HOME

TheInfoList



OR:

Identity-based security is a type of
security Security is protection from, or resilience against, potential harm (or other unwanted coercive change) caused by others, by restraining the freedom of others to act. Beneficiaries (technically referents) of security may be of persons and social ...
that focuses on access to digital information or services based on the authenticated identity of an individual. It ensures that the users of these digital services are entitled to what they receive. The most common form of identity-based security involves the login of an account with a username and password. However, recent technology has evolved into
fingerprint A fingerprint is an impression left by the friction ridges of a human finger. The recovery of partial fingerprints from a crime scene is an important method of forensic science. Moisture and grease on a finger result in fingerprints on surfac ...
ing or facial recognition. While most forms of identity-based security are secure and reliable, none of them are perfect and each contains its own flaws and issues.


History

The earliest forms of Identity-based security was introduced in the 1960s by computer scientist
Fernando Corbató Fernando is a Spanish and Portuguese given name and a surname common in Spain, Portugal, Italy, France, Switzerland, former Spanish or Portuguese colonies in Latin America, Africa, the Philippines, India, and Sri Lanka. It is equivalent to the G ...
. During this time, Corbató invented computer passwords to prevent users from going through other people's files, a problem evident in his Compatible Time-Sharing System (C.T.S.S.), which allowed multiple users access to a computer concurrently. Fingerprinting however, although not digital when first introduced, dates back even further to the 2nd and 3rd century, with King
Hammurabi Hammurabi (Akkadian: ; ) was the sixth Amorite king of the Old Babylonian Empire, reigning from to BC. He was preceded by his father, Sin-Muballit, who abdicated due to failing health. During his reign, he conquered Elam and the city-states ...
sealing contracts through his fingerprints in ancient Babylon. Evidence of fingerprinting was also discovered in ancient China as a method of identification in official courts and documents. It was then introduced in the U.S. during the early 20th century through prison systems as a method of identification. On the other hand, facial recognition was developed in the 1960s, funded by American intelligence agencies and the military.


Types of identity-based security


Account Login

The most common form of Identity-based security is password authentication involving the login of an online account. Most of the largest digital corporations rely on this form of security, such as
Facebook Facebook is an online social media and social networking service owned by American company Meta Platforms. Founded in 2004 by Mark Zuckerberg with fellow Harvard College students and roommates Eduardo Saverin, Andrew McCollum, Dustin M ...
,
Google Google LLC () is an American multinational technology company focusing on search engine technology, online advertising, cloud computing, computer software, quantum computing, e-commerce, artificial intelligence, and consumer electronics. ...
, and
Amazon Amazon most often refers to: * Amazons, a tribe of female warriors in Greek mythology * Amazon rainforest, a rainforest covering most of the Amazon basin * Amazon River, in South America * Amazon (company), an American multinational technology c ...
. Account logins are easy to register, difficult to compromise, and offer a simple solution to identity-based digital services.


Fingerprint

Fingerprint A fingerprint is an impression left by the friction ridges of a human finger. The recovery of partial fingerprints from a crime scene is an important method of forensic science. Moisture and grease on a finger result in fingerprints on surfac ...
biometric authentication is another type of identity-based security. It is considered to be one of the most secure forms of identification due to its reliability and accessibility, in addition to it being extremely hard to fake. Fingerprints are also unique for every person, lasting a lifetime without significant change. Currently, fingerprint biometric authentication are most commonly used in police stations, security industries, as well as smart-phones.


Facial Recognition

Facial recognition operates by first capturing an image of the face. Then, a computer algorithm determines the distinctiveness of the face, including but not limited to eye location, shape of chin, or distance from the nose. The algorithm then converts this information into a database, with each set of data having enough detail to distinguish one face from another.


Controversies and issues


Account Login

A problem of this form of security is the tendency for consumers to forget their passwords. On average, an individual is registered to 25 online accounts requiring a password, and most individuals vary passwords for each account. According to a study by Mastercard and the
University of Oxford , mottoeng = The Lord is my light , established = , endowment = £6.1 billion (including colleges) (2019) , budget = £2.145 billion (2019–20) , chancellor ...
, "about a third of online purchases are abandoned at checkout because consumers cannot remember their passwords." If the consumer does forget their password, they will usually have to request a password reset sent to their linked email account, further delaying the purchasing process. According to an article published by Phys Org, 18.75% of consumers abandon checkout due to password reset issues. When individuals set a uniform password across all online platforms, this makes the login process much simpler and hard to forget. However, by doing so, it introduces another issue where a security breach in one account will lead to similar breaches in all remaining accounts, jeopardizing their online security. This makes the solution to remembering all passwords much harder to achieve.


Fingerprint

While fingerprinting is generally considered to be secure and reliable, the physical condition of one's finger during the scan can drastically affect its results. For example, physical injuries, differing displacement, and skin conditions can all lead to faulty and unreliable biometric information that may deny one's authorization. Another issue with fingerprinting is known as the biometric sensor attack. In such an attack, a fake finger or a print of the finger is used in replacement to fool the sensors and grant authentication to unauthorized personnel.


Facial Recognition

Facial recognition relies on the face of an individual to identify and grant access to products, services, or information. However, it can be fraudulent due to limitations in technology (lighting, image resolution) as well as changes in facial structures over time. There are two types of failure for facial recognition tests. The first is a false positive, where the database matches the image with a data set but not the data set of the actual user's image. The other type of failure is a false negative, where the database fails to recognize the face of the correct user. Both types of failure have trade-offs with accessibility and security, which make the percentage of each type of error significant. For instance, a facial recognition on a smart-phone would much rather have instances of false negatives rather than false positives since it is more optimal for you to take several tries logging in rather than randomly granting a stranger access to your phone. While in ideal conditions with perfect lighting, positioning, and camera placement, facial recognition technology can be as accurate as 99.97%. However, such conditions are extremely rare and therefore unrealistic. In a study conducted by the National Institute of Standards and Technology (NIST), video-recorded facial recognition accuracy ranged from 94.4% to 36% depending on camera placement as well as the nature of the setting. Aside from the technical deficiencies of Facial Recognition, racial bias has also emerged as a controversial subject. A federal study in 2019 concluded that facial recognition systems falsely identified Black and Asian faces 10 to 100 times more often than White faces.{{Cite web, date=2020-09-21, title=Despite past denials, LAPD has used facial recognition software 30,000 times in last decade, records show, url=https://www.latimes.com/california/story/2020-09-21/lapd-controversial-facial-recognition-software, access-date=2020-12-06, website=Los Angeles Times, language=en-US


See also

*
Attribute-based access control Attribute-based access control (ABAC), also known as policy-based access control for IAM, defines an access control paradigm whereby a subject's authorization to perform a set of operations is determined by evaluating attributes associated with the ...
*
Federated identity A federated identity in information technology is the means of linking a person's electronic identity and attributes, stored across multiple distinct identity management systems. Federated identity is related to single sign-on (SSO), in which a ...
*
Identity-based conditional proxy re-encryption Identity-based conditional proxy re-encryption (IBCPRE) is a type of proxy re-encryption (PRE) scheme in the identity-based public key cryptographic setting. An IBCPRE scheme is a natural extension of proxy re-encryption on two aspects. The firs ...
*
Identity driven networking Identity driven networking (IDN) is the process of applying network controls to a network device access based on the identity of an individual or a group of individuals responsible to or operating the device. Individuals are identified, and the ...
* Identity management system *
Network security Network security consists of the policies, policies, processes and practices adopted to prevent, detect and monitor unauthorized access, Abuse, misuse, modification, or denial of a computer network and network-accessible resources. Network securi ...
*
Self-sovereign identity Self-sovereign identity (SSI) is an approach to digital identity that gives individuals control over the information they use to prove who they are to websites, services, and applications across the web. Without SSI, individuals with persistent ...


References

Computer access control