Biometrics for Network Security (Prentice Hall Series in Computer Networking and Distributed Systems) (Paperback)

~ (Author)

Editorial Reviews

Product Description

The biggest vulnerability in most enterprise networks is the authenticationsystem--especially if it relies solely on passwords. And a result, many companiesare looking to combine password authentication with other authenticationmethods, most especially biometrics. The few biometrics books that do existare overview books aimed at management and/or are not written by biometricspecialists. This book is unique in its coverage of how to design and implementa successful biometric solution for your network--and, it's written by abiometrics expert.Biometrics are automated methods of recognizing a person based on aphysiological or behavioral characteristic. Among the features measured are;face, fingerprints, hand geometry, handwriting, iris, retinal, and voice.Biometric technologies are becoming the foundation of an extensive array ofhighly secure identification and personal verification solutions. As the level ofsecurity breaches and transaction fraud increases, the need for highly secureidentification and personal verification technologies is becoming apparent.

From the Back Cover

The complete guide to implementing biometric security solutions for your network

Network security has become the latter-day equivalent of oxymoronic terms like "jumbo shrimp" and "exact estimate." Newspaper headlines are routinely peppered with incidents of hackers thwarting the security put forth by the government and the private sector. As with any new technology, the next evolution of network security has long languished in the realm of science fiction and spy novels. It is now ready to step into the reality of practical application.

In Biometrics for Network Security, biometrics security expert Paul Reid covers a variety of biometric options, ranging from fingerprint identification to voice verification to hand, face, and eye scanning. Approaching the subject from a practitioner's point of view, Reid describes guidelines, applications, and procedures for implementing biometric solutions for your network security systems.

Coverage includes:

• An introduction to authentication technologies and biometrics
• Dealing with privacy issues
• Biometric technologies, including finger, hand geometry, handwriting, iris, retina, voice, and face
• Security concerns related to biometrics, including attempts to spoof or fake results
• Deployment of biometric security systems, including vendor selection and roll out procedures
• Real-life case studies

For security, system, and network administrators and managers, as well as anyone who is interested in the application of cutting-edge biometric technology, Biometrics for Network Security will prove an indispensable addition to your library!

See all Editorial Reviews

Product Details

• Paperback: 288 pages
• Publisher: Prentice Hall PTR; illustrated edition edition (December 30, 2003)
• Language: English
• ISBN-10: 0131015494
• ISBN-13: 978-0131015494
• Product Dimensions: 9.2 x 7 x 0.7 inches
• Shipping Weight: 1.2 pounds
• Average Customer Review: 3.8 out of 5 stars  See all reviews (4 customer reviews)
• Amazon.com Sales Rank: #653,825 in Books (See Bestsellers in Books)

  Popular in this category: (What's this?)

  #44 in

  Books > Computers & Internet > Programming > Algorithms > Pattern Recognition

Customer Reviews

Most Helpful Customer Reviews

1 of 1 people found the following review helpful:

4.0 out of 5 stars Good review of biometrics and helpful advice for deployment, March 20, 2005

By	D. Kalyadin - See all my reviews (REAL NAME)

A very good and readable book about biometrics for network security. Note the network security part - the coverage is limited to systems that can be used in an everyday business environment. The book could be read by just about anyone, although it does help knowing a little bit about biometrics to start with. There are basically two main parts - the first one describes the different biometric technologies and their strengths and weaknesses. The second part discusses actual testing and deployment using real life examples of what to do and what not to do. I would certainly recommend this book to anyone who is actually going to implement a biometric system. Just knowing how the biometrics work is not enough to have a successful deployment. If you want to know the full details of how different biometric algorithms work, this book is probably not for you. The level of detail is just what you would take away from reading the detailed description, which I actually liked. I would recommend this book to anyone interested in network security.

3.0 out of 5 stars Very informative and precise. Ideal for Security Engineers & Administrators., September 18, 2007

By	Christos Partsenidis (Thessaloniki, Greece - www.Firewall.cx) - See all my reviews (REAL NAME)

Network security has become the latter-day equivalent of oxymoronic terms like "jumbo shrimp" and "exact estimate."

Newspaper headlines are routinely peppered with incidents of hackers thwarting the security put forth by the government and the private sector.

As with any new technology, the next evolution of network security has long languished in the realm of science fiction and spy novels. It is now ready to step into the reality of practical application.

In Biometrics for Network Security , biometrics security expert Paul Reid covers a variety of biometric options, ranging from fingerprint identification to voice verification to hand, face, and eye scanning. Approaching the subject from a practitioner's point of view, Reid describes guidelines, applications, and procedures for implementing biometric solutions for your network security systems.

Coverage includes:

- An introduction to authentication technologies and biometrics

- Dealing with privacy issues

- Biometric technologies, including finger, hand geometry, handwriting, iris, retina, voice, and face

- Security concerns related to biometrics, including attempts to spoof or fake results

- Deployment of biometric security systems, including vendor selection and roll out procedures

- Real-life case studies

For security, system, and network administrators and managers, as well as anyone who is interested in the application of cutting-edge biometric technology, Biometrics for Network Security will prove an indispensable addition to your library!

1 of 2 people found the following review helpful:

4.0 out of 5 stars A very good book with a lot of information., September 16, 2004

By	John L. Berger (Pennsylvania) - See all my reviews (REAL NAME)

This book is meant for just about anyone who has any interest in biometric security. The geek speak is minimal and the examples are those which just about anyone with network experience can understand. In essence, it's meant to be read by anyone from the network administrator to the CIO.

Each chapter deals quite well with the various biometrics including the options by which each biometric can be measured, the types of variances that can be expected, how each biometric can be spoofed, and how spoofing can be thwarted. I'm not going to go into any great detail on them because that's the purpose of the book, but I found it fascinating to learn how many different kinds of authentication can be done. Facial biometrics alone have three different authentication methods from which to choose!

The book also goes into the statistics of using biometrics and how to determine various acceptance and rejection rates as well as accuracy rates. This section is clearly for the mathematically adept, but it was an interesting read - for me anyway.

The last several chapters of the book deal with the preparation and roll-out of a biometric security model - defining the business need, developing a proof of concept, inviting vendors, preparing proof-of-concept, rolling out the pilot project, and finally rolling out the project itself. For anyone with management experience or anyone who is familiar with project planning, these sections are for the most part a reiteration of common sense; however, for someone who has never performed to extravagant a project these chapters are a good foundation.

This book is not light reading, but it doesn't require a Masters degree to understand either. It's a good balance of technical information and real-world examples and usage. Fortunately, the author avoided the I'm trying to impress you language that too many other technical authors attempt to employ in order to increase their self-esteem.
There are a few things about this book, however, that made it difficult at times for me to read without rolling my eyes.

One is the section about return on investment. When it comes to network security, you really cannot place a dollar value on security; and associating "investment" with "security" is truly a misnomer.

"Security" is an insurance policy meant to prevent loss, whereas "investment" is meant to gain wealth. With security, you pay for it even when you don't need it for no reason other than having it there for the unlikely time when you do need it. That is an expense, not an investment. I had a very difficult time accepting the author's comparison between why one type of security had a higher ROI than other.

What really irritated me about this book, however, is the author's continual pushing throughout the book of user right to privacy and user acceptance of a security system.

Being the employee of a company is a privilege, not a right. When you voluntarily accept employment by a company, you are bound by their rules and their regulations. I found it somewhat arrogant of the author to push user acceptance and user rights to privacy as a strong consideration of whether or not a particular security measure should be implemented.

Yes, efficiencies need to be taken into account. The security method must be efficient, effective, and provide the adequate amount of security. If the security is too cumbersome to be effective or if the security is simple but doesn't provide the security that other methods provide, then the security plan should be rethought.

However, a user's right to privacy and acceptance of a security method are non sequitur. The employee has only those rights that the employer gives to him as per the terms of hire and continued employment. The employer is within his rights to alter or remove all rights to privacy as is necessary to protect the company.

Overall, however, the book is quite good. A security method that does what it's supposed to do is priceless. You can't put a value on it. But if you're looking to harden your network, you could do a lot worse than lay down the money for this book, just as long as you recognize that you are responsible for implementing network security as you - not griping employees - see fit.