Secure logging on by eye recognition

Hi Guys I am currently looking at software that will allow secure logging on by eye recognition. The area’s I think it may be usefull for are Banking, timesheet entry and any companies that may have had fraud from passwords being left on postit notes etc:, it will cut down on the password admin! Only allowing the recognised users to log on to the system, will chain them to the desk, but it will stop users lending thier username and password out! It will be simple, no changes to Navision just using C/Front. The user will simply hit a Navision Icon look into a camera and will be logged on the the system. This and a session killer would make for a quite secure system! The back end of the eye software is SQL 7, so it sit’s well with Navision. So do you guys think there is a good market or would I be wasting my time? David Cox MindSource (UK) Limited Navision Solutions Partner Email: david@mindsource.co.uk Web: www.mindsource.co.uk

We are currently working with a client that want to use fingerprint recognition for workstation login. This does not require Navision integration. The system create prescriptions so the company needs to make sure that a licensed pharmacist is sitting at the terminal. Perhaps another potential application. However, as NSC for 7+ years we have not run into this requirement much. Jim Hollcraft NCSD, NCSP, MCSE, CNE, MCP, MST aka Skater http://drilldot.com Unauthorized Navision News

Jim, for your login I’d suggest to have a look a the Siemens ID-Mouse. It’s an USB-mouse with integrated biometric (fingerprint) sensor and allows the NT/2000 login with your fingerprint. If necessary, I’ve a link for further infos. Torsten

quote:


Originally posted by David Cox: Hi Guys I am currently looking at software that will allow secure logging on by eye recognition. The area’s I think it may be usefull for are Banking, timesheet entry and any companies that may have had fraud from passwords being left on postit notes etc:, it will cut down on the password admin! [snip] The back end of the eye software is SQL 7, so it sit’s well with Navision. So do you guys think there is a good market or would I be wasting my time? David Cox MindSource (UK) Limited


It sounds great! I am not sure what you would do about Navision’s basic security system, which gives each user a USERID and an encrypted password (with the USERID being matched up to various security groups.) I suppose each user would still have exactly one USERID, but what do you do about the login process? Do you have the biometric verification BEFORE the regular login, wioth the regular login process left unchanged? That would add some security, but (it seems to me) it doesn’t prevent one legal user from signing in as another legal user once allowed onto Navision. Is there any way to get rid of the “traditional” Navision signon after the biometric signon? I don’t recall this part of the program being controlled by the C/SIDE objects: my impression (perhaps an uninformed impression) is that the login is handled by the Windows client program which is not modifiable through C/SIDE… ------- Tim Horrigan horrigan@aol.com Edited by - horrigan on 2001 Jun 14 23:37:27

Generally there are several security processes: I know something you don’t know - a password I have something you don’t have - a key, a card I am something you are not - an individual with unique fingerprints, eyes

quote:


Is there any way to get rid of the “traditional” Navision signon after the biometric signon?


Yes, of course: In NF >= 2.60 on w2k you can log-on using “Windows Authentication” rather than “Database authentication”. The only issue is that the USERID of Navision is the same as the login name to w2k. ------- With best regards from Switzerland Marcus Fabian

I recently had a laser operation called LASIK in order to rectify my short-sightness. So my question is does eye recognition software can handle this, since after the operation the cornea will be slightly reshape. tarek_demiati@ureach.com

quote:


Originally posted by Tarek Demiati: I recently had a laser operation called LASIK in order to rectify my short-sightness. So my question is does eye recognition software can handle this, since after the operation the cornea will be slightly reshape. tarek_demiati@ureach.com


I think the system works by using the different colors and patterns on your iris which are unique to each individual much like fingerprints. I am sure that your employer could record a new set of data for you after your surgery— if they have their act together. That is one of the potential big problems with any security system: i.e., keeping the syetm up to date. This is why systems with passwords, keys, security badges, etc. often fall apart: you end up with people who need access who for one reason or another can’t get authorized in a timely fashion to get in, so you start leaving the doors unlocked, swapping passwords, etc. A biometric system is handy as a way of enforcing a certain degree of reasonable discipline: Tarek can use David’s keys, password, etc. without getting his own security authorizations, but he can’t borrow David’s eyes; hence, if Tarek needs to use the system, we must create a record for him in the security database. ------- Tim Horrigan horrigan@aol.com

Thanks for your replys. I am hope that in C/Side I can open the database by servername,UserId,Password this would the not bring up the loggon dialog, the same as the ODBC?. The Biometric software is ODBC, but from what I read here, Navision is not very good in this area! An applet would read your eye, retreive your username and password then open Navision with this information! The Boimetic’s database would create the passwords and populate the USER table, via c/side, the administrator would set-up & control the permissions. I am able to look into the camera here and register my biometic signature on the sever in the US, over the web, the pattern is encrypted here and un-encrypted in the US, the client requests a nonce from the US server, the clent software reads the eye encrypts the information compresses it and sends it to the server, and has a limited time to pass the information back before the nonce expires. So if you had Navision running over the web, you could have a camera at each site, country, Customer to authenticate the user’s for a secure site, page etc: The fingerprint method, from the feedback I have had is not very good as the signature is to small. The biometric software can also be used for document security, intranet etc: Microsoft are also looking at biometrics for a later release, so I think it is worth a bit of investigation! David Cox MindSource (UK) Limited Navision Solutions Partner Email: david@mindsource.co.uk Web: www.mindsource.co.uk

David, Check this : http://straitstimes.asia1.com.sg/world/story/0,1870,61557,00.html tarek_demiati@ureach.com