By Andy McCue, 15 March 2004 11:30
NEWS Security experts have begun work on threat and vulnerability tests to ensure that the National Identity Register database, which will form the basis of the UK's controversial ID card scheme, is secure from hack attacks and unauthorised internal access.
The threat assessment is being undertaken despite the fact the specifications and design of the database and its security features have not yet been established. No decision has been taken on the nature of the biometrics to be used on the ID card itself, which has not been passed by Parliament.
Home Office minister Beverley Hughes revealed the progress on the ID card scheme in an answer to a Parliamentary Question last week.
"The security and integrity of the database are integral to maintaining trust in the Identity Cards scheme," she said. "Home Office officials are already working with security experts, to ensure that security issues are considered from the start of the database design, and with other government departments which have similar databases with similar security needs, such as the United Kingdom Passport Service."
Hughes said there will be further public and stakeholder consultation on ID cards after the results of the UKPS' six-month trial, which is due to begin this month, that will test the recording and verification of facial, iris and fingerprint biometrics using 10,000 volunteers.
Questions have also been raised about problems authenticating identity in some categories of individuals who have a higher failure rate with certain biometrics.
Hughes said: "One of the specific objectives of the UKPS pilot is to test biometric enrolment on a sample of people who may have difficulties with enrolment. Data gained from this pilot will inform the design of the Identity Card scheme's enrolment processes and procedures for enrolling those unable to provide certain biometrics."
On the issue of 'scope creep' and the possibility that the National Identity Register could end up being used for more than just ID, Hughes said organisations querying the register will not be able to get other personal information such as health or tax records.
Comments
There are 9 comments. Join the discussion
1. anonymous
It sounds like they are doing the risk assessment prior to developing the systems. Something that most people don't do and results in a mess. I think you should applaude them not mock them. This illustrates that the Home Office are trying to things correctly, even if the project is controversial.
2. Allan McBain
Passport database
So if there is already a secure passport database, which presumably would store much the same data as the new ID one, why not have a single database with a complete view of the individual? If we don't go that way, yo just know that one of the specifications will be for the two to be able to communicate and that people will fall between the gaps.
3. anonymous
Big Brother, Orwell you were 20 years too soon. but it is here non the less
4. Reed Howey
Maybe George Orwell was not 20 years too soon. Perhaps we will find out in 2014 when the information is released to the public after 30 years.
5. anonymous
Well here we go!! 0rwell was prety light weight realy. Security yea okay?? Sucessive goverments have supported and trained if I MIGHT ADD some of the worlds most despotic leaders. undermined and destabilised countries and installed there own security measures now with the help of JWB we can sit back and take advantage of the benefits of being the fifty first state of the USA. These measures are another step on the way to subjegation for millions of migrant travelers globaly. Is this a product for security or totalitarianism disguised as security? Subjegation of the masses once again far more subtle than Orwells predictions.This we are told is in the interest of national secutity!!!
6. Bernice
I have no doubt that there are many of us who will NEVER carry a national ID card.
I AM NOT A NUMBER I AM A FREE WOMAN!
7. Nigel Holder
The only reliable discriminator is DNA. So whilst other biometrics may be satisfactory for the majority of identity confirmation events, the National database and the card should carry personal DNA information for absolute confirmation in situations when the other biometrice produce anomalous results.
Since we all carry some form of ID these days the only people who object to ID cards are the ones who have something to hide from the state (tax evasion, criminal or fraudulent behaviour, illegal immigration status etc.) Besides during WW2 everyone had to carry a national I.D card - and we all need to recognise that WW3 - the war on terror has just entered the phoney war stage. We have not seen anything yet and a national identity database will become an essential defensive tool as the war develops. So if you have worries about how big brother might misuse the data - tough!
8. steve watkins
So in spite of the farcical 'consultation' that took place a year ago the mandarins at the home office have decided that we are going to have id cards after all. just how many actually voted in favour of this mad scheme? i didn't and i am sure that the majority never did but the civil service layabouts who infest the home office have decided to igonore all the antis and impose this evil scheme anyway. democracy? what's the point of voting???
9. Ray
The government has to ask for OUR vote for this scheme, are they going to impose another unplanned scheme on us. Mr PM, where is democracy?!
Ray (http://www.thebiometrix.com)