The Fit Factor
The tough and costly part of implementing biometrics, or any security scheme, centers on how well the authentication database fits into a companys overall security management system. The Authenticam is designed to protect local machines, so it cannot authenticate users across a network without a third-party solution.
For that, Iridian offers the KnowWho database, a separate Windows NT-based solution that accepts iris images from the PrivateID software included with the Authenticam. The KnowWho database (built on either Microsoft SQL Server or Oracle Corp.s namesake database) handles processing and enrollment of all iris images. It features a software development kit that allows the database to connect into single-sign-on authentication systems from other vendors, such as Computer Associates International Inc.s eTrust.
I/O Software SecureSuite in the Authenticam package is a good security suite with only a so-so implementation. The user interface is functional but can be annoying. SecureSuite includes User Manager for adding users, modifying log-in profiles (password, iris recognition or both), and profiles for how users interact with SecureSession applications (SecureSession is a "password vault" for logging into secure Web sites.)
The same User Manager application is both a Control Panel item and an application, and it can be launched from the Windows tool bar.
When enrolling users, SecureSuite required us to create a new administrator account that supposedly supplants the original administrator account. On systems with more than one log-in account, administrators must migrate users into SecureSuite. This is an easy process, and it allows all named users to have access to SecureSuites enhanced log-in functions that include access to the PrivateID iris recognition.
Unfortunately, we were unable to migrate our original administrator account—which may not matter. Applications that replace security settings in an operating system will without fail cause IT administrators to raise their eyebrows.
eWeek Labs Director John Taschek can be reached at firstname.lastname@example.org.