1、American National StandardDeveloped byfor Information Technology Common Biometric ExchangeFormats Framework (CBEFF)ANSI INCITS 398-2008ANSIINCITS398-2008Copyright American National Standards Institute Provided by IHS under license with ANSI Not for ResaleNo reproduction or networking permitted witho
2、ut license from IHS-,-,-Copyright American National Standards Institute Provided by IHS under license with ANSI Not for ResaleNo reproduction or networking permitted without license from IHS-,-,-ANSIINCITS 398-2008Revision ofANSI INCITS 398-2005American National Standardfor Information Technology Co
3、mmon Biometric ExchangeFormats Framework (CBEFF)SecretariatInformation Technology Industry CouncilApproved January 23, 2008 American National Standards Institute, Inc.Copyright American National Standards Institute Provided by IHS under license with ANSI Not for ResaleNo reproduction or networking p
4、ermitted without license from IHS-,-,-Approval of an American National Standard requires review by ANSI that therequirements for due process, consensus, and other criteria for approval havebeen met by the standards developer.Consensus is established when, in the judgement of the ANSI Board ofStandar
5、ds Review, substantial agreement has been reached by directly andmaterially affected interests. Substantial agreement means much more thana simple majority, but not necessarily unanimity. Consensus requires that allviews and objections be considered, and that a concerted effort be madetowards their
6、resolution.The use of American National Standards is completely voluntary; theirexistence does not in any respect preclude anyone, whether he has approvedthe standards or not, from manufacturing, marketing, purchasing, or usingproducts, processes, or procedures not conforming to the standards.The Am
7、erican National Standards Institute does not develop standards andwill in no circumstances give an interpretation of any American NationalStandard. Moreover, no person shall have the right or authority to issue aninterpretation of an American National Standard in the name of the AmericanNational Sta
8、ndards Institute. Requests for interpretations should beaddressed to the secretariat or sponsor whose name appears on the titlepage of this standard.CAUTION NOTICE: This American National Standard may be revised orwithdrawn at any time. The procedures of the American National StandardsInstitute requ
9、ire that action be taken periodically to reaffirm, revise, orwithdraw this standard. Purchasers of American National Standards mayreceive current information on all standards by calling or writing the AmericanNational Standards Institute.American National StandardPublished byAmerican National Standa
10、rds Institute, Inc.25 West 43rd Street, New York, NY 10036Copyright 2008 by Information Technology Industry Council (ITI)All rights reserved.No part of this publication may be reproduced in anyform, in an electronic retrieval system or otherwise,without prior written permission of ITI, 1250 Eye Stre
11、et NW, Washington, DC 20005. Printed in the United States of AmericaCAUTION: The developers of this standard have requested that holders of patents that may berequired for the implementation of the standard disclose such patents to the publisher. However,neither the developers nor the publisher have
12、 undertaken a patent search in order to identifywhich, if any, patents may apply to this standard. As of the date of publication of this standardand following calls for the identification of patents that may be required for the implementation ofthe standard, no such claims have been made. No further
13、 patent search is conducted by the de-veloper or publisher in respect to any standard it processes. No representation is made or impliedthat licenses are not required to avoid infringement in the use of this standard.Copyright American National Standards Institute Provided by IHS under license with
14、ANSI Not for ResaleNo reproduction or networking permitted without license from IHS-,-,-iContents Page Foreword iv Introduction.xii 1 Scope1 2 Conformance1 3 Normative references2 4 Terms, acronyms, abbreviations and definitions.3 5 CBEFF Data Structures.4 5.1 General .4 5.2 Basic Data Structure .5
15、5.2.1 Standard Biometric Header (SBH) .5 5.2.1.1 SBH Patron Format Identifier10 5.2.1.2 BDB Format Owner/Type 10 5.2.1.2.1 BDB Format Owner10 5.2.1.2.2 BDB Format Type.10 5.2.1.3 Product Owner/Type10 5.2.1.3.1 Product Owner .11 5.2.1.3.2 Product Type 11 5.2.1.4 Device Owner/Type11 5.2.1.4.1 Device O
16、wner .11 5.2.1.4.2 Device Type 11 5.2.1.5 SBH Security Options11 5.2.1.6 Integrity Options 11 5.2.1.7 Length of the SBH, BDB and SB Length Fields12 5.2.1.7.1 Length of the SBH Length.12 5.2.1.7.2 Length of the BDB Length 12 5.2.1.7.3 Length of the SB Length .12 5.2.1.8 SBH Length.13 5.2.1.9 BDB Leng
17、th 13 5.2.1.10 SB Length .13 5.2.1.11 Security Block Format Owner/Type .13 5.2.1.11.1 Security Block Format Owner.13 5.2.1.12 Optional Data Elements Present Mask 14 5.2.1.13 Sub-Header/Basic Structure Count14 5.2.1.14 Next Level Patron Format Identifier .14 5.2.1.15 Patron Header Version 14 5.2.1.16
18、 CBEFF Header Version15 5.2.1.17 Index15 5.2.1.18 Biometric Creation Date15 5.2.1.19 Validity Period 15 5.2.1.20 Biometric Type .15 5.2.1.21 Biometric Subtype .16 5.2.1.22 Biometric Purpose .18 5.2.1.23 Biometric Data Type 18 5.2.1.24 Biometric Data Quality 19 5.2.1.24.1 Biometric Data Quality Value
19、19 5.2.1.24.2 Biometric Data Quality Algorithm ID19 5.2.1.25 Creator 19 5.2.1.26 Challenge-Response .19 Copyright American National Standards Institute Provided by IHS under license with ANSI Not for ResaleNo reproduction or networking permitted without license from IHS-,-,-ii 5.2.1.27 Payload. 19 5
20、.2.2 The Biometric Data Block (BDB). 20 5.2.3 Security Block. 20 5.3 Nested CBEFF Structures 20 6. CBEFF Patrons and Format Owners. 22 6.1 General. 22 6.2 Adding New CBEFF Patron Formats 23 6.2.1 Conformance of new Patron Formats to the CBEFF standard 23 6.2.2 Information to accompany requests to re
21、gister new Patron Formats 23 Annex A (Normative) Patron Format A 25 A.1 Patron. 25 A.2 Domain of User . 25 A.3 Byte Order . 25 A.4 Requirements on Users of this Patron Format 25 A.5 Patron Format Specification 25 Annex B (Normative) Patron Format B Description . 29 B.1 Patron. 29 B.2 Domain of Use.
22、29 B.3 Byte Order . 29 B.4 Requirements on Users of this Patron Format 30 B.5 Patron Format Specification 30 Annex C (Normative) Patron Format C The BioAPI Biometric Identification Record (BIR) . 31 C.1 Patron. 31 C.2 Domain of Use. 31 C.3 Byte Order . 31 C.4 Introduction. 31 C.5 Normative Reference
23、s 31 C.6 Biometric Record Header. 32 C.7 BioAPI to CBEFF Translation 32 Annex D (Normative) Patron Format D ICAO LDS (TLV-encoded for use with travel documents, smartcards, or other tokens) . 34 D.1 Patron. 34 D.2 Domain of Use. 34 D.3 Introduction. 34 D.4 Abbreviations and Notations. 34 D.5 Biometr
24、ic Information Group Template Used in ICAO LDS . 35 D.6 Example Encoding 37 D.7 Field Mappings 38 Annex E (Normative) Patron Format PIV NIST Personal Identity Verification (PIV) . 39 E.1 Patron. 39 E.2 Domain of Use. 39 Copyright American National Standards Institute Provided by IHS under license wi
25、th ANSI Not for ResaleNo reproduction or networking permitted without license from IHS-,-,-iii E.3 Introduction39 E.4 Abbreviations and Notations39 E.5 NIST Patron Format.40 Annex F (Normative) Patron Format ITL NIST/ITL Type 99 Data Record44 F.1 Patron .44 F.2 Domain of Use44 F.3 Introduction44 F.4
26、 Abbreviations and Notations44 F.5 NIST/ITL Type 99 Data Record .45 F.6 Field Mappings.48 F.7 Bibliography.49 Annex G (Informative) Example of CBEFF Utilization Across Domains of Use.50 Annex H (Informative) Contact Information for CBEFF as Specified in ANSI INCITS 398-2008 and IBIA51 Copyright Amer
27、ican National Standards Institute Provided by IHS under license with ANSI Not for ResaleNo reproduction or networking permitted without license from IHS-,-,-Foreword (This foreword is not part of American National Standard ANSI INCITS 398-2008.)This specification, the Common Biometric Exchange Forma
28、ts Framework, is an aug-mented and revised version of the CBEFF, the Common Biometric Exchange FileFormat, published in 2005 as ANSI INCITS 398-2005, which was originally publishedas NISTIR 6529-A. This version, ANSI INCITS 398-2008, was developed by the TaskGroup M1.2 on Technical Interfaces of INC
29、ITS Technical Committee M1, Biometrics.Please note that the current version of this standard is not backwards compatiblewith earlier versions. Normative annexes have been added for existing patron for-mats.Although the patron formats documented in Annexes E and F were originally devel-oped under the
30、 2005 version of INCITS 398, they also conform to the 2007 revision;references in these annexes are to clauses in the 2005 version of INCITS 398.Summary of Changes from the original CBEFF specification (NISTIR 6529) In addition to the name change, which reflects more accurately the scope of thespeci
31、fication, this revised version incorporates the following new features:A CBEFF Nested Structure. This structure consists of a Root Header fol-lowed by optional Subheaders, one or more CBEFF Basic Structures, and an option-al Security Block (SB). A CBEFF nested structure can include: (a) standard or
32、non-standard biometric data; (b) challenge data; and (c) payload. A nested structure hasbeen specified in order to support multiple biometric data types (e.g., finger, face andvoice) and/or multiple biometric data blocks of the same biometric type (e.g., fingerbiometric data blocks from more than on
33、e finger) within a CBEFF data structure.Nesting CBEFF structures accommodate such requirements and avoid having to uti-lize multiple consecutive CBEFF records for one specific operation. A Subheader/Basic Structure Count. The CBEFF nested structure has re-quired defining this new field. This optiona
34、l field specifies the number of nested lev-els below the current level in a CBEFF nested structure. This field has a value of zeroin the lowest level of a nested structure.The following additional and redefined fields:oA Standard Biometric Header (SBH) Patron Format Identifier optional fieldthat is
35、used in nested struc-tures to identify the CBEFF patron format of thenext lower level in the structure.oA Biometric Feature optional field to further define the type of biometric databeing placed in a CBEFF record. oA Validity Period optional field to denote the period (not before - not after)when t
36、he biometric data block is valid.o A modified definition of the Creator field. In this specification, the Creator(optional field) specifies the organizational entity (e.g., issuer or application) re-sponsible for the generation of the biometric data. o Addition of a Product Identifier (PID) field. T
37、his field identifies the entity (e.g.,Biometric Service Provider (BSP) or transformation application) that created thebiometric data object. This entity may or may not be the same as the entity thatdefined the format of the created data within the biometric data block.ivCopyright American National S
38、tandards Institute Provided by IHS under license with ANSI Not for ResaleNo reproduction or networking permitted without license from IHS-,-,-oAn Index field. This optional field contains a unique value associated with aspecific instance of biometric reference (enrollment) data. It may represent ada
39、tabase index. Uniqueness pertains only to a specific database. Use andmanagement of this data is the responsibility of the application. oA Challenge-Response field. This optional field specifies the type of informa-tion used to present a challenge to the user or the system.oA Payload field. This opt
40、ional field shall contain data (e.g., a person-identifi-cation-number) to be attached in a secure way to biometric reference data andused by a service system (e.g., access control system) in case the biometricverification is positive. Reference data is to be specified by the CBEFF patron.Examples in
41、clude a filename, database item, or URL.Two new Formats have been added: 1. Biometric Information Data Objects for Use within Smart Cards or Other Tokens.This format has been defined with the collaboration of technical experts fromISO/IEC JTC 1 SC 17 WG4 and INCITS Technical Committee B10.2. CBEFF P
42、atron Format B, a simple root header for use in domains where morethan one patron format, simple or nested, may be encountered.In addition, more detailed information on the concept of CBEFF patrons, the currentlist of patrons and how to apply for a new CBEFF patron have been added.Other changes are:
43、Several field names are changed to clarify that they describe attributes of the Bi-ometric Data Block (BDB) rather than the CBEFF-conformant record header:o “Record Data Type“ to “Biometric Data Type“.o “Record Purpose“ to “Biometric Purpose“.o “Record Data Quality“ to “Biometric Data Quality“.o “Cr
44、eation Date“ to “Biometric Creation Date“.Creator/PID field changed to two separate fields (as described above).In Biometric Type table, changed “Palm Geometry“ to “Palm Print“.In Biometric Type table, added “Foot Print“.Discussion of Object Identifiers (OIDs) has been removed.NIST Biometric Consort
45、ium (BC)/Working Group (WG) Patron Format A was re-specified to accommo-date changes to some field definitions and to make it easier touse.Annex C, describing the BioAPI Biometric Identification Record, has beenaligned with changes in 5.2 (Basic Data Structure).The Annex describing the X9.84 Biometr
46、ic Object (based on the X9.84-2001 ver-sion) was removed. (X9.84-2001 is superseded by X9.84-2003. This version is beingtransposed to ISO through ISO TC68/SC2. Development of the ISO version is under-way.)The Annex describing an example of embedding a CBEFF object has been re-moved. A report includi
47、ng examples of CBEFF utilizations is planned.vCopyright American National Standards Institute Provided by IHS under license with ANSI Not for ResaleNo reproduction or networking permitted without license from IHS-,-,-viSummary of Changes from the CBEFF 398-2005 specificationUpdated the forward and e
48、xtended the summary of changes.Removed the Abstract.Changed “Signature Block“ to “Security Block“ throughout the document.Changed “Format Specification“ to “patron format specification.“Updated the introduction to clarify patron usage and refer to existing patron for-mats.Updated the conformance cla
49、use.Updated terms and acronyms.Rearranged Table 1, and included clarifying notes.Used the BDB Format Owner/Type model for both the Product Owner/Type andthe Device ID Owner/Type.Renumbered the subclauses under 5.2.1 to reflect the sequence in Table 1.Added Device ID.Made the patron formats document structure more consisten
copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1