Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid
 
PerlMonks  

Re^4: Biometrics with perl

by TedPride (Priest)
on Oct 04, 2004 at 05:51 UTC ( [id://396124]=note: print w/replies, xml ) Need Help??


in reply to Re^3: Biometrics with perl
in thread Biometrics with perl

The purpose of temperature and blood gas are to verify that the thing touching the sensor area is actually human, not to pick out which human. Admittedly, temperature varies according to outside temperature, so that idea should probably be scrapped, but blood gas is still valid.

As for digital photographs of the finger, it's easy to mount the scanner inside a hole and take a picture whenever someone sticks their finger (or anything else) inside. if you make it so pass code has to be entered before fingerprint scan, all useless photos can pretty much be eliminated, as anyone who puts their finger inside before the passcode is entered (or more than x seconds afterwards) is just screwing with the security guy.

Weight plate is not just raw weight, but also how the person stands. Someone who weighs 180 pounds is going to stand slightly differently from someone who weighs 160 but is carrying 20. Weight might vary up to 3-5 pounds either way in a single day, but since weight and current stance are updated daily, you only have problems if someone who isn't naturally the same weight / stance stands on the plate - or if a legitimate employee is trying to run off with 5+ pounds of equipment.

There is no way to fake a retinal scan (at least to my knowledge) short of cutting out an eye and using it, and the eye will only be good for a short period of time due to breakdown of the microscopic blood vessels. Also, you can test for skin warmth and/or electrical field in the area surrounding the eye.

-------

As for RFID, it's ridiculously easy to borrow someone's ID card, substitute your own photo, and pass yourself through. Unless the security section is significantly more alert than the usual rent-a-cop, this is far less effective than even a fingerprint scan, which actually takes specialized knowledge and equipment to bypass. Not everyone can make gelatin fingers. RFID is admittedly an excellent way to track someone through the building once they've gotten inside, but I certainly wouldn't use it as the only entrance security check. Multiple methods is better, especially if you can keep one or two of them secret.

Replies are listed 'Best First'.
Re^5: Biometrics with perl
by Albannach (Monsignor) on Oct 04, 2004 at 14:47 UTC
    Yep, stealing a security card is always a good approach, but as an employee I'd rather have someone steal my card than my retina ;-). I think we can agree that security is not simple in any case, and I just like having the weaknesses up front where they are known and can be monitored.

    On that point, the bit you added about keeping measures secret (security through obscurity) is again something I'm not comfortable with, as assuming the bad guys don't know something is a horrible mistake. Secrecy as part of a security tool (e.g. keeping your password secret) is fine and necessary, but as a tool in itself it is not.

    --
    I'd like to be able to assign to an luser

[reply]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://396124]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others imbibing at the Monastery: (2)
As of 2024-04-25 07:30 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found