Decision and Information Sciences Argonne Logo
 Search

Research Areas:

   Energy, Environment, and
   Economics

   National and Homeland
   Security

   Infrastructure Assurance

   Emergency Preparedness

   Social Dynamics

   Policy Analysis


Core Capabilities:

   Systems Analysis

   Modeling, Simulation, and
   Visualization

   Complex Adaptive Systems

   Decision Support and Risk
   Management

   Information Sciences

Maps to DIS

Public Key Infrastructure

Advanced Authentication Technologies

Authentication systems are based on three methods: 1) something the user knows (e.g., passwords, pin numbers), something the user has (e.g., smart card, ID cards), something the user is (fingerprint, voiceprint, retinal scan) or a combination of those methods. The integration of this technology into the environment is not a trivial task. It involves modification of the existing authentication mechanisms in an operating system (Solaris, NT), ensuring that the biometric device or card reader cannot itself be compromised (or more correctly, providing a system design to minimize the possibility of compromise by using combinations of authentication systems), and ensuring the authentication database cannot be easily compromised.

Public Key Cryptography & Infrastructure

A fuller PKI implementation could provide benefits in the following areas: 1) single secure sign-on within networks, 2) secure virtual private networks (VPN) between systems in the network and trusted hosts on other networks, 3) file encryption, 4) secure email, 5) secure web applications. Implementation of PKI is not a trivial exercise. It is estimated that 50% of PKI product purchases have become “shelfware” or underdeployed because system administrators cannot figure out how to make the products work. PKI involves implementation of several services not currently utilized in the environment (PKI certificate servers, Lightweight Directory Access Protocol (LDAP), Secure Multipurpose Internet Mail Extensions (S/MIME), Secure Socket Layer (SSL) and IP Secure (IPSec).

[1] Risks in Biometric-based Authentication Schemes, Allison Miller, SANS Institute, http://www.sans.org

[2] PKI: Be Careful What You Wish For..., Anish Bhimani, Information Security, Vol 3, Num. 5 May, 2000

For more information, contact:
Craig Swietlik
Information Sciences
Decision and Information Sciences Division
Argonne National Laboratory
9700 South Cass Ave., Bldg. 221
Phone: 630-252-8912
Fax: 630-252-5128
E-mail Craig Swietlik
U.S. Department of Energy Office of Science | UChicago Argonne LLC
Privacy & Security Notice | Contact Us | Site Map | Search