Q1
Dynamic Air Parts plc is a high-tech aircraft component manufacturer that supplies parts to well-known aircraft manufacturers. It owns a large manufacturing complex that covers an area of 10,000 square metres and it employs approximately 500 workers. The complex is divided into a number of departments that are spread over several buildings.
Due to the commercial sensitivities of the company’s manufacturing processes, the security on the complex has always been high. Security checks take place at the main entrances and exits of the complex and security cameras are in almost all public areas. All areas of the complex are accessible only to authorised persons and some areas are more restricted than others. Access to the buildings and individual departments within those buildings is through authorisation channels, which are automatic gates or doors that allow one person to pass at a time and are controlled by a Near-Field Communication (NFC) based smart card authorisation system. All accesses are logged and stored in a networked computer system. The operation of the current authorisation system is that a user puts their smart card close to a card reader alongside an authorisation channel. The secret code stored in the card, which represents the user, is checked against a list of codes that represent the authorised persons. If a match is found, the automatic gate or door is unlocked, and the user can pass through it.
The senior managers are planning to strengthen the authorisation channel security by adding a biometric authentication to the current smart card system such that the system becomes a two-factor authentication system. The role of the smart card is to serve as an identification card and to store biometric information of the user in a secure manner. The system will authenticate users by validating both their smart cards and biometrics. The senior managers believe that this new system will make unauthorised access to the complex (including its buildings and individual departments within those buildings) with a borrowed, stolen or cloned card much more difficult.
According to the descriptions on the product catalogues they requested and received, both iris and fingerprint systems appear to be suitable authentication systems for this purpose. However, the management team need more information to inform their ongoing discussion. They know one of their IT officers has studied biometrics and information security. They have therefore asked the IT officer to provide them with a report that will supply the information they need. Imagine you are that IT officer and you have been asked to prepare the report. Your brief is that the report is to cover the following.
A general description of biometric authentication systems and a brief description of how each of the iris and fingerprint systems authenticates users.
A comparison between the iris and fingerprint authentication systems under the headings of:
convenience
reliability
acceptability (including ethical considerations).
In each case you should consider the points of view of both the company and the employees.
Drawing on these comparisons, provide a justified recommendation of which biometric system would best meet the company’s needs.
Most members of the management team know little or nothing about security systems and have only a vague idea about relevant issues. However, two key members of the management team have an interest in biometric systems and have therefore asked for a more detailed explanation of how iris and fingerprint systems capture and process the users’ data. The report should therefore also include a section in an appendix, intended solely for them, that deals explicitly with this. The rest of the report should provide the information the other members of the management team need to inform their future discussions without them having to read the appendix.
Write this report. You have been asked not to exceed 2200 words.
Be sure to include a reference list if you quote or cite anything.
You are strongly advised to critically evaluate and improve your report before you submit it
Do not exceed the limit of 2200 words. This limit includes any material in appendices but does not include the executive summary. State the total number of words you have used at the end of your report.
Q.2
Along with the main report, you have been asked to provide an executive summary, which should not exceed 300 words. Write this executive summary.
Do not exceed the limit of 300 words. State the total number of words you have used at the end of your executive summary.
Although an executive summary is usually placed at the start of a report, it is normally written after the report has been completed and so, for the purposes of this assignment, we ask that you give the executive summary as your answer to Question 2. You do not need to replicate it at the start of the report you give in answer to Question 1.