1、 Collection of SANS standards in electronic format (PDF) 1. Copyright This standard is available to staff members of companies that have subscribed to the complete collection of SANS standards in accordance with a formal copyright agreement. This document may reside on a CENTRAL FILE SERVER or INTRA
2、NET SYSTEM only. Unless specific permission has been granted, this document MAY NOT be sent or given to staff members from other companies or organizations. Doing so would constitute a VIOLATION of SABS copyright rules. 2. Indemnity The South African Bureau of Standards accepts no liability for any
3、damage whatsoever than may result from the use of this material or the information contain therein, irrespective of the cause and quantum thereof. ISBN 978-0-626-22558-2 SANS 19795-4:2009Edition 1 ISO/IEC 19795-4:2008Edition 1 SOUTH AFRICAN NATIONAL STANDARD Information technology Biometric performa
4、nce testing and reporting Part 4: Interoperability performance testing This national standard is the identical implementation of ISO/IEC 19795-4:2008, and is adopted with the permission of the International Electrotechnical Commission. Published by SABS Standards Division 1 Dr Lategan Road Groenkloo
5、f Private Bag X191 Pretoria 0001Tel: +27 12 428 7911 Fax: +27 12 344 1568 www.sabs.co.za SABS SANS 19795-4:2009 Edition 1 ISO/IEC 19795-4:2008 Edition 1 Table of changes Change No. Date Scope National foreword This South African standard was approved by National Committee SABS TC 71J, Information te
6、chnology - Cards and personal identification, in accordance with procedures of the SABS Standards Division, in compliance with annex 3 of the WTO/TBT agreement. This SANS document was published in April 2009. Reference numberISO/IEC 19795-4:2008(E)ISO/IEC 2008INTERNATIONAL STANDARD ISO/IEC19795-4Fir
7、st edition2008-06-01Information technology Biometric performance testing and reporting Part 4: Interoperability performance testing Technologies de linformation Essais et rapports de performances biomtriques Partie 4: Essais de performances dinteroprabilit SANS 19795-4:2009This s tandard may only be
8、 used and printed by approved subscription and freemailing clients of the SABS .ISO/IEC 19795-4:2008(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are e
9、mbedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporat
10、ed. Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a p
11、roblem relating to it is found, please inform the Central Secretariat at the address given below. COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2008 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical
12、, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org
13、Published in Switzerland ii ISO/IEC 2008 All rights reservedSANS 19795-4:2009This s tandard may only be used and printed by approved subscription and freemailing clients of the SABS .ISO/IEC 19795-4:2008(E) ISO/IEC 2008 All rights reserved iiiContents Page Foreword vi Introduction.vii 1 Scope1 2 Con
14、formance .1 3 Normative references2 4 Terms and definitions .2 5 Abbreviated terms .4 6 Goals.5 6.1 Coverage 5 6.2 Target application8 6.2.1 Biometric application8 6.2.2 Interoperable application9 6.3 Purpose 10 6.3.1 Interoperability testing10 6.3.2 Sufficiency testing.11 7 Metrics 12 7.1 General .
15、12 7.2 Figures of merit .12 7.2.1 Recognition performance figure of merit12 7.2.2 Measuring component failure 13 7.3 Interoperability matrices.14 7.3.1 General .14 7.3.2 Interoperability with sBDB generators14 7.3.3 Interoperability with sBDB generators15 7.3.4 Fixed operating point interoperability
16、.16 7.3.5 Reporting failure of sBDB generators.16 7.4 Proprietary performance.16 8 Conducting a test 17 8.1 Structure of test.17 8.2 Sample data .17 8.2.1 Acquisition .17 8.2.2 Representative data 18 8.2.3 Collection of ancillary data.18 8.2.4 Corpus size 18 8.2.5 Removal of subject-specific metadat
17、a 18 8.2.6 Removal of unrepresentative metadata 18 8.2.7 Origin of samples 19 8.2.8 Untainted samples.19 8.2.9 Sequestered data.19 8.3 Conformance testing.19 8.3.1 Conformance .19 8.3.2 Executing conformance tests 19 8.3.3 Reporting20 8.4 Constraints on the sBDBs20 8.4.1 Optional encodings .20 8.4.2
18、 Optional encodings from profile standards20 8.4.3 Deviation from the base standard .20 8.4.4 Data encapsulation20 SANS 19795-4:2009This s tandard may only be used and printed by approved subscription and freemailing clients of the SABS .ISO/IEC 19795-4:2008(E) iv ISO/IEC 2008 All rights reserved8.5
19、 Components.21 8.5.1 Components for sufficiency testing 21 8.5.2 Establishing modularity requirements 21 8.5.3 Components for interoperability testing .21 8.5.4 Underlying algorithms.21 8.5.5 Capture device user interfaces 21 8.5.6 Multimodal components .22 8.5.7 Component variability .22 8.5.8 Comp
20、onent reporting requirements 22 8.6 Planning decisions 22 8.6.1 Computational intensity22 8.6.2 Supplier recruitment23 8.6.3 Provision of samples to suppliers .23 8.6.4 Equivalency of generator resources23 8.6.5 Handling violations of test requirements24 8.6.6 Comparison subsystem output data encaps
21、ulation24 8.6.7 Fundamental generator requirement.24 8.6.8 Fundamental comparison subsystem requirement .25 8.6.9 General requirements on software implementations.25 8.7 Prevention and detection of gaming26 8.7.1 General aspects .26 8.7.2 Modes of gaming .26 8.7.3 Prevention and detection of gaming2
22、8 8.8 Test procedure.29 8.8.1 Primary test 29 8.8.2 Uncertainty measurement.30 8.8.3 Variance estimation.30 8.8.4 Remedial testing 30 8.8.5 Survey of configurable parameters .30 9 Interpretation of the interoperability matrix30 9.1 Determination of interoperable subsystems 30 9.1.1 General30 9.1.2 I
23、dentifying interoperable combinations of subsystems31 9.1.3 Acceptable numbers of interoperable subsystems .33 9.1.4 Combinatorial search for maximum interoperability-classes.33 9.1.5 Multiple interoperable subgroups34 9.1.6 Statistical stability of the test result 34 9.2 Interoperability with previ
24、ously certified products35 9.2.1 Decertification considerations .35 9.2.2 Continuity of testing35 9.2.3 Interoperability with previously certified generators.35 9.2.4 Interoperability with previously certified comparison subsystems.36 9.2.5 Treatment of systematic effects.36 9.2.6 Retroactive exclus
25、ion from analysis .37 9.3 Overall sufficiency.37 Annex A (informative) Procedures for conducting a test of sufficiency and/or interoperability38 Annex B (informative) Example Interoperability Test42 Bibliography 45 Figure 1 General biometric interoperability 6 Figure 2 Specific interoperability: enr
26、olment BDB is standardized .6 Figure 3 Specific interoperability: enrolment BDB is proprietary.7 Figure 4 Offline interoperability testing.7 Figure 5 Biometric capture device interoperability 8 SANS 19795-4:2009This s tandard may only be used and printed by approved subscription and freemailing clie
27、nts of the SABS .ISO/IEC 19795-4:2008(E) ISO/IEC 2008 All rights reserved vFigure 6 Cells of an example interoperability space10 Figure 7 Sufficiency testing: proprietary vs. standard interchange formats 12 Figure 8 Cross-generator performance matrix .15 Figure 9 Example performance matrix 15 Figure
28、 10 Proprietary performance matrix16 Table 1 Conformity with ISO/IEC 19795-2 .1 Table 2 Sample size adjustment of error rate requirement.31 Table 3 Confidence levels of the standard Normal distribution.32 Table A.1 Interoperability test procedure, phase 1: planning.38 Table A.2 Interoperability test
29、 procedure, phase 2: setup39 Table A.3 Interoperability test procedure, phase 3: sBDB and pBDB generation39 Table A.4 Interoperability test procedure, phase 4: verification 40 Table A.5 Interoperability test procedure, phase 5: identification .40 Table A.6 Interoperability test procedure, phase 6: r
30、eporting41 Table A.7 Interoperability test procedure, phase 7: variance estimation41 SANS 19795-4:2009This s tandard may only be used and printed by approved subscription and freemailing clients of the SABS .ISO/IEC 19795-4:2008(E) vi ISO/IEC 2008 All rights reservedForeword ISO (the International O
31、rganization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the
32、 respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of inf
33、ormation technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft Internat
34、ional Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document m
35、ay be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. ISO/IEC 19795-4 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 37, Biometrics. ISO/IEC 19795 consists of the following parts,
36、 under the general title Information technology Biometric performance testing and reporting: Part 1: Principles and framework Part 2: Testing methodologies for technology and scenario evaluation Part 3: Modality-specific testing Technical Report Part 4: Interoperability performance testing Part 6: T
37、esting methodologies for operational evaluation is under preparation. SANS 19795-4:2009This s tandard may only be used and printed by approved subscription and freemailing clients of the SABS .ISO/IEC 19795-4:2008(E) ISO/IEC 2008 All rights reserved viiIntroduction The multi-part biometric data inte
38、rchange format standard, ISO/IEC 19794, has been developed to foster interoperable exchange of biometric data. By defining open containers for image, signal and feature data, and constraining some of the properties of the samples, the standards enhance interoperability by requiring implementers to b
39、e able to handle a restricted set of all possible biometric samples. Examples of this are the template standards of ISO/IEC 19794-2 and ISO/IEC 19794-8 which embed compact processed data from fingerprint images. Only samples of the same format type (several of which can be defined in the same part o
40、f ISO/IEC 19794) are intended to be interchangeable. One common assertion prior to SC 37s formulation of data interchange standards was that proprietary templates offer greater recognition performance than any likely standard on the grounds that the proprietary instances are the product of processes
41、 that embed considerable, private, intellectual property. The question of whether the emerging standards are sufficient then arises: that is, do they code data (feature, image, etc.) representations that allow matching with accuracy comparable to that available from the proprietary solutions? A seco
42、nd issue, interoperability, arises in those applications where standardized data are generated and matched by different institutions and systems. If a companys feature extraction subsystem processes acquired samples to produce ISO/IEC 19794-x compliant instances, then can other companies comparison
43、subsystems attain performance comparable with that obtained from the originators own comparison subsystem? A further question is then whether a third company can successfully recognize enrolment and user samples from two different sources. This part of ISO/IEC 19795 defines tests to specifically add
44、ress absolute performance, sufficiency, and interoperability available from biometric data formatted to comply with established standards, particularly those developed in the various parts of ISO/IEC 19794. However, because this part of ISO/IEC 19795 references interchange formats generically, by re
45、ferencing only their black box generation and use, it also applies to other open standards. One consequence of this approach is that the success of a test is predicated on the correctness and appropriateness of lower-level data elements and values, i.e. conformance to the respective standards. There
46、fore, the approach here is to require conformance testing as an integral part of the test. This is achieved by referencing formal published conformance tests or profiles of standards. For instance, an interoperability test of the ISO/IEC 19794-5 face format might reference an application profile of
47、its Token image, which in turn might rely on ISO/IEC 15444-1 (JPEG 2000 core coding system). This part of ISO/IEC 19795 conceives of the following three kinds of tests: online: a scenario test in which a volunteer population enrols on suppliers products and subsequently uses suppliers verification o
48、r identification implementations to make genuine and impostor attempts; offline: a technology test in which an archived corpus of captured samples, not necessarily collected with any intent to simulate the operational conditions of a particular application, is used as input to suppliers enrolment, v
49、erification or identification products to make genuine and impostor attempts; hybrid: a test in which the sample corpus is collected online under conditions which attempt to simulate the operational conditions of a particular application, and is then processed offline. In each case, an interoperability test needs to embed multi-supplier generation, exchange, and comparison of samples of the standard interchange format. Online collection from a live population is appropriate when
