Criteria to evaluate Automated Personal Identification Mechanisms. / Palmer, Anthony.

In: Computers and Security, Vol. 27, No. 7-8, Palmer:2008:CEA2639520.2639609, 01.12.2008, p. 260-284.

Research output: Contribution to journalArticle

Published

Abstract

The consequences of digital identity compromises suggest that selected Automated Personal Identification Mechanisms, which enable computer systems to identify individuals, may be unsuitable in some contexts. Currently, there are no commonly agreed set of factors upon which to base an evaluation, regardless of purpose or requirements. We establish over 200 evaluation criteria to aid decision on the selection of the most appropriate mechanism for a given context. We consider that the suitability of these mechanisms should be based upon a broad approach. Our criteria are designed to expose strategic issues and risk management aspects that influence organisations' objectives and policies for introducing these mechanisms. Additionally, criteria are developed to acquire functional and performance requirements for the intended user community. Our criteria are also formulated to help describe the characteristics of contesting solutions. These qualities range from technological efficiencies to usability effectiveness. Each mechanism may then be assessed for its suitability against the context's risks, issues and operational requirements within an evaluation framework capable of accommodating diverse perspectives and multiple objectives.
Original languageEnglish
Article numberPalmer:2008:CEA2639520.2639609
Pages (from-to)260-284
Number of pages25
JournalComputers and Security
Volume27
Issue number7-8
DOIs
Publication statusPublished - 1 Dec 2008

Research outputs

This open access research output is licenced under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.

ID: 25829251