Answer a) The MPS is a very large organisation which employs over 50,000 people. A dedicated “solution” is needed for-
• Keeping the records of the employees.
• Limited access to data from the database.
• Automatic upgradation as promotions and demotions of employees takes place.
• A single, unique and effectively managed identity repository to help reduce cost and save time.
RBA approaches are accepted as strong and efficient technologies for access control.

Answer b) If MPS is to strengthen user authentication then biometric techniques will bring a definite improvement by increasing the level of security and being cost effective. That’s because biometric techniques are the authentication methods that use one or more intrinsic physical or behavioural characteristics for recognising an individual. So, there is no question of forgetting passwords or access by some other person by steeling password of the authentic person.

Current biometric systems use the enrolment process. This process has a risk of an attacker gaining access to the stored template. If once the biometric measurements are stolen then it is impossible to change the owners’ physical characteristics. So, there is need for template free biometric techniques which is free from templates which stores pre-captured data for comparison before authentication is achieved. This will reduce unauthorised access to confidential information and fraudulent information authoring.

Answer c) Biological identity contains data that uniquely describes an entity with means of biometric techniques whereas Digital Identification is about recognising individuals based on either “what you have” or “what you know” (Wayman.,2008 )

For the Police Computer Crime Unit both of these authentication means can be used. Since the cases are highly sensitive, more secured identification processes are needed. Computer crimes are Hi-Tech crimes. Because there is a large increase in the number of offenders committing this crime, so it is necessary by an officer will be able to use multiple identities, using digital identity. On the other hand, full proof security is ensured by biological identity because it provides secure access.

The role of signed X.509 certificate is to enable the Certification Authority to give receiver of certificate a means through which it can trust not just the public key of the certificate's subject, but also that other information about the certificate's subject.

Answer d) The use of PKI client/server authentication which provides Confidentiality, Integrity and Authenticity (CIA) by the MPS in this context is justified.
PKI is a framework for creating a secure method for exchanging information based on public key cryptography (Al-Khouri & J.Bal , p 361). The exchanged information and management of public keys normally occur through the use of Certification Authorities (CA) (Weise, p 8).
PKI is the only practical mechanism which capably provides strong and efficient security. If the key is kept private and if properly installed then PKI is unbreakable.
For trusting cryptographic techniques Cross Certification should be considered. RSA provides the CIA environment and access control. It uses two keys- Public Key, known to every one and Private Key, known to owners only.

Reference List:

James L. Wayman, 2008, Biometrics in Identity Management Systems, Published by IEEE computer Security.

A.M. Al-Khouri and J.Bal of Wawick University, UK. Journal of Computer Science. Pg 361.

Joel Weise of SunPSSM Global Security Practice. Public Key Infrastucture Overview. Pg 8-10.