Securing Fingerprint Systems

Consider that a facility is secured with a lock. Usually, the sturdier the lock, the higher is the perceived level of security. However, even if a facility is equipped with the strongest possible lock, it is still possible to break into the facility. For example, instead of trying to break the lock, a burglar may break the door, make a big hole in the wall, smash windows, or rob the owner at gunpoint to gain entry. Thus a stronger lock does not necessarily mean better security. In fact, irrespective of the installed security system, no system is absolutely secure or foolproof. Given the right opportunity and plenty of time and resources, any security system can be broken.

This is not to say that a system designer should not try his best to guard against all possible security threats. What it implies is that the type of security needed depends upon the requirements of the application. A threat model for an application can be defined based on what needs to be protected and from whom. Threat models are almost always tied to the expected attacks (e.g., resources available, intent, and expertise of the attacker). Unless a threat model is clearly defined for a system, it is very difficult to decide if the proposed security solution is adequate. Depending upon the threat model of an application, an intruder may invest varying degree of time and resources in launching an attack. For example, in a remote and unattended application that requires recognition from a remote server, a hacker may have the opportunity and plenty of time to make a number of attacks or even physically violate the integrity of a client system.