Except there isn't actually a database, or ID cards, yet…
By Andy McCue
Published: 15 March 2004 11:30 GMT
Security experts have begun work on threat and vulnerability tests to ensure that the National Identity Register database, which will form the basis of the UK's controversial ID card scheme, is secure from hack attacks and unauthorised internal access.
The threat assessment is being undertaken despite the fact the specifications and design of the database and its security features have not yet been established. No decision has been taken on the nature of the biometrics to be used on the ID card itself, which has not been passed by Parliament.
Home Office minister Beverley Hughes revealed the progress on the ID card scheme in an answer to a Parliamentary Question last week.
"The security and integrity of the database are integral to maintaining trust in the Identity Cards scheme," she said. "Home Office officials are already working with security experts, to ensure that security issues are considered from the start of the database design, and with other government departments which have similar databases with similar security needs, such as the United Kingdom Passport Service."
Hughes said there will be further public and stakeholder consultation on ID cards after the results of the UKPS' six-month trial, which is due to begin this month, that will test the recording and verification of facial, iris and fingerprint biometrics using 10,000 volunteers.
Questions have also been raised about problems authenticating identity in some categories of individuals who have a higher failure rate with certain biometrics.
Hughes said: "One of the specific objectives of the UKPS pilot is to test biometric enrolment on a sample of people who may have difficulties with enrolment. Data gained from this pilot will inform the design of the Identity Card scheme's enrolment processes and procedures for enrolling those unable to provide certain biometrics."
On the issue of 'scope creep' and the possibility that the National Identity Register could end up being used for more than just ID, Hughes said organisations querying the register will not be able to get other personal information such as health or tax records.
It sounds like they are doing the risk assessment ...
Anonymous
Passport database
So if there is already a secure...
Allan McBain
Big Brother, Orwell you were 20 years too soon. bu...
Anonymous
Maybe George Orwell was not 20 years too soon. Per...
Reed Howey
Well here we go!! 0rwell was prety light weight re...
anonymous
You may be asked for evidence of your identity, qualifications and eligibility to work in the UK. To discuss your requirements in detail call ECM on: ...
You may be asked for evidence of your identity, qualifications and eligibility to work in the UK. To discuss your requirements in detail call ECM on: ...
To discuss your requirements in detail call ECM on: 01223 813399 or email your CV to: register@ecmselection.co.uk quoting ref: IT016827 or ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Naked CIO Naked CIO: Is IT responsible for workers' output and errors? CIOs must take on more accountability to become boardroom leaders
Naked CIO Naked CIO: Social networks are useless for finding a job 'Quantity over quality' approach poisoning professional networks