BS ISO IEC 24713-1-2008 Information technology - Biometric profiles for interoperability and data interchange - Overview of biometric systems and biometric profiles《信息技术 互.pdf

1、BRITISH STANDARD BS ISO/IEC 24713-1:2008 Information technology Biometric profiles for interoperability and data interchange Part 1: Overview of biometric systems and biometric profiles ICS 35.040 BS ISO/IEC 24713-1:2008 This British Standard was published under the authority of the Standards Policy

2、 and Strategy Committee on 31 March 2008 BSI 2008 ISBN 978 0 580 54246 6 National foreword This British Standard is the UK implementation of ISO/IEC 24713-1:2008. The UK participation in its preparation was entrusted to Technical Committee IST/44, Biometrics. A list of organizations represented on t

3、his committee can be obtained on request to its secretary. This publication does not purport to include all the necessary provisions of a contract. Users are responsible for its correct application. Compliance with a British Standard cannot confer immunity from legal obligations. Amendments/corrigen

4、da issued since publication Date Comments Reference number ISO/IEC 24713-1:2008(E)INTERNATIONAL STANDARD ISO/IEC 24713-1 First edition 2008-03-01 Information technology Biometric profiles for interoperability and data interchange Part 1: Overview of biometric systems and biometric profiles Technolog

5、ies de linformation Profils biomtriques pour interoprabilit et change de donnes Partie 1: Expos gnral des systmes biomtriques et des profils biomtriques BS ISO/IEC 24713-1:2008ii iii Contents Page Foreword iv Introduction v 1 Scope . 1 2 Normative references . 1 3 Terms and definitions. 1 4 Abbrevia

6、ted terms 6 5 General biometric system 6 5.1 Conceptual diagram of general biometric system 6 5.2 Conceptual components of a general biometric system 7 5.2.1 Data capture subsystem 7 5.2.2 Transmission subsystem (not portrayed in diagram). 7 5.2.3 Signal processing subsystem . 7 5.2.4 Data storage s

7、ubsystem 7 5.2.5 Matching subsystem 7 5.2.6 5.2.6 Decision subsystem 7 5.2.7 5.2.7 Administration subsystem (not portrayed in diagram) 8 5.2.8 Interface (not portrayed in diagram). 8 5.3 Functions of general biometric system 8 5.3.1 Enrolment 8 5.3.2 Verification 9 5.3.3 Identification 9 6 Relations

8、hip between the biometric system and the application 10 6.1 General. 10 6.2 The ID life-cycle. 10 6.2.1 Proofing . 11 6.2.2 Registration . 11 6.2.3 Issuance. 11 6.2.4 Usage . 11 6.3 Subject versus end-user 11 6.3.1 6.3.1 Access control example 12 6.3.2 Travel document example 12 6.4 Biometric decisi

9、on versus authorization .13 7 Interfaces between the biometric system and the application 14 7.1 Application programming interface (API).14 7.2 Protocol interface . 15 7.3 Hardware based electronic input/output interface 15 8 Developing biometric profiles utilising biometrics base standards . 15 8.1

10、 Relationships of biometric base standards and their use in biometric profiles 15 8.2 Classes 16 8.2.1 Application class 16 8.2.2 Data class 16 8.2.3 Interface class . 17 8.3 Using biometric base standards to develop biometric profiles. 17 Bibliography . 18 BS ISO/IEC 24713-1:2008iv Foreword ISO (th

11、e International Organization for Standardization) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical committees. Each member body interested in a subject for which a technical committ

12、ee has been established has the right to be represented on that committee. International organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of electrotechn

13、ical standardization. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of technical committees is to prepare International Standards. Draft International Standards adopted by the technical committees are circulated to the member

14、bodies for voting. Publication as an International Standard requires approval by at least 75 % of the member bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be held responsible for identifying

15、any or all such patent rights. ISO/IEC 24713-1 was prepared by Technical Committee ISO/TC JTC 1, Information technology, Subcommittee SC 37, Biometrics. ISO/IEC 24713 consists of the following parts, under the general title Information technology Biometric profiles for interoperability and data inte

16、rchange: Part 1: Overview of biometric systems and biometric profiles Part 2: Physical access control for employees at airports Part 3: Biometric based verification and identification of seafarers BS ISO/IEC 24713-1:2008v Introduction This part of ISO/IEC 24713 is intended to form the overview part

17、of the multipart standard on biometric profiles for interoperability and data interchange. It describes a schema for the use of a number of biometric standards. This part of ISO/IEC 24713 is not intended to replace or counter any other part of this International Standard, but rather to be used as a

18、reference guide for the implementation of a generic biometric system or a profile- standardized system. This part of ISO/IEC 24713 provides generic information and guidance to users about biometric systems and the use of the various base standards within biometric profiles to support interoperabilit

19、y and data interchange among biometrics applications and systems. This part of ISO/IEC 24713 is one of a family of international standards being developed by ISO/IEC JTC 1/SC 37 that support interoperability and data interchange among biometrics applications and systems. This family of standards spe

20、cifies requirements that solve the complexities of applying biometrics to a wide variety of personal recognition applications, whether such applications operate in an open systems 1)environment or consist of a single, closed system. Biometric data interchange format standards and biometric interface

21、 standards are both necessary to achieve full data interchange and interoperability for biometric recognition in an open systems environment. The ISO/IEC JTC 1/SC 37 biometric standards family includes a layered set of standards consisting of biometric data interchange formats and biometric interfac

22、es, as well as biometric profiles that describe the use of these standards in specific application areas. The biometric data interchange format standards specify biometric data interchange records for different biometric modalities. Parties that agree in advance to exchange biometric data interchang

23、e records as specified in a subset of the ISO/IEC JTC 1/SC 37 biometric data interchange format standards should be able to perform biometric recognition with each others data. Parties should also be able to perform biometric recognition even without advance agreement on the specific biometric data

24、interchange format standards to be used, provided they have built their systems on the layered ISO/IEC JTC 1/SC 37 family of biometric standards. The biometric interface standards include the Common Biometric Exchange Formats Framework (CBEFF) and the Biometric Application Programming Interface (Bio

25、API). These standards support exchange of biometric data within a system or among systems. The CBEFF standard specifies the basic structure of a standardized Biometric Information Record (BIR) which includes the biometric data interchange record with added metadata, such as when it was captured, its

26、 expiry date, whether it is encrypted, etc. The BioAPI standard specifies an open system API that supports communications between software applications and underlying biometric technology services. BioAPI also specifies a CBEFF BIR format for the storage and transmission of BioAPI-produced data. The

27、 biometric profile standards facilitate implementations of the base standards (e.g. the ISO/IEC JTC 1/SC 37 biometric data interchange format and biometric interface standards, and possibly non-biometric standards) for defined applications. These profile standards define the functions of an applicat

28、ion (e.g. Physical Access Control for Employees at Airports) and then specify use of options in the base standards to ensure biometric interoperability. 1) Open systems are built on standards based, publicly defined data formats, interfaces, and protocols to facilitate data interchange and interoper

29、ability with other systems, which may include components of different design or manufacture. A closed system may also be built on publicly defined standards, and may include components of different design or manufacture, but inherently has no requirement for data interchange and interoperability wit

30、h any other system. BS ISO/IEC 24713-1:2008blank1 Information technology Biometric profiles for interoperability and data interchange Part 1: Overview of biometric systems and biometric profiles 1 Scope This part of ISO/IEC 24713 identifies and defines the functional blocks and components of a gener

31、ic biometric system, and the distinct characteristics of each component. It also defines a generic biometric reference architecture incorporating the relevant biometric-related base standards to support interoperability and data interchange. 2 Normative references The following referenced documents

32、are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. ISO/IEC 19794-1:2006, Information technology Biometric data interchange formats Part

33、 1: Framework 3 Terms and definitions For the purpose of this document, the following terms and definitions apply. 3.1 application programming interface API software based interface that can be used for communications and interfacing between an application and the biometric system. NOTE 1 An API is

34、computer code used by an application developer. Any biometric system that is compatible with the API can be added or interchanged by the application developer. NOTE 2 APIs are often described by the degree to which they are high level or low level. High level means that the interface is proximate to

35、 the application and low-level means that the interface is proximate to the device. 3.2 application hardware/software system implemented to satisfy a broad set of requirements. NOTE In this context, an application incorporates a biometric system to satisfy a subset of requirements related to the ver

36、ification or identification of an end-users identity so that the end-users identifier can be used to facilitate the end- users interaction with the system. EXAMPLE A biometrics-enabled time and attendance system has a broad requirement to record an employees starting and leaving times so the employe

37、e can be paid the correct amount of wages. The system uses biometrics to verify BS ISO/IEC 24713-1:20082 the employees “end-users” claim that his identity is the one that the system has associated with the employees id- number identifier at the times when the employee interacts with the biometric de

38、vice as he enters and leaves the work place. 3.3 base standard fundamental standard with elements that contain options. NOTE Base standards can be used in diverse applications, for each of which it may be useful to fix the optional elements in a standardized profile with the aim of achieving interop

39、erability between instances of the specific application. 3.4 biometric pertaining to the field of biometrics NOTE “Biometric” is never used as a noun. 3.5 biometrics automated recognition of individuals based on their behavioural and biological characteristics 3.6 biometric data information extracte

40、d from the biometric sample used to build a template or to compare against a previously created template 3.7 biometric functions procedures or activities of enrolment (3.19), verification (3.40) and/or identification (3.25) within a biometric system 3.8 biometric interchange data BID biometric data

41、formatted according to one or more of the data interchange standards as defined by ISO 19794 3.9 biometric profile conforming subsets or combinations of base standards used to effect specific biometric functions NOTE Biometric profiles define specific values or conditions from the range of options d

42、escribed in the relevant base standards, with the aim of supporting the interchange of data between applications and the interoperability of systems. 3.10 biometric sample raw data representing a biometric characteristic of an end-user as captured by a biometric system 3.11 biometric system (mainly)

43、 automated system capable of 1) capturing a biometric sample from an end-user or as provided by a forensic technology, 2) extracting biometric data from that sample, or alternatively, deriving biometric features from the biometric data in a form suitable for comparison with one or more reference tem

44、plates, 3) comparing the biometric features with those contained in one or more reference templates , 4) determining the level of similarity by a score or other metric, or alternatively, ranking in accordance with the level of similarity as determined by a score or other metric, BS ISO/IEC 24713-1:2

45、0083 5) returning a result to the application indicating whether the identification and/or verification has been successful or not, and 6) storing and managing biometric data and related system information NOTE The set of biometric systems can be divided in two classes as follows: Single-biometric s

46、ystem: biometric system that uses a single biometric modality, algorithm or sensor. Multi-biometric system: biometric system that uses multiple biometric modalities and/or sensors and/or algorithms. 3.12 biometric system components those parts or elements of the system that perform specific tasks th

47、at are required by the system in order for it to function. EXAMPLE Examples of biometric system components are capture, process and compare. 3.13 biometric template biometric data derived from a biometric sample or combination of biometric samples that is suitable for storage as a reference for futu

48、re comparison 3.14 capture method of taking a biometric sample from an end-user 3.15 comparison process of evaluating the similarities between a template and a reference template 3.16 database structured set of data held in a computer 3.17 decision result of the comparison between the match score an

49、d the threshold NOTE The decision can be acceptance or rejection. 3.18 end-user person who interacts with a biometric system to enroll or have his/her identity checked 3.19 enrolment process of collecting biometric sample(s) from an end-user and the subsequent preparation and storage of biometric reference template(s) and, if necessary, associated data in connection with the end-users identity 3.20 extraction process of convert