Abstract
M.Comm.
In recent times access control has become more and more important,
largely as a result of changes in society and an increase in the
quantity and sensitivity of information being stored on computers.
Speech recognition is nothing but communication which occurs when two
persons have a conversation and one understands what the other says
and means. This process consists of sound waves (analogue signals)
that are carried through the air. The sound is converted (digitized)
by the ear to impulses. The brain matches these impulses to a meaning
(template) to which the person responds by an action.
Speaker independent recognition involves converting the spoken word
into an electronic signal. The signal is then compared to the
computer's vocabulary, which consists of a set of templates which have
been chosen to represent the average speaker. Speaker dependent recognition consists of training the computer to
recognize a specific word spoken by an individual. This is done by
having the speaker say the word several times. The computer then
creates an average template for that word for that speaker which is
then used for reference. For any speech recognition system that an auditor needs to audit, the
following have to be established:
What does the system reside on? A mainframe, Mini, PC or LAN.
Is the system speaker independent, speaker dependent or both?
Is the system used for control of physical access, logical access
or both?
Is the system used for control of access to high security
area/data, low security area/data or both?
The answers to the above will place the system in one of the
categories of the following risk matrix. At the moment the auditor need not be excessively concerned about
speech recognition, as it is mainly confined to access control. Both
physical and logical access control can easily be audited using normal
audit techniques, with a basic knowledge of speech recognition.
The future promises exciting applications for speech recognition,
which may even include the ability to communicate with the computer in
the same way as one speaks to another human being. The auditor will
have to grow with technology and keep up to date with developments.