1 / 23

Biometric Standards Developers INCITS M1 and ISO/IEC JTC 1 SC 37

Biometric Standards Developers INCITS M1 and ISO/IEC JTC 1 SC 37. Fernando Podio Chair ISO/IEC JTC 1 SC 37 – Biometrics Chair INCITS M1 – Biometrics Computer Security Division, NIST ITL. ANSI HSSP September 29, 2005. Overview. National and International Biometric Standards Organizations

rachel-puckett
Download Presentation

Biometric Standards Developers INCITS M1 and ISO/IEC JTC 1 SC 37

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Biometric Standards Developers INCITS M1 and ISO/IEC JTC 1 SC 37 Fernando Podio Chair ISO/IEC JTC 1 SC 37 – Biometrics Chair INCITS M1 – Biometrics Computer Security Division, NIST ITL • ANSI HSSP • September 29, 2005

  2. Overview • National and International Biometric Standards Organizations • Status of the Biometric Standards Programs • Market Adoption Examples • Implementations of Conformance Testing Suites

  3. Biometrics Standards Activities ITU-T ICAO ISO IEC • TC 68 • Banking, Securities and Other Financial Services ISO/IEC JTC 1 Information Technology NIST/BC Biometric WG BioAPI Consortium OASIS SC 27 IT Security Techniques SC 37 Biometrics SC 17 Cards & Personal Identification Open Group ANSI NIST/ITL X9 (US TAG ISO TC 68) INCITS (ANSI/NIST ITL-1-2000) CS1 Cyber Security M1 Biometrics • B10 • Identification Cards & Related Devices • X9F • Data & Information Security International National INCITS M1 represents the U.S. in JTC 1 SC 37

  4. M1 Biometrics (US) • INCITS is the major standards organization in the US responsible for the development of Information and Communication Technology (ICT) standards. • M1 is the INCITS committee for biometrics, established November 2001. • Participation in M1 meetings is open to any directly and materially affected parties. • Membership information: http://www.incits.org/

  5. M1 Members • Purdue University • Recognition Systems Inc. • Retica Systems (new) • SAFKINK Corp. • Sagem Morpho Inc. • Security Industry Association (Advisory) • The Aerospace Corporation • Transaction Security Inc. (Advisory) • Underwriters Laboratory Inc. • Unisys Corp. • U.S. DoD – BMO/BFC • U.S. Dept. Homeland Security • U.S. Dept. of Justice • U.S. Dept. of State • U.S. DoD DISA • UPEK • Viisage • West Virginia High Technology Consortium Foundation • West Virginia University • X9F4 (Liaison) • 3M Company • A4vision Inc. • American Biometrics and Security Inc. (Advisory) • ANSI (Liaison) • Apple Computer (Advisory) • Assa Abloy ITG • Atmel Corp. • Authenti-Corp • Aware • Bearing Point Inc. • BioAPI Consortium (Liaison) • Biocom LLC • Biometric Associates Inc. • Biometric Foundation • Biometrics 2000 Corp. (new) • Bioscrypt • Cogent Systems Inc. (new) • Computer Sciences Corp. • Cross Match Technologies • Daon Inc. • DataCard Group (new) • Electronic Data Systems Corp. (new) • Fidelica Microsystems Inc. (new) • GE Global Research (new) • Geometrix Inc. (new) • ID Technology Partners Inc. • Identix Corporation • ImageWare Systems Inc. (new) • Infineon Technologies (Advisory) • International Biometric Group • International Biometric Industry Association (Liaison) • Iridian Technologies • Lasercard Systems Corp. (new) • LG Electronics USA (new) • Lockheed Martin Corp. (new) • Mitretek Systems • Motorola Inc. • National Biometric Security Project • NIST • OKI – Biometric Solutions Group (Advisory) • OSS Nokalva • Passports Australia (Advisory) • Precise Biometrics

  6. INCITS M1 Standards Approved Data Interchange Formats Conformance Testing Methodologies for the Data Interchange Formats (Under Development) INCITS 377* Finger Pattern-Based Interchange Format INCITS 378* Finger Minutiae Format For Data Interchange INCITS 379 Iris Recognition Format for Data Interchange INCITS 381 Finger Image Format for Data Interchange INCITS 385* Face Recognition Format for Data Interchange INCITS 396 Hand Geometry Interchange Format INCITS 395 Signature/Sign Data Related Projects (Under Development) Generalized Testing Methodology - Part 1 Conformance Testing Methodology for: INCITS 378 – Part 2 INCITS 377 – Part 3 INCITS 381 – Part 4 INCITS 385 – Part 5 INCITS 379 – Part 6 INCITS 396 – Part 7 Biometric Sample Quality Standard Technical Report on Evaluating Multibiometric Systems (*) Currently amendments to these three standards are under development

  7. INCITS M1 Standards Approved Biometric Application Profiles Performance Testing & Reporting Standards (Under Development) Approved Interface Standards INCITS 383 Verification & Identification of Transportation Workers INCITS 394 Biometric-Based Personal Identification for Border Management INCITS 358 BioAPI Specification V1.1 INCITS 398 Common Biometric Exchange Formats Framework (CBEFF) – NISTIR 6529-A Part 1 – Framework Part 2 – Technology Testing and Reporting Part 3 – Scenario Testing and Reporting Part 4 – Operational Testing and Reporting Part 5 – Framework for Biometric Device Performance Evaluation for Access Control Other Biometric Application Profiles (Under Development) Conformance Testing Methodology (Under Development) • Point of Sale Biometric • Identification • DoD Implementations (Red Force) • Commercial Biometric • Physical Access Control Conformance Testing Methodology for INCITS 358 (BioAPI Specification V1.1)

  8. INCITS M1 Standards New Projects • Amendment to the BioAPI Specification (INCITS 358) – Support for Biometric Fusion • Biometric Fusion Data Format – Part 1: Fusion Information Format • Amendment to CBEFF (INCITS 398) to address implementers’ new requirements • Biometric Performance Testing and Reporting Part 6 – Performance and Interoperability Testing of Biometric Data Interchange Formats

  9. The Role of Standards in Biometric Interoperability & Data Interchange Application (Conforming to Biometric Application Profile Standards) Biometric Data Structure Conforming to INCITS 398 (NISTIR 6529-A) • Framework Conforming to the BioAPI Standard Standardized biometric data is embedded in the CBEFF structure • Biometric • Service • Provider • Biometric • Service • Provider • Biometric • Service • Provider Standard Data Interchange Formats • Biometric • Device • Biometric • Device • Biometric • Device

  10. SC 37 - Biometrics • Responsible for the standardization of generic biometric technologies pertaining to human beings to support interoperability & data interchange. • Established in June 2002. • Since SC 37 was established, it has maintained an accelerated pace of biometric standards development (meetings approximately every 6 months) • Concurrently developing about 30 draft standards/technical reports • 22 Member countries – 5 Observer countries – 11 Liaison Organizations

  11. International Standard IS Final Draft International Standard FDIS Final Committee Draft FCD Committee Draft CD Working Draft WD New Project NP International Standard Development Stages

  12. SC 37 - Biometrics Final Draft International Standard Status Approved International Standards Final Committee Drafts FCD 24709-1 BioAPI Conformance Testing – Part 1 – Methods & Procedures FCD 19784-2, BioAPI, Part 2 – Biometric Archive Function Provider Interface FCD 19794-7 Biometric Data Interchange Format - Part 7, Signature/Sign Time Series FCD 19794-8 Biometric Data Interchange Format - Part 8, Finger Pattern Skeletal Data FCD 24713-1 Biometric Profiles – Part 1, Biometric Reference Architecture FDIS 19785 Common Biometric Exchange Formats Framework - Part 1, Data Element Specification & Part 2, Procedures for the Operation of the Biometrics Registration Authority FDIS 19784-1 BioAPI Specification – Part 1 FDIS 19794-1 Biometric Data Interchange Format – Part 1, Framework FDIS 19794-3 Biometric Data Interchange Format – Part 3, Finger Pattern Spectral Data FDIS 19795-1 Performance Testing & Reporting – Principles and Framework ISO/IEC19794-2 Biometric Data Interchange Format - Part 2, Finger Minutiae Data ISO/IEC 19794-4 Biometric Data Interchange Format - Part 4, Finger Image Data ISO/IEC 19794-5 Biometric Data Interchange Format - Part 5, Face Image Data ISO/IEC 19794-6 Biometric Data Interchange Format - Part 6, Iris Image Data

  13. SC 37 - Biometrics Working Drafts & Other Documents Committee Drafts WD 24709-2 ,BioAPI Conformance Testing, Part 2 – Test Assertions 2nd WD 24722, Technical Report on Multi-Modal Biometric Fusion 4th WD 24708, Biometric Interworking Protocol (BIP) WD 24741, Technical report on a Biometrics Tutorial WD 19784-1 Amendment, BioAPI GUI 2nd WD 19794-11, Biometric Data Interchange Format – Part 11,Signature/Sign Processed Dynamic Data WD 19794-5 Amendment, Conditions for Taking Photographs for Face Image Data WD 19795-5 , Biometric Performance Testing & Reporting – Part 5, Performance of Biometric Access Control Systems WD 24713-3, Biometric Profile for Seafarers (editors draft) WD 19795-3, Technical report, Biometric Performance Testing & Reporting – PartModality Specific Testing 2nd WD 24714, Technical Report on Cross Jurisdictional and Societal Aspects of Implementations of Biometric Technologies SD 2 - Standing Document on Biometric Vocabulary CD 19794-9, Biometric Data Interchange Format – Part 9, Vascular Image Data CD 19794-10, Biometric Data Interchange Format – Part 10, Hand Geometry Silhouette Data CD 19785-3, CBEFF Part 3: Patron Format Specifications 3rd CD 24713-2 Biometric Profiles – Part 2, Physical Access Control for Employees at Airports 2nd CD 19795-2 Biometric Performance Testing & Reporting – Part 2, Testing Methodologies for Technology & Scenario Evaluation 2nd CD 19795-4 Biometric Performance Testing & Reporting – Part 4, Performance & Interoperability Testing of Data Interchange Formats

  14. SC 37 - Biometrics New Projects • BioAPI “Lite” • Biometric Sample Quality Standard (ballot) • Amendment to 19794-5, 3D • Face template based on MPEG-7

  15. Market Adoption Examples (1) • International Civil Aviation Administration (ICAO): • Adopted a global, harmonized blueprint for the integration of biometric identification information into passports and other Machine Readable Travel Documents (MRTD). • Requires conformance to JTC 1 SC 37 standards. • Facial recognitionwas selected as the globally interoperable biometric for machine-assisted identity confirmation with MRTD. • Other requirements: • Common Biometric Exchange Framework Format (CBEFF) • Finger Interchange Formats and Iris Interchange Format

  16. Market Adoption Examples (2) • International Labor Office of the United Nations – Requirements for a Seafarer’s ID Card: • ISO and JTC 1 are assisting ILO regarding the use of biometrics for a Seafarer’s ID card. • Two fingerprint templates will be stored in a barcode which will be placed in the area indicated by ICAO 9303. • ILO Technical Report SID-002 (Approved March 2004) specifies the use of some of the standards under development in JTC 1 SC37: • Finger minutiae, finger image and Common Biometric Exchange Formats Framework (CBEFF)

  17. Market Adoption Examples (3) • DHS / TSA - Transportation Worker Identification Credential (TWIC) Program : • System-wide common credential to be used for all personnel requiring unescorted physical and/or logical access. • Phase III - Prototype Phase – Biometric Requirements - INCITS M1 biometric standards, as applicable, such as: • INCITS 383 Information technology - Application Profile - Interoperability and Data Interchange - Biometric Based Verification and Identification of Transportation Workers

  18. Market Adoption Examples (4) • DHS – Facial Recognition Standard: • Uses INCITS / M1 approved facial biometric standard(INCITS 385) as the basis for the DHS standard. • Extracted portions of INCITS 385 to provide guidelines for specific users: • Derivative 001: “Terms, Reference, and Guidelines for Project Managers” • Derivative 002: “Guidelines for Software and System Developers” • Derivative 003: “Guidelines for Photographers and Subjects” • Best practices for producing uniform photographs (posters)

  19. Market Adoption Examples (5 & 6) • Sub-Pilot of the DHS / TSA Registered Traveler Program: • Greater Orlando Aviation Authority (GOAA) as with TSA RFP requires: • INCITS 358-2002, the BioAPI Specification • INCITS 377-2004 (finger-pattern) & INCITS 381-2004 (finger image) • INCITS 385-2005 (face image) • NISTIR 6529-A, Common Biometric Exchange Framework Format (INCITS 398-2005) - CBEFF • References in the DoD IT Standards Registry (DISR): • INCITS 358-2002, the BioAPI Specification • CBEFF

  20. Conformance Testing in Support of Documentary Standards • Conformance testing • Standards based, high quality conformance testing leads to greatly increased levels of confidence in product conformance claims for developers & users. It can also help ensure interoperability between standards-based products and systems. • Summary of documentary standards under development: • Multi-part standard - Conformance Testing Methodologies for the Data Interchange Formats (INCITS M1) • Conformance Testing Methodology for INCITS 358, BioAPI Specification V1.1 (INCITS M1) • Conformance Testing Methodology for ISO/IEC 19784-1, BioAPI Specification (JTC 1 SC 37). • JTC 1 SC 37 and INCITS M1 are reviewing next steps in conformance testing standards development.

  21. BioAPI Conformance Test Suites (CTSs) • For over a year NIST ITL and DoD Biometric Management Office have been independently developing implementations of the BioAPI CTS. • They were developed using concepts and principles specified in the draft conformance testing methodology standard for the BioAPI standard (INCITS 358-2002) under development in INCITS M1 - Biometrics. • This standard projectwas sponsored by NIST, DoD BMO, the National Biometric Security Project (NBSP), Saflink Corp., and The Biometric Foundation (TBF). • NIST ITL and DoD BMO are performing intensive testing of the initial versions of these CTSs in order to cross - validate the test results using a number of vendor BSPs claiming conformance to the BioAPI standard.

  22. BioAPI Conformance Test Suite (CTS) • These test tools are being developed in support of: • users already requiring, or interested in requiring in the near future, that Biometric Service Providers (BSPs) conform to the BioAPI standard. • product developers interested in developing products conforming to voluntary consensus biometric standards by using the same test tools available to users. • possible establishment of conformity assessment programs to validate conformance to the BioAPI standard and other emerging standards. • NIST ITL CTS implementation development • Co-sponsored by the National Biometric Security Project • Testing: NIST ITL / The Biometric Foundation • Main Developer: Saflink Corp • DoD BMO CTS implementation development and test: • DoD BMO Support Contractors (Booz Allen Hamilton and OSS Nokalva) • The tool was also tested by the DoD Biometrics Fusion Center

  23. Contact Information & Web Sites • Fernando Podio Computer Security Division, NIST/ITL 1 (301) 975 - 2947 fernando.podio@nist.gov • ISO/IEC JTC 1 SC 37 – Biometrics: http://www.jtc1.org (select SC 37 “Biometrics”) • INCITS: http://www.incits.org/ • INCITS M1: http://www.incits.org/tc_home/m1.htm • Biometric INCITS standards can be obtained (for a fee) at: http://www.techstreet.com/incitsgate.tmpl or at: http://webstore.ansi.org/ansidocstore/default.asp • ISO standards can be obtained (for a fee) at: http://www.iso.org/iso/en/prods-services/ISOstore/store.html

More Related