Page 347 -
P. 347
346 Part Two Information Technology Infrastructure
To gain access to a system, a user must be authorized and authenticated.
Authentication refers to the ability to know that a person is who he or she
claims to be. Authentication is often established by using passwords known
only to authorized users. An end user uses a password to log on to a computer
system and may also use passwords for accessing specific systems and files.
However, users often forget passwords, share them, or choose poor passwords
that are easy to guess, which compromises security. Password systems that
are too rigorous hinder employee productivity. When employees must change
complex passwords frequently, they often take shortcuts, such as choosing
passwords that are easy to guess or keeping their passwords at their worksta-
tions in plain view. Passwords can also be “sniffed” if transmitted over a network
or stolen through social engineering.
New authentication technologies, such as tokens, smart cards, and biomet-
ric authentication, overcome some of these problems. A token is a physical
device, similar to an identification card, that is designed to prove the identity
of a single user. Tokens are small gadgets that typically fit on key rings and
display passcodes that change frequently. A smart card is a device about the
size of a credit card that contains a chip formatted with access permission and
other data. (Smart cards are also used in electronic payment systems.) A reader
device interprets the data on the smart card and allows or denies access.
Biometric authentication uses systems that read and interpret individual
human traits, such as fingerprints, irises, and voices, in order to grant or deny
access. Biometric authentication is based on the measurement of a physical
or behavioral trait that makes each individual unique. It compares a person’s
unique characteristics, such as the fingerprints, face, or retinal image, against
a stored profile of these characteristics to determine whether there are any
differences between these characteristics and the stored profile. If the two
profiles match, access is granted. Fingerprint and facial recognition technol-
ogies are just beginning to be used for security applications, with many PC
laptops equipped with fingerprint identification devices and several models
with built-in webcams and face recognition software.
This PC has a biometric
fingerprint reader for fast
yet secure access to files and
networks. New models of
PCs are starting to use
biometric identification to
authenticate users.
© Jochen Tack/Alamy
MIS_13_Ch_08 Global.indd 346 1/17/2013 3:10:21 PM
