Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Re: Biometrics

From: "Eugene Kuznetsov" <eugene () datapower com>
Date: Fri, 15 Apr 2005 16:35:11 -0400
The whole point (and why I think it's important to continue 
this thread a bit past its due date) is that in the case of biometric 
authentication, the authenticator is *probably* more important to the user



than the thing being protected- especially when the attack is a 
denial-of-service attack (be it as a precursor to a new attack, or malice
because the attacker decides that if it won't work for them, it won't work



for you  either.).


Paul, that's a great way to summarize it, and reminds me to mention
something else I should've said in an earlier post -- compare this to the
asymmetry of the defense sector, where some of these biometric or bio-linked
technologies originated. 

Take the "nuclear football" handcuffed to the officer's wrist. This is a
case where the value of the wrist and its owner is viewed as much lower than
the country's strategic nuclear launch capability. Similarly, the biometric
technologies used for controlling access to very sensitive defense
facilities may have been deployed with full understanding of this tradeoff
between the value of the authenticator and the protected asset.  When this
same technology gets commercialized for protecting cars, the tradeoff is
neither considered nor appropriate. 

("Yes, General, we expect that someone may maim & kill the guard. That's
what happens to the poor guys on guard duty, but the photos of ***'s nuclear
facilities must be protected.")

("Yes, honey, I know your finger may get cut off and eye poked out, but we
have to take every measure to protect my new Mercedes SLK convertible. It's
worth it to me and to the country.")


\\ Eugene Kuznetsov, Chairman & CTO  : eugene () datapower com 
\\ DataPower Technology, Inc.        : Web Services security 
\\ http://www.datapower.com          : XML-aware networks   

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: