Presentation is loading. Please wait.

Presentation is loading. Please wait.

Identity cards and systems Professor M. Angela Sasse University College London Professor Brian Collins RMCS Shrivenham.

Published byJessie Blore Modified over 9 years ago

Similar presentations

Presentation on theme: "Identity cards and systems Professor M. Angela Sasse University College London Professor Brian Collins RMCS Shrivenham."— Presentation transcript:

1 Identity cards and systems Professor M. Angela Sasse University College London Professor Brian Collins RMCS Shrivenham

2 Headline issues Purpose of ID Card and ID database Purpose of ID Card and ID database Practical issues Practical issues –Enrolment processes –Identity verification –Limitations of Biometrics –Usability and acceptability –Social Issues –Trials Technology solutions Technology solutions –System architecture –Functionality –Cards and Tokens –Challenge processes –Registry data management –Security and data sharing Programme management Programme management

3 Purpose: “Reliable proof of identity ” Allowing citizens to prove their identity Allowing citizens to prove their identity Preventing terrorism and criminal activity, or at least making it harder Preventing terrorism and criminal activity, or at least making it harder Preventing illegal immigration and work Preventing illegal immigration and work Preventing access to services and payments from those not entitled (health, DWP) Preventing access to services and payments from those not entitled (health, DWP) Preventing access to post-16 education Preventing access to post-16 education Facilitating business transactions Facilitating business transactions Etc. Etc.

4 Enrolment processes Secure enrolment, and secure keeping of enrolment data, is crucial to validity of ID card and information from ID database Secure enrolment, and secure keeping of enrolment data, is crucial to validity of ID card and information from ID database Process of establishing ID at enrolment Process of establishing ID at enrolment –What documents or information is used? –Can staff tell whether documents are genuine? –What checking is done? –How will inconsistencies in exisiting databases be dealt with? –How long will it take to issue ID card? –Staff have to be trustworthy and reliable – how will they be vetted?

5 Verification processes Wide range of usage scenarios: Wide range of usage scenarios: –Bobby on the beat –Airport security –Hospitals –GP’s surgery –Bank –Library –Video hire

6 Technology solutions Card technologies are rapidly changing Card technologies are rapidly changing Memory devices are becoming cheaper and widely available in a wide range of formats – why use cards? Memory devices are becoming cheaper and widely available in a wide range of formats – why use cards? Wireless access gives less intrusive reading capability – proximity devices Wireless access gives less intrusive reading capability – proximity devices Network security is vital for high level of confidence in transfer of personal data Network security is vital for high level of confidence in transfer of personal data Integrity of systems implementation and operation vital for good user experience Integrity of systems implementation and operation vital for good user experience

7 Biometrics No single biometric on which whole population can enrol No single biometric on which whole population can enrol –Permanent and temporary problems with finger and iris recognition –What to do with people who have problem with both? –Muslim women do not have to show face on photos? Face recognition has close to 100% enrolment, but low performance in field Face recognition has close to 100% enrolment, but low performance in field –Personal and environment factors –False rejection could lead to refusal of service, or slow down service to unacceptable level

8 Functionality Primary functionality is to record identity information at the point of enrolement and to re-verify identity when challenged. Primary functionality is to record identity information at the point of enrolement and to re-verify identity when challenged. Other functions are: Other functions are: –Prove rights for entitlement to services (identity not essential for that at the point of service delivery, only at point of rights enrolement) –Proof of personal attributes (age, sex, address) –Proof of nationality Card information and Registry information may be necessary for all or some of these functions, depending upon data and system architecture Card information and Registry information may be necessary for all or some of these functions, depending upon data and system architecture

9 System and Data architecture System and Data architecture Is the register one database on one machine or is it distributed across many machines Is the register one database on one machine or is it distributed across many machines What availability of service is required when: What availability of service is required when: –A large number of concurrent users are using the system (what number is expected?) –System upgrades are necessary –Failures of components occur What range of user terminals are expected to be able to access the system – PC, Mobile phone, PDA, Internet café, Bespoke system What range of user terminals are expected to be able to access the system – PC, Mobile phone, PDA, Internet café, Bespoke system How will the design avoid the system becoming a legacy of the future How will the design avoid the system becoming a legacy of the future Why is a national system better than a set of interconnected regional systems (cf Germany) Why is a national system better than a set of interconnected regional systems (cf Germany) How is data held and how will formats be kept up to date and data re-verified in case of systems failures How is data held and how will formats be kept up to date and data re-verified in case of systems failures

10 Security and data sharing Quality of data – who assesses relevance Quality of data – who assesses relevance Benefits and risks – to the citizen or the government departments concerned Benefits and risks – to the citizen or the government departments concerned Who sets standards for security – CESG? Who sets standards for security – CESG? How are these aspects audited and by whom and how often How are these aspects audited and by whom and how often How is the system protected against denial of service attack How is the system protected against denial of service attack

11 Data checking Who does this and against what standards Who does this and against what standards When biographical footprints are in another language than English, and maybe only in handwritten form, are there enough cleared people to carry out the work to the required standard When biographical footprints are in another language than English, and maybe only in handwritten form, are there enough cleared people to carry out the work to the required standard How are illiteracy and lack of biographical footprints to be dealt with How are illiteracy and lack of biographical footprints to be dealt with

12 Conclusions Ownership of information that supports identity is still a subject for debate Ownership of information that supports identity is still a subject for debate Technology of biometrics still not good enough for reliable verification Technology of biometrics still not good enough for reliable verification Systems issues are complex and unresolved Systems issues are complex and unresolved Expected benefits are yet to be supported by evidence Expected benefits are yet to be supported by evidence And yet – some way of improving identification of people is vital And yet – some way of improving identification of people is vital

Download ppt "Identity cards and systems Professor M. Angela Sasse University College London Professor Brian Collins RMCS Shrivenham."

Similar presentations

© 2010 IBM Corporation Doing More with Less A Strategy for Improving Trust in Identities in an Era of Tight Budgets November 2010.

© 2010 IBM Corporation Doing More with Less A Strategy for Improving Trust in Identities in an Era of Tight Budgets November 2010.
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
AFCEA TechNet Europe Identity and Authentication Management Systems for Access Control Security IDENTITY MANAGEMENT Good Afternoon! Since Yesterday we.

AFCEA TechNet Europe Identity and Authentication Management Systems for Access Control Security IDENTITY MANAGEMENT Good Afternoon! Since Yesterday we.
CSC 386 – Computer Security Scott Heggen. Agenda Authentication Passwords Reducing the probability of a password being guessed Reducing the probability.

CSC 386 – Computer Security Scott Heggen. Agenda Authentication Passwords Reducing the probability of a password being guessed Reducing the probability.
User Perception and Acceptance of Biometrics M. Angela Sasse Professor of Human-Centred Technology Department of Computer Science University College London,

User Perception and Acceptance of Biometrics M. Angela Sasse Professor of Human-Centred Technology Department of Computer Science University College London,
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
Secure Communication Architectures.

Secure Communication Architectures.
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
By Aidan Summerville.  The process inn which a person’s unique physical and other traits are detected and recorded by an electronic device or system.

By Aidan Summerville.  The process inn which a person’s unique physical and other traits are detected and recorded by an electronic device or system.
Www.mobilevce.com © 2005 Mobile VCE Securing the Future: Device & Service Security Stephen Hope, FT R&D UK Ltd on behalf of Nigel Jefferies, Vodafone Chair.

© 2005 Mobile VCE Securing the Future: Device & Service Security Stephen Hope, FT R&D UK Ltd on behalf of Nigel Jefferies, Vodafone Chair.
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.

1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
1 CISR-consultancy Challenges “Customer ask us what to do next” Keywords: “Customer ask us what to do next” From Policy to Practise The world is going.

1 CISR-consultancy Challenges “Customer ask us what to do next” Keywords: “Customer ask us what to do next” From Policy to Practise The world is going.
BioSec Biometrics & Security IST-2002-001766 © 2005 BIOSEC Consortium 1February 2005 BioSec Biometrics & Security Orestes SanchezBioSec Coordinator Telefónica.

BioSec Biometrics & Security IST © 2005 BIOSEC Consortium 1February 2005 BioSec Biometrics & Security Orestes SanchezBioSec Coordinator Telefónica.
Identity & Access Management DCS 861 Team2 Kirk M. Anne Carolyn Sher-Decaustis Kevin Kidder Joe Massi John Stewart.

Identity & Access Management DCS 861 Team2 Kirk M. Anne Carolyn Sher-Decaustis Kevin Kidder Joe Massi John Stewart.
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
SOA Security Chapter 12 SOA for Dummies. Outline User Authentication/ authorization Authenticating Software and Data Auditing and the Enterprise Service.

SOA Security Chapter 12 SOA for Dummies. Outline User Authentication/ authorization Authenticating Software and Data Auditing and the Enterprise Service.
Ronny Depoortere January 16th, 2012 Chisinau. Identification – Business Case The ability to uniquely identify citizens and foreign residents is the corner.

Ronny Depoortere January 16th, 2012 Chisinau. Identification – Business Case The ability to uniquely identify citizens and foreign residents is the corner.
Near Field Communication By Van Logan HTM 304. What is Near Field Communication Short range wireless communication technology between electronic devices.

Near Field Communication By Van Logan HTM 304. What is Near Field Communication Short range wireless communication technology between electronic devices.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Biometrics Kyle O'Meara April 14, 2008. Contents Introduction Specific Types of Biometrics Examples Personal Experience Questions.

Biometrics Kyle O'Meara April 14, Contents Introduction Specific Types of Biometrics Examples Personal Experience Questions.

Similar presentations

Ads by Google