Robin Wilton's esoterica

« 'The Meyer Memoirs'... | Main | Stealing IDs to feed... »

17 Dec · Sat 2005

Identity Fraud, but not as we know it.

It's a fairly well-established security principle that 'insider attacks' are harder to stop and potentially do more damage than external 'hacking'. It sounds as though HM Revenue and Customs are finding that out the hard way. They have found out that the tax credits system is being defrauded systematically by organised criminals, and that a major tool is the use of valid employee IDs stolen from their organisation (at least 13,000 IDs, 'to the best of their knowledge'). The combination of organised crime, identity theft and insider attack is a powerful one. Applying the government's own logic to the problem, one might conclude that the most effective first step would be to issue HMRC staff with biometric ID cards. Conversely, one might wonder how much benefit biometric authentication of citizens can bring, if the system itself is subject to inappropriate access on so rampant a scale. There are, as usual, two problems to be addressed here: the technical problem of authentication mechanisms, and the organisational problem of safeguarding appropriate access. The latter is generally the tricky part. Without the former, it's even trickier.

Posted by racingsnake @ 03:33 PM GMT+00:00

Comments:

Post a Comment:

Comments are closed for this entry.

« November 2009
Mon	Tue	Wed	Thu	Fri	Sat	Sun
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30
Today

Such views as I express in this blog are based on my own opinions, experience and judgements. They do not necessarily represent the policy or views of my employer. It is not my intention to offend readers in any way. If you find anything on this blog offensive, please contact me in the first instance.
Robin Wilton

www.flickr.com

Links to recent entries

delicious

Valid XHTML or CSS?

Theme by Rowell Sotto.

What's this?