Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Best Biometric Authentication System?

Posted by samzenpus on from the eyes-have-it dept.

kwelch007 writes I run a network for a company that does manufacturing primarily in a clean-room. We have many systems in place that track countless aspects of every step. However, we do not have systems in place to identify the specific user performing the step. I could do this easily, but asking users to input their AD login every time they perform a task is a time-waster (we have "shared" workstations throughout.) My question is, what technologies are people actually using successfully for rapid authentication? I've thought about fingerprint scanners, but they don't work because in the CR we have to wear gloves. So, I'm thinking either face-recognition or retinal scans...but am open to other ideas if they are commercially viable.

13 of 127 comments (clear)

  1. RFID/card scanner by Anonymous Coward · · Score: 5, Insightful

    Don't you all already badges or dongles or something along those lines?

    1. Re:RFID/card scanner by Albanach · · Score: 5, Interesting

      An AC first post hits the nail on the head. I'd have thought RFID would be faster, less intrusive and possibly more reliable. Pretty sure it would be cheaper to implement too.

      Unless you're worried about people using someone else's card to authenticate, this seems like the smart solution. Still, I can't believe you haven't thought about this, so maybe there's some reason you feel RFID wouldn't be suitable.

    2. Re:RFID/card scanner by hawguy · · Score: 3, Insightful

      Don't you all already badges or dongles or something along those lines?

      Hard to get any faster and more convenient than this -- if they don't want to make employees scan their badges, put an RFID reader in the chair and keep the badge in the back pocket and it's automatic and instant every time they sit down at a workstation.

      Unless they have a specific need for biometrics, there's no point in using it.

    3. Re:RFID/card scanner by davester666 · · Score: 5, Funny

      cattle tag on the ear should also work well. readily available and not that expense. software already available for tracking movement and what milking station they are in. what more do you need?

      --
      Sleep your way to a whiter smile...date a dentist!
  2. None by Anonymous Coward · · Score: 4, Informative

    I work in a class 10 clean room with shared workstations as well. Manual log-in to every workstation is the norm. Biometrics are not only infeasible in such a cleanroom environment, they are more trouble than they are worth, and also not likely to be as secure as you hope (or as reliable).

  3. Re:A probing question by daremonai · · Score: 5, Funny

    I don't know if incontinence here was a Freudian slip or not, but it sure was an accurate one.

  4. Cameras by randall77 · · Score: 5, Interesting

    Just buy a point-of-sale camera system that department stores use. They keep weeks of video from dozens of cameras available for review. Requires 0 overhead in the common case when no audit is required. It is really easy to find out who did what given a time and camera ID. Use humans for your facial recognition, they're actually really good at it.

  5. too complicated by roc97007 · · Score: 3, Insightful

    > So, I'm thinking either face-recognition or retinal scans...

    Waayyyy too complicated and expensive and Charlie's Angels-ish. If all you're trying to do is identify which user performed which step, RFID is your friend. Have an RFID sensor integrated into the workstation, and require the user to "sign" their work with their badge before they can commit.

    Look at people going to work every day using RFID badges. If you want something faster than logging in with A/D credentials (which would have been my first suggestion), swiping a badge is pretty much as fast as you're going to find.

    Now, if people using each other's credentials is a concern, or security in general, then you're looking at using A/D credentials plus a badge ("something you know, and something you have"). I personally wouldn't go with biometrics until they've gotten cheaper and more foolproof. Maybe never.

    --
    Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
  6. None! by Vlijmen+Fileer · · Score: 5, Insightful

    Can this discussion about the supposed virtues of biometric identification / authentication please die?
    Biometric properties are like usernames. Not like passwords. They don't "authenticate" anybody; your fingerprints e.g. can be found all over the world, right in the open.
    And on top of that they are BAD usernames, because they can not be changed. Once your biometric identity has been compromised, you have to give up to whole identification / authentication /system/, because the property can not be changed!

  7. Biometric authentication is flawed by manu0601 · · Score: 3, Insightful

    Biometric authentication is flawed, because your credentials are not secret, and they cannot be revoked. If an attacker manage to clone for instance your fingertip, you cannot change it, you need to change the authentication system.

    Biometric may be reasonably used as a second factor, for instance for unlocking a smart card

  8. WTF by Anonymous Coward · · Score: 5, Insightful

    Typical engineer, overcomplicating the shit out of a simple problem. Give each guy a 4-digit PIN and have them hammer it in to the workstation to gain access.

  9. Who wants this? You? by vinn · · Score: 4, Interesting

    Having spent a lot of time around such things, I have to ask, who's project is this? Who wants this? Just you?

    If your boss or the CEO is asking for this - great. Go do it. That's your job. (The RFID comments seem in the right ballpark.)

    If a mid-level manager or you is taking this on as a pet project, then you need to do some soul searching. This doesn't seem to have much immediate benefit to the bottom line of the company. This doesn't drive revenue creation and it doesn't drive product development. Almost every time I hear someone say, "We need to track X", I rarely ever hear someone else say, "Get me the statistics on X". Tracking shit is easy, crunching the numbers to calculate metrics isn't. If this is simply compliance tracking, listen to the guy who says to install cameras and then dump it to a crapload of drives. If there's an audit, hand over the video and let the auditors sort it out.

    There is a whole lot of not-your-job in here and very little hero making to be done.

    --
    ----- obSig
  10. vein scan is THE biometric by markdavis · · Score: 3, Interesting

    Deep vein scan (typically of the palm) is the only biometric that I would find acceptable from a privacy standpoint. It can't be "stolen" or "lifted", it is not visible from a reasonable distance, it can't be easily scanned without the user's consent. It requires being "alive". It is reliable and simple to acquire. I have used it and seen it in action... very impressive.

    Fingerprints are horribly abused and left everywhere and can't be read through gloves. Easily copied and fooled.

    DNA is extremely expensive, extremely slow, has severe privacy implications, and is left everywhere.

    Facial recognition is not extremely accurate, is often slow, and is the WORST biometric from a privacy standpoint.

    Retina scan is complex and probably the most expensive besides DNA.

    Finger spread biometric is inaccurate and insecure (can be obtained from a distance via