DIY Iris Scanning? 54
gadzook33 asks: "There have been rumors floating around about DIY iris scanning, using digital cameras for biometric security. Iris scanning presents a fantastic alternative to password-based authentication but hasn't really come to our desktops yet. I've looked around but can't find any concrete material on the subject. Is anyone doing this? Are there any efforts to develop open software for this sort of thing? Are patents holding things up? Given that passwords are an almost defunct technique for protecting data in certain situations, it would be nice to have an alternative."
Better Yet, Go Multi-Tier (Score:3, Interesting)
Re:Not an alternative... (Score:2, Interesting)
1.) A key and irreplaceable component of any authentication instrument is a revocation feature. You state that biometric passwords are not changeable. Biometrics are just as revokable as passwords. In both cases, the user must recognize that the instrument has been compromised and tell his keymaster. In the password case, you simply change the password. In the biometric case, you must remove that instrument from the authentication whitelist. I think what you're trying to get at here is that biometrics, once revoked, cannot be resued. However, your statement: "That person is me anywhere they do an iris scan." is false because the biometric instrument can be revoked. That person is you everywhere they use a password until that is revoked also....
2.) Biometrics are growing up. Soon the days of simple image processing will be gone. Additional checks like measuring pupil reaction time, eye movement characteristics, blink characteristics, eye pressure, peripheral vision, visual acuity, etc will be implemented. (Press the button when the line-drawing is in focus (using a new image and different focus path each time.); Press the button when the spot comes into your peripheral vision (same randomness, etc.)) Varying the algorithm by which the image processing software recognizes the eye will also harden iris scanning. All of this works to make biometrics an increasingly attractive ADDITIONAL layer of security. I've always been told that the best security check involves two things: something you have, and something you know. Biometrics can work quite well for the "something you have." part.
Re:Not an alternative... (Score:5, Interesting)
As for 2), the basic feature of biometrics is that it's simple. You touch a surface or look into a lens, and that's all, no typing passwords, no entering codes or searching your wallet for magnetic card. Take it away and you take away half of the charm of biometrics. You only leave the scare "they will knock you out and take your eye out in a dark backstreet to break in" plus vague and unreliable info about high security, which is neither verifiable nor unhackable and definitely doesn't appeal to management.
It's a bumpy road ahead of biometrics.
Re:Better Yet, Go Multi-Tier (Score:2, Interesting)
Each key will be a finger-print scanner. If you type home-row then match the keystrokes to fingers that are supposed to be used. When you press down on a key, it will take a photo/whatever of your finger and analyze it to a small database at the system[/kernel?] level to see if they match up.
If the finger print doesn't match, keypress is ignored.
You would need some incredibly quick fingerscanners for each key, and it would be VERY pricey. It would also force you to use home-row, too!
Possibly incorportate this into the mouse, as well?
Yeah... I need sleep. But it's a thought. Would be VERY hard to crack, esspecially at the kernel level. You wouldn't be able to just swap out keyboards.
Re:useless (Score:2, Interesting)
Re:Better than retina scanning (Score:4, Interesting)
dave
Re:Better than retina scanning (Score:3, Interesting)
things most people would rather keep to themselves.
dave