Biometric Authentication Essay Example | Topics and Well Written Essays - 1750 words

Biometric Authentication - Essay Example This kind of authentication is what is referred to as biometric authentication. The security of a nation is very sensitive and therefore military bases and locations of security valuables need to be under 24 hour surveillance to ensure that there is no breaching in the perimeter. Ministries of defense in various developed countries have therefore employed biometric authentication in their military bases to restrict access to only authorized personnel and not just anyone. This paper will be assessing biometric authentication in the context of Ministry of Defense and its necessities, alternatives, weaknesses and strengths among other pertinent issues. Why is a dedicated biometric "solution" needed? Briefly and critically review leading edge approaches to role based authentication. What alternative solution(s) are applicable to this context of use? Provide their distinction(s) to rule-based authentication mechanisms. The biometrics technology does not go without fault as it has been ter med as both a promising and disruptive technology. The inapplicability of the current authentication services deem a dedicated biometric solution extremely necessary. ... It should also be unique to a particular person. Another important factor is permanence. This is in relation to the manner in which the biometric changes over time. Role-based access control is a concept of two extremes. At one end, it is simple while the other end is characterized by sophistication. According to the NIST model (Ferraiolo et.al, 2007), there are four sequential approaches to role based authentication. The sequence is arranged in terms of increasing functional capabilities. The first is the flat role-based access control. It embodies the essential aspects of role based access control. According to this approach, permissions and users are assigned to roles and therefore for a user to gain permission, it is necessary for them to be part of a role. It is however key to note that many roles can be assigned to one user while one role can be assigned to many users. The second is hierarchical role based access control. This level adds a requirement which supports the hierarc hy in that the senior staff gains permission of the juniors. This approach has two levels. The first level is general hierarchical role-based authentication. In this case, there is support for an arbitrary partial order to serve as the role hierarchy. In the second level, restrictions may be imposed in the role hierarchy by the system and this level is referred to as restricted hierarchical role-based authentication. The third approach is constrained RBAC. Separation of duties, a technique that existed before the computer to reduce the possibility of fraud and accidental damage, is added as a requirement in this approach. There are two ways in which separation of duties can be implicated and they are static, and dynamic