ANSI INCITS ISO IEC 24713-3-2010 Information technology - Biometric profiles for interoperability and data interchange - Part 3 Biometrics-based verification and identification of .pdf

1、 INCITS/ISO/IEC 24713-3-2010 Information technology Biometric profiles for interoperability and data interchange Part 3: Biometrics-based verification and identification of seafarers Reaffirmed as INCITS/ISO/IEC 24713-3:2009 R2015INCITS/ISO/IEC 24713-3-2010 PDF disclaimer This PDF file may contain e

2、mbedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility

3、of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation paramete

4、rs were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below. Adopted by INCITS (InterNational Committee for I

5、nformation Technology Standards) as an American National Standard. Date of ANSI Approval: 1/19/2010 Published by American National Standards Institute, 25 West 43rd Street, New York, New York 10036 Copyright 2010 by Information Technology Industry Council (ITI). All rights reserved. These materials

6、are subject to copyright claims of International Standardization Organization (ISO), International Electrotechnical Commission (IEC), American National Standards Institute (ANSI), and Information Technology Industry Council (ITI). Not for resale. No part of this publication may be reproduced in any

7、form, including an electronic retrieval system, without the prior written permission of ITI. All requests pertaining to this standard should be submitted to ITI, 1250 Eye Street NW, Washington, DC 20005. Printed in the United States of America ii ITIC 2010 All rights reserved INCITS/ISO/IEC 24713-3-

8、2010 ITIC 2010 All rights reserved iiiContents Page Foreword . v Introduction vi 1 Scope 1 2 Conformance . 1 3 Normative references 1 4 Terms and definitions . 2 5 Abbreviated terms. 3 6 Application requirements . 3 6.1 General . 3 6.2 Requirements of ILO SID convention 4 6.2.1 Physical composition

9、of the document 4 6.2.2 Personal data contained in the document 4 6.2.3 Biometric data contained in the document. 4 6.2.4 Visibility of data. 5 6.2.5 Secure electronic database 5 6.2.6 Restrictions on database content 5 6.2.7 Access to the database 5 6.2.8 Data protection and privacy . 6 6.3 Suitabl

10、e biometric modalities 6 6.4 Performance levels 6 6.5 Data storage formats and data storage media . 7 6.5.1 General . 7 6.5.2 Two dimensional bar code . 7 6.5.3 Contactless integrated circuit 8 6.5.4 Secure electronic database 8 6.6 Security requirements. 10 6.6.1 General . 10 6.6.2 Protection of bi

11、ometric data on the SID 10 6.6.3 Authentication of biometric data on the SID 11 6.6.4 Protection of the secure electronic database 11 6.6.5 General security requirements 11 6.7 Enrolment procedures 12 6.8 Verification procedures 14 6.8.1 General . 14 6.8.2 Off-line verification procedure. 15 6.8.3 O

12、n-line verification procedure . 16 Annex A (normative) Requirements list . 18 A.1 General . 18 A.2 Relationship between RL and corresponding ICS proformas 18 A.3 Profile specific implementation conformance statement . 18 A.4 Instruction for completing the ICS proforma . 19 A.4.1 General structure of

13、 the ICS proforma 19 A.4.2 Additional Information 19 A.4.3 Exception Information. 19 INCITS/ISO/IEC 24713-3-2010 iv ITIC 2010 All rights reservedA.5 ICS proforma 20 A.6 Interchange formats 21 A.6.1 Finger image data (ISO/IEC 19794-4) .21 A.6.2 Finger minutia data (ISO/IEC 19794-2).23 A.6.3 Face imag

14、e data (ISO/IEC 19794-5)25 A.6.4 ISO/IEC 19785 (CBEFF) .28 Annex B (normative) CBEFF patron format for the SID 30 B.1 Patron30 B.2 Patron identifier .30 B.3 Patron format name.30 B.4 Patron format identifier .30 B.5 ASN.1 object identifier for this patron format.30 B.6 Domain of use 30 B.7 Version i

15、dentifier30 B.8 CBEFF version .31 B.9 General31 B.10 Bit oriented patron format specification and conformance statement31 B.10.1 Specification.32 B.11 Patron format conformance statement32 B.11.1 Identifying information32 B.11.2 CBEFF-defined data elements and abstract values.33 B.11.3 Patron define

16、d data elements and abstract values33 Annex C (normative) CBEFF security block for the SID .34 C.1 Introduction34 C.2 SB owner 35 C.3 SB owner identifier 35 C.4 SB format name .35 C.5 SB format identifier .35 C.6 ASN.1 object identifier for this SB format.35 C.7 Version identifier35 C.8 SB specifica

17、tion.35 C.9 Size of the SB encoding36 Bibliography37 INCITS/ISO/IEC 24713-3-2010 ITIC 2010 All rights reserved vForeword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. Nationa

18、l bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. O

19、ther international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accordance with the ru

20、les given in the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires ap

21、proval by at least 75 % of the national bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. ISO/IEC 24713-3 was prepared b

22、y Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 37, Biometrics. ISO/IEC 24713 consists of the following parts, under the general title Information technology Biometric profiles for interoperability and data interchange: Part 1: Overview of biometric systems and bio

23、metric profiles Part 2: Physical access control for employees at airports Part 3: Biometrics-based verification and identification of seafarers INCITS/ISO/IEC 24713-3-2010 vi ITIC 2010 All rights reservedIntroduction The International Labour Organization, in response to a request from the Internatio

24、nal Maritime Organization, has adopted the Seafarers Identity Documents Convention (Revised), 2003 (No.185). This convention requires all seafarers from ratifying nations to be issued with an identity document that follows a uniform format, has specific physical security features, and uses biometric

25、s to link the seafarer to their identity document. Currently Convention No. 185 specifies the use of two fingerprints stored in a two-dimensional bar code, but the choice of biometric modality and storage medium could be changed provided backwards compatibility is maintained. In order to support a g

26、lobally interoperable system of Seafarers Identity Documents (SIDs), this part of ISO/IEC 24713 establishes a biometric profile to define how to use biometrics for verification and identification of seafarers at the various stages of document issuance and inspection. It defines a set of base standar

27、ds and criteria for applying those standards in applications where identity documents are issued to seafarers and biometrics are used to link each document to the seafarer to whom it was issued. It attempts to provide information on the processes surrounding the enrolment and verification or identif

28、ication of seafarers so that the biometric components of the system can be used in a proper context. It also addresses other system components such as the storage medium for the biometric data and the security of the system, since these will affect the use of the biometric technology. This part of I

29、SO/IEC 24713 is intended for use in the maritime industry, but can be applicable to other situations where identification and verification of document holders are necessary during document issuance or inspection. The use of biometric data includes identification checks during the issuance of the doc

30、ument, when watchlists can be checked and the entire database of existing seafarers can be searched to prevent a single seafarer from establishing multiple identities. It also includes the use of biometric data for verification when a card is presented at a control point by a person claiming to be t

31、he seafarer to whom the card was issued. Such control points can include port entrances, ship gangplanks, border crossing points where a seafarer must verify themselves to immigration authorities and any other situation where the seafarer needs to verify their identity as a seafarer. This verificati

32、on is expected to be performed not only indoors under controlled conditions, but also outdoors in difficult conditions, including harsh wet weather, salt spray, high humidity and high temperatures. Biometric equipment and credentials have to be capable of functioning in all such environments. This p

33、art of ISO/IEC 24713 is not intended in any way to conflict with the existing international Convention No. 185 established by the International Labour Organization and ratified by various member states of the ILO. Instead, the approaches profiled in this part of ISO/IEC 24713 can be used to satisfy

34、the requirements of the current version of Convention No. 185 while also allowing alternative approaches outlined in this part of ISO/IEC 24713 to be used in the future by the ILO if the technical documents associated with or annexes of Convention No. 185 are modified. To this end, the concept of ba

35、ckwards compatibility is stressed. The fundamental choices already made by the ILO of the use of a minutiae-based, two-finger template for seafarer verification, of the inclusion of a photograph and signature in the visible area of the SID, and of the use of a two-dimensional barcode as a storage me

36、dium are respected in this profile. Where alternative technology choices are promoted, they are defined in such a way that there will still be backwards compatibility with existing SIDs. This part of ISO/IEC 24713 defines a CBEFF patron format in Annex B and a CBEFF Security Block in Annex C that ar

37、e suitable for the limited storage available in a two dimensional barcode and which may be relevant for other storage constrained environments. AMERICAN NATIONAL STANDARD INCITS/ISO/IEC 24713-3-2010 ITIC 2010 All rights reserved 1Information technology Biometric profiles for interoperability and dat

38、a interchange Part 3: Biometrics-based verification and identification of seafarers 1 Scope This part of ISO/IEC 24713 specifies a biometric profile including data interchange formats, system requirements, and the operation of biometric procedures on a Seafarers Identity Document (SID). The domain o

39、f applicability can extend to other situations where an interoperable biometrics-based identity document is required, but the main focus is on the use of biometrics on a Seafarers Identity Document (SID). This part of ISO/IEC 24713 notes that ILO Convention No. 185 already provides the overarching p

40、olicy guidance on biometric verification and identification of seafarers and it relies on that guidance. Determining any matters of policy beyond those or in contradiction to those included in ILO Convention No. 185 is explicitly out of scope of this part of ISO/IEC 24713. 2 Conformance All seafarer

41、s identity documents, systems used for issuing seafarers identity documents, and systems used for verification or identification of seafarers that claim conformance to this part of ISO/IEC 24713 shall conform to the mandatory requirements of Clause 6 of this part of ISO/IEC 24713 and of the normativ

42、e Annexes referenced therein. 3 Normative references The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) appli

43、es. ISO/IEC 7501-1, Identification cards Machine readable travel documents Part 1: Machine readable passport ISO/IEC 7501-3, Identification cards Machine readable travel documents Part 3: Machine readable official travel documents ISO/IEC 8824-1:2002, Information technology Abstract Syntax Notation

44、One (ASN.1): Specification of basic notation ISO/IEC 8825-1:2002, Information technology ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER) ISO/IEC 8825-2:2002, Information technology ASN.1 encoding rules: Specific

45、ation of Packed Encoding Rules (PER) INCITS/ISO/IEC 24713-3-2010 2 ITIC 2010 All rights reservedISO/IEC 15438:2006, Information technology Automatic identification and data capture techniques PDF417 bar code symbology specification ISO/IEC 19785-1:2006, Information technology Common Biometric Exchan

46、ge Formats Framework Part 1: Data element specification ISO/IEC 19785-3:2007, Information technology Common Biometric Exchange Formats Framework Part 3: Patron format specifications ISO/IEC 19794-2:2005, Information technology Biometric data interchange formats Part 2: Finger minutiae data ISO/IEC 1

47、9794-4:2005, Information technology Biometric data interchange formats Part 4: Finger image data ISO/IEC 19794-5:2005, Information technology Biometric data interchange formats Part 5: Face image data ISO/IEC 19795-4:2008, Information technology Biometric performance testing and reporting Part 4: In

48、teroperability performance testing ISO/IEC 24713-1:2008, Information technology Biometric profiles for interoperability and data interchange Part 1: Overview of biometric systems and biometric profiles ISO/IEC 29109-1, Information technology Conformance testing methodology for biometric data interch

49、ange formats defined in ISO/IEC 19794 Part 1: Generalized conformance testing methodology 4 Terms and definitions For the purposes of this document, the terms and definitions given in ISO/IEC 24713-1 and the following apply. NOTE There are some terms which are commonly used in this part of ISO/IEC 24713 but are not explicitly defined. Specifically, verification authority, issuing authority,