1、INCITS/ISO/IEC 19785-2 -20062008 (ISO/IEC 19785-2 -2006, IDT) Information technology CommonBiometric Exchange Formats Framework Part 2: Procedures for the operation of the Biometric Registration AuthorityINCITS/ISO/IEC 19785-2 -20062008(ISO/IEC 19785-2 -2006, IDT)Copyright American National Standard
2、s Institute Provided by IHS under license with ANSI Not for ResaleNo reproduction or networking permitted without license from IHS-,-,-INCITS/ISO/IEC 19785-2 -20062008 ii ITIC 2008 All rights reserved PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes licensing po
3、licy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Centra
4、l Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken
5、 to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below. Adopted by INCITS (InterNational Committee for Information Technology Standards) as an American National
6、Standard. Date of ANSI Approval: 7/1/2008 Published by American National Standards Institute, 25 West 43rd Street, New York, New York 10036 Copyright 2008 by Information Technology Industry Council (ITI). All rights reserved. These materials are subject to copyright claims of International Standardi
7、zation Organization (ISO), International Electrotechnical Commission (IEC), American National Standards Institute (ANSI), and Information Technology Industry Council (ITI). Not for resale. No part of this publication may be reproduced in any form, including an electronic retrieval system, without th
8、e prior written permission of ITI. All requests pertaining to this standard should be submitted to ITI, 1250 Eye Street NW, Washington, DC 20005. Printed in the United States of America Copyright American National Standards Institute Provided by IHS under license with ANSI Not for ResaleNo reproduct
9、ion or networking permitted without license from IHS-,-,-INCITS/ISO/IEC 19785-2 -20062008 ITIC 2008- All rights reserved iiiContents Page Foreword iv Introduction.v 1 Scope1 2 Normative references1 3 Terms and definitions .1 3.1 Terms defined in ISO/IEC 19785-1 .1 3.2 Other terms and definitions .2
10、4 Symbols and abbreviated terms 2 5 General .2 6 Appointment of the registration authority 5 7 Fees.5 8 Registration procedures for CBEFF biometric organizations and CBEFF patrons .5 8.1 General .5 8.2 Application for registration as a CBEFF biometric organization or as a CBEFF patron .5 8.3 Review
11、of applications6 8.3.1 Procedure.6 8.3.2 Response time .6 8.4 Confirmation process .6 8.5 Objection process for CBEFF patron registrations .6 9 Registration procedures for BIR formats, BDB formats, SB formats and biometric products .7 9.1 General .7 9.2 Application for registration of a BIR format,
12、BDB format, SB format, or biometric product 7 9.3 Review of applications7 9.3.1 Procedure.7 9.3.2 Response time .7 9.4 Confirmation process .8 9.5 Objection process .8 10 Content of applications.8 10.1 General .8 10.2 Application for registration as a biometric organization or as a CBEFF patron 8 10
13、.3 Application for registration of a BIR format, BDB format, SB format, or biometric product 8 11 Maintenance of a web-based register .9 Annex A (normative) Registration authority 10 Annex B (informative) Sample registration tables.11 Copyright American National Standards Institute Provided by IHS u
14、nder license with ANSI Not for ResaleNo reproduction or networking permitted without license from IHS-,-,-INCITS/ISO/IEC 19785-2 -20062008 iv ITIC 2008- All rights reservedForeword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form t
15、he specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC tech
16、nical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. I
17、nternational Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint technical committee are circulated to national bodies for
18、voting. Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying a
19、ny or all such patent rights. ISO/IEC 19785-2 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 37, Biometrics. ISO/IEC 19785 consists of the following parts, under the general title Information technology Common Biometric Exchange Formats Framework: Pa
20、rt 1: Data element specification Part 2: Procedures for the operation of the Biometric Registration Authority The following part is under preparation: Part 3: Patron Format Specifications Copyright American National Standards Institute Provided by IHS under license with ANSI Not for ResaleNo reprodu
21、ction or networking permitted without license from IHS-,-,-INCITS/ISO/IEC 19785-2 -20062008 ITIC 2008- All rights reserved vIntroduction Biometric-based authentication systems and applications are expected to support multiple biometric devices and multiple biometric data formats. The Common Biometri
22、c Exchange Formats Framework (CBEFF) promotes interoperability of biometric-based application programs and systems developed by different vendors by facilitating biometric data interchange. This part of ISO/IEC 19785 supports such exchanges by providing unambiguous identification of biometric organi
23、zations, formats and products. This part of ISO/IEC 19785 specifies procedures for a Registration Authority that is responsible for the assignment of ASN.1 object identifier components to identify biometric organizations, CBEFF patrons, biometric information record formats, biometric data block form
24、ats, security block formats, and biometric products, to provide globally unambiguous identification in the context of the CBEFF ASN.1 object identifier. The registration process is universal, assigns unique and unambiguous identifiers, and avoids changes in identifiers over time. The publication of
25、the registers promotes compatibility in interchange of biometric data and improves interoperability of biometric systems. Registration provides an identifier, but registration should not be regarded as a standardization procedure. Nevertheless, as a matter apart from registration, the registered obj
26、ect may, but need not, be the subject of an international, national, or other standard. The same registry can be used to register the identification of products which produce or process biometric data whether the biometric organization owning the product is the same as or different from the biometri
27、c organization which defined the format of that data. Copyright American National Standards Institute Provided by IHS under license with ANSI Not for ResaleNo reproduction or networking permitted without license from IHS-,-,-Copyright American National Standards Institute Provided by IHS under licen
28、se with ANSI Not for ResaleNo reproduction or networking permitted without license from IHS-,-,-AMERICAN NATIONAL STANDARD INCITS/ISO/IEC 19785-2 -20062008 ITIC 2008- All rights reserved 1Information technology Common Biometric Exchange Formats Framework Part 2: Procedures for the operation of the B
29、iometric Registration Authority 1 Scope This part of ISO/IEC 19785 specifies the procedures to be followed by the Biometric Registration Authority in preparing, maintaining, and publishing registers of identifiers for biometric organizations, CBEFF patron formats, BDB formats, security block formats
30、, and biometric products. 2 Normative references The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
31、ISO/IEC 8824-1, Information technology Abstract Syntax Notation One (ASN.1): Specification of basic notation ISO/IEC 9834-1, Information technology Open Systems Interconnection Procedures for the operation of OSI Registration Authorities: General procedures and top arcs of the ASN.1 Object Identifie
32、r tree ISO/IEC 19784-1, Information technology Biometric application programming interface Part 1: BioAPI specification ISO/IEC 19785-1, Information technology Common Biometric Exchange Formats Framework Part 1: Data element specification ISO/IEC 19794 (all parts), Information technology Biometric d
33、ata interchange formats 3 Terms and definitions 3.1 Terms defined in ISO/IEC 19785-1 For the purposes of this document, the following terms defined in ISO/IEC 19785-1 apply: BDB format; BDB format identifier; biometric; biometrics; biometric data block (BDB); biometric information record (BIR); biom
34、etric product; biometric product identifier; biometric product owner; biometric sample; CBEFF biometric organization identifier; CBEFF patron; CBEFF patron format; CBEFF patron format identifier; CBEFF patron identifier; security block; security block format; security block format identifier. Copyri
35、ght American National Standards Institute Provided by IHS under license with ANSI Not for ResaleNo reproduction or networking permitted without license from IHS-,-,-INCITS/ISO/IEC 19785-2 -20062008 2 ITIC 2008- All rights reserved3.2 Other terms and definitions For the purposes of this document, the
36、 following terms and definitions apply. 3.2.1 applicant organization requesting registration as a CBEFF biometric organization, or registered CBEFF biometric organization requesting registration of a CBEFF patron format, BDB format, SB format or biometric product 3.2.2 register record of assigned id
37、entifiers for CBEFF biometric organizations, CBEFF patron formats, BDB formats, SB formats, or biometric products 3.2.3 registrar person or organization appointed by a Registration Authority, responsible for preparing and maintaining the register(s) 3.2.4 registration authority organization nominate
38、d and appointed by the ISO/IEC Council to prepare and maintain registers 3.2.5 relevant ISO/IEC subcommittee ISO/IEC subcommittee responsible for the maintenance of this part of ISO/IEC 19785 NOTE The relevant subcommittee is currently ISO/IEC JTC 1/SC 37. 4 Symbols and abbreviated terms ASN.1 Abstr
39、act Syntax Notation One (see ISO/IEC 8824-1) BDB biometric data block BIR biometric information record CBEFF common biometric exchange formats framework (see ISO/IEC 19785-1) RA registration authority SB security block 5 General 5.1 This part of ISO/IEC 19785 defines procedures for registration by w
40、hich ASN.1 object identifier components are assigned to a) organizations concerned with the specification of biometric formats or with biometric products that either directly, or through the data that they produce, claim conformance to or can be used in conjunction with ISO/IEC 19785, ISO/IEC 19784,
41、 or one of the parts of ISO/IEC 19794; b) BIR formats specified by a CBEFF patron; c) BDB formats specified by a registered biometric organization; d) SB formats specified by a registered biometric organization; and e) biometric products supported by a registered biometric organization. Copyright Am
42、erican National Standards Institute Provided by IHS under license with ANSI Not for ResaleNo reproduction or networking permitted without license from IHS-,-,-INCITS/ISO/IEC 19785-2 -20062008 ITIC 2008- All rights reserved 3NOTE International Standards do not require the registration of BIR formats,
43、 BDB formats, SB formats, or biometric products, but registration is possible if a CBEFF patron or biometric organization considers that registration would be beneficial. 5.2 ASN.1 object identifiers are a form of worldwide unambiguous identification based on a hierarchical tree structure, and indep
44、endent hierarchical registration authorities (see ISO/IEC 9834-1 and ISO/IEC 8824-1). The ASN.1 object identifier tree has a root arc, arcs beneath that root arc, arcs beneath each of those arcs, and so on, to any depth. Arcs are identified by positive integer values (zero upwards) that provide unam
45、biguous identification of an arc within the superior arc. Arcs can also be given names (all in lower case, letters and hyphens only), but these are subsidiary to the numerical values and are not required. An object is identified by the sequence of arc values (numerical, or for early arcs, arc names)
46、 from the root to the object. 5.3 It is possible in representations of an object identifier to imply (by the context of that representation) identification of part of the path from the root to a node in the object identifier tree. In the extreme case, only a single object identifier component from t
47、hat implied node need be represented. This is the approach taken by ISO/IEC 19785-1 and by ISO/IEC 19784-1. These use a sixteen-bit field to provide the identification of an object identifier arc beneath an arc that is implied by the context. In other contexts, the full object identifier value shoul
48、d be given. 5.4 Components of ASN.1 object identifiers are positive integers (including zero) of unlimited magnitude. However, there are standards, for example ISO/IEC 19784-1, using the components allocated by this RA that use a simple 16-bit positive integer encoding for such components. The RA is therefore required to allocate values for arcs that can be represented as a 16-bit positive integer, and to alert the relevant ISO/IEC subcommittee before making allocations with any of the top three bits set to one. NOTE It is expected that allocations will normally start at zero and proceed incr