406 Chapter 17 ■ Physical Security
Lock-picking tools are readily available all over the Internet, including sites
such as eBay and http://wallofsheep.com, where they can be purchased
along with training materials on how to use them. Despite their availability,
be careful when you purchase such devices, no matter what the reason.
Different states and different jurisdictions look at the possession of these
tools differently. In California, for example, possession of these tools is
not a crime, but committing a crime with them would be punishable by fines
or jail time.However, in Nevada possession of these tools alone is against the law
whether or not a separate crime was committed. In states such as Nevada the
concept of prima facie comes into play; simply put, in these states an officer
discovering these tools can place an individual under arrest.Contactless cards do not require the card to be inserted or slid through a reader. These
devices function by detecting the proximity of the card to the sensor. An example of this
technology is radio frequency ID (RFID), an extremely small electronic device that contains
a microchip and antenna. Many RFID devices are passive. Passive devices have no battery
or power source because they are powered by the RFID reader. The reader generates an
electromagnetic signal that induces a current in the RFID tag.
Another form of authentication is biometrics. Biometric authentication is based on
a behavioral or physiological characteristic that is unique to an individual. Biometric
authentication systems have gained market share and are seen as a good replacement for
password-based authentication systems. Different biometric systems have varying levels of
accuracy. The accuracy of a biometric device is measured by the percentages it produces of
two types of errors. The false rejection rate (FRR) is a measurement of the percentage of
individuals who should have gotten in but were not allowed access. The false acceptance
rate (FAR) is a measurement of the percentage of individuals who gained access but should
not have been allowed in. The corresponding individual errors are also known as type
1 and type 2 errors.
Some common biometric systems include the following:Finger Scan Systems Widely used and quite popular, these systems are installed in many
new laptops.Hand Geometry Systems Accepted by most users, these systems function by measuring
the unique geometry of a user’s fingers and hand to identify them.Palm Scan Systems These are much like the hand geometry systems, except they measure
the creases and ridges of a user’s palm for identification.Retina Pattern Systems These systems, which examine the user’s retina pattern, are very
accurate.Iris Recognition This eye recognition system is also very accurate; it matches the person’s
blood vessels on the back of the eye.