FEATURES AND FUNCTIONS OF A BIOMETRIC ID MANAGEMENT SYSTEM

Description
Research and prepare a report on your selection made in Week 2 on the current trend in the area of Biometrics.
Prepare a 6-8 page paper in Microsoft Word using approved APA format.
The minimum page count cannot not include your Title page and Reference list.
Include a Title page, Abstract/Introduction, Body of your paper, Conclusion/Findings and a Reference list.
Include a detailed description of the technologies and future trends involved in your selected area of research.
References (minimum 10 peer reviewed sources).
Use correct spelling and grammar.
APA formatting: Make sure that your references are cited in the body of your paper as well as in the Reference list.
Consular Consolidated Database and the Privacy and Security That Goes With It
Abstract
This paper explores the biometric management system, Consular Consolidated Database (CCD), and how it functions. The topics include an overview of CCD, the privacy issues of CCD, and the security issues that CCD deals with.
Consular Consolidated Database and the Privacy and Security That Goes With It
The Consular Consolidated Database (CCD) is a biometric management system that is used by the United States Department of State and the information gathered from it is shared with federal, state, and local law enforcement as well as some foreign governments in order to maintain fingerprints and photographs of individuals who travel to and from the United States. Like all systems biometric or not, there are some security issues that the system has dealt with before as well as privacy issues that relate to the system due to the type of personal data and information of individuals.
Consular Consolidated Database (CCD)
The Consular Consolidated Database (CCD) is one of the largest data warehouses in the world. It holds current and archived data from the Consular Affairs (CA) domestic and post databases around the world. As of December 2009, it contains over 100 million visa cases and 75 million photographs, utilizing billions of rows of data, and had a current growth rate of approximately 35 thousand visa cases every day. It was created as a near-real time database in order to capture all international and domestic activity for the United States at home and abroad in response to the September 11th 2001 terror attacks. The three primary functions performed by CCD are: 1) supporting data delivery to approved applications via industry-standard Web Service queries, 2) providing users with easy-to-use data entry interfaces to CCD, and 3) emergency recovery/restoration of post databases. Authorized users utilize the CCD Portal to view the centralized data through a rich set of reports as well as to gain access to other applications. CCD serves as a gateway to the Automated Biometric Identification System (IDENT). IDENT is DHS’ implementation of Commercial Off The Shelf (COTS) technology providing automated fingerprint checking in addition to integration with other Federal biometric systems. The CCD also serves as a gateway to the Department of State Facial Recognition system. (Department of State CCD Assessment)
CCD Privacy Issues
Various technical controls are in place to deter, detect, and defend against the misuse of personally identifiable information. This is referred to as a multilayered approach. Monitoring occurs from the moment an authorized user attempts to authenticate to the network. From that point on any changes (authorized or not) that occur to data are recorded. If an issue were to arise, administrators of the system would review (audit) the logs that were collected from the time a user logged on till the time they signed off. Ultimately it is very difficult to totally prevent an incident from occurring but by implementing a multilayered approach, risk can be greatly reduced. With the way the system is set up the privacy information that is held on the database is protected from theft or any change because the system constantly monitors and records the users who access the system. With this feature continuously running on the system the personal information is protected from editing and change however, it doesn?t protect against theft. (Department of State CCD Privacy Assessment)
CCD Security Issues.
After an internal review of the CCD by the State Department it was determined that the CCD, which is considered an ?unclassified but sensitive? database, is vulnerable to cyber-attacks. It is considered vulnerable because it is a critical source of information for the United States due to the fact that the system contains data from all individuals that have applied for a visa in the last 2 decades and the data is of a personal and biometric nature. It includes photographs, fingerprints, Social Security information, and additional personally identifiable information and could severely impact the lives of those who have their information in the database if it was ever compromised by a cyber-attack. While the system is vulnerable to cyber-attack State Department officials believe that the permissions required to do enough damage or cause theft of the data the would-be-hackers would have to find a way to give themselves the right level of permissions required to accomplish their goals. According to State Department officials it is very hard to exploit the vulnerabilities of the system because you have to have the right type and right level of permissions which is no easy task to obtain. The main concern of officials is that the CCD archive could have one of their vulnerabilities exploited and use that to doctor fake visa applications for terrorist groups. While this is a huge concern the State Department has said there is no information or evidence that the CCD system has been compromised or breached. (Homeland Security ? US Consular Consolidated Database Vulnerable to Cyber Attacks)
Conclusion
In today?s Information Age one of the main concerns with biometric systems is the privacy of the individual?s information and the security of that information and the database that holds the information. While the CCD system is not without vulnerabilities to be exploited, there are measures in place that prevent the unauthorized use, access, or theft of that data as well as a measure in place that monitors all activity on the database. This feature would ensure that even those who have access to the database don?t use it for nefarious means or goals. With all of these features and functions in place even if a theft or unauthorized access had occurred the system would be able to tell the authorities who accessed the system, what they did, and using that information they can find out why and arrest the person or people who participated and hopefully early enough to mitigate any concerns regarding the data theft.
References
“Consular Consolidated Database.” U.S. Department of State. U.S. Department of State, 15 July 2015. Web. 16 Oct. 2016.
Paganini, Pierluigi. “Homeland Security ? US Consular Consolidated Database Vulnerable to Cyber Attacks.” Security Affairs. Security Affairs, 06 Apr. 2016. Web. 16 Oct. 2016.