nanog mailing list archives
Re: replacing compromised biometric authenticators
From: Jean-Francois Mezei <jfmezei_nanog () vaxination ca>
Date: Thu, 12 Oct 2017 17:53:16 -0400
On 2017-10-12 16:58, Rich Kulawiec wrote:
(3) because they facilitate coerced risk transference away from the people who are actually responsible (and are paid to be so) to the people who shouldn't be responsible (and aren't paid to be)
I think biometrics are seen as a means to reduce the possible errors/corruption of a security guard by shifting responsibility to a computer. When you have multiple tennants, the DC can't assume all tennants will keep all access cards secure so has to protect tennant 2 from tennant 1 having cards stolen by some crook intent on damaging tennant 2's cards. A security guard matching face to picture on card AND picture in his computer for that card can be very good, and woudl eliminate card counterfeiting (with match against the DC's database of images) but would not eliminate security guard making mistakes and allowing people whose face does not match (corruption or lazyness). This is very different from a data centre owned by a single tennant who has full control over staff and knows who is and isn't staff and authorized to go in.
Current thread:
- replacing compromised biometric authenticators Ken Chase (Oct 11)
- Re: replacing compromised biometric authenticators Andrew Kirch (Oct 11)
- Re: replacing compromised biometric authenticators Matt Harris (Oct 11)
- Re: replacing compromised biometric authenticators Wayne Bouchard (Oct 11)
- Re: replacing compromised biometric authenticators Rich Kulawiec (Oct 12)
- Re: replacing compromised biometric authenticators Jean-Francois Mezei (Oct 12)
- Re: replacing compromised biometric authenticators Alain Hebert (Oct 13)
- Re: replacing compromised biometric authenticators Jörg Kost (Oct 13)