TRENDING:

Simplifying Biometrics Access

New Protocol Enables Wireless, Secure Biometrics Capture Eric Chabrow (GovInfoSecurity) • May 3, 2012    
Simplifying Biometrics Access

A web services protocol that simplifies setting up and maintaining secure biometric systems to verify an individual's identity has been created by computer scientists at the National Institute of Standards and Technology.

See Also: Organisations Vulnerable to Insider and Cyber Threats: Misuse of SSH Keys

Known as WS-Biometric Devices, or WS-BD, the protocol allows desktops, laptops, e-tablets and smartphones to access sensors that capture biometric data such as fingerprints, iris images and face images using web services.

Current biometrics systems generally have proprietary, device-specific drivers and cables, making it more cumbersome to interconnect devices. Not so with systems adapting WS-BD.

Web services, which provide standardized communications among devices, don't require knowledge of proprietary facial, iris and fingerprint scanners, which could frustrate those trying to connect them to computers that perform biometrics analysis, NIST Computer Scientist Matt Aronoff said in a video demonstrating WS-BD. Plus, Aronoff said, with web services, biometric scanners and devices providing the analysis don't have to be at the same location because they're linked wirelessly.

In the NIST video, Aronoff shows how images from fingerprint and facial scans can easily and wirelessly be transferred to an Apple iPad tablet. Aronoff uses his finger to move images of the scans across the iPad screen. "From an operator's perspective," Aronoff said, "they don't have to learn anything new to control a new kind of biometric sensor. They all work exactly the same."

NIST_biometrics_620

Employing the new protocol could save organizations money. If a biometric sensor breaks in a proprietary system, it could be expensive and time-consuming to fix the problem. Finding a replacement sensor could be difficult because manufacturers change product lines or phase out previous generation devices. Kevin Mangold, another NIST computer scientist, pointed out that a few broken devices could entail having to rebuild the entire system, upgrade devices and drivers that may be incompatible with host operating systems and retrain personnel.

The new protocol, Specification for WS-Biometric Devices, can be found in NIST Special Publication 500-288. More information can be found at NIST's biometrics webpage.

Previous
UK Health Board Fined Over Breach
Next
Global Breach: Did It Start in 2011?

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.



Around the Network

Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
Properly Vetting AI Before It's Deployed in Healthcare
Properly Vetting AI Before It's Deployed in Healthcare
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.