Biometric Authentication System for
Tivoli Access Manager

Industry Practices > eGovernance > BAS for TAM

A surge in online transactions has put a spotlight on security concerns involved in accessing confidential information over public networks. To protect this information, enterprises must have mechanisms to authenticate users, prevent unauthorised access and maintain an irrefutable record of transaction activity.

CMC Biometric Authentication System (BAS) enables web based applications to be authenticated more securely with biometrics. This solution provides an external authentication service for Tivoli Access Manager (TAM). It is an integrated solution for TAM.

The BAS is a set of modules for Registration and Authentication of users (Verification) based on fingerprints. BAS is the most sophisticated, durable and high-quality fingerprint authentication system. It is ideal for a quick and large daily volume of trouble-free registrations and verifications. BAS uses Logiprint Device for capturing fingerprints during registration and verification.

Registration of the users needs to be done before authentication. Only registered users can be authenticated. Registration is a one time activity whereas Authentication will be done whenever required. Registered fingerprints will be stored in the db2 database against the username of users. The system matches the scanned fingerprint captured during authentication against the registered fingerprints that exist in the database.

Features

  • Highly secured authentication system
  • Effective matching algorithm
  • Minimal False Acceptance Ratio
  • Simple Registrations
  • Easy Verifications

The solution contains following steps.

Environment Setup

The following installations are required:

  • Fingerprint device's drivers (on client & registration system).
  • BAS Workstation software (client, server & registration system).
  • BAS Registration Module (registration system).
  • AS Server side API and .cab files (server system).

Registration

  • The "Registration Tool" can be used to capture fingerprints of a given user. Multiple templates of the finger can be captured and the maximum number of templates can be configurable.
  • The users must also be registered in WebSEAL.

Configuration at client

  • The client should have IE browser with version 5.5 or later installed and it should allow interaction of ActiveX controls on web pages.

Configurations at Server

  • The server should have the FPActiveX.ocx as a registered ActiveX control.
  • Install the BAS server side API at the server.

Verification

Following are the Steps for Verification:

  • Client accesses WebSEAL.
  • Client is prompted to authenticate.
  • Client enters username and provides fingerprint.
  • The fingerprint is encoded and sent over http then Client submits the login form
  • The encoded data is sent along with the username to the BAS server-side API
  • The server side API performs the matching and result is sent to WebSEAL.
  • WebSEAL parses the response and builds a TAM credential based on the user ID and sends a redirect to the client and the client resubmits the original request.
  • WebSEAL sends the stored request to the backend server.
  • Backend server returns a response and then WebSEAL sends the response to the client

For further information please contact : info@cmcltd.com or call us on +91-22-6781 1000 / 01 / 02
Copyright @ 2013 CMC Limited, INDIA | Disclaimer | Designed, Developed & Managed by CMC Corporate Communications.