Presence establishment - the art of integrating where I am with what I am doing

November 2007 Access Control & Identity Management

The establishment of presence can be defined as the verification of a subject or item’s presence at a specific location, at a specific point in time.

This presence can be the physical presence of a user at the specific location, or a virtual presence such as the presence of a laptop user in Mauritius logged into a VPN mainframe in Dubai. Virtual presence is a field of study all on its own, and will fall outside of the scope of this article. As such the focus will be on the verification of physical presence through subject interactive methodologies.

There are several technologies that facilitate the establishment of user presence. The uses of these techniques are determined by the challenge at hand, and differ greatly in their application. The common denominator of all the available solutions remains the efficiency and accuracy of the verification process. All of the techniques used require the use of a form of unique identification, either through a fact known only to the relevant user, or through the use of a device or physical feature unique to the user.

Protection via password

The most common method of proving presence is through the use of passwords. This method is cheap, easy to implement and requires very little user acceptance as it is non-intrusive and a traditional way of achieving identification. The reasoning behind the use of passwords is that only the relevant user knows the password and that the entry of the password at, for instance, a numeric keypad controlling an access point, proves the presence of the user at that point. This principle is, of course, flawed, as several factors defeat this objective. These factors include the problem that users can distribute their passwords to other users, making it common knowledge and defeating the purpose of such a system. There are also the more romantic issues such as electronic password compromise through system hacking, password injection and password prediction. These factors combine to prove that the establishment of presence through the use of passwords does not completely solve the challenge at hand.

It is commonly believed that the way to enhance the password-based identification method is by issuing the user with a password that the user does not actually need to memorise or even know. This is achieved through the use of mobile password storage devices such as smartcards, radio frequency tags and other such portable smart storage technologies. The user is required to carry the issued device and present the stored password at the specific location by interacting with a device related to the storage medium used – a user carrying a smartcard will swipe the card against a smartcard reader that will read the password stored on the card and initiate certain actions based on business rules.

The principle seems solid, as the user does not need to know the password stored on the card and, thus, cannot compromise the system by distributing the password to other subjects. In addition to this, longer and more complex passwords can be used, as the user is not required to memorise the codes, making it harder to compromise the system electronically. Unfortunately, this method also has some very serious flaws: the clearest of these are that the password is now situated on a physical object that can be stolen, ‘borrowed out’, or lost. A user can wilfully compromise the system by simply handing the card over to another subject. The card can also easily be stolen or lost and later found by another user. All of these factors challenge the use of portable passwords as a solution.

Protection passwords

Simple compromises to address these issues do exist, such as the combination of a password stored on a smartcard with a password known only to the user, but even these techniques are still dependant on user honesty, and can failed all too easily.

The most secure method to date is the use of a technology that cannot be communicated between system users, cannot be stolen or lost and cannot be easily duplicated or electronically compromised. This train of thought led to the creation of the biometric field of science, in which the principle is simple: find a physical trait of the relevant user that is unique and identifiable through electronic means.

This field of study has yielded several biometric technologies that include methods such as electronic fingerprint scanning, facial topology recording, facial feature recording, hand geometry calculation, optical vein mapping, iris vein pattern recording and even the use of voice harmonics. All of these technologies have already proven their worth in the market, and each carry arguments for and against the use of each. The field of biometrics does address the challenges outlined before by ensuring that the identity of the user cannot be mistaken or faked. The feature used to identify the user is a unique physical characteristic that cannot be removed or copied, and will always accompany the user, negating the problem of the user losing the identification mechanism. The technology does, however, face challenges as well: the average user experiences a sense of resistance against the use of these devices, as it is felt that it is intrusive. It also typically requires a more elaborate user enrollment or registration process than the alternative techniques. The informatics and architectural requirements of using biometric systems also require more elaborate, and will as a rule require a longer and more challenging commissioning phase.

Benefits of biometrics

Biometric identification does present the best solution for the establishment of user presence. Among the subset of technologies in this field, fingerprint recognition has the highest cost to efficiency ratio as it offers dependency for a price tag significantly cheaper than the other more sophisticated biometric technologies. It is also easier to implement, and less intrusive than, for instance, iris recognition.

Fingerprint recognition requires some basic technologies to support the implementation of this science. These support infrastructures typically comprise a user registration database, an information backbone of some nature, and the use of computer hardware to facilitate user registration and management. The user presents a finger to a fingerprint scanner, the finger is scanned and either transmitted across the ICT backbone, or verified on the device itself. The fingerprint presence consists of a unique user identification detail (such as an employee code or system generated ID), an indication of which presence point the device is situated at, and an accurate time stamp. This is communicated to a management system, recorded, and used as reference for various business activities. The most common uses of these records are in the areas of physical facility access control and the creation of time and attendance records.

Integration

The integration of biometric establishment of presence technology into human resource management systems was a logical step in addressing user time fraud in the work environment. Fingerprint recognition records are migrated into the timesheet aspect of the client’s existing human resources system and embedded in a format that allows the standard processes to execute with limited or no alteration to established systems. The client gains the benefit of accurate user presence verification without extensive system review and redesign. The use of intelligent support technologies augmenting the deployed biometric technologies have led to the creation of sophisticated capabilities to the benefit of the client. These include the ability to enrol a biometric user in the Cape, but have his records active in Pretoria. Fingerprints are migrated from local sites to central management centres at regional offices, which allow full propagation through the system from any remote point to another. The inclusion of active, realtime business rule sets also allows the client to exert control over user presence and movement with the click of a computer mouse – a person moving into a turnstile can be locked into that turnstile by clicking an icon on a computer generated schematic of the site.

It is clear that the establishment of user presence offered serious challenges in the past, but that the application of biometric identification technologies addresses these challenges very easily. Biometric devices will evolve in future, and as new methods of recognition and digital sensing are created this field of science will offer the user more and more benefits.

For more information contact Alchemist IT, +27 (0)83 418 4939, gregory@alchemistit.co.za, www.alchemistit.co.za





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Enhanced biometric technology for mines
September 2019, ZKTeco , Mining (Industry), Access Control & Identity Management
Biometric identification and authentication are currently used at various mines in South Africa and in the SADC region.

Read more...
Improving access in mines
October 2019, Astra Fasteners , Mining (Industry), Access Control & Identity Management, Products
The VP1 controller provides full access control and remote monitoring of intelligent locks without having to wire into a network or install, manage and maintain software.

Read more...
Invixium and Pyro-Tech partner in South Africa
October 2019 , News, Access Control & Identity Management
Invixium, a manufacturer of IP-based biometric solutions and Pyro-Tech Security Suppliers have announced a new distribution partnership.

Read more...
Suprema receives FBI PIV/FAP30 certification
October 2019, Suprema , News, Access Control & Identity Management
Suprema has announced that the company's BioMini Slim 3 has received FBI PIV (Personal Identity Verification) and Mobile ID FAP30 certification.

Read more...
Frictionless access with a wave
October 2019, IDEMIA , Access Control & Identity Management, Residential Estate (Industry)
IDEMIA was the Platinum Sponsor for the Residential Estate Security Conference 2019 and set up its MorphoWave Compact frictionless fingerprint biometric scanner at the entrance to the conference.

Read more...
Streamlined access and reporting
October 2019, Comb Communications , Access Control & Identity Management, Residential Estate (Industry)
The main focus of the Comb stand was its practical demonstration of the MK II Lite intercom system with third-party integrated products.

Read more...
Customised and integrated solutions
October 2019, Suprema , Access Control & Identity Management, Residential Estate (Industry)
iVisit offers both high-end and low-end residential complexes a cost-effective visitor management solution that is fully integrated into Suprema's offerings.

Read more...
Access solutions for every estate
October 2019, Impro Technologies , Access Control & Identity Management, Residential Estate (Industry)
Impro's flagship Access Portal solution comprises one of the most user-friendly software solutions on the market.

Read more...
Managing staff effectively
September 2019, dormakaba South Africa, iPulse Systems , Integrated Solutions, Access Control & Identity Management
Workforce management solutions allow organisations to track the relationship between productivity and the cost of employment, incorporating issues such as health and safety, T&A, rostering and more.

Read more...
Hennie Lategan joins Centurion as head of exports
September 2019, Centurion Systems , News, Access Control & Identity Management
Centurion Systems has announced the appointment of Hennie Lategan as the head of the company’s exports department.

Read more...