|
Biometric protection of the information Biometric technology - most appreciable of last achievements in the field of methods of identification and the access control to the information. In article some results of analytical research of a current state and prospects of development of the Russian market of biometric protection frames of the information are resulted. As shows the analysis of the modern Russian market of means of safety, in development of the industry of safety the new stage today was designated. On the general background of the stabilised market modern systems of identification of the person and information protection most dynamically continue to develop. The special attention is involved in themselves with biometric protection frames of the information (БСЗИ) that speaks their high reliability of identification and the considerable decrease in their cost reached recently. Classification of modern biometric protection frames of the information Now the domestic industry and a number of foreign firms wide enough set of various control devices of access to the information is offered, and the choice of their optimum combination in each specific case grows in an independent problem. In the Russian market now are presented both domestic, and import БСЗИ, exist and in common developed means. On design features it is possible to note the systems executed in the form of a monoblock, several blocks and in the form of prefixes to computers. The comparative analysis shows that the most reliable monitoring systems of access to the information in which cards are not used, keys, counters, passwords and which cannot be stolen or lost, are biometric monitoring systems of access to the information. Being the most expensive, they provide also the highest level of safety. Earlier they basically were used in official bodies and there where special demands are made to safety. Now biometric monitoring systems of access to the information win popularity in banks, the firms connected with safety in telecommunication networks, in information departments of firms etc. It is possible to explain expansion of application of systems of this type both decrease in their cost, and increase of requirements to safety level. Similar systems in the Russian market have appeared thanks to firms Identix, SAC Technologies, Eyedentify, O’gara security international, Biometric Identification Inc., Recognition Systems, Trans-Ameritech, "Edvans", "AAM Sistemz", «Polmi of groups», "Masky", etc. Condition of Russian market BSKDI The number of modern biometric monitoring systems of access to the information includes check systems under the form of a brush of a hand, drawing of a skin of fingers, a retina or an iris of the eye of an eye, a photo of the person, dynamics of the signature and on a voice. All biometric systems are characterised by high level of safety first of all the data used in them cannot be lost the user, are stolen or copied. Owing to the principle of action biometric systems for the present differ rather small speed and low throughput. Nevertheless they represent the unique decision of a problem of the control of access on especially important objects with the small personnel. For example, the biometric system can supervise access to the information and storehouses in banks, it can be used at the enterprises occupied with processing of the valuable information, for protection of the COMPUTER, a communication facility etc. By estimations of experts, more than 85 % of the means of the biometric control of access established in the USA intended for protection of machine halls of the COMPUTER, storehouses of the valuable information, the research centres, military installations and establishments. The greatest application biometric systems of protection now have found the information using identification of the person on a fingerprint. In particular, access monitoring systems to information TouchLock of American firm Identix are based on registration of such individual sign of the person, as a hand fingerprint. The three-dimensional fingerprint written down in the form of a control image is scanned by optical system, analyzed, digitized, stored in memory of the terminal or in memory of the operating computer and used for check of everyone who gives out itself for the authorised user. Thus in memory of the device does not contain real fingerprints that does not allow to steal them to the infringer. Typical time of entering in memory of one control fingerprint makes 30 with. Everyone brought in memory of the terminal the authorised user keys a PIN-code of terminal TouchLock and passes a stage of check of the identity, occupying approximately 0,5-2 with. Under one PIN-code the sample of a print of one finger is usually stored, but is in certain cases possible аутентификация on prints of three fingers. At coincidence of shown and control prints the terminal gives a signal on an actuation mechanism: the electrolock, a sluice etc. Terminal TouchSafe TS-600 is intended for providing of access to servers, computers etc. It consists of the touch module and a payment which is inserted in слот (ISA 16 bits) the computer. For the organisation of a network variant of work terminal TouchNet providing speed of an information transfer to 230,4 Kbod at length of a line to 1200 m. For the organisation of network work by firm Identix is used the special software (system Fingerlan III) is developed. In the Russian market the specified biometric systems are offered now by company Trans-Ameritech. Program characteristics: System TouchLock guiding price makes 2000$ that for systems of the given class is the optimum price. For protection of the computer information company Trans-Ameritech offers more simple and cheap (all for 600-700$) system of the biometric control of access to computer information SACcat. System SACcat of manufacture of firm SAC Technologies consists of a reading device, the transformation and software device. The reading device represents the external compact scanner on a basis оптикоэлектронного the converter with the automatic illumination, having light indicators of readiness and scanning process. Scanner connection to the transformation device is carried out by means of two cables (Video and RJ45) which are intended for transfer of video signal and for management accordingly. The transformation device carries out transformation of video signal and its input to the computer, and also management of a reading device. Structurally system SACcat can be connected or as internal (through an ISA-card), or as external (through parallel port EPP or USB). System SACcat and software SACLogon supervise access to workstations and servers Windows NT, and also to the corresponding resources protected парольной by system Windows NT. Thus the system administrator still has possibility to use usual (not a BIO-key) the password registered in Windows NT. The system is capable to carry out effective protection against unapproved access for networks of the financial organisations, the insurance companies, medical institutions, networks of various commercial structures, individual workstations. It is necessary to notice that now means of automatic identification of the person on drawing of a skin of a finger are most fulfilled and offered by many foreign firms for use in БСКДИ (especially in computer systems). Among them, except considered above, it is possible to note the device of identification SecureTouch of firm Biometric Access Corp., firm American Biometric Corp device BioMouse., the block of identification Fingerprint Identification Unit of firm Sony, firm National Registry Inc device Secure Keyboard Scanner., Etc. the Specified means are connected directly to the computer. Their basic feature is high reliability at rather low cost. Firm Eyedentify (USA) offers the biometric monitoring systems using as an identification sign a pattern of a retina of an eye for the Russian market. At work the eyeball of the checked is scanned by optical system and angular distribution of blood vessels is measured. For registration of a control image 40 byte is required nearby. The information received thus is stored in memory of system and used for comparison. Typical time of authorisation makes less than 60 with. Now in the Russian market three realisations of the considered method are offered. Device EyeDentification System 7,5 allows to carry out the entrance control with regulation of time zones, listing of messages in a mode of real time, conducting magazines of passes, etc. This device has two operating modes: check and recognition. In a mode of check after a PIN-code set there is a comparison of the image stored in memory of the controller with the shown. Check time makes no more than 1,5 with. In a recognition mode there is a comparison of a shown image to all being in memory. Search and comparison occupies less than 3 with at total of images 250. At successful authorisation the relay automatically becomes more active and the signal on the executive mechanism directly or through the operating computer is given. The sound generator specifies a device condition. The device is supplied by the 8-sign ZHKI-DISPLAY and the 12-push-button keyboard. Capacity of non-volatile memory - till 1200 images. The second realisation of the considered method is system Ibex 10 which unlike device EyeDentification System 7,5 is characterised by execution of the optical block in the form of the mobile chamber. The electronic block is established on a wall. All other characteristics coincide. The third realisation of a method of identification on a pattern of a retina of an eye is one of the newest workings out of firm Eyedentify - device ICAM 2001 presented at last exhibition of means of protection and safety MIPS-99. In device ICAM 2001 the chamber with an electromechanical sensor control which from small distance (less than 3 sm) measure natural reflecting and absorbing characteristics of a retina is used. The user only looks one eye at a green circle in the device. For record of a picture of an eye retina radiation of a bulb by capacity 7мВт with the length of a wave 890 sm generating radiation in close to infra-red area of a spectrum is used. Retina identification is made under the analysis of the data of the reflected signal. The person can be identified with absolute accuracy from others 1500 less than for 5 seconds. One device ICAM 2001 if it is established independently, possesses a memory size on 3000 persons and 3300 perfect actions. At use as a part of a network of restrictions for work in a mode of preservation of the information and the reporting does not exist. All three considered realisations can work as independently, and as a part of network configurations. Despite the big advantages of this method (high reliability, impossibility of a fake), it possesses a number of such lacks which limit areas of its application (rather big time of the analysis, high cost, the big dimensions, not so pleasant procedure of identification). The specified lacks device HandKey widely enough presented in the Russian market (хэндкей), using as an identification sign palm parametres is deprived. This device represents a design (hardly more telephone set) with a niche where the checked puts the hand. Besides, the device has the minikeyboard and the liquid crystal screen on which the data about identification is displayed. Authenticity of the person is defined on a palm photo (in a digital form), thus the hand picture is compared with the standard (the former data). At the first registration the personal code which is brought in a database is entered. The hand in the device is photographed in ultra-violet radiation in three projections. The received electronic image is processed by the built in processor, the information is compressed to 9 byte which can be stored in a database and to transfer on systems of communications. The general time of procedure makes from 10 with to 1 mines though identification occurs for 1-2 with. In this time хэндкей verifies characteristics of a hand with earlier certain data, and also checks restrictions for this user if they exist. At each check the kept information automatically is updated, so all changes on a hand of the checked are constantly fixed. Хэндкей can work in an independent mode at which it is capable to remember 20 000 various images of hands. The planned schedule can be stored in its memory for a year in which to within a minute it is possible to specify when to this or that client access is resolved. Designers of the device have provided also possibility of its work with the computer, connections of the scheme of management by the lock, its options for emulation of standard devices of reading of credit cards, joinings of the printer for conducting the report of work. In a network mode to хэндкею it is possible to connect about 31 devices with line total length (twisted pair) to 1,5 km. It is necessary to note and such feature of the device, as possibility to build in it in already existing control system of access. The basic manufacturer хэндкея - company Escape. The analysis shows that in the Russian market the identification device under the image of a palm of a hand has good prospects if to consider simplicity of operation, high reliability and low enough price. Depending on concrete conditions the combined monitoring systems of access, for example, contactless devices of reading of cards are often enough applied at an input and an exit from a building in a combination to the access monitoring system on a voice in zones of processing of the classified information. The best choice of necessary system or a combination of systems can be made only on the basis of accurate definition of current and perspective requirements of firm. So, for example, for improvement of operating-technical characteristics in system of protection of the information "Boundary" the combination of methods of identification on dynamics of the signature, a spectrum of speech and the personal code which has been written down in an electronic key of type Touch memory is used. Now biometric control devices of access actively enough take root on the Russian market of safety. Except the means which have occupied a firm position in the analyzed segment of the Russian market, some foreign firms offer also biometric control devices of access to other biosigns which reliability of identification else definitively has not proved to be true. Therefore optimum choice БСЗИ from the means presented in the market, is enough difficult problem for which decision following basic technical characteristics now are used: Taking into account likelihood character of key parametres the great value has volume of sample (statistican) at which measurements are made. Unfortunately, this characteristic usually is not underlined firms-manufacturers in accompanying and advertising documents that complicates a choice problem even more. In таб. 3 average values of the basic technical characteristics БСЗИ different by a principle of action are resulted. The analysis of Russian market BSZI has shown that now on it rather wide spectrum of devices of identification to the biometric signs, different from each other on reliability is presented, to cost, speed. The basic tendency of development of biometric means of identification is constant decrease in their cost at simultaneous improvement of their technical and operational characteristics. Prospects of development of Russian market BSZI Tendencies of development of the Russian market are precisely enough predicted by results of the world market analysis as the import technics occupies an essential part of Russian market BSZI. Under forecasts of foreign experts, with 1997 for 2001 the general investments in БСЗИ will increase in 7 times (with 24 to 155 million dollars). In 2000 of system of the physical control of access will continue to remain the basic sphere of application of biometric means at simultaneous increase in the sector connected with protection of the data. In таб. 4 perspective foreign biometric control devices of access are resulted in the information which probabilities with high degree can appear in the near future in the Russian market. Now biometric technologies actively develop, therefore very actual and a challenge for users there is a problem of an optimum choice. For a reliable choice of the optimal means results of certified tests are used. In particular, certification БСЗИ defines reliability of identification of users, an overall performance, time of the analysis and other parametres. Tests are spent by the International association on computer safety (International Computer Security Association, ICSA). On a number of biometric control devices of access to the computer information researches and models which have taken place necessary tests are already conducted, recommended to the further distribution. The certificate was received only by six products after the researches spent to laboratories and in the conditions of real operation. It is necessary to notice that specified in таб. 5 means of protection of the information have been selected as a result of the careful analysis from a considerable quantity of models. So, for example, in directory Biometric Industry Product Guid (the Management on products of the biometric industry), let out ICSA, is resulted the description of 170 systems, allowing to make identification of users on their unique physical parametres. Representatives ICSA as well as other independent users, give an appreciation to the tested products. Now as in Russia, and works on creation new БСЗИ and to search of new biometric technologies abroad are actively conducted. Working out of means of the identification using such individual signs as a code of DNA, characteristics of the cardiogramme, a smell, gait, etc. However the specified means possess still variety of lacks (instability of results, low reliability, etc. is planned.) also are not ready yet for wide introduction. The basic directions of practical introduction of the considered means of the biometric control of access to the information now are: Modern possibilities of biometric technologies already provide today necessary requirements on reliability of identification, simplicity of use and low cost of the equipment of protection of the information transferred on telecommunication networks. Realisation of biometric prefixes to computers under the prices of an order of 100 dollars and more low provides good preconditions for considerable activization of new electronic technologies, including electronic trade. Certainly, journal article cannot apply for completeness of research, in it the most interesting are presented, according to the author, the means, however the carried out analysis of Russian market BSZI with all definiteness has shown that the biometric technology - last achievement in the field of identification allows to realise today already the most reliable methods of protection of the information and is one of the most perspective the next years.
|
|