1.5 Authenticity

Authenticity is often a confusing term for students. In the context of ITGS, authenticity refers to users proving their identity - for example, using passwords, biometrics, or some other authentication mechanism.

Passwords and biometrics

Passwords, biometrics, and two-factor authentication

The video Secure Passwords Explained by CommonCraft is a good introduction to this topic. Why passwords have never been weaker - and crackers have never been stronger and How I Became a Password Cracker (ARS Technica) explain the security threats facing passwords.

Two-Step Verification is inconvenient, but more secure (NY Times) and Google's Alternative to the Password (MIT) offer alternatives to passwords.

Biometrics (BBC) are often hailed as a better authentication mechanism, and modern systems can even recognise users by the way they walk (Science Daily).

However, biometrics systems can be fooled - for example, by using fake silicone fingers (BBC) and even plastic fingerprint surgery (BBC). Some biometric facial recognition systems also raise privacy issues as they are capable of surveillance without subjects' knowledge or permission - one such example is in the 2001 Super Bowl (The Register).
Updated: 2014-10-03
Electronic passport

Electronic Passports (ePassports)

Numerous countries, including the United States, Canada, Germany, and the United Kingdom now issue electronic passports designed to improve security and reliability.

However, security concerns are high among some people in the IT industry. This article contains many links to cases involving cloning, 'sniffing'of passport data, data tampering, and more. The BBC has also reported (video) on German hackers who were able to clone electronic passports with relatively ease.


Updated: 2014-11-07
Online voting

Electronic Voting software and lesson plan

Electronic voting is a controversial topic. This E-Voting lesson plan uses a simple Java application I wrote to simulate the e-voting process. Students get to vote and then are presented with three sets of results - two of which are falsified. This is a useful practise exercise to stimulate discussions about e-voting and the potential problems that may arise.

The New York Times article Voting Test Falls Victim to Hackers and the video Why Internet-Based Voting Is a Bad Idea are also useful for this task, as are the articles below.
Updated: 2014-11-07
Electronic voting

Electronic Voting articles

E-Voting impacts and issues

Report: Voting Machine Errors Highlight Urgent Need for U.S. Database (Wired) describes many, many problems that have occurred with e-voting machines in recent years. Some of them are quite unusual.  E-voting system awards election to wrong candidates in Florida (ComputerWorld) and Voting Out E-Voting Machines (TIME) both detail further problems.

Oscar's E-Voting Problems Worse Than Feared analyses the problems that faced e-voting systems designed to vote for Oscar nominees, while 'Fake votes' cast in France's first digital election (BBC) explores France's June 2013 open primary mayoral election - both articles are a stark reminder of the myriad problems facing such systems.

Finally,  this is a letter to President Obama about e-voting, written by elections officers and computer security experts - and urging him to resist calls for Internet voting.

Solutions

Science Daily's 'Voter-Verifiable' Voting System Ensures Accuracy And Privacy explains how paper-trails are needed on voting machines, while Aussies Do It Right: E-Voting (Wired) discusses another possible solution - open source voting software (this is a good article for students who believe open source software is "less secure".
Updated: 2014-11-07