Bond-like Devices to Aid DoD Computer Security Drive
By Jim Garamone
American Forces Press Service
WASHINGTON, April 25, 2001 James Bond gained access to Q's sensitive offices by putting his palm to a reader. A sexy voice said, "Hello, Commander Bond," and the door opened.
You never saw James Bond trying to remember a password. And if DoD's biometrics research effort works, you won't have to anymore either.
Biometrics is the overall name for security technologies that measure a person's physical characteristics and then allows them access. Biometrics works via fingerprints, iris scans, retina scans, the shape of your face, voice prints and so on. The DoD Biometrics Management Office is charged with bringing this technology to the department.
The bottom line is security.
"If we look at the way hackers are penetrating our systems we find that it's usually password-related -- bad password management, bad passwords in that they are easy to crack or, perhaps in some cases, no passwords at all," said Philip Loranger, head of the office. "If we make security easier to the users, which is the intent behind biometrics, then those things go away.
"This technology can be a picture of your face, your fingerprint or your voice to allow you to enter a system," he continued. "Therefore it's not required to write down your password and put it into your wallet."
The office has two pilot projects. One is with the West Virginia National Guard and tests how the program works with information technology. The other is with Army Materiel Command and deals with physical security.
The services, too, have biometric efforts. The Army Lab Command in Adelphi, Md., is studying ways to control access into all DoD labs. The lab is looking at iris recognition and facial recognition, said project manager Hal Harrelson, an engineer at the lab.
"We've just finished a six-month test of iris recognition, and we'll start the facial recognition test in July," Harrelson said.
Iris recognition works by taking a picture of a person's eye and comparing it against a picture taken earlier. "It's highly reliable," he said. Face recognition works much the same way, Harrelson said.
He said there are two mistakes any system would make: letting in unauthorized persons or keeping out authorized persons. "In the test, it may have let in one unauthorized person," Harrelson said. "It did keep out authorized personnel. It cost them another five seconds to try the recognition system a second time. This happened once out of every 20 times."
DoD may use these technologies not only in information technology systems, but in weapon platforms and weapon systems, Loranger said. "Imagine … biometric access to the motor pool and motor park," he said. "These things are all doable. It's a matter of lining up the infrastructure to start implementing that."
The DoD office partners with industry, but there are some unique aspects to the military. "The commercial world is not too interested in whether the presenter is alive or dead," Loranger said. "The last thing we want is to field a technology that would harm a warfighter, such as cause fingers to be cut off and presented as an access mechanism." The DoD office is working with vendors to ensure there is a "liveness" test with biometrics.
The DoD Biometrics Office has a budget of around $25 million.