Presentation is loading. Please wait.

Presentation is loading. Please wait.

New Biometric Framework and Driver Model

Published byPhillip Pitts Modified over 9 years ago

Similar presentations

Presentation on theme: "New Biometric Framework and Driver Model"— Presentation transcript:

1

2 New Biometric Framework and Driver Model
Dave Bossio Principal Group Program Manager Windows Security Janet Schneider Senior Software Design Engineer

3 Agenda Introduction Windows Biometric Framework (WBF) Core Architecture Overview Windows Biometric Service (WBS) Adapters Windows Biometric Driver Interface (WBDI) Deep Dive: WBS Adapters Engine Adapter Deep Dive: WBDI Interface and Implementation Tips WBF Adoption Wrap-up

4 Introduction

5 Quality, Quantity & Strategy
Quality: Vista as an Indicator for Windows 7 Driver Quality Issues Inconsistent User Experience (UX) Windows 7 aims to restore eco-system health Fewer crashes, consistent UX, reduced support costs Quantity: Fingerprint Device Proliferation 61 million devices ship in 2009 alone 188 million ship in 2011 Strategy: Foundation for Windows 7 and Beyond Enable consistent end-to-end access control scenarios

6 WBF: Long-Term View Core WBF User Experience Certification Management
Distribution Device Logo

7 WBF: Windows 7 Core WBF User Experience Certification Management
Distribution Device Logo

8 Windows 7 Objectives Platform stability and serviceability
Framework foundations Windows Biometric Device Interface (WBDI) Windows Biometric Service (WBS) Consistent user experience Supported scenarios Local/Domain logon, User Account Control (UAC), and management Integration points Feature discovery and launch points

9 WBF Overview

10 WBF Core Architecture WBF
Fingerprint Management Application and Third Party Apps IHV/ISV (e.g. FUS, Enrollment, Web Single Sign On (SSO), Time & Attendance) Integration Points Logon/UAC Biometric API Windows Biometric Service Fingerprint Biometric Service Provider Sensor Adapter Engine Adapter Storage Adapter Windows Biometric Driver Interface UMDF Driver KMDF Driver WDM Driver

11 WBF Service Structure Biometric Service Provider (BSP) Biometric Unit
Sensor Adapter Engine Adapter Storage Adapter

12 Deep Dive: WBF Service Adapters

13 WBF Service Adapters Purpose Types and responsibilities
Plug-in binary component that exposes a standard interface Connects Biometric Unit (BU) to sensor hardware Supplements capabilities of simple sensors Types and responsibilities Sensor Adapter—data capture Engine Adapter—processing and matching Storage Adapter—secure template storage

14 What Should You Write? IHV / ISV Microsoft provides (with Windows 7)
Sensor Simple sensor – can use Microsoft adapter or can write your own. Complex sensor – must write sensor adapter Adapter for any simple sensor that has a WBDI driver Engine Always written by vendor (None) Storage Sensor without built-in storage – can use Microsoft adapter or can write your own. Sensor with built-in storage – must write storage adapter. Adapter for disk-file based cryptographically secure storage

15 WBF Engine Adapter Receives sample data from Sensor Adapter
Performs biometric processing: Data cleanup and feature extraction Template generation – enrollment Template matching – verify and identify Template index generation (“binning”) Calls Storage Adapter to store/retrieve templates

16 Writing WBF Adapter Plug-Ins
Start with the sample adapters Adapter methods Implement all methods for adapter type Follow documentation exactly for error codes and return values Threading issues Adapter shared among multiple threads No global variables Store per-BU state in adapter context block

17 Deep Dive: Windows Biometric Driver Interface

18 Fingerprint Management Application and Third Party Apps
WBF Fingerprint Management Application and Third Party Apps IHV/ISV (e.g. FUS, Enrolment, Web SSO, Time & Attendance) Integration Points Logon/UAC Biometric API Windows Biometric Service Fingerprint Biometric Service Provider WinBio Sensor Adapter Engine Adapter WinBio Storage Adapter Windows Biometric Driver Interface UMDF Driver KMDF Driver WDM Driver

19 Windows Biometric Driver Interface
UMDF WBDI Driver Windows Biometric Driver Interface WBF WDF WUDF Host Process IHV/ISV UMDF Driver DLL WUDFr WinUsb

20 UMDF Benefits User-mode driver won’t cause BSOD
Simplified PnP and power management – well-defined callbacks WinUSB I/O target System Wake and Device Idle support built in Some devices may need to keep multiple read requests pending to capture all scan data

21 WBDI Requirements Expose the WBDI driver interface GUID
Implement mandatory IOCTLs Handle multiple requests UMDF – use parallel I/O queue Support cancellation UMDF – request objects support cancellation callback

22 WBDI IOCTLs Mandatory IOCTLs: IOCTL_BIOMETRIC_GET_ATTRIBUTES
IOCTL_BIOMETRIC_GET_SENSOR_STATUS IOCTL_BIOMETRIC_RESET IOCTL_BIOMETRIC_CALIBRATE IOCTL_BIOMETRIC_CAPTURE_DATA Optional IOCTLs (Advanced Features): IOCTL_BIOMETRIC_GET_SUPPORTED_ALGORITHMS IOCTL_BIOMETRIC_UPDATE_FIRMWARE IOCTL_BIOMETRIC_GET_INDICATOR IOCTL_BIOMETRIC_SET_INDICATOR Vendor IOCTLs

23 WBF Sensor Adapter Calling Sequence
Sensor Start-up: IOCTL_BIOMETRIC_GET_ATTRIBUTES Called by both the service and the sensor adapter Capture Sequence: IOCTL_BIOMETRIC_GET_SENSOR_STATUS IOCTL_BIOMETRIC_CALIBRATE Called only when sensor status indicates calibration is needed IOCTL_BIOMETRIC_CAPTURE_DATA Initial call determines buffer size needed for typical capture Only one capture can be pending at any time CancelIoEx Can be called at any time, followed by another capture sequence

24 Recommendations Follow DEVFUN-0010 guidelines for terminal services re-direction in the Windows Hardware Logo Program Device Requirements. See the Windows Logo Program Web site for details: Use WDF technology. UMDF is preferred.

25 WBDI Driver Testing Resources
Static tools PREfast for Drivers Runtime tools WDF Verifier Application Verifier Potential WDK tools WBDI driver verification test suite Engine Adapter test suite

26 WBDI Driver Installation
Set the Biometric Reader class GUID in the INF Configure a Biometric Unit in the INF, including adapter and database settings Install adapter DLLs Set device icon WBF Service opens the device with exclusive access The “Exclusive” bit MUST be set The Feature Score differentiates WBDI and legacy drivers See “Feature Score” in the WDK for details

27 WBDI Driver Maintenance
Post drivers on Windows Update for easy deployment!

28 Resources We’re working on finalizing WDK content for Beta. It could include: WBF documentation, including WBDI, adapter interfaces and WinBio API. UMDF WBDI shell code sample WBDI driver test suite Engine Adapter code sample Engine Adapter test suite

29 WBF Adoption

30 P WBF Components Company Driver Plug-ins Apps AuthenTec
WBF IHV Adoption WBF Components Company Driver Plug-ins Apps AuthenTec P Digital Persona UPEK Validity

31 Partner Feedback Ease of implementation/adoption Complexity
Driver development is straightforward and can be easily ported from existing drivers to WBF Complexity Understandable and workable but may require some clarification and assistance from Microsoft Improvements Testing framework still under development  WBF needs a method to inject known swipes at the start of the pipeline to facilitate false acceptance testing

32 Call to Action Write UMDF drivers Work with OEMs on WBF adoption
Distribute drivers through Windows Update

33 Demo time!

34 Questions?

Download ppt "New Biometric Framework and Driver Model"

Similar presentations

.NET Technology. Introduction Overview of.NET What.NET means for Developers, Users and Businesses Two.NET Research Projects:.NET Generics AsmL.

.NET Technology. Introduction Overview of.NET What.NET means for Developers, Users and Businesses Two.NET Research Projects:.NET Generics AsmL.
User-Mode Driver Framework: Technical Synopsis Peter Wieland Development Lead Windows Device Experience Group Microsoft Corporation.

User-Mode Driver Framework: Technical Synopsis Peter Wieland Development Lead Windows Device Experience Group Microsoft Corporation.
WHO WILL BENEFIT FROM THIS TALK TOPICS WHAT YOU’LL LEAVE WITH Server Application, Device and System vendors that wish to participate in the Software and.

WHO WILL BENEFIT FROM THIS TALK TOPICS WHAT YOU’LL LEAVE WITH Server Application, Device and System vendors that wish to participate in the Software and.
TAC Vista Security. Target  TAC Vista & Security Integration  Key customer groups –Existing TAC Vista users Provide features and hardware for security.

TAC Vista Security. Target  TAC Vista & Security Integration  Key customer groups –Existing TAC Vista users Provide features and hardware for security.
Building Enterprise Applications Using Visual Studio ®.NET Enterprise Architect.

Building Enterprise Applications Using Visual Studio ®.NET Enterprise Architect.
Tools and Services for the Long Term Preservation and Access of Digital Archives Joseph JaJa, Mike Smorul, and Sangchul Song Institute for Advanced Computer.

Tools and Services for the Long Term Preservation and Access of Digital Archives Joseph JaJa, Mike Smorul, and Sangchul Song Institute for Advanced Computer.
WORKDAY TECHNOLOGY Stan Swete CTO - Workday 1.

WORKDAY TECHNOLOGY Stan Swete CTO - Workday 1.
Chapter 8: Network Operating Systems and Windows Server 2003-Based Networking Network+ Guide to Networks Third Edition.

Chapter 8: Network Operating Systems and Windows Server 2003-Based Networking Network+ Guide to Networks Third Edition.
Introduction To The Wireless WAN Program Hong Liu Program Manager – WWAN Windows Networking and Devices Microsoft Corporation.

Introduction To The Wireless WAN Program Hong Liu Program Manager – WWAN Windows Networking and Devices Microsoft Corporation.
WDK Driver Test Manager. Outline HCT and the history of driver testing Problems to solve Goals of the WDK Driver Test Manager (DTM) Automated Deployment.

WDK Driver Test Manager. Outline HCT and the history of driver testing Problems to solve Goals of the WDK Driver Test Manager (DTM) Automated Deployment.
Created by the Community for the Community Building a RFID solution in BTS 09.

Created by the Community for the Community Building a RFID solution in BTS 09.
Best Practices for Developing Printer Drivers Justin Hutchings Program Manager Microsoft Corporation Shawn Maloney Program Manager Microsoft Corporation.

Best Practices for Developing Printer Drivers Justin Hutchings Program Manager Microsoft Corporation Shawn Maloney Program Manager Microsoft Corporation.
Print Verifier Ashwin Needamangala Senior Test Development Lead Documents and Printing Team

Print Verifier Ashwin Needamangala Senior Test Development Lead Documents and Printing Team
SP2 Mikael Nystrom. Agenda Översikt Installation.

SP2 Mikael Nystrom. Agenda Översikt Installation.
Winter 2005-2006 Consolidated Server Deployment Guide for Hosted Messaging and Collaboration version 3.5 Philippe Maurent Principal Consultant Microsoft.

Winter Consolidated Server Deployment Guide for Hosted Messaging and Collaboration version 3.5 Philippe Maurent Principal Consultant Microsoft.
System Design/Implementation and Support for Build 2 PDS Management Council Face-to-Face Mountain View, CA Nov 30 - Dec 1, 2011 Sean Hardman.

System Design/Implementation and Support for Build 2 PDS Management Council Face-to-Face Mountain View, CA Nov 30 - Dec 1, 2011 Sean Hardman.
Microsoft ® Application Virtualization 4.6 Infrastructure Planning and Design Published: September 2008 Updated: February 2010.

Microsoft ® Application Virtualization 4.6 Infrastructure Planning and Design Published: September 2008 Updated: February 2010.
Introduction to User-Mode Driver Framework. Outline What is UMDF? When should I use UMDF? When shouldn’t I use UMDF? What does UMDF give me? What kind.

Introduction to User-Mode Driver Framework. Outline What is UMDF? When should I use UMDF? When shouldn’t I use UMDF? What does UMDF give me? What kind.
DXVA 2.0 A new Hardware Video Acceleration Pipeline for Windows Vista

DXVA 2.0 A new Hardware Video Acceleration Pipeline for Windows Vista
Windows Vista: Volume Activation 2.0

Windows Vista: Volume Activation 2.0

Similar presentations

Ads by Google