1、 Collection of SANS standards in electronic format (PDF) 1. Copyright This standard is available to staff members of companies that have subscribed to the complete collection of SANS standards in accordance with a formal copyright agreement. This document may reside on a CENTRAL FILE SERVER or INTRA
2、NET SYSTEM only. Unless specific permission has been granted, this document MAY NOT be sent or given to staff members from other companies or organizations. Doing so would constitute a VIOLATION of SABS copyright rules. 2. Indemnity The South African Bureau of Standards accepts no liability for any
3、damage whatsoever than may result from the use of this material or the information contain therein, irrespective of the cause and quantum thereof. ISBN 978-0-626-21607-8 SANS 19785-3:2008Edition 1ISO/IEC 19785-3:2007Edition 1SOUTH AFRICAN NATIONAL STANDARDInformation Technology Common biometric exch
4、ange formats framework Part 3: Patron format specifications Published by SABS Standards Division 1 Dr Lategan Road Groenkloof Private Bag X191 Pretoria 0001Tel: +27 12 428 7911 Fax: +27 12 344 1568 www.sabs.co.za SABS SANS 19785-3:2008 Edition 1 ISO/IEC 19785-3:2007 Edition 1 Table of changes Change
5、 No. Date Scope National foreword This South African standard was approved by National Committee SABS SC 71J, Information technology Cards and personal identification in accordance with procedures of the SABS Standards Division, in compliance with annex 3 of the WTO/TBT agreement. This SANS document
6、 was published in September 2008. ISO/IEC 19785-3:2007(E) ISO/IEC 2007 All rights reserved iiiContents Page Foreword vi Introduction.vii 1 Scope1 2 Conformance .1 3 Normative references1 4 Terms and definitions .2 4.1 Terms defined in ISO/IEC 19785-1 .2 4.2 Other terms and definitions .3 5 Symbols a
7、nd abbreviated terms 3 5.1 Symbols and abbreviated terms defined in ISO/IEC 19785-1 .3 5.2 Other symbols and abbreviated terms3 6 ASN.1 type definitions for CBEFF data elements and abstract values .4 6.1 General .4 6.2 CBEFF data elements type definitions module4 7 Patron format specification: Minim
8、um simple bit-oriented patron format7 7.1 Patron .7 7.2 Patron identifier.7 7.3 Patron format name.7 7.4 Patron format identifier.7 7.5 ASN.1 object identifier for this patron format 7 7.6 Domain of use7 7.7 Version identifier .7 7.8 CBEFF version.7 7.9 General .7 7.10 Bit oriented patron format spe
9、cification and conformance statement8 7.10.1 Specification 8 7.10.2 Patron format conformance statement .8 8 Patron format specification: Minimum simple byte-oriented patron format.10 8.1 Patron .10 8.2 Patron identifier.10 8.3 Patron format name.10 8.4 Patron format identifier.10 8.5 ASN.1 object i
10、dentifier for this patron format 10 8.6 Domain of use10 8.7 Version identifier .10 8.8 CBEFF version.10 8.9 General .10 8.10 Patron format specifications and conformance statement.11 8.10.1 Patron format specification11 8.10.2 Patron format conformance statement .11 9 Patron format specification: Fi
11、xed-length-fields, byte-oriented patron format using presence bit-map.12 9.1 Patron .12 9.2 Patron identifier.12 9.3 Patron format name.12 9.4 Patron format identifier.12 9.5 ASN.1 object identifier for this patron format 12 SANS 19785-3:2008This s tandard may only be used and printed by approved su
12、bscription and freemailing clients of the SABS .ISO/IEC 19785-3:2007(E) iv ISO/IEC 20# All rights reserved9.6 Domain of use . 12 9.7 Version identifier. 12 9.8 CBEFF version 12 9.9 General. 12 9.10 Specification 13 9.11 Patron format conformance statement. 15 9.11.1 Identifying information. 15 9.11.
13、2 CBEFF-defined data elements and abstract values 16 9.11.3 Patron defined data elements and abstract values. 17 10 Patron format specification: Fixed-length-fields, bit-oriented patron format using presence bit-map 18 10.1 Patron. 18 10.2 Patron identifier 18 10.3 Patron format name 18 10.4 Patron
14、format identifier 18 10.5 ASN.1 object identifier for this patron format 18 10.6 Domain of use . 18 10.7 Version identifier. 18 10.8 CBEFF version 18 10.9 General. 18 10.10 Specification 19 10.11 Patron format conformance statement. 20 10.11.1 Identifying information. 20 10.11.2 CBEFF-defined data e
15、lements and abstract values 21 10.11.3 Patron defined data elements and abstract values. 21 11 Patron format specification: TLV-encoded patron format, for use with smartcards or other tokens 22 11.1 Patron. 22 11.2 Patron identifier 22 11.3 Patron format name 22 11.4 Patron format identifier 22 11.5
16、 ASN.1 object identifier for this patron format 22 11.6 Domain of Use. 22 11.7 Version identifier. 22 11.8 CBEFF version 22 11.9 General. 22 11.10 ASN.1 specification 25 11.11 Tabular representations for information 26 11.11.1 The Biometric Information Template used for on-card matching . 26 11.11.2
17、 The Biometric Information Template used for off-card matching . 28 11.12 The Group BIT Data Object 29 11.13 Abstract values and encodings for biometric type and subtype. 30 11.14 Patron format conformance statement. 31 11.14.1 Identifying information. 31 11.14.2 CBEFF-defined data elements and abst
18、ract values 31 11.14.3 Patron-defined data elements and abstract values. 31 12 Patron format specification: complex patron format 32 12.1 Patron. 32 12.2 Patron identifier 32 12.3 Patron format name 32 12.4 Patron format identifier 32 12.5 ASN.1 object identifier for this patron format 32 12.6 Domai
19、n of use . 32 12.7 Version identifier. 32 12.8 CBEFF version 32 12.9 General. 32 12.10 Specification 33 12.11 Illustrative examples 37 SANS 19785-3:2008This s tandard may only be used and printed by approved subscription and freemailing clients of the SABS . ISO/IEC 2007 All rights reserved v12.12 A
20、SN.1 definition (provided for illustrative purposes only) .40 12.13 Patron format conformance statement .41 12.13.1 Identifying information41 12.13.2 CBEFF-defined data elements and abstract values.42 12.13.3 Patron-defined data elements and abstract values .43 13 Patron format specification: XML pa
21、tron format .44 13.1 Patron .44 13.2 Patron identifier.44 13.3 Patron format name.44 13.4 Patron format identifier.44 13.5 ASN.1 object identifier for this patron format 44 13.6 Domain of use44 13.7 Version identifier .44 13.8 CBEFF version.44 13.9 General .44 13.10 Specification 45 13.11 Element .4
22、5 13.11.1 Syntax.45 13.11.2 Semantics.46 13.12 Element .47 13.12.1 Syntax.47 13.12.2 Semantics.47 13.13 Element .47 13.13.1 Syntax.47 13.13.2 Semantics.47 13.14 Element .48 13.14.1 Syntax.48 13.14.2 Semantics.48 13.15 Element .50 13.15.1 Syntax.50 13.15.2 Semantics.51 13.16 Element .55 13.16.1 Synta
23、x.55 13.16.2 Semantics.56 13.17 Representation of Integers.56 13.18 Representation of Octet Strings 56 13.19 Representation of Date and Time of the Day57 13.20 Representation of Universally Unique Identifiers 57 13.21 Patron format conformance statement .58 13.21.1 Identifying information58 13.21.2
24、CBEFF-defined data elements and abstract values.58 13.21.3 Patron-defined data elements and abstract values .60 13.22 XML schema of the patron format .60 13.23 ASN.1 schema of the patron format 62 13.24 An example of a simple BIR in XML encoding (complying with the ASN.1 schema, the XSD schema, and
25、the normative textual description) .64 13.25 An example of a complex BIR in XML encoding (complying with the ASN.1 schema, the XSD schema, and the normative textual description) .66 Annex A (informative) Guidelines on the specification of patron formats69 A.1 General .69 A.2 Basic encoding mechanism
26、s .69 A.3 Octet-alignment .70 A.4 Length fields 70 A.5 CBEFF data element values and patron format fields.70 A.6 Historically used encodings of certain abstract values71 A.7 Variable length data elements72 A.8 Security Blocks72 ISO/IEC 19785-3:2007(E) SANS 19785-3:2008This s tandard may only be used
27、 and printed by approved subscription and freemailing clients of the SABS .ISO/IEC 19785-3:2007(E) vi ISO/IEC 2007 All rights reservedForeword ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparing In
28、ternational Standards is normally carried out through ISO technical committees. Each member body interested in a subject for which a technical committee has been established has the right to be represented on that committee. International organizations, governmental and non-governmental, in liaison
29、with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of techn
30、ical committees is to prepare International Standards. Draft International Standards adopted by the technical committees are circulated to the member bodies for voting. Publication as an International Standard requires approval by at least 75 % of the member bodies casting a vote. Attention is drawn
31、 to the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be held responsible for identifying any or all such patent rights. ISO/IEC 19785-3 was prepared by Technical Committee ISO/IEC/TC JTC 1, Information technology, Subcommittee SC 37, Biome
32、trics. ISO/IEC 19785 consists of the following parts, under the general title Information technology Common Biometric Exchange Formats Framework: Part 1: Data element specification Part 2: Procedures for the operation of the Biometric Registration Authority Part 3: Patron format specificationsSANS 1
33、9785-3:2008This s tandard may only be used and printed by approved subscription and freemailing clients of the SABS . ISO/IEC 2007 All rights reserved viiIntroduction Biometric-based authentication systems and applications are expected to support multiple biometric devices and multiple biometric dat
34、a formats. The Common Biometric Exchange Formats Framework (CBEFF) promotes interoperability of biometric-based application programs and systems developed by different vendors by facilitating biometric data interchange. ISO/IEC 19785-1 defines the following items that enable standardized biometric d
35、ata interchange: a) a 3-part standardized structure for biometric information records (BIRs) consisting of: 1) standardized biometric headers (SBHs), 2) biometric data blocks (BDBs, which may be standardized or proprietary), and 3) optional security blocks (SBs); b) variations of the 3-part structur
36、e to support BIRs containing: 1) only one SBH, one BDB and possibly one SB (simple BIRs); 2) more than one BDB along with the SBHs necessary to encode the BIRs structure and some number of SBs (complex BIRs); c) more than 20 data elements and their associated abstract values that can be used in an S
37、BH to describe attributes of a BDB within a BIR, as well as attributes of the BIR itself; d) the concept of a CBEFF patron format (but ISO/IEC 19785-1 does not itself define any patron formats), which is a detailed specification of the structure and content of a particular, standardized BIR; e) the
38、concept of a CBEFF patron, which is a recognized standards organization that has registered with the Biometric Registration Authority and declared its intention to define CBEFF patron format specifications; f) the concept of the Biometric Registration Authority (RA), which is the mechanism by which
39、unique identifiers are assigned to organizations (standards organizations, vendors and others) that create BDB formats and CBEFF patron formats (ISO/IEC 19785-2 defines the responsibilities and operations of the Biometric RA); g) CBEFF data elements (see c) above) that support, within the SBH, the u
40、nique identifiers assigned by the Biometric RA for biometric organizations, BDB formats, biometric products, patron formats and SB formats. This part of ISO/IEC 19785 specifies a number of CBEFF patron formats that are considered to be of general utility in a variety of domains of use. Additional SC
41、 37 patron format specifications may be published as new clauses in future amendments to this part of ISO/IEC 19785, or in other SC 37 International Standards. The CBEFF patron format identifier unambiguously identifies the CBEFF patron format within the scope of the CBEFF patron identifier. The CBE
42、FF patron format identifier is unambiguous within the scope of an ASN.1 Object Identifier (see ISO/IEC 9834-1) that identifies the Biometric Registration Authority (see ISO/IEC 19785-2).That ASN.1 Object Identifier (OID) is itself globally unambiguous within the scope of all ASN.1 Object Identifiers
43、, which forms a widely-used global name-space. ISO/IEC 19785-3:2007(E) SANS 19785-3:2008This s tandard may only be used and printed by approved subscription and freemailing clients of the SABS .ISO/IEC 19785-3:2007(E) viii ISO/IEC 2007 All rights reservedNOTE ASN.1 Object Identifiers are used by ITU
44、-T, ITU-R, the UPU, many ISO and IEC Standards, to identify some IETF MIME types, and for many other purposes. (These acronyms have not been spelled out, as the precise identification of these organizations is not relevant to this International Standard.) The combination of the Biometric Registratio
45、n Authority OID, the CBEFF patron identifier, and the CBEFF patron format identifier forms a larger ASN.1 OID that provides an unambiguous identification of the CBEFF patron format. This part of ISO/IEC 19785 specifies, for each CBEFF patron format that it defines, the ASN.1 OID that unambiguously i
46、dentifies that CBEFF patron format. SANS 19785-3:2008This s tandard may only be used and printed by approved subscription and freemailing clients of the SABS . ISO/IEC 2007 All rights reserved 11 Scope This part of ISO/IEC 19785 specifies and publishes registered CBEFF patron formats (see ISO/IEC 19
47、785-1) defined by the CBEFF patron ISO/IEC JTC 1/SC 37, and specifies their registered CBEFF patron format identifiers (see ISO/IEC 19785-2) and resulting full ASN.1 Object Identifiers. 2 Conformance Clause 6 onwards of this part of ISO/IEC 19785 specify at the bit-level the set of bit-patterns (and
48、 their semantics) that can form a valid instance of the CBEFF patron format that is defined in that clause, together with the ASN.1 Object Identifier for that set of bit-patterns. A bit-pattern identified by one of the ASN.1 Object Identifiers allocated in this part of ISO/IEC 19785 conforms to this
49、 specification if, and only if, it is one of the bit-patterns in the set identified by that ASN.1 Object Identifier. If an implementation claims that it supports (and conforms to) a CBEFF patron format defined in this part of ISO/IEC 19785 then it shall either be: a) capable of generating at least one of the set of bit patterns specified for that CBEFF patron format, and shall never generate bit patterns that are not part of the set; or b) capable of decoding (determining the semantics of), or in any other way processing all the bit-patterns in the set
