1、American National StandardDeveloped byfor Information Technology Conformance Testing MethodologyStandard for Patron FormatsConforming to INCITS 398-2008,Information Technology Common Biometric Exchange FormatsFramework (CBEFF)INCITS 473-2011INCITS 473-2011INCITS 473-2011American National Standardfor
2、 Information Technology Conformance Testing Methodology Standardfor Patron Formats Conforming toINCITS 398-2008, Information Technology Common Biometric Exchange FormatsFramework (CBEFF)SecretariatInformation Technology Industry CouncilApproved March 30, 2011American National Standards Institute, In
3、c.Approval of an American National Standard requires review by ANSI that therequirements for due process, consensus, and other criteria for approval havebeen met by the standards developer.Consensus is established when, in the judgement of the ANSI Board ofStandards Review, substantial agreement has
4、 been reached by directly andmaterially affected interests. Substantial agreement means much more thana simple majority, but not necessarily unanimity. Consensus requires that allviews and objections be considered, and that a concerted effort be madetowards their resolution.The use of American Natio
5、nal Standards is completely voluntary; theirexistence does not in any respect preclude anyone, whether he has approvedthe standards or not, from manufacturing, marketing, purchasing, or usingproducts, processes, or procedures not conforming to the standards.The American National Standards Institute
6、does not develop standards andwill in no circumstances give an interpretation of any American NationalStandard. Moreover, no person shall have the right or authority to issue aninterpretation of an American National Standard in the name of the AmericanNational Standards Institute. Requests for inter
7、pretations should beaddressed to the secretariat or sponsor whose name appears on the titlepage of this standard.CAUTION NOTICE: This American National Standard may be revised orwithdrawn at any time. The procedures of the American National StandardsInstitute require that action be taken periodicall
8、y to reaffirm, revise, orwithdraw this standard. Purchasers of American National Standards mayreceive current information on all standards by calling or writing the AmericanNational Standards Institute.American National StandardPublished byAmerican National Standards Institute, Inc.25 West 43rd Stre
9、et, New York, NY 10036Copyright 2011 by Information Technology Industry Council (ITI)All rights reserved.No part of this publication may be reproduced in anyform, in an electronic retrieval system or otherwise,without prior written permission of ITI, 1101 K Street NW, Suite 610, Washington, DC 20005
10、. Printed in the United States of AmericaCAUTION: The developers of this standard have requested that holders of patents that may berequired for the implementation of the standard disclose such patents to the publisher. However,neither the developers nor the publisher have undertaken a patent search
11、 in order to identifywhich, if any, patents may apply to this standard. As of the date of publication of this standardand following calls for the identification of patents that may be required for the implementation ofthe standard, no such claims have been made. No further patent search is conducted
12、 by the de-veloper or publisher in respect to any standard it processes. No representation is made or impliedthat licenses are not required to avoid infringement in the use of this standard.iContentsPageForeword .iii0 Introduction 11 Scope. 32 Conformance . 33 Normative References . 34 Terms and Def
13、initions 45 Conformance Testing Levels . 55.1 General Considerations . 55.2 Conformance Testing Types 55.3 Conformance Testing Hierarchy 55.4 Conformance Testing Level. 55.4.1 Level 1 - Data Format Conformance 55.4.2 Level 2 - Internal Consistency Checking 65.5 Test Reports 66 Assertion Elements for
14、 Level 1 and 2 Testing . 66.1 Introduction 66.2 Assertion Element Descriptions. 76.2.1 Field Names. 76.2.2 Operators. 76.2.3 Operands . 86.2.4 Other Assertion Elements 9AnnexesA Test Assertions for INCITS 398-2008 Patron Format A. 10B Test Assertions for INCITS 398-2008 Patron Format C - The BioAPI
15、Biometric Identification Record (BIR) Conforming to INCITS 358-2002, The BioAPI Specification 15C Test Assertions for INCITS 398-2008 Patron Format D - ICAO LDS 16D Test procedures for INCITS 398-2008 Patron Format PIV - NIST Personal Identify Verification (PIV). 19E Test assertions for INCITS 398-2
16、008 Patron Format ITL - NIST/ITL Type-99 Data Record . 20iiPageF Example test cases for certain patron formats 22F.1 Test cases for Patron Format A. 22F.2 Test cases for Patron Format C (BioAPI) 36F.3 Test cases for Patron Format ITL 39F.4 Test cases for Level 1 and Level 2 testing of optional field
17、s of Patron Format D - ICAO LDS 52G Bibliography . 56iiiForeword (This foreword is not part of American National Standard INCITS 473-2011.)INCITS (The InterNational Committee for Information Technology Standards) is theANSI-recognized Standards Development Organization for information technologywith
18、in the United States of America. Members of INCITS are drawn from Govern-ment, Corporations, Academia, and other organizations with a material interest in thework of INCITS and its Technical Committees. INCITS does not restrict membershipand attracts participants in its technical work from 13 differ
19、ent countries, and oper-ates under the rules of the American National Standards Institute.In the field of Biometrics, INCITS has established the Technical Committee M1. Stan-dards developed by this Technical Committee have reached consensus throughoutthe development process and have been thoroughly
20、reviewed through several publicreview processes. In addition, the INCITS Executive Board and the ANSI Board ofStandards Review have approved this American National Standard for publication asan INCITS Standard.This standard contains seven annexes. Annexes A, B, C, and E are normative andare consider
21、ed part of this standard. Annexes D, F, and G are informative and arenot considered part of this standard.Requests for interpretation, suggestions for improvement or addenda, or defect re-ports are welcome. They should be sent to InterNational Committee for InformationTechnology Standards (INCITS),
22、ITI, 1101 K Street, NW, Suite 610, Washington, DC20005.This standard was processed and approved for submittal to ANSI by INCITS. Com-mittee approval of this standard does not necessarily imply that all committee mem-bers voted for its approval. At the time it approved this standard, INCITS had thefo
23、llowing members:Don Wright, ChairJennifer Garner, SecretaryOrganization Represented Name of RepresentativeAdobe Systems, Inc Scott Foshee Steve Zilles (Alt.)AIM Global, Inc. . Dan Mullen Charles Biss (Alt.)Apple Computer, Inc. . Kwok Lau Helene Workman (Alt.)David Singer (Alt.)Distributed Management
24、 Task Force John Crandall Jeff Hilland (Alt.)Electronic Industries Alliance . Edward Mikoski, Jr. Henry Cuschieri (Alt.)EMC Corporation . Gary RobinsonFarance, Inc. Frank FaranceTimothy Schoechle (Alt.)GS1 US . Ray Delnicki Frank Sharkey (Alt.)James Chronowski (Alt.)Mary Wilson (Alt.)Hewlett-Packard
25、 Company Karen Higginbottom Paul Jeran (Alt.)IBM Corporation Gerald Lane Robert Weir (Alt.)Arnaud Le Hors (Alt.)Debra Borland (Alt.)Steve Holbrook (Alt.)ivOrganization Represented Name of RepresentativeIEEE . Bill Ash Jodie Haasz (Alt.)Bob Labelle (Alt.)Intel Philip Wennblom Grace Wei (Alt.)Stephen
26、Balogh (Alt.)Lexmark International. Don Wright Dwight Lewis (Alt.)Paul Menard (Alt.)Jerry Thrasher (Alt.)Microsoft Corporation . Jim Hughes Dick Brackney (Alt.)John Calhoun (Alt.)National Institute of Standards it specifies data element and abstract value definitions that may be used in specifying a
27、 particular SBH format specification (called a “patron format”). CBEFF thus enables the definition of SBH formats and contents that are “tuned” to their intended environment (called “the Domain of Use” or “DOU” by CBEFF). INCITS 398-2008 specifies two patron formats in its annexes, and documents, in
28、 additional annexes, several patron formats that have been standardized and published by various organizations. CBEFF provides a process for new patron formats to be standardized. End users of biometric systems desire to use these patron formats to ensure that BIRs of one biometric system can be int
29、erchanged with other biometric systems with a minimum of effort. In order to achieve this, it is critical that implementations claiming conformance to a particular patron format actually are conformant, and thus there is a need for conformance testing standards for each of the patron format specific
30、ations, in order to provide a reasonable degree of assurance that a conformance claim has validity. In fact, no test can be absolutely comprehensive and prove that a given implementation is conformant under all possible circumstances, especially when there are optional data elements of the patron fo
31、rmat. A well-designed conformance test can, however, test all of the most likely sources of problems and ensure that the implementation under test conforms under a reasonable set of circumstances, giving assurance, but not a guarantee, of conformance. INCITS 473-2011 2 There are many different types
32、 of conformance testing that may be appropriate for the various patron format specifications. Some of them are highly specific to each patron format but some of them have common elements across all of the formats. Therefore, the body of this standard describes the different types of conformance test
33、ing. It then goes on to provide details of the common elements for defining test assertions for Level 1 and Level 2 testing, as they are defined in Clause 5, which have many similarities among different patron format specifications. Finally, it provides guidelines for conducting the tests and report
34、ing the results of the tests. Test assertions for patron formats A, C, and F specified in INCITS 398-2008 as well as test assertions for patron format D specified in the same standard (for applications other than MRTD and other ICAO applications) are included in four normative annexes (test assertio
35、ns). An informative annex contains test cases for patron formats A, C, and F specified in INCITS 398-2008 as well as test cases for the optional fields of patron format D specified in the same standard. One additional annex includes references to tests specified by the organization that developed th
36、e NIST PIV patron format (Annex E of INCITS 398-2008). ANSI/INCITS standard, INCITS 423, Information Technology Conformance Testing Methodology Standard for Biometric Data Interchange Format Standards, defines testing techniques and requirements for conformance of selected standardized BDB structure
37、s; that standard specifically excludes testing of full CBEFF BIRs and patron formats from its scope, although it assumes that complete BIRs are part of the implementation under test. This standard defines techniques and requirements for testing the conformance of the SBH portion of a BIR to its patr
38、on format specification, the consistency of the BIR structure and any required sequence of SBH fields as the patron format may require. Specification of BDB and SB format conformance testing methodologies is not part of this standard. INCITS 473-2011 3 1 Scope This standard specifies the concepts, t
39、est types and a conformance testing methodology to test conformance of CBEFF Biometric Information Records (BIR) claiming to be conformant to patron formats A, the BioAPI BIR or the NIST/ITL Type 99 data record specified in INCITS 398-2008 annexes as well as the LDS patron format for applications ot
40、her than MRTD and other ICAO applications. The testing methodology specifies testing of the consistency of the BIR structure and any required sequence of SBH fields that may be specified by the patron formats. Conformance testing methodologies for the LDS patron format (for MRTD and other ICAO appli
41、cations), the PIV patron format documented in INCITS 398-2008 as well as conformance testing methodologies for CBEFF BDB and SB formats are not part of this standard. 2 Conformance Biometric patron format conformance tests that claim conformance to this standard shall satisfy the normative requireme
42、nts specified in Clause 5. Tests shall use the assertion types defined in Clause 6 together with the specific assertions specified in the normative annexes of this standard corresponding to the patron format being tested (patron formats A, C, or F specified in INCITS 398-2008 or patron format D of I
43、NCITS 398-2008 for applications other than MRTD and other ICAO applications). BIR implementations of CBEFF patron format A, C, or F specified in an annex of INCITS 398-2008 that have been tested in accordance with the methodology specified in this standard shall be able to claim conformance only to
44、those requirements specified in that CBEFF patron format. This also applies to patron format D of INCITS 398-2008 for applications other than MRTD and other ICAO applications. 3 Normative References The following standards contain provisions which, through reference in this text, constitute provisio
45、ns of this American National Standard. All standards are subject to revision, and parties to agreements based on this American National Standard are encouraged to investigate the possibility of applying the most recent editions of the standards indicated below. INCITS 398-2008, Common Biometric Exch
46、ange Formats Framework INCITS 473-2011 4 4 Terms and Definitions Assertion The specification for testing a conformance requirement in an implementation under test in the forms defined in this standard. BIR A data package containing biometric data that is intended to be interchanged between two or mo
47、re biometric processing environments or systems. Conformance Fulfillment by a product, process, or service of all relevant specified conformance requirements. Conformance Test Suite (CTS) Test software used to automate certain types of conformance testing. Conformance testing Captures the technical
48、description of a specification and measures whether an implementation faithfully implements the specification by achieving conformance to the technical description of the specification. Conformance testing laboratory Organization that carries out conformance testing. This may be the creator of the I
49、UT, the user of the IUT, or an unbiased third party. Level 1 Testing A conformance testing methodology that checks field by field and byte by byte conformance with the patron format Specification, both in terms of fields included and the ranges of the values in those fields. Level 2 Testing A conformance testing methodology that tests (a) the internal consistency of the BIR under test, relating values from one part of the SBH or SBH field to values from other parts or fields of the SBH and/or the BIR or (b) tests the sequence of fields in the BIRs SBH as defined in t
