Re: ibutton door access control

["paul gordon" <paul_gordon@xxxxxxx>]

Sorry, this is a bit of a long one!

>And this is better than them knocking you cold so they can hold your
head
>up to the camera?  How?  Actually, if they mug you outside your house,
>what's to stop them just waiting till you open the door then following
you?

Granted, but this is true for _ALL_ access control systems, so no-one could
claim that is is a point for or against any one of them, so ibuttons vs.
biometric comes out dead level on this point...
>
> >1) to _always_ permit authorised entry
> >2) to _always_ deny unauthorised entry
>
>And there _isn't_ one of those in existence yet, and almost certainly
>_never_ will be while people have _any_ role to play in security.
>

I'm puzzled, by your comment? - what's the point of the security? - surely
it's to grant/deny access to a PERSON (not an ibutton), so you can never
remove people from their role in security, 'cos that's what it's there for.
Also, I don't suggest that those two stated requirements _are_ necessarily
attainable - no system is ever 100% reliable (and that includes ibuttons),
but they are the absolute aims in designing any access control system. So,
again a draw between ibutton & biometric methinks...
(But I have seen and played with fingerprint scanners, and have yet to see
a
mis-identification with one....)

> >lose their key?, or worse still, how do you know how many valid
tokens
>are
> >out there?
>
>Much easier than with an existing lock and key

Too right - just about anything is better than a mechanical lock &
key...
BUT, that said, any system which is keyed to a token is inherently weak, as
anyone with posession of that token is able to gain access. lets not
forget,
its the person that you want to provide the access to, not the token
itself...

>similar level of security.  I don't live in a fortress, and don't want
to.

Thats the most relevant point so far in this Friday debate! - lets not
forget that we're talking about access control to a private house, not a
bank vault, not Fort Knox. - We will not be dealing with MI5 agents, safe
crackers, or industrial spies!! - does anyone really think it likely that
being knocked unconcious and having their face held up to a camera is a
likely scenario in a domestic environment!? - I rather suspect not. The
point is that ALL security & access control systems can be defeated one
way
or another, so it's totally pointless attempting to design one that can't
be
(you'll fail), and it's equally pointless trying to anticipate every
bizzarre way in which a determined intruder might try to get past your
system, and then dismissing a sufficiently secure system because you've
thought of some - if that were the case, you'd dismiss every system that
currently exists.

So, after all that, I still suggest, that once you've achieved an
acceptable
level of security for a domestic situation, the added-value differentiation
between them comes down to factors like convenience, flexibility, and
reliability.

I challenge anyone to argue that biometric doesn't win hands down on the
convenience and flexibility fronts - no easily lost token involved, no
fumbling around in your pockets when you come home from the pub, no having
to put all your shopping down on the front step to hold your ibutton up to
the sensor, you absolutely cannot ever lose your keys, and on, and on, and
on...

The current reliability of biometric technologies has been called into
question in one of the earlier postings, and I'm not expert enough in the
field to take issue with that, but I will say, that from what I've seen
with
my own eyes, I am perfectly satisfied that fingerprint recognition is now
"there" - it works guys!

If you think about it, all I'm really saying is that you still have an
access token, it's just that the token is now a part of your body, instead
of an artificial appendage - supposing you had your ibutton implanted under
your skin - would that not then become a biometric system?

>
>If it's a cryptographic iButton, and they manage that, you can be sure
that
>they would have otherwise found another weak point to attack.  Security
is
>never perfect, all you can do is 'best guess' within your budget to
cover
>the flaws that you can cover, and keep up with methods to overcome
them.
>
OK, actually copying an ibutton might be difficult (for now), but I also
asked about your cleaner passing on his/her valid one to someone else? -
there's nothing you can do in a token based system to stop an unauthorised
person from using an authorised token to gain access.

> >there's still no intelligence there, it's just moving a flawed
mechanical
> >system to a flawed electronic system with nearly all the same
drawbacks.
>
>But it's worked for years.  That's good enough for most.

But it's not good enough for me - I once lost my bunch of keys a few years
ago, and it made my life a living nightmare for weeks!!! - I never want to
be in that situation again!

>biometrics are flawless you could be in for a surprise.

I don't think _any_ system is flawless, but biometrics are the best
strategy
to pursue for the future, as evidenced by much of the research that is
going
on right now to make reliable, secure, biometric ID systems. As I said in
my
point above, we're only talking about a domestic setting - we don't NEED it
to be as super-secure as the banks do for their ATM machines, and because
of
this, we can use the technology that exists right now, and is cheap.

>simple example, if you design a system around your single pinhole
camera,
>and I can't defeat it with a photograph of you, and it never locks you
out,
>I'll eat my microLAN device...

I'd love to take you up on that challenge, but unfortunately, I think the
whole debate is academic just now, as I don't think the wife would allow me
to spend any more money on new toys for a while :-(

And hey, here's a thought, whats to stop you employing TWO biometric
systems
concurrently?? - one of which could be face recognition, and one could be
voice. So you go to your front door, look into the camera, and speak your
secret password phrase: "Let me in you stupid git" (or some such)
- none of
which requires any more hardware than most of us probably already have in
the front porch....
>
> >So, who's going to design an interface betwen my door-camera and
my
> >door-lock, by way of a PC in the middle?
>
>I'll do it.  How much money have you got?

Not enough!

>I'll be needing all of that for a start...

TOO LATE! - the wife's had it all.... ;-)

>oh, and a key to your house so I can try it out... and would you
>like the in-car version too?  What do you drive?
>

KEY? - KEY?


;-)

Paul G.

______________________________________________________

------------------------------------------------------------------------
Special Offer-Earn 300 Points from MyPoints.com for trying @Backup
Get automatic protection and access to your important computer files.
Install today:
http://click.egroups.com/1/2344/5/_/2065/_/954519976/

-- 20 megs of disk space in your group's Document Vault
-- http://www.egroups.com/docvault/ukha_d/?m=1