Information Technology has made it possible for computer system to store and contain large quantities of sensitive data, increase the capability of sharing resources from one system to another and permit many users to access the system through internet/intranet technologies. All of these factors have made organization’s information system resources more widely and promptly accessible and available.

So to protect the sensitive data one mechanism should be there to make sure that right person is accessing the computer resources. Access control software is doing this job and assuring the confidentiality, integrity and availability of information resources. This software accepts and rejects the user on the basis of Identification and Authentication, which is a process of establishing and proving one’s Identity. It is the First Line of defense because it prevents unauthorized people from entering a computer system or accessing an information asset. If users are not properly identified and authenticated, particularly in today’s open system networked environment, organizations have higher exposure to Risk of unauthorized access.

Identification and Authentication are altogether separate matters while some types of authentication elements might by themselves suffice to identify a user. Identification and Authentication differ because of:

• Meaning
• Methods
• Requirements in terms of secrecy and management
• Attributes–Authentication does not have any attributes in itself while identity may have a defined validity in time and rather information attached to it.
• The fact that identity does not normally change while authentication tokens bound to secrecy and must be regularly replaced to preserve their reliability.

• Some thing you know—like passwords
• Some thing you have—like token card or pin number
• Some thing you are—biometrics—unique features of your body

Biometric access control is the best means of authentication of user’s identity based on a unique, measurable attribute or trait for verifying the identity of a human being. This control restricts computer access, based on a physical (Some thing you are) or behavioral (Some thing you do) characteristic of the user. Now days due to advances in hardware efficiencies and storage, biometric system are becoming more viable option as an access control mechanism.

It uses a reader device that interprets the individual’s biometric features before permitting authorized access.

Entering a user’s biometric into a system occurs through an enrollment process by storing a user’s particular biometric features. This occurs through an iterative averaging process of acquiring of physical or behavioral sample, extracting unique data from sample (Converted into a mathematical code) creating an initial template, comparing new sample (s) with what has been stored and developing final template that can be used to authenticate the user. Subsequent samples will be used in determining whether a match or non-match condition exists for granting access.

Performance of biometric control device is determined thorough three quantitative measures.

False rejection rate (FRR)–or type I error–is the number of times an individual granted access to use the system is falsely rejected by the system.

It is also called FER—Failure to enroll rate. False acceptance rate (FER)–or Type II error—is the number of times an individual not granted access to the system is falsely accepted by the system.

Each biometric system may be adjusted to lower FRR or FAR, but as a general rule when one decreases, the other increases (and vice versa) and there is an adjustment point where two errors are equal called the Equal Error Rate.

The lower the overall measure, the more effective the biometric is.

Devices with best response times and lowest EER are Palm, Hand, Iris, Retina, Fingerprint and Voice respectively.

Analyze physical charteristics associated with Palm such as ridges and valleys found on the Palm. Use of this biometric entails placing the hand on a scanner where physical characteristics of Palm are captured.

As one the oldest biometric technique hand geometry is concerned with measuring the physical characteristics of user’s hands and fingers from a three dimensional perspective. The users place his hand, palm- down on a metal surface with five guidance pegs to ensure that fingers are placed properly and in the correct hand position. The template is built from measurement of physical geometric characteristics of person’s hand (Usually 90 measurements) for example length, width, thickness and surface etc.

1.  Social acceptance.
2.  Consume very little space for template, generally 10 -20 bites

1.  Lack of uniqueness of hand geometry data.
2.  Injury to the hand may cause the measurement change, resulting in Recognition problems.

An iris, which has patterns associated with the colored portions surrounding the pupil, is unique for every individual and therefore a viable method for user identification. To capturer this information, the user is asked to center his/her eye on to a device by seeing the reflection of their iris in the device. Upon this alignment occurring a camera takes a picture of the user’s iris and compares it with a stored image. The iris is stable overtime, having 400 characteristics. Approx 260 characteristics of these are used to generate the template.

1.  Contact with the devise is not needed

1.  High cost of the system,
2.  High amount of storage requirement.

Retina scan uses optical technology to map the capillary pattern of eye’s retina. The user has to put his eye with in 0.4 to 0.8 inches (1-2 centimeters) of the reader while an image of the pupils is taken. The pattern of the retina is measured at over 400 points to generate a 96- byte template.

1.  Retinal scan is extremely reliable. It has the lowest false acceptance rate among the current biometric methods.

1. Need for physical contact with the device, possibility of poor quality of images due to residues such as dirt, body oil on the finger. Fingerprint biometrics is not as effective as other techniques.

In this method of biometrics reader processes an image captured by a video camera, which is usually with in 24 inches (60cms) of the human face, isolating it from the other objects captured with in the image. The reader analyzes images captured for general facial characteristics. The template created is based on either generating two or three-dimensional mapping arrays or by combining facial metric measurement of the distance between specific facial features, such as eyes, nose and mouth. Some venders also include thermal imaging in the template.

The face is considered to be one of the most natural and most friendly biometrics and its is acceptable to users because it is fast and easy to use. The main disadvantage of the face recognition is the lack of uniqueness, which means that people who look alike may fool the device. Moreover some systems cannot maintain high levels of performance as the database grows in size.

All the above methods are in use for getting access in to the computer resources as an authorized person. Every method has its own advantages and disadvantages and is in used either singly or in combination with other to protect the information assets.