|
Product Type: Biometric Technologies
Certificate Details: 2003/31, October 2003
Assurance Level: EAL2
Evaluation Facility: CMG [opens new window]
Manufacturer: Iridian Technologies, Inc.
Web: www.iridiantech.com
Partner: Argus Solutions Ltd
Level 10, 55 Lavender Street
MILSONS POINT NSW 2061
Phone: (+61) 2 9963 7300
Fax: (+61) 9460 3988
Web: www.argus-solutions.com
|
The Iridian KnoWho Authentication Server and Private ID form a
biometric identification and verification system, based on iris
recognition technology. The system provides an organisation with
the flexibility to perform identification and/or verification of
individuals for controlling access to sensitive IT assets. Identification
seeks to answer the question "Who is the individual?"
by attempting to match a supplied biometric sample of an individual
with any one of the set of enrolled biometric templates (a one to
many process). Verification seeks to answer the question of "Is
the individual who they claim they are?" by attempting to match
a supplied biometric sample with a single claimed biometric template
(a one to one process) referenced by an identification number.
Panasonic Authenticam or LG-2200 cameras are used to capture a series
of digital images of the individual's eye. The PrivateID software
implements countermeasures to ensure captured images have not been
forged and are of sufficient quality. Images are then securely transmitted
to the KnoWho Authentication Server, which generates an IrisCode
from the data for comparison against one (verification) or all (identification)
stored biometric records.
In order to be identified or verified by the KnoWho Authentication
Server, an individual must first be enrolled by the organisation
using the Enrolment Application. Enrolment is a supervised process
where the camera and PrivateID software capture a series of digital
images of the individual's eye. As in the recognition process, suitable
images are selected and sent across to the KnoWho Authentication
Server, where a unique IrisCode is generated and sent to a database
for secure storage. Before storage, a fraud screen identification
process is executed to ensure that a second identity cannot be enrolled
with the same IrisCode template. The KnoWho Authentication Server
does not store personal data, but does index a stored IrisCode template
with a Customer Identification Number (CIN) thus preserving an individual's
privacy.
The KnoWho Authentication Server generates an audit trail of all
authentication and security relevant events appropriate to the biometric
application, and all biometric audit data is securely stored within
a database, accessible only by the administrator. Additionally,
the KnoWho Authentication Server includes a Maintenance Application,
which provides functionality for management of server security features.
In summary, the KnoWho Authentication Server and Private ID software
enable an organisation to develop applications which can set and
enforce access control policies based on a physiological biometric
('something you are') rather than the traditional use of passwords
('something you know') and/or tokens ('something you have').
|
