Introduction to Biometrics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #21 Biometrics Standards - I November 7, 2005.

Slides:



Advertisements
Similar presentations
Privacy By Design Sample Use Case
Advertisements

International Workshop on Usability and Biometrics: NIST Welcome
PRINCIPLES OF A CALIBRATION MANAGEMENT SYSTEM
Software Quality Assurance Plan
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
1 WebTrust for Certification Authorities (CAs) Overview October 2011 WebTrust for Certification Authorities (CAs) Overview October 2011 Presentation based.
DHS, National Cyber Security Division Overview
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
ISO/IEC JTC1 SC37 Overview
Security Controls – What Works
Chapter 1 – Introduction
Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.
EDUCAUSE Fed/Higher ED PKI Coordination Meeting
Introduction to the State-Level Mitigation 20/20 TM Software for Management of State-Level Hazard Mitigation Planning and Programming A software program.
Standards for Biometrics Dr. Pushkin Kachroo. Introduction Standards needed for interoperability At all levels of the system –hardware level (using one.
© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
National Information Assurance Partnership NIAP 2000 Building More Secure Systems for the New Millenium sm.
Standards for Shared ICT Jeju, 13 – 16 May 2013 Gale Lightfoot Senior Staff Program Manager, Office of the CTO, SPB Cisco ATIS Cybersecurity Standards.
Database Administration Chapter 16. Need for Databases  Data is used by different people, in different departments, for different reasons  Interpretation.
DL/ID Card Design Specification Responsible Retailing Forum Rich Carter (AAMVA) 2004 Responsible Retailing Forum The Next Generation of State IDs.
National Smartcard Project Work Package 8 – Security Issues Report.
Defence and Security Division SC37 Paris status report CEN Biometric Focus Group Brussels January 26th 2005.
Bill Newhouse Program Lead National Initiative for Cybersecurity Education Cybersecurity R&D Coordination National Institute of Standards and Technology.
BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
1 Seminar Presentation Multimedia Audio / Video Communication Standards Instructor: Dr. Imran Ahmad By: Ju Wang November 7, 2003.
NIST Special Publication Revision 1
The Challenge of IT-Business Alignment
CSIAC is a DoD Information Analysis Center (IAC) sponsored by the Defense Technical Information Center (DTIC) Presentation to: Insider Threat SOAR Workshop.
Presented by: Jay Maxwell CIO, AAMVA The Driver’s License: Finally, National Standards Presented by: Jay Maxwell CIO, AAMVA.
The Biometric Foundation Biometrics – Standards Activities National Defense Industrial Association 19 th Annual Security Symposium Reston, Virginia June.
Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.
1 EAP and EAI Alignment: FiXs Pilot Project December 14, 2005 David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
Hosted by: June 23-26, 2003 New York City State of Biometric Standards Jeff Stapleton, Manager Information Risk Management
Chapter 6 – Data Handling and EPR. Electronic Health Record Systems: Government Initiatives and Public/Private Partnerships EHR is systematic collection.
OpenSG Conformity IPRM Overview July 20, ITCA goals under the IPRM at a high level and in outline form these include: Organize the Test and Certification.
CDSA HRS NCITS M1 Meeting Catherine J. Tilton SAFLINK Sunset Hills Rd, Suite 106 Reston, VA Fax
1 Emergency Management Standards EM- XML Consortium & EM Technical Committee Presentation to Steve Cooper March 18,2003.
HIT Policy Committee NHIN Workgroup Recommendations Phase 2 David Lansky, Chair Pacific Business Group on Health Danny Weitzner, Co-Chair Department of.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All SMART GRID ICT: SECURITY, INTEROPERABILITY & NEXT STEPS John O’Neill, Senior Project Manager CSA.
National Information Exchange Model Presented by : Mini Kanwal June, 09.
DICOM and ISO/TC215 Hidenori Shinoda Charles Parisot.
1 © Material United States Department of the Interior Federal Information Security Management Act (FISMA) April 2008 Larry Ruffin & Joe Seger.
Introduction to Biometrics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #23 Biometrics Standards - II November 14, 2005.
Geneva, Switzerland, April 2012 Introduction to session 7 - “Advancing e-health standards: Roles and responsibilities of stakeholders” ​ Marco Carugi.
1 ISO/IEC JTC1/SC37 Standards A presentation of the family of biometric standards October 2008.
Last Updated 1/17/02 1 Business Drivers Guiding Portal Evolution Portals Integrate web-based systems to increase productivity and reduce.
Database Administration
1 Federal Identity Management Initiatives Federal Identity Management Initatives David Temoshok Director, Identity Policy and Management GSA Office of.
National Cybersecurity Center of Excellence Increasing the deployment and use of standards-based security technologies Mid-Atlantic Federal Lab Consortium.
Fax: (703) DoD BIOMETRICS PROGRAM DoD Biometrics Management Office Phone: (703)
NIST HIPAA Security Rule Toolkit Kevin Stine Computer Security Division Information Technology Laboratory National Institute of Standards and Technology.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Law Seminars International Spectrum Management Conference NTIA: SPECTRUM POLICY FOR THE 21 st CENTURY The Federal Government Spectrum Management Perspective.
State of Georgia Release Management Training
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
National Geospatial Enterprise Architecture N S D I National Spatial Data Infrastructure An Architectural Process Overview Presented by Eliot Christian.
Washington Traffic Records Committee Creating & Coordinating a Shared Vision for Traffic Records 2006 Traffic Records Forum August 1, 2006.
1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High.
The NIST Special Publications for Security Management By: Waylon Coulter.
Information Security Office: Function, Alignment in the Organization, Goals, and Objectives Presentation to Sacramento PMO March 2011 Kevin Dickey.
Advancing National Wireless Capability Date: March 22, 2016 Wireless Test Bed & Wireless National User Facility Paul Titus Department Manager, Communications.
Accounting Information Systems: An Overview
Update from the Faster Payments Task Force
EDUCAUSE Fed/Higher ED PKI Coordination Meeting
Cybersecurity Special Public Meeting/Commission Workshop for Natural Gas Utilities September 27, 2018.
HIMSS National Conference New Orleans Convention Center
Group Meeting Ming Hong Tsai Date :
Presentation transcript:

Introduction to Biometrics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #21 Biometrics Standards - I November 7, 2005

Outline l Why Standards? l NIST Standards l DoD Biometrics l International Biometric Group l Directions l Reference: - Chapter s.aspx s.aspx - ml ml

Why Standards? l Communication Methods between biometric devices and systems l Feature extraction methods l Data comparison methods l Content and length of biometric template l Storage and retrieval of biometric data

Biometrics Standards: Overview l An indication of the current substantial growth and interest in biometrics is the emergence of biometrics industry standards and related activities. l Standards have become strategic business issues. l For any given technology, industry standards assure the availability of multiple sources for comparable products and of competitive products in the marketplace. l Standards will support the expansion of the marketplace for biometrics.

Biometrics Standards: Overview l After the tragic events of September 11, there is an increased emphasis on biometrics standards. l ITL (Information Technology Laboratory) of NIST (National Institute of Standards and Technology is developing standards to help end-users and the industry in accelerating the deployment of needed, standards-based security solutions in response to Critical Infrastructure protection and Homeland Defense/Security requirements. l ITL is accelerating the development of biometric standards (e.g., technology-independent interoperability and data interchange) in collaboration with Federal Agencies, other end-users, biometric vendors and the IT industry.

INCITS Biometric Technical Committee: M1 l Technical Committee M1, Biometrics, has been established by the Executive Board of the International Committee for Information Technology Standards (INCITS) to ensure a high priority, focused, and comprehensive approach in the United States for the rapid development and approval of formal national and international generic biometric standards.International Committee for Information Technology Standards (INCITS) l Critical generic biometric standards include common file formats and application program interfaces l The M1 Document Register provides information on the current M1 activities, presentations given during the first M1 meeting (January 16-17, 2002) and a summary of the resolutions taken at the meeting or by letter ballots.Document Register l M1 has forty two members from private industry, government agencies and academia. A first meeting Convener's report is available in the M1 Document Register.

INCITS Biometric Technical Committee: M1 l M1 Ad-Hoc Group: Ad-Hoc Group on Evaluating Multi- Biometric Systems (AHGEMS), is responsible for a Study Project on the concepts of operation and methods of performance evaluation for multi-biometric systems. l M1 has created five new Task Groups to handle increased activity in biometrics. l M1.2, the Task Group on Biometric Technical Interfaces, covers the standardization of all necessary interfaces and interactions between biometric components and sub- systems, including the possible use of security mechanisms to protect stored data and data transferred between systems. l M1.2 will also consider the need for a reference model for the architecture and operation of biometric systems in order to identify the standards that are needed to support multi- vendor systems and their applications.

INCITS Biometric Technical Committee: M1 l M1.3, the Task Group on Biometric Data Interchange Formats, focuses on the standardization of the content, meaning and representation of biometric data interchange formats. l Currently, assigned projects are: - Finger Pattern Based Interchange Format, - Finger Minutiae Format for Data Interchange, - Face Recognition Format for Data Interchange, - Iris Interchange Format, - Finger Image Based Interchange Format, - Signature/Sign Image Based Interchange Format, and - Hand Geometry Interchange Format.

INCITS Biometric Technical Committee: M1 l M1.3 Ad-Hoc Group: Ad Hoc Group on Data Quality, is addressing means of quality and ways of expressing and interpreting the quality of a biometric sample. l M1.4, the Task Group on Biometric Profiles, covers the standardization of Application Profile projects. l Currently, assigned projects are: - Application Profile for Interoperability and Data Interchange - Biometric Based Verification and Identification of Transportation Workers, - Application Profile for Interoperability, Data Interchange and Data Integrity - Biometric Based Personal Identification for Border Management, - Application Profile for Point-of-Sale Biometric Verification/Identification

INCITS Biometric Technical Committee: M1 l M1.4 Ad-Hoc Group: M1.4 Ad Hoc Group on Biometrics and E-Authentication (AHGBEA), is responsible for developing a technical report describing suitability of biometric architectures, security requirements and recommendations for the use of biometrics for e-authentication. l AHGBEA is also responsible for examining related biometrics and security issues related to the topics addressed in the Ad-Hoc Group's Terms of Reference.Terms of Reference l M1.5 is the Task Group on Biometric Performance Testing and Reporting handles the standardization of biometric performance metric definitions and calculations, approaches to test performance and requirements for reporting the results of these tests.

INCITS Biometric Technical Committee: M1 l M1.6, the Task Group on Cross Jurisdictional and Societal Issues addresses study and standardization of technical solutions to societal aspects of biometric implementations. l Excluded from the TG's scope is the specification of policies, the limitation of usage, or imposition of non-technical requirements on the implementations of biometric technologies, applications, or systems. l M1.6 is responsible for US technical contributions to JTC1 SC 37 WG 6 on Cross-Jurisdictional and Societal Issues.

Common Biometric Exchange File Format (CBEFF) l CBEFF describes a set of data elements necessary to support biometric technologies in a common way independently of the application and the domain of use (e.g., mobile devices, smart cards, protection of digital data, biometric data storage). l CBEFF facilitates biometric data interchange between different system components or between systems, promotes interoperability of biometric-based application programs and systems, provides forward compatibility for technology improvements, and simplifies the software and hardware integration process. l CBEFF is being augmented under the NIST/BC Biometric Interoperability, Performance and Assurance Working Group to incorporate a compliant smart card format, Product ID, and a CBEFF nested structure definition.NIST/BC Biometric Interoperability, Performance and Assurance Working Group

Biometric Interoperability Performance Assurance Working Group l NIST and the Biometric Consortium have established this Working Group to support advancement of technically efficient and compatible biometric technology solutions l The Working Group has the following Task Groups/Technical Development Teams: - Testing Ad-Hoc Group – basic testing methodology - Assurance Ad-Hoc Group)– biometrics assurance issues, review of protection profiles - CBEFF Technical Development Team - augmented CBEFF under development (e.g., compliant smart card format, Product ID, nested structure)\ - Biometric Template Protection & Integrity Task Group ( (e.g., risk of re-insertion, template transformations) - Biometric Security Task Force - (e.g., vulnerability of biometric data to different attacks, non-repudiation)

BioAPI l This specification defines the Application Programming Interface and Service Provider Interface for a standard biometric technology interface. l BioAPI V1.1 defines an open system standard API that allows software applications to communicate with a broad range of biometric technologies in a common way. l As an “open systems” specification, the BioAPI is intended for use across a broad spectrum of computing environments to insure cross-platform support. l BioAPI V1.1 was developed by the BioAPI Consortium and specifies standard functions and a biometric data format which is an instantiation of CBEFF.BioAPI Consortium

Human Recognition Services Module (HRS) of the Open Group's Common Data Security Architecture (CDSA) l HRS is an extension of the Open Group’s Common Data Security Architecture. l CDSA is a set of layered security services and a cryptographic framework that provides the infrastructure for creating cross-platform, interoperable, security-enabled applications for client-server environments. l The CDSA solutions cover all the essential components of security capability, to secure electronic commerce and other business applications with services that provide facilities for cryptography, certificate management, trust policy management, and key recovery. l The biometric component of the CDSA’s HRS is used in conjunction with other security modules (i.e., cryptographic, digital certificates, and data libraries) and is compatible with the BioAPI specification and CBEFF.

Biometrics Management and Security for the Financial Services Industry l American National Standards Institute (ANSI) X9.F4 Working Group specifies the minimum security requirements for effective management of biometrics data for the financial services industry and the security for the collection, distribution and processing of biometrics data l It specifies: - (1) the security of the physical hardware used throughout the biometric life cycle; - (2) the management of the biometric data across its life cycle; - (3) the utilization of biometric technology for verification/identification of banking customers and employees; - (4) the application of biometric technology for physical and logical access controls - (5) the encapsulation of biometric data; and - (6) techniques for securely transmitting/storing biometric data.

Fingerprint Standard l This ANSI standard specifies a common format to be used to exchange fingerprint, facial, scars, mark and tattoo identification data effectively across jurisdictional lines or between dissimilar systems made by different manufacturers. l All Federal, state and local law enforcement data is transmitted using the ANSI-NIST standard. l This standard is a key component in allowing interoperability in the justice community.

Fingerprint Minutiae Format/National Standards for the Driver License/Identification Card l American Association for Motor Vehicle Administration (AAMVA) Driver’s License and Identification (DL/ID) Standard provides a uniform means to identify issuers and holders of driver license cards within the U.S. and Canada. l It specifies identification information on drivers’ license and ID card applications. l For Bar codes, integrated circuit cards, and optical memory, the AAMVA standard employs international standard application coding to make additional applications possible on the same card. l The standard specifies minimum requirements for presenting human-readable identification information including the format and data content of identification in the magnetic stripe, the bar code, integrated circuit cards, optical memories, and digital imaging. l It also specifies a format for fingerprint minutiae data that would be readable across state and province boundaries for drivers’ licenses. l Compatible with the BioAPI specification and CBEFF.

Identification Card l This standard is being developed as Part 11 of the ISO/IEC 7816 standard. l The scope is specifying security related inter-industry commands to be used for personal verification with biometric methods in integrated circuit cards (e.g., smart cards). l It also defines data elements to be used with biometric methods. l This standard is under development in the International Standards Organization (ISO) Subcommittee (SC) 17, Working Group 4.

DoD Biometrics l On 25 August 2003, Deputy Secretary of Defense Paul Wolfowitz signed a memorandum titled, “Department of Defense (DoD) Biometrics Enterprise Vision.” l In this memorandum, Mr. Wolfowitz directed the BMO (Biometrics Management Office) to perform the following two actions: - (1) “ensure that a scalable biometrics component of the Global Information Grid (GIG) infrastructure is in place” and - (2) ensure “that the appropriate standards, interoperability tools, testing frameworks, and approved product validations are available to assist the DoD Components in using this technology.”

DoD Biometrics - BMO is developing the DoD Application Profile, which describes an infrastructure for collecting biometric data from personnel. - The BMO is also developing conformance testing standards that specify the concepts, frameworks, test methods, and criteria that must be achieved to certify the conformity of vendors’ products to biometric standards.conformance testing standards - BMO has initiated the Biometric Conformity Assessment Initiative to ensure the DoD implements biometric technology that is interoperable, properly tested, and certified.Biometric Conformity Assessment Initiative

DoD Biometrics l DoD Electronic Biometrics Transmission Specification describes customizations of the FBI Electronic Fingerprint Transmission Specification transactions that are necessary to utilize the DoD Automated Biometric Identification System. DoD Electronic Biometrics Transmission Specification l DoD Electronic Biometrics Transmission Specification Overview discusses the overall content and purpose of the transmission of biometric data DoD Electronic Biometrics Transmission Specification Overview l Department of Defense Biometrics Standards Development, Recommended Approach : A recommended approach to ensure that appropriate biometric standards, interoperability tools, testing frameworks, and approved product validations are available to the DoD community. Department of Defense Biometrics Standards Development, Recommended Approach l Homeland Security Presidential Directive / Hspd-12 : Outlines the policy for a Common Identification Standard for Federal Employees and Contractors.

DoD Biometrics l Forensic DNA Typing and Prospects for Biometrics DNA analysis, typing technologies, and implications and expectations for the use of DNA in biometric applications. Forensic DNA Typing and Prospects for Biometrics l Proceedings, U.S. Government Workshop, Biometrics Standards in Support of the Global War on Terrorism DoD BMO, DHS, NIST Proceedings from the 25 May 04 Workshop to determine the work and coordination required to ensure that U.S. Government biometric standards development efforts effectively support the Global War on Terrorism. Proceedings, U.S. Government Workshop, Biometrics Standards in Support of the Global War on Terrorism l Review of GAO Report on Information Security – Technologies to Secure Federal Systems Information Paper summarizing the GAO Report (GAO ) on cybersecurity technologies that includes a section on authentication technologies and biometrics. Review of GAO Report on Information Security – Technologies to Secure Federal Systems

IBG: International Biometric Group l IBG closely tracks all biometric standards efforts, and IBG is active in all of the critical standards activities in the biometrics industry, including M1, BioAPI, SC37, x9.84 and others. l Designed for vendors, integrators, and deployers, the "State of Biometric Technology Standards" report provides critical information on standards relevant to biometric products, applications, and deployments. l Standards addressed include BioAPI, BAPI, CDSA/HRS, CBEFF, X9.84, M1 activities and SC37 activities (including interoperable template formats, interoperable data formats, biometric performance testing, biometric security evaluations), ANSI/NIST ITL 2000, ANSI B10.8, ICAO (SC17), biometrics and card technologies, and biometrics and cryptographic systems (x.509).

Directions l Biometrics Standards will facilitate growth in the Biometrics Industry l Government and corporation who are users of the technology have driven the standards even more than the biometrics vendors l Challenge is to promote standards while promoting innovation with biometrics technologies

Directions l Development of the Standards l Development of the Products l Evaluation of the products - What are the criteria used to evaluate the products? - How do the products conform to the standards? - Are there ratings? - Is there a list of evaluated products l Similar to the National Computer Security Center's list of evaluated securer system products

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.