Tivoli Adds Support for Biometrics to Authentication Platform

Partnership with Daon bolsters strong authentication features for Tivoli Access Manager

• By Matt Migliore
• 11/26/2002

Under terms of the deal, Tivoli has developed a module for DaonEngine which allows the software to plug directly into Tivoli’s single sign-on authentication platform. Offered as a free download to users of Tivoli Access Manager, the module is being positioned as a way for companies to bring strong authentication to their existing security infrastructure without adding complexity to the environment.

In an integrated scenario, DaonEngine generates sample-based biometric credentials for authentication while Tivoli Access Manager processes the credentials to provide single sign-on access to applications and systems.

On the front end, the system is initiated from the desktop, where a biometric reader validates users against their credentials—typically fingerprint, voice, or iris samples—which are stored on the network in a secure database.

According to Venket Raghavan, a marketing manager for IBM Tivoli, the Daon module is designed for companies with strict information security policies. He says by supporting integration with DaonEngine, Tivoli is giving its customers an opportunity to build a higher level of security into their existing infrastructure.

Over the years, Tivoli has developed a reputation among industry analysts for using technology partnerships to extend the capabilities of its product line. Its agreement with Daon is in line with that strategy. “This is another example of how we want to be more flexible in terms of allowing the customer to decide what type of authentication they want to use,” Raghavan says.

Raghavan feels the Daon module will have strong appeal among Tivoli’s customers in the financial services and government sectors. He notes that with the commitment the United States government is making to ensure the security of its information-based systems under the Homeland Security Bill, awareness and demand for biometric security solutions is growing.

Pete Lindstrom, research director for consultancy Spire Security LLC, believes Tivoli is taking a logical step by offering support for biometrics on top of its access management platform. “Adding biometrics to the level of authentication support makes sense for a fuller solution."

However, Lindstrom points out that biometrics are only a good fit for authentication in certain situations. “The most popular use for strong authentication products is by far for remote access.” But, he adds, the sensors and readers used in most biometric scenarios make the technology too cumbersome for the mobile workforce. “In remote access situations, tokens are [more] widely used,” says Lindstrom. (Tivoli Access Manager offers a plug-in for token-based authentication through RSA Security’s SecureID technology.)

Still, Lindstrom sees biometrics as a viable mode of authentication. “For strong authentication within enterprises, biometrics holds its own, doing about as well as any other strong authentication technology.”