Upload
philip-mills
View
214
Download
0
Tags:
Embed Size (px)
Citation preview
Security Strategy for a Biometrics Deployment
Catherine Allan, M.A., CISSP, CDAllan Security and Privacy Consulting Inc.
Agenda
• Context• Issues• Assets• Principal Threats• Security Requirements• Security Model• Security Risk
Management Strategy
Why a security strategy?
• Complexity and scope• Status of study• Performance of
technology• Decisions
Context: The Challenge
• Technology study• Business
requirements• Real world
deployments• Scope• Complexity
Security Requirements
• Reference biometrics– Authenticity– Availability– Confidentiality
• Technology and Processes– Enrolment– Identification– Verification
Security Model
Impact of Safeguards
Business/ Technology
Match
Program Integrity
Systems and processes
Reference biometrics
A S S
E T
S
Security RM Strategy
Programs
Client Continuum
Systems and Processes
Reference Biometrics
Test: Accuracy, Functionality, Performance …
Design, Functionality, Safeguards …
Cross Program Requirements:
Facilitation, Life Cycle ….
Security RM Strategy
Programs
Client Continuum
Systems and Processes
Reference Biometrics
Security Plan
System TRAs
TRAs
Test: Accuracy, Functionality, Performance …
Design, Functionality, Safeguards …
Cross Program Requirements:
Facilitation, Life Cycle ….
RM Continuum