Presence establishment - the art of integrating where I am with what I am doing

Access & Identity Management Handbook 2007 Access Control & Identity Management

The establishment of presence can be defined as the verification of a subject or item’s presence at a specific location, at a specific point in time.

This presence can be the physical presence of a user at the specific location, or a virtual presence such as the presence of a laptop user in Mauritius logged into a VPN mainframe in Dubai. Virtual presence is a field of study all on its own, and will fall outside of the scope of this article. As such the focus will be on the verification of physical presence through subject interactive methodologies.

There are several technologies that facilitate the establishment of user presence. The uses of these techniques are determined by the challenge at hand, and differ greatly in their application. The common denominator of all the available solutions remains the efficiency and accuracy of the verification process. All of the techniques used require the use of a form of unique identification, either through a fact known only to the relevant user, or through the use of a device or physical feature unique to the user.

Protection via password

The most common method of proving presence is through the use of passwords. This method is cheap, easy to implement and requires very little user acceptance as it is non-intrusive and a traditional way of achieving identification. The reasoning behind the use of passwords is that only the relevant user knows the password and that the entry of the password at, for instance, a numeric keypad controlling an access point, proves the presence of the user at that point. This principle is, of course, flawed, as several factors defeat this objective. These factors include the problem that users can distribute their passwords to other users, making it common knowledge and defeating the purpose of such a system. There are also the more romantic issues such as electronic password compromise through system hacking, password injection and password prediction. These factors combine to prove that the establishment of presence through the use of passwords does not completely solve the challenge at hand.

It is commonly believed that the way to enhance the password-based identification method is by issuing the user with a password that the user does not actually need to memorise or even know. This is achieved through the use of mobile password storage devices such as smartcards, radio frequency tags and other such portable smart storage technologies. The user is required to carry the issued device and present the stored password at the specific location by interacting with a device related to the storage medium used – a user carrying a smartcard will swipe the card against a smartcard reader that will read the password stored on the card and initiate certain actions based on business rules.

The principle seems solid, as the user does not need to know the password stored on the card and, thus, cannot compromise the system by distributing the password to other subjects. In addition to this, longer and more complex passwords can be used, as the user is not required to memorise the codes, making it harder to compromise the system electronically. Unfortunately, this method also has some very serious flaws: the clearest of these are that the password is now situated on a physical object that can be stolen, ‘borrowed out’, or lost. A user can wilfully compromise the system by simply handing the card over to another subject. The card can also easily be stolen or lost and later found by another user. All of these factors challenge the use of portable passwords as a solution.

Protection passwords

Simple compromises to address these issues do exist, such as the combination of a password stored on a smartcard with a password known only to the user, but even these techniques are still dependant on user honesty, and can failed all too easily.

The most secure method to date is the use of a technology that cannot be communicated between system users, cannot be stolen or lost and cannot be easily duplicated or electronically compromised. This train of thought led to the creation of the biometric field of science, in which the principle is simple: find a physical trait of the relevant user that is unique and identifiable through electronic means.

This field of study has yielded several biometric technologies that include methods such as electronic fingerprint scanning, facial topology recording, facial feature recording, hand geometry calculation, optical vein mapping, iris vein pattern recording and even the use of voice harmonics. All of these technologies have already proven their worth in the market, and each carry arguments for and against the use of each. The field of biometrics does address the challenges outlined before by ensuring that the identity of the user cannot be mistaken or faked. The feature used to identify the user is a unique physical characteristic that cannot be removed or copied, and will always accompany the user, negating the problem of the user losing the identification mechanism. The technology does, however, face challenges as well: the average user experiences a sense of resistance against the use of these devices, as it is felt that it is intrusive. It also typically requires a more elaborate user enrollment or registration process than the alternative techniques. The informatics and architectural requirements of using biometric systems also require more elaborate, and will as a rule require a longer and more challenging commissioning phase.

Benefits of biometrics

Biometric identification does present the best solution for the establishment of user presence. Among the subset of technologies in this field, fingerprint recognition has the highest cost to efficiency ratio as it offers dependency for a price tag significantly cheaper than the other more sophisticated biometric technologies. It is also easier to implement, and less intrusive than, for instance, iris recognition.

Fingerprint recognition requires some basic technologies to support the implementation of this science. These support infrastructures typically comprise a user registration database, an information backbone of some nature, and the use of computer hardware to facilitate user registration and management. The user presents a finger to a fingerprint scanner, the finger is scanned and either transmitted across the ICT backbone, or verified on the device itself. The fingerprint presence consists of a unique user identification detail (such as an employee code or system generated ID), an indication of which presence point the device is situated at, and an accurate time stamp. This is communicated to a management system, recorded, and used as reference for various business activities. The most common uses of these records are in the areas of physical facility access control and the creation of time and attendance records.

Integration

The integration of biometric establishment of presence technology into human resource management systems was a logical step in addressing user time fraud in the work environment. Fingerprint recognition records are migrated into the timesheet aspect of the client’s existing human resources system and embedded in a format that allows the standard processes to execute with limited or no alteration to established systems. The client gains the benefit of accurate user presence verification without extensive system review and redesign. The use of intelligent support technologies augmenting the deployed biometric technologies have led to the creation of sophisticated capabilities to the benefit of the client. These include the ability to enrol a biometric user in the Cape, but have his records active in Pretoria. Fingerprints are migrated from local sites to central management centres at regional offices, which allow full propagation through the system from any remote point to another. The inclusion of active, realtime business rule sets also allows the client to exert control over user presence and movement with the click of a computer mouse – a person moving into a turnstile can be locked into that turnstile by clicking an icon on a computer generated schematic of the site.

It is clear that the establishment of user presence offered serious challenges in the past, but that the application of biometric identification technologies addresses these challenges very easily. Biometric devices will evolve in future, and as new methods of recognition and digital sensing are created this field of science will offer the user more and more benefits.

For more information contact Alchemist IT, +27 (0)83 418 4939, gregory@alchemistit.co.za, www.alchemistit.co.za





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Paxton10 for smart buildings
Issue 5 2020, Paxton Access , Access Control & Identity Management
Paxton10, offering access control and video management on one simple platform, is available in the South African market.

Read more...
Suprema enhances cybersecurity
Issue 5 2020, Suprema , Access Control & Identity Management
Suprema BioStar 2 is a web-based, open and integrated security platform that provides comprehensive functionality for access control and time and attendance.

Read more...
A wizz at visitor management
Issue 5 2020 , Access Control & Identity Management
WizzPass is a locally developed software platform for managing visitors to businesses, buildings or business parks.

Read more...
Contactless at the game
Issue 5 2020, IDEMIA , Access Control & Identity Management
IDEMIA partners with JAC to successfully test frictionless biometric access technology at Level5 Stadium in Japan.

Read more...
Focus on touchless biometrics
Residential Estate Security Handbook 2020, Hikvision South Africa, Saflec, IDEMIA , Suprema, Technews Publishing , Access Control & Identity Management
The coronavirus has made touchless biometrics an important consideration for access control installations in estates and for industries globally.

Read more...
Providing peace of mind
Residential Estate Security Handbook 2020, ZKTeco , Access Control & Identity Management
Touchless technology embedded with face and palm recognition sensors provide 100% touchless user authentication for a variety of applications.

Read more...
Frictionless access with a wave from IDEMIA
Residential Estate Security Handbook 2020, IDEMIA , Access Control & Identity Management
Platinum Sponsor IDEMIA displayed its frictionless biometric reader, the MorphoWave Compact, at the Residential Estate Security Conference.

Read more...
Cost effective without compromising security
Residential Estate Security Handbook 2020, Bidvest Protea Coin , Access Control & Identity Management
Bidvest Protea Coin offers a range of services, all integrated to offer a future-proof and cost-effective security solution for estates.

Read more...
Broad range of estate solutions
Residential Estate Security Handbook 2020, Hikvision South Africa , Access Control & Identity Management
Hikvision offers residential estates a range of systems and solutions that deliver security, from the gate to the individual’s own home.

Read more...
Excellerate looks beyond traditional guarding
Residential Estate Security Handbook 2020, Excellerate Services , Access Control & Identity Management
Excellerate Services has a suite of best-of-breed technologies that have been integrated into a sophisticated SLA, incident and people management system.

Read more...