1、 Collection of SANS standards in electronic format (PDF) 1. Copyright This standard is available to staff members of companies that have subscribed to the complete collection of SANS standards in accordance with a formal copyright agreement. This document may reside on a CENTRAL FILE SERVER or INTRA
2、NET SYSTEM only. Unless specific permission has been granted, this document MAY NOT be sent or given to staff members from other companies or organizations. Doing so would constitute a VIOLATION of SABS copyright rules. 2. Indemnity The South African Bureau of Standards accepts no liability for any
3、damage whatsoever than may result from the use of this material or the information contain therein, irrespective of the cause and quantum thereof. ISBN 978-0-626-22544-5 SANS 24741:2009 Edition 1 ISO/IEC TR 24741:2007 Edition 1SOUTH AFRICAN NATIONAL STANDARD Information technology Biometrics tutoria
4、l This national standard is the identical implementation of ISO/IEC TR 24741:2007 and is adopted with the permission of the International Organization for Standardization and the International Electrotechnical Commission. Published by SABS Standards Division 1 Dr Lategan Road Groenkloof Private Bag
5、X191 Pretoria 0001 Tel: +27 12 428 7911 Fax: +27 12 344 1568 www.sabs.co.za SABS This standard may only be used and printed by approved subscription and freemailing clients of the SABS.SANS 24741:2009 Edition 1 ISO/IEC TR 24741:2007 Edition 1 Table of changes Change No. Date Scope National foreword
6、This South African standard was approved by National Committee SABS SC 71J, Information technology Cards and personal identification, in accordance with procedures of the SABS Standards Division, in compliance with annex 3 of the WTO/TBT agreement. This SANS document was published in April 2009. Thi
7、s standard may only be used and printed by approved subscription and freemailing clients of the SABS. Reference number ISO/IEC TR 24741:2007(E) ISO/IEC 2007TECHNICAL REPORT ISO/IEC TR 24741 First edition 2007-09-15 Information technology Biometrics tutorial Technologies de linformation Tutoriel biom
8、trique SANS 24741:2009This standard may only be used and printed by approved subscription and freemailing clients of the SABS.ISO/IEC TR 24741:2007(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall
9、 not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. A
10、dobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by IS
11、O member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below. COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2007 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any
12、 form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749
13、 09 47 E-mail copyrightiso.org Web www.iso.org Published in Switzerland ii ISO/IEC 2007 All rights reservedSANS 24741:2009This standard may only be used and printed by approved subscription and freemailing clients of the SABS.ISO/IEC TR 24741:2007(E) ISO/IEC 2007 All rights reserved iii Contents Pag
14、e Foreword . v Introduction vi 1 Scope.1 2 Introduction and general history .1 2.1 What are biometric technologies?.1 2.2 History.2 3 Technology overview3 3.1 Eye technologies3 3.1.1 Iris characteristics3 3.1.2 Retina characteristics.3 3.2 Face technologies.4 3.3 Finger ridge technologies4 3.3.1 Fin
15、ger scanning4 3.3.2 Finger image verification5 3.3.3 Finger image identification5 3.3.4 Palm technologies5 3.4 Hand geometry technologies.6 3.5 Finger geometry technologies.6 3.6 Dynamic signature technologies.6 3.7 Speaker recognition technologies.7 3.8 Vein patterns.7 3.9 Keystrokes.8 3.10 Possibl
16、e future biometric technologies 8 3.10.1 Scent8 3.10.2 DNA8 3.10.3 Ear shape.8 3.10.4 Body potential differences .8 4 A general biometric system .9 4.1 Conceptual diagram of a general biometric system 9 4.2 Conceptual components of a general biometric system .10 4.2.1 Data capture subsystem.10 4.2.2
17、 Transmission subsystem.10 4.2.3 Signal processing subsystem11 4.2.4 Data storage subsystem.11 4.2.5 Matching subsystem.12 4.2.6 Decision subsystem.13 4.2.7 Administration subsystem.14 4.2.8 Interfaces.14 4.3 Functions of a general biometric system14 4.3.1 Enrolment phase.14 4.3.2 Recognition phase1
18、5 5 Fundamental concepts.16 6 International Standards for biometrics technical interfaces .18 6.1 BDBs and BIRs18 6.2 Common Biometric Exchange Formats Framework (CBEFF) .19 6.3 The BioAPI International Standard 19 6.4 The BIP International Standard20 SANS 24741:2009This standard may only be used an
19、d printed by approved subscription and freemailing clients of the SABS.ISO/IEC TR 24741:2007(E) iv ISO/IEC 2007 All rights reserved7 Performance testing.20 7.1 General20 7.2 Types of technical tests .21 8 Biometrics and information security.22 9 Example applications.23 9.1 Law enforcement.23 9.2 Civ
20、ilian applications.23 9.2.1 Banking applications24 9.2.2 Benefit systems24 9.2.3 Computer systems access.24 9.2.4 Immigration control24 9.2.5 National identity cards24 9.2.6 Physical access control .24 9.2.7 Prisons and police applications 25 9.2.8 Telephone systems.25 9.2.9 Time, attendance and mon
21、itoring applications 25 9.2.10 Civil background checks25 10 Biometrics and privacy.25 10.1 General25 10.2 Biometric technology acceptability.26 10.3 Protection from identity theft .26 10.4 Privacy.26 11 Conclusions27 Annex A (informative) A brief summary of International Standards activity .28 A.1 B
22、ackground on biometrics standardization28 A.2 Layers or areas of biometric standardization and Working Groups.28 A.3 Layer 1 Standards (approved or in preparation for initial standards).30 A.4 Layer 2 Standards (approved or in preparation for initial standards).30 A.5 Layer 3 Standards (approved or
23、in preparation for initial standards).30 A.6 Layer 4 Standards (approved or in preparation for initial standards).31 A.7 Layer 5 Standards (approved or in preparation for initial standards).31 A.8 Layer 6 Standards (approved or in preparation for initial standards).31 A.9 Layer 7 Standards (approved
24、 or in preparation for initial standards).31 A.10 Vocabulary work (approved or in preparation for initial standards).31 A.11 A brief summary of the above Standards or Technical Reports .32 A.11.1 Layer 1 Standards.32 A.11.2 Layer 2 Standards.36 A.11.3 Layer 3 Standards.38 A.11.4 Layer 4 Standards.38
25、 A.11.5 Layer 5 Standards.38 A.11.6 Layer 6 Standards.39 A.11.7 Layer 7 Standards.40 A.11.8 Vocabulary Standards40 Annex B (informative) Terms and definitions used in International Biometric Standards .41 B.1 General concepts41 B.2 Data-related terms.42 B.3 Capture-related terms.44 B.4 Enrolment-rel
26、ated terms.44 B.5 Process and system-related terms45 B.6 Person-related terms46 B.7 Comparison-related terms47 B.8 CBEFF-related terms51 B.9 BioAPI-related terms.52 B.10 Application-related terms.52 B.11 Performance-related terms.53 Bibliography.55 SANS 24741:2009This standard may only be used and p
27、rinted by approved subscription and freemailing clients of the SABS.ISO/IEC TR 24741:2007(E) ISO/IEC 2007 All rights reserved v Foreword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standard
28、ization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mu
29、tual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accord
30、ance with the rules given in the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Stan
31、dard requires approval by at least 75 % of the national bodies casting a vote. In exceptional circumstances, the joint technical committee may propose the publication of a Technical Report of one of the following types: type 1, when the required support cannot be obtained for the publication of an I
32、nternational Standard, despite repeated efforts; type 2, when the subject is still under technical development or where for any other reason there is the future but not immediate possibility of an agreement on an International Standard; type 3, when the joint technical committee has collected data o
33、f a different kind from that which is normally published as an International Standard (“state of the art”, for example). Technical Reports of types 1 and 2 are subject to review within three years of publication, to decide whether they can be transformed into International Standards. Technical Repor
34、ts of type 3 do not necessarily have to be reviewed until the data they provide are considered to be no longer valid or useful. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for identify
35、ing any or all such patent rights. ISO/IEC TR 24741, which is a Technical Report of type 3, was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 37, Biometrics. SANS 24741:2009This standard may only be used and printed by approved subscription and freemail
36、ing clients of the SABS.ISO/IEC TR 24741:2007(E) vi ISO/IEC 2007 All rights reservedIntroduction “Biometric authentication” is the automatic recognition of individual persons based on distinguishing biological and behavioural traits. The field is a subset of the broader field of human identification
37、 science. Example technologies include fingerprinting, face recognition, hand geometry, speaker recognition and iris recognition. At the current level of technology, DNA analysis is a laboratory technique not fully automated and requiring human processing, so it is not considered “biometric authenti
38、cation” under this definition (it is not currently automatic and fast, but may become so in the near future). Some techniques (such as iris recognition) are more biologically based and some (such as signature recognition) are more behaviourally based, but all techniques are influenced by both behavi
39、oural and biological elements. There are no purely “behavioural” or “biological” biometric systems. Biometric authentication is frequently referred to as simply “biometrics”, although this latter word has historically been associated with the statistical analysis of general biological data. The word
40、 “biometrics”, like “genetics”, is usually treated as singular. It first appeared in the vocabulary of physical and information security around 1980 as a substitute for the earlier descriptor “automatic personal identification”, in use in the 1970s. Biometric systems recognize “persons” by recognizi
41、ng “bodies”. The distinction between person and body is subtle, but is of key importance in understanding the inherent capabilities and limitations of these technologies. In our context, biometrics deals with computer recognition of patterns created by human behaviours and biological structures, and
42、 is usually associated more with the field of computer engineering and statistical pattern analysis than with the behavioural or biological sciences. Today, biometrics is being used to recognize individuals in a wide variety of contexts, such as computer and physical access control, law enforcement,
43、 voting, border crossing, social benefit programs and driver licensing. SANS 24741:2009This standard may only be used and printed by approved subscription and freemailing clients of the SABS. TECHNICAL REPORT ISO/IEC TR 24741:2007(E) ISO/IEC 2007 All rights reserved 1Information technology Biometric
44、s tutorial 1 Scope This Technical Report provides a tutorial on biometrics. It contains a description of the architecture of biometric processes and of the processes themselves. An annex provides further details of International Standards activity in the field of biometrics. A further annex provides
45、 terms and definitions that are in use in these International Standards. 2 Introduction and general history 2.1 What are biometric technologies? The all-encompassing term biometrics refers to the quantification or statistical analysis of biological characteristics. In this context, we are concerned
46、with technologies that analyze human characteristics for recognition security purposes. The statistical science of biometrics, usually used in biomedical contexts, is a separate discipline. A broadly accepted definition of biometrics for recognition states that: A biometric is a unique, measurable c
47、haracteristic or trait for automatically recognizing or verifying the identity of a human being. The agreed SC37 definition comes in two parts, and broadly agrees with the above. It is recommended that the word biometric be normally used only as an adjective, and not where the fuller term biometric
48、characteristic (as above) would be more appropriate. We have for adjectival use: biometric of or having to do with biometrics and for noun use: biometrics automated recognition of individuals based on their behavioural and biological characteristics So, biometric technologies are concerned with the
49、physical parts of the human body or the personal traits of human beings, and the recognition of individuals based on either or both of those parts or traits. It is important to note the term automatic in the above definition. This essentially means that a biometric technology must recognize or verify a human characteristic quickly and automatically, in real time. (A fuller explanation of the various biometric technologies is given in clause 3.) In summary the most common physical biometric characteristics are the eye, face, fingerpri
