Six Sigma Security – Why Settle for Anything Less?
Just 99% accurate can sometimes spell disaster. With
600 million border crossings each year in the United
States, a 1% probability of false acceptance rates
represents 6 million unauthorized entries into the
country
Six Sigma is a set of statistical and management
tools able to make rapid improvement in performance,
reliability, and processes. Originally used to eliminate
assembly-line defects, Six Sigma has expanded into
almost every operation of modern business. When a
process reaches Six Sigma, it has a failure rate of less
than 3.4 per million, or 99.99966% accuracy. A Six Sigma
Border Crossing program would dramatically increase
border security and the predictability of the true
identity of persons entering the country.
Can we address these challenges with Six Sigma
fundamentals?
•
"When I get on an airplane and someone
shows ID, I'd like to be sure they are who
they say they are," said Rep. Tom Davis of
Virginia.
•
"The number of illegal aliens flooding into
the U.S. this year will total 3 million — enough
to fill 22,000 Boeing 737-700 airliners, or 60
flights every day for a year." TIME Magazine,
2004
•
"The Automated Targeting System that CBP
(customs) relies on to identify high-risk cargo
shipments is too dependent on cargo manifest
information which is error-prone and does not
provide transshipment data" – testimony by
Stephen E. Flynn, Commander, U.S. Coast Guard
(ret.)
Two fundamental questions must be addressed in any
such operation: Are you who you say you are? and Are you
authorized to perform the requested action? President
Bush mandated in the wake of the Sept. 11th attacks to
use the latest technology for a unified identification
system that tightens the security of our borders,
federal facilities, and computer systems. These new ID
cards must be flexible enough in their use to grant
entrance to a high-security building or to log onto
government computers to send encrypted e-mail.
The most commonly used technology today is a magnetic
strip or smart chip in the ubiquitous credit card form
factor. However, there are several limitations
preventing them from performing effectively to a Six
Sigma security level. These cards do not have sufficient
storage capacity (ranging from 8Kbytes to even the
newest with 128Kbytes), and limit the amount of data and
applications that can be utilized to ensure Six Sigma
identification solutions. To accommodate the capacity
constraints, most use a subset of the raw data (minutia)
to predict a probable match with the card holder. With
more storage capacity, the entire data set of multiple
personal identifiers/biometrics, can be used to improve
accuracy to Six Sigma levels while improving ease of
use.
Why not 99.99966% accuracy at border crossings, ports
of entry, commercial transportation, etc.? Is it
possible to reduce the 1% probability of false
acceptance rates by storing full biometrics, not
minutia, on an ID card? The possibility of these Six
Sigma level solutions is real and only requires a modest
paradigm shift. Imagine one card enabling a complete set
of personal identifiers including all 10 digit
fingerprints stored on the card, retina, iris, face
scans, voice, and even digital signature. All of this
encrypted and securely stored along with all the
software (algorithms) required to match a person's
unique biometric profile positively to the card holder.
This enables a true matching of the individual proving
"You are you who you say you are," and that "You are
authorized to perform this request" Privacy is
guaranteed, since all biometric information is encrypted
on the card and matched on the card to authorize your
transaction/access.
Overall Identification Requirements
•
Machine
readable, biometrically supported, cost
effective, and tamper resistant system for a
broad range of security access requirements
(Level 1-5, border crossing, facilities
entry, system access, personal credentials,
etc.).
•
Economically
solve today’s problems, easily integrated with
existing systems and infrastructure, and be
flexible and upgradeable to meet tomorrow’s
emerging requirements.
Key Considerations
•
Multiple
biometrics and personal data sets are
required for a complete security profile to
prevent false positives (multiple finger and
hand prints, high quality digital photo,
iris and facial scans, and voice). Full
resolution means never having to collect
personal data again.
•
Fast
transaction processing with the existing systems
and infrastructure. Local authentication for
24x7 operations without increasing
infrastructure or bandwidth.
•
Flexibility to
store and run applications directly from card
•
Digital
signatures and transaction certificates (such as
PKI) for information and transactions.
Current Technology Alternatives
•
Smart
Cards: Limited storage capacity and
performance limit security capabilities.
•
Laser Card:
Offers more storage capacity (up to 2.8MB of
data) over Smart Cards, but is very slow and not
updateable. Card readers are very expensive and
slow.
•
Badge Cards:
Visual recognition is only means of
identification and easy to counterfeit.
StorCard Features/Benefits
•
Storage
capacity for today’s requirements and
future opportunities
—
Upgradeable
from 10MB to 100MB
•
Customizable
to meet a broad range of tailored solutions
•
High
performance delivers fast, sub-second
transaction times for 24x7 operator with
existing infrastructure
•
Unbreakable
security via a real-time crypto-engine with
audit tracking and secure field upgradeability
•
Easily
integrates with existing systems
•
Reads
traditional smart cards and applications
•
Available
with contact or dual function smart chips
