Nur Iylia Roslan | Security Analyst
CyberSecurity Malaysia | Malaysia

Nur Iylia Roslan, Security Analyst, CyberSecurity Malaysia

Ms. Nur Iylia works for CyberSecurity Malaysia in the Malaysia Security Evaluation Facility Department as a Senior Researcher. She is a Certified Penetration Testing Engineer (CPTE) and Common Criteria for Evaluators. Her specialization is in research for Biometric and Smart Card Technology and practitioner of ISO/IEC 15408 (CC), well-versed in ISO 17025 and ISMS. She has various experiences in research for Biometric and Smart Card Technology. She is a holder of BEng (Hons) in Electrical & Electronic from The University of Nottingham Malaysia Campus. Iylia previously worked for Software Hewlett-Packard Enterprise where she acquired knowledge in software testing. Having also previously worked with Western Digital Sdn. Bhd, she has gained quite an experience in conducting analysis on hard disk failure analysis. while working with Western Digital Global Offices in USA and Thailand she has gained international exposure.

Appearances:



Identity Week London 2020 - Day 2 @ 11:20

Invoking the biometric fingerprint system vulnerabilities - a precis of Malaysian evaluation scheme

Ever since biometric authentication was introduced in the 18th century, it has remained as one of the most promising and anxiety provoking technology. Will it be a dream of seamless authentication process or a nation’s nightmare? To resolve this contradicting feelings, necessary security assessments have to be carried out prior to the deployment, and one of it is to evaluate its operational environment. This paper represents the part and parcel of a local scheme adapting Common Criteria for evaluating the biometric authentication system for fingerprints. As it is essential to substantiate that these systems achieve an acceptable level of security, a test method was developed and executed using selection of scenarios that will trigger the vulnerabilities. Different kinds of spoofing materials were used to attack the system. Best practices to mitigate the risk associated with the threats are also presented.
last published: 05/Mar/20 10:45 GMT
last published: 05/Mar/20 10:45 GMT
last published: 05/Mar/20 10:45 GMT

back to speakers