management at Norwich University in
Northfield, Vt. Mich can be reached by e-mail
<mailto:mkabay@norwich.edu> and his Web site
<http://www2.norwich.edu/mkabay/index.htm>.
New information assurance journal - Norwich University Journal
of Information Assurance (NUJIA). See
<http://nujia.norwich.edu/>
_______________________________________________________________
This newsletter is sponsored by HP ProCurve
Network World Executive Guide: Getting Wireless Right
Wireless LANs move beyond data to voice and video
The WAN alphabet is constantly growing, as standards setting
bodies develop new protocols and technologies that will
transform wireless networks. Today, most everyone agrees that
with these new standards and new tools, airtight wireless
security is getting easier to accomplish. Get a
behind-the-scenes look at what cutting-edge users are doing and
the latest information on wireless security trends.
http://www.fattail.com/redir/redirect.asp?CID=109932
_______________________________________________________________
ARCHIVE LINKS
Archive of the Security newsletter:
http://www.networkworld.com/newsletters/sec/index.html
Security Research Center:
http://www.networkworld.com/topics/security.html
Instant sign-up for Security News Alert:
http://www.networkworld.com/isusecna
Instant sign-up for Virus & Bug Patch Alert:
http://www.networkworld.com/isubug
_______________________________________________________________
FEATURED READER RESOURCE
HARD WORK, GOOD PAY
According to Network World's 2005 Salary Survey, network
professionals are enjoying substantial increases in pay,
especially at the highest- and lowest-tier job titles. But are
those increases coming with higher titles, more work or both?
Find out if compensation alone is keeping network professionals
happy in their careers - or is something else? Click here:
<http://www.networkworld.com/you/2005/072505-salary-survey.html>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2
International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES
To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>
To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>
Subscription questions? Contact Customer Service by replying to
this message.
This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________
Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>
Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772
For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>
Copyright Network World, Inc., 2005
No comments:
Post a Comment