1、BRITISH STANDARDBS ISO/IEC 24713-1:2008Information technology Biometric profiles for interoperability and data interchange Part 1: Overview of biometric systems and biometric profilesICS 35.040g49g50g3g38g50g51g60g44g49g42g3g58g44g55g43g50g56g55g3g37g54g44g3g51g40g53g48g44g54g54g44g50g49g3g40g59g38g
2、40g51g55g3g36g54g3g51g40g53g48g44g55g55g40g39g3g37g60g3g38g50g51g60g53g44g42g43g55g3g47g36g58BS ISO/IEC 24713-1:2008This British Standard was published under the authority of the Standards Policy and Strategy Committee on 31 March 2008 BSI 2008ISBN 978 0 580 54246 6National forewordThis British Stan
3、dard is the UK implementation of ISO/IEC 24713-1:2008. The UK participation in its preparation was entrusted to Technical Committee IST/44, Biometrics.A list of organizations represented on this committee can be obtained on request to its secretary.This publication does not purport to include all th
4、e necessary provisions of a contract. Users are responsible for its correct application.Compliance with a British Standard cannot confer immunity from legal obligations.Amendments/corrigenda issued since publicationDate CommentsReference numberISO/IEC 24713-1:2008(E)INTERNATIONAL STANDARD ISO/IEC247
5、13-1First edition2008-03-01Information technology Biometric profiles for interoperability and data interchange Part 1: Overview of biometric systems and biometric profiles Technologies de linformation Profils biomtriques pour interoprabilit et change de donnes Partie 1: Expos gnral des systmes biomt
6、riques et des profils biomtriques BS ISO/IEC 24713-1:2008ii iiiContents Page Foreword iv Introduction v 1 Scope . 1 2 Normative references . 1 3 Terms and definitions. 1 4 Abbreviated terms 6 5 General biometric system 6 5.1 Conceptual diagram of general biometric system 6 5.2 Conceptual components
7、of a general biometric system 7 5.2.1 Data capture subsystem 7 5.2.2 Transmission subsystem (not portrayed in diagram). 7 5.2.3 Signal processing subsystem . 7 5.2.4 Data storage subsystem 7 5.2.5 Matching subsystem 7 5.2.6 5.2.6 Decision subsystem 7 5.2.7 5.2.7 Administration subsystem (not portray
8、ed in diagram) 8 5.2.8 Interface (not portrayed in diagram). 8 5.3 Functions of general biometric system 8 5.3.1 Enrolment 8 5.3.2 Verification 9 5.3.3 Identification 9 6 Relationship between the biometric system and the application 10 6.1 General. 10 6.2 The ID life-cycle. 10 6.2.1 Proofing . 11 6.
9、2.2 Registration . 11 6.2.3 Issuance. 11 6.2.4 Usage . 11 6.3 Subject versus end-user 11 6.3.1 6.3.1 Access control example 12 6.3.2 Travel document example 12 6.4 Biometric decision versus authorization .13 7 Interfaces between the biometric system and the application 14 7.1 Application programming
10、 interface (API).14 7.2 Protocol interface . 15 7.3 Hardware based electronic input/output interface 15 8 Developing biometric profiles utilising biometrics base standards . 15 8.1 Relationships of biometric base standards and their use in biometric profiles 15 8.2 Classes 16 8.2.1 Application class
11、 16 8.2.2 Data class 16 8.2.3 Interface class . 17 8.3 Using biometric base standards to develop biometric profiles. 17 Bibliography . 18 BS ISO/IEC 24713-1:2008iv Foreword ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO member bod
12、ies). The work of preparing International Standards is normally carried out through ISO technical committees. Each member body interested in a subject for which a technical committee has been established has the right to be represented on that committee. International organizations, governmental and
13、 non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives,
14、Part 2. The main task of technical committees is to prepare International Standards. Draft International Standards adopted by the technical committees are circulated to the member bodies for voting. Publication as an International Standard requires approval by at least 75 % of the member bodies cast
15、ing a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be held responsible for identifying any or all such patent rights. ISO/IEC 24713-1 was prepared by Technical Committee ISO/TC JTC 1, Information technology,
16、 Subcommittee SC 37, Biometrics. ISO/IEC 24713 consists of the following parts, under the general title Information technology Biometric profiles for interoperability and data interchange: Part 1: Overview of biometric systems and biometric profiles Part 2: Physical access control for employees at a
17、irports Part 3: Biometric based verification and identification of seafarers BS ISO/IEC 24713-1:2008vIntroduction This part of ISO/IEC 24713 is intended to form the overview part of the multipart standard on biometric profiles for interoperability and data interchange. It describes a schema for the
18、use of a number of biometric standards. This part of ISO/IEC 24713 is not intended to replace or counter any other part of this International Standard, but rather to be used as a reference guide for the implementation of a generic biometric system or a profile-standardized system. This part of ISO/I
19、EC 24713 provides generic information and guidance to users about biometric systems and the use of the various base standards within biometric profiles to support interoperability and data interchange among biometrics applications and systems. This part of ISO/IEC 24713 is one of a family of interna
20、tional standards being developed by ISO/IEC JTC 1/SC 37 that support interoperability and data interchange among biometrics applications and systems. This family of standards specifies requirements that solve the complexities of applying biometrics to a wide variety of personal recognition applicati
21、ons, whether such applications operate in an open systems 1)environment or consist of a single, closed system. Biometric data interchange format standards and biometric interface standards are both necessary to achieve full data interchange and interoperability for biometric recognition in an open s
22、ystems environment. The ISO/IEC JTC 1/SC 37 biometric standards family includes a layered set of standards consisting of biometric data interchange formats and biometric interfaces, as well as biometric profiles that describe the use of these standards in specific application areas. The biometric da
23、ta interchange format standards specify biometric data interchange records for different biometric modalities. Parties that agree in advance to exchange biometric data interchange records as specified in a subset of the ISO/IEC JTC 1/SC 37 biometric data interchange format standards should be able t
24、o perform biometric recognition with each others data. Parties should also be able to perform biometric recognition even without advance agreement on the specific biometric data interchange format standards to be used, provided they have built their systems on the layered ISO/IEC JTC 1/SC 37 family
25、of biometric standards. The biometric interface standards include the Common Biometric Exchange Formats Framework (CBEFF) and the Biometric Application Programming Interface (BioAPI). These standards support exchange of biometric data within a system or among systems. The CBEFF standard specifies th
26、e basic structure of a standardized Biometric Information Record (BIR) which includes the biometric data interchange record with added metadata, such as when it was captured, its expiry date, whether it is encrypted, etc. The BioAPI standard specifies an open system API that supports communications
27、between software applications and underlying biometric technology services. BioAPI also specifies a CBEFF BIR format for the storage and transmission of BioAPI-produced data. The biometric profile standards facilitate implementations of the base standards (e.g. the ISO/IEC JTC 1/SC 37 biometric data
28、 interchange format and biometric interface standards, and possibly non-biometric standards) for defined applications. These profile standards define the functions of an application (e.g. Physical Access Control for Employees at Airports) and then specify use of options in the base standards to ensu
29、re biometric interoperability. 1) Open systems are built on standards based, publicly defined data formats, interfaces, and protocols to facilitate data interchange and interoperability with other systems, which may include components of different design or manufacture. A closed system may also be b
30、uilt on publicly defined standards, and may include components of different design or manufacture, but inherently has no requirement for data interchange and interoperability with any other system. BS ISO/IEC 24713-1:2008blank1Information technology Biometric profiles for interoperability and data i
31、nterchange Part 1: Overview of biometric systems and biometric profiles 1 Scope This part of ISO/IEC 24713 identifies and defines the functional blocks and components of a generic biometric system, and the distinct characteristics of each component. It also defines a generic biometric reference arch
32、itecture incorporating the relevant biometric-related base standards to support interoperability and data interchange. 2 Normative references The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated r
33、eferences, the latest edition of the referenced document (including any amendments) applies. ISO/IEC 19794-1:2006, Information technology Biometric data interchange formats Part 1: Framework 3 Terms and definitions For the purpose of this document, the following terms and definitions apply. 3.1 appl
34、ication programming interface API software based interface that can be used for communications and interfacing between an application and the biometric system. NOTE 1 An API is computer code used by an application developer. Any biometric system that is compatible with the API can be added or interc
35、hanged by the application developer. NOTE 2 APIs are often described by the degree to which they are high level or low level. High level means that the interface is proximate to the application and low-level means that the interface is proximate to the device. 3.2 application hardware/software syste
36、m implemented to satisfy a broad set of requirements. NOTE In this context, an application incorporates a biometric system to satisfy a subset of requirements related to the verification or identification of an end-users identity so that the end-users identifier can be used to facilitate the end-use
37、rs interaction with the system. EXAMPLE A biometrics-enabled time and attendance system has a broad requirement to record an employees starting and leaving times so the employee can be paid the correct amount of wages. The system uses biometrics to verify BS ISO/IEC 24713-1:20082 the employees “end-
38、users” claim that his identity is the one that the system has associated with the employees id-number identifier at the times when the employee interacts with the biometric device as he enters and leaves the work place. 3.3 base standard fundamental standard with elements that contain options. NOTE
39、Base standards can be used in diverse applications, for each of which it may be useful to fix the optional elements in a standardized profile with the aim of achieving interoperability between instances of the specific application. 3.4 biometric pertaining to the field of biometrics NOTE “Biometric”
40、 is never used as a noun. 3.5 biometrics automated recognition of individuals based on their behavioural and biological characteristics 3.6 biometric data information extracted from the biometric sample used to build a template or to compare against a previously created template 3.7 biometric functi
41、ons procedures or activities of enrolment (3.19), verification (3.40) and/or identification (3.25) within a biometric system 3.8 biometric interchange data BID biometric data formatted according to one or more of the data interchange standards as defined by ISO 19794 3.9 biometric profile conforming
42、 subsets or combinations of base standards used to effect specific biometric functions NOTE Biometric profiles define specific values or conditions from the range of options described in the relevant base standards, with the aim of supporting the interchange of data between applications and the inte
43、roperability of systems. 3.10 biometric sample raw data representing a biometric characteristic of an end-user as captured by a biometric system 3.11 biometric system (mainly) automated system capable of 1) capturing a biometric sample from an end-user or as provided by a forensic technology, 2) ext
44、racting biometric data from that sample, or alternatively, deriving biometric features from the biometric data in a form suitable for comparison with one or more reference templates, 3) comparing the biometric features with those contained in one or more reference templates , 4) determining the leve
45、l of similarity by a score or other metric, or alternatively, ranking in accordance with the level of similarity as determined by a score or other metric, BS ISO/IEC 24713-1:200835) returning a result to the application indicating whether the identification and/or verification has been successful or
46、 not, and 6) storing and managing biometric data and related system information NOTE The set of biometric systems can be divided in two classes as follows: Single-biometric system: biometric system that uses a single biometric modality, algorithm or sensor. Multi-biometric system: biometric system t
47、hat uses multiple biometric modalities and/or sensors and/or algorithms. 3.12 biometric system components those parts or elements of the system that perform specific tasks that are required by the system in order for it to function. EXAMPLE Examples of biometric system components are capture, proces
48、s and compare. 3.13 biometric template biometric data derived from a biometric sample or combination of biometric samples that is suitable for storage as a reference for future comparison 3.14 capture method of taking a biometric sample from an end-user 3.15 comparison process of evaluating the simi
49、larities between a template and a reference template 3.16 database structured set of data held in a computer 3.17 decision result of the comparison between the match score and the threshold NOTE The decision can be acceptance or rejection. 3.18 end-user person who interacts with a biometric system to enroll or have his/her identity checked 3.19 enrolment process of collecting biometric sample(s) from an end-user and the subsequent preparation and storage of biometric reference template(s) and, if necessary, associated data in connection