Enhancing Information Systems Security Through Biometrics October 2004 Security Strategy for a...
-
Upload
philip-mills -
Category
Documents
-
view
214 -
download
0
Transcript of Enhancing Information Systems Security Through Biometrics October 2004 Security Strategy for a...
Security Strategy for a Biometrics Deployment
Catherine Allan, M.A., CISSP, CDAllan Security and Privacy Consulting Inc.
Agenda
• Context• Issues• Assets• Principal Threats• Security Requirements• Security Model• Security Risk
Management Strategy
Why a security strategy?
• Complexity and scope• Status of study• Performance of
technology• Decisions
Context: The Challenge
• Technology study• Business
requirements• Real world
deployments• Scope• Complexity
Security Requirements
• Reference biometrics– Authenticity– Availability– Confidentiality
• Technology and Processes– Enrolment– Identification– Verification
Security Model
Impact of Safeguards
Business/ Technology
Match
Program Integrity
Systems and processes
Reference biometrics
A S S
E T
S
Security RM Strategy
Programs
Client Continuum
Systems and Processes
Reference Biometrics
Test: Accuracy, Functionality, Performance …
Design, Functionality, Safeguards …
Cross Program Requirements:
Facilitation, Life Cycle ….
Security RM Strategy
Programs
Client Continuum
Systems and Processes
Reference Biometrics
Security Plan
System TRAs
TRAs
Test: Accuracy, Functionality, Performance …
Design, Functionality, Safeguards …
Cross Program Requirements:
Facilitation, Life Cycle ….
RM Continuum