User stories:
I am a user sitting in front of a Linux laptop. I need to login into this laptop. It is expected that this laptop is backed by FreeIPA authentication. I want to be able to present my face or my palm to a built in camera and be logged in so that I do not need to type in my password any more.
I am a user sitting in front of a Linux laptop. I need to login into an application or resource or another system backed by FreeIPA authentication. I want to be able to present my face or my palm to a built in camera and be logged in so that I do not need to type in my password any more.
This is something for someone to really do a research first, might be a good thesis subject.
I think biometry for authentication is dead end. Biometry today is more useful for identification.
All the methods and algorithms in biometry are returning probability that the presented sample comes from specific user. All methods reject valid user from time to time (False Rejection ratio, FRR) and more importantly all accept wrong user from time to time (False Acceptance ratio, FAR).
Biometric information is impossible to revoke and regenerate. You can only remove the particular feature (e.g. index finger fingerprint) from features allowed to be used in authentication.
It's possible (sometimes even cheap and easy) to fool all common biometric systems with sample obtained in daily life (fingerprint left on glass, iris image taken from hi-res portrait photo, ...).
During IPA triage there was uniform agreement not to implement it. Mostly from reasons outlined by dkupska's comment.
Metadata Update from @pvoborni: - Issue close_status updated to: wontfix - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.