Information technologies are becoming more diverse and
pervasive, but your personal data is under risk. Today everyone is talking
about a fact, that such aspect of informational security as user authentication
needs a reliable security facilities. That is why the method of two-factor authentication
became very popular, so it means that the recognition of user is not by one parameter
(a personal password, smart card,
fingerprint, etc.) but using some of them ( two) provided at the same time when
you are logging in or when you request an
access to a certain service. In this article we will focus on the material
which was presented at the conference Fujitsu World Tour 2014, in which the
method of two-factor authentication based on contactless RFID-cards and palm
vein pattern scanner Fujitsu Palm Secure and also about Palm Secure technology.
Wherever we go - to the bank, a fitness center, a private
clinic - everywhere we are surrounded by these or other methods and
authentication technologies. The simplest example - your passport to work
certainly includes a small RFID-mark, which contain information about you as an
employee of the company. More advanced methods are spreading, for example, in
some cash machines in Europe, where in addition to the PIN code your identity
is confirmed by fingerprint or using vein pattern scanner Fujitsu PalmSecure. And
such a scanner can be found at the entrance to the fitness center (a similar
system installed in fitness clubs UK Gym EasyGym): it is enough to have a RFID-cards fitness club and
bring your hand to the PalmSecure sensor and you will immediately be dropped
inside.
Today we tell about real existing solution, in which
this technology has been successfully applied
Terminal with public access
Of course, in addition to the above examples, there
are many other ways to the effective application of picture PalmSecure scan technologies
. One of such examples is presented «touch-sensative kiosk » ( terminal of public access, TPC) - a joint project of
Zorgtech (designing and assembly of
the complex), Indeed ID and Fujitsu, equipped with a Fujitsu PalmSecure palm scanner
and reader of contactless RFID-cards.
What is touch-sensative kiosk in general? Typically, this is a hardware-software complex,
collected on a personal computer equipped with a touch screen and is designed
to give the user a variety of information without staff.
Similar touch- sensative kiosks
are becoming more popular and are used almost in all areas of the business, ranging
from clinics, universities, government agencies and finishing shops. And of
course, that in all areas of such complexes is reliable user authentication
what is very essential to the
successful functioning.
Identification technology PalmSecure, as
one of the authentication methods in this project was chosen by the company
Indeed ID because of the significant advantages over the fingerprint reader.
A fingerprint scanner for reading uses a direct finger contact with the
sensor what is actively leads to its
rapid contamination and the need for frequent maintenance.
For touch-screen kiosks described above
problem is particularly relevant, because installed in public places (for
example, in transport hubs - railway stations, airports, etc.) or in the offices
of large corporations, such terminals will use more than one hundred people. It
is easy to imagine what in this case will be with a fingerprint scanner. Scanning palm devoid such
drawbacks - the palm is not in contact with the scanning surface of the device
during operation.
Using the project RFID-cards enabled to
get several advantages:
·
Adding
an additional factor to the authentication scheme. As a result, authentication
is two-factored : on the map( what is the user have) and and palm (who the
user is) .
·
The
authentication procedure is simplified by the fact that you do not need to
enter your name - it is automatically determined by the contactless card.
Supplier of software for this was the Indeed
ID company. Its software solution Indeed Enterprise Authentication (Indeed
EA) provides the ability to use strong authentication technologies in access
to resources domain Microsoft Active Directory. System frees users from remembering
and keeping passwords in secret and
eliminates the manual entry of a password from the keyboard. This allows you
to improve the efficiency of the terminal, to reduce information security
risks, significantly reduce the number of help desk (by minimizing the number
of incidents «forgot password» and «locked account») and ultimately reduce
the cost of maintenance of the infrastructure.
If in the terminal is public access, software
Indeed EA will function in kiosk mode. A special feature of this mode is that
the terminal is used by a large number
of users and working sessions switch between them must be carried out very
quickly. For convenience in this mode is used contactless smart card (RFID)
and an additional scanner palm vein pattern. Script access to the required
services looks as follows:
1. User Authentication window appears
Indeed Enterprise Authentication (IEA), offering his hand to make the
scanning device and the card to the reader.
2. After 2 of the transactions by the user,
IEA automatically detects and transmits the user name received from the user
authenticator to the server for verification.
3. Machining application server receives an
authentication request, retrieves from the database reference authenticator
user performs a comparison with the provided data and logs the corresponding
event. If authentication is successful, the server returns the terminal to
the user's password to log into thedomain.
4. After getting the password from the server, the terminal
authenticates the user in the domain, and he has access to the requested
service.
5. After using the terminal when the user
picks up the card, the terminal produces output from the system and returns
to standby mode.Thus, the authentication procedure is
extremely simplified, which eliminates conflicts at this stage. The user
accesses the terminal is identified through a contactless RFID-cards,
confirms his identity through the palm scanner Fujitsu, after which the
system will boot and provides access to the necessary information resources.
Recognition technology by scanning the
palm vein pattern Fujitsu PalmSecure can be applied in many different areas
of the business as one of the most reliable, fast and accurate method of
authentication. If you consult Fujitsu, you can get detailed information
about the possibility of using it in your business and book a suitable
scanner model PalmSecure in the required amount, thus receiving full
technical support for the product.
|
No comments:
Post a Comment