html5-img
1 / 49

Introduction to Biometrics

Introduction to Biometrics. 2004.9.16. What is Biometrics. Biometrics are automated methods of recognizing a person based on a physiological or behavioral characteristics. Biometric includes. Physiological Characteristics Fingerprint Palm print Face Iris Voice

xue
Télécharger la présentation

Introduction to Biometrics

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Introduction to Biometrics 2004.9.16

  2. What is Biometrics Biometrics are automated methods of recognizing a person based on a physiological or behavioral characteristics

  3. Biometricincludes • Physiological Characteristics • Fingerprint • Palm print • Face • Iris • Voice • Behavioral Characteristics • Signature

  4. Fingerprint • Strength • Proven Technology Capable of High Level of Accuracy • Range of Deployment Environments • Ergonomic, Easy-to-Use Device • Ability to Enroll Multiple Fingers • Weakness • Inability to Enroll Some Users • Performance Deterioration over Time • Association with Forensic Application • Need to Deploy Specialized Devices

  5. Palm print • Strength • Ability to Operate in Challenging Environment • Established, Reliable Core Technology • General Perception as Non-intrusive • Relatively Stable Physiological Characteristic as Basis • Combination of Convenience and Deterrence • Weakness • Inherently Limited Accuracy • Form Factor That Limits Scope of Potential Applications • Price

  6. Face • Strength • Ability to Leverage Existing Equipment and Image Processing • Ability to Operate without Physical Contact or User Complicity • Ability to Enroll Static Images • Weakness • Acquisition Environment Effect on Matching Accuracy • Changes in Physiological Characteristics That Reduce Matching Accuracy • Potential for Privacy Abuse Due to Non-cooperative Enrollment and Identification

  7. Iris • Strength • Resistance to False Matching • Stability of Characteristic over Lifetime • Suitability for Logical and Physical Access • Weakness • Difficulty of Usage • False Non-matching and Failure-to-Enroll • User Discomfort with Eye-Based Technology • Need for a Proprietary Acquisition Device

  8. Voice • Strength • Ability to Leverage Existing Telephony Infrastructure • Synergy with Speech Recognition and Verbal Account Authentication • Resistance to Imposters • Lack of Negative Perceptions Associated with Other Biometrics • Weakness • Effect of Acquisition Devices and Ambient Noise on Accuracy • Perception of Low Accuracy • Lack of Suitability for Today’s PC Usage

  9. Signature • Strength • Resistant to Imposters • Leverages Existing Processes • Perceived as Non-invasive • Users Can Change Signatures • Weakness • Inconsistent Signatures Lead to Increased Error Rates • Users Unaccustomed to Singing on Tablets • Limited Applications

  10. Biometric Process Enrollment: No Match Store Present Biometric Process Capture Compare Verification: Present Biometric Process Capture Match

  11. Division of Biometrics Market

  12. Source: International Biometric Industry Association(IBIA) Revenue of Biometrics Market

  13. Biometric Market Size • Revenue: • 2003 revenue: $719M USD • 2006 projected revenue: $2.7B USD • 2008 projected revenue: $4.8B USD • From: • Law enforcement • Public sector identification / Authentication • ID Card / E-passport / Immigration

  14. Technology Growth Comparison x4 x8 Source: IBG’s “Biometrics Market and Industry Report 2004-2008”

  15. Market size (in yen) 1012 Network user authentication Information system authentication 1011 (千億) Authentication service business Entrance and exit management PC Login 1010 (100億) System integration business 109 (10億) Equipment/library business (year) 2005 1980 1995 2010 2025 Business Model Source: Biometrics Security consortium

  16. Time Division • 1990-1995: access control & PC login • 1995-2005: info. system authentication • 2005-: network user authentication • Japanese market: • 2000: 3M USD (equipment), 30M (system) • 2005: 10M USD(equipment), 100M (system)

  17. Market: Access Control (Worldwide) 2004 • Market scale: 100M USD • Market requirement: • Repeated use for one device • Severe demand on stability • High quality for services • Professional partner for integration

  18. Market: Information System Authentication • Market scale: 800M USD (ID card, etc.) • Market requirements: • Integrator: multi-workstations, service to citizens, fingerprint database, network connection, secure info. access. • High quality reader • Entire client-server architecture • Implementation for related standards

  19. Market: Network User Authentication • Market requirement: • M-business: cell phone, PDA, N/B • E-business: smart-card, ATM, P.O.S

  20. Drive to Market Since 911,national security becomes the major consideration. Therefore, a large quantity of biometric solution is in demands. The growth of biometric market is expected to be over 40% annually. The market scale of 2007 is predicted to be approximate 4 billion USD. • E-passport with face & fingerprint check at the immigration. • Civil administration & work permit application for fingerprint verification/identification. • Verification for 3G cell phone with fingerprint.

  21. Status of Biometric Standardization (Updated)

  22. Overview • Status of Consortia Work in Biometrics Standardization • Status of Approved Projects in INCITS M1- Biometrics • Status of JTC1 SC37 – Biometrics • Interoperability Requirements

  23. Fraud prevention Biometric Authentication E-commerce or Internet bank customer Internet Enterprise Web Server • Transaction security • Remote access Interoperability & Data Interchange Biometric Standards:What is it necessary to achieve? Client/Server – Different OS Internet Security

  24. 美國Biometrics標準化活動 NIST 標準化技術研究所 NCITS(ANSI認定機關) 資訊技術標準化委員會 ANS 美國標準局 ISO NIST-ITL 標情報技術研究部 X9 金融 B10 ID Card X9F Information Security B10.8 Driver License 美國政府Bio/API AAMVA 美國自動車連合 SC17 ID Card X9F8 Biometrics BioAPI 標準Biometrics API B10.8 Data Format Standard of Driver License 美國警察 X9.84 Interoperability of Biometrics data on ID Card CBEFF The Common Biometrics Exchange File Format IBIA Private Com. CBEFF 標準Data Format 完全性驗證 CBEFF 標準 Smart Card ANSIxxx ISOxxx Tele Trust INTEL及Biometrics Intel & Biometrics Vendor

  25. NIST Approach • Lead, participate and promote the acceleration of standard development efforts. • Promote the adoption of approved standards (e.g., CBEFF, BioAPI, ANSI/NIST). • Conduct related R&D (e.g., evaluation methodologies, evaluation of single-modal and multi-modal authentication architectures). • Develop advanced biometric data interchange structures (e.g., nested CBEFF structures). • Work in harmonization with efforts undertaken by other Gov. agencies (e.g., DoD, intelligence community, TSA, GSA, State). • Respond to legislative requirements (e.g., USA Patriot Act). • Leverage from our involvement with the Biometric Consortium and other forums (e.g., NIST/BC Biometric WG) support user requirements and also support industry.

  26. CBEFFA Biometric Data Interchange Standardto Support All Biometric Technologies in a Common Way

  27. NISTIR 6529 www.nist.gov/cbeff • Facilitates biometric data interchange between different system components or systems. • The development was coordinated with industry consortiums (e.g., BioAPI Consortium) and standards Technical Committees (e.g., X9.F4 Working Group). • ANSI/ISO Fast Track candidate

  28. Need a universally recognized registrar for Format Owner/Format Type (www.ibia.org/formats.htm) Data Elements and Header Fields Biometric Specific Memory Block Signature Header • Security Options (e.g., plain, or encrypted) • Integrity Options (e.g., signed) • Patron (e.g., BioAPI) Header Version • Biometric Type (e.g., facial features) • Record Data Type (e.g., processed) • Record Purpose (e.g., enroll) • Record Data Quality • Creation Date (of the biometric data) • Creator (entity that created the biometric data object) • Format Owner (CBEFF Requirement) • Format Type

  29. NIST/Biometric ConsortiumBiometric Interoperability, Performance and Assurance Working Group

  30. 90 organizations www.nist.gov/bcwg • Task Groups/Technical Development Teams: • Biometric Template Protection & Usage Task Group (Dr. Soutar, BioScrypt) • Biometric Security Task Force (C. Tilton, SAFLINK) • Assurance Ad-Hoc Group (M. King, Booz Allen Hamilton) • CBEFF Technical Development Team (F. Podio, NIST & J. Dunn, NSA) –augmented CBEFF under development • Testing Ad-Hoc Group (Dr. Negin, MNEMONICS)

  31. Standard Bio Header Standard Bio Header Standard Bio Header Standard Bio Header CBEFF Nested Structure & Multi-Biometrics Allows for multiple data types and/or multiple data objects within the CBEFF data structure Standard Bio Header Standard Bio Header Standard Bio Header Type=Multi Bio Type=Finger Data Data Data Type=Iris Signature

  32. Other Elements of the Revised CBEFF • Data origination • Product Identifier: CBEFF needs to uniquely identify the format and the originator of every biometric data structure. • Validity Period (Valid from, Valid until) • Adopt X9.84 definition: YYYYMMDDHHMMSSZ • Challenge data and payload (specified by the Patron) • Use of biometric data in tokens for machine-readable documents. • Name change:

  33. Biometrics Standards & CBEFF Organization Standard Status NIST/BC Biometric WG NISTIR 6529 - CBEFF Published Jan 2001 Being augmented by the NIST/BC Biometric WG BioAPI V1.1 ANSI/INCITS 358 BioAPI Consortium Released March 2001 Approved February 13, 2002 X9/Financial/Banking ANSI X9.84 Approved (ANSI) Feb 2001 Human Recognition Services of CDSA Updated to be consistent with BioAPI Open Group Data format for finger/facial/SMT ANSI/NIST-ITL-1-2000 Approved 2000 NIST ISO/IEC 7816-11 - use of biometric data in SC NIST/BC WG harmonized format in 7816-11 for CBEFF compliance ISO/IEC SC17 WG4 INCITS M1 - Biometrics Application profiles Data formats 5 approved projects (2 Application Profiles & 3 data formats) Logical Data Structure for Travel Documents ISO/IEC SC17 & ICAO Expected to be fully CBEFF compliant

  34. Biometric Object Biometric Validation Control Objectives X9.84 Biometric Security CBEFF Cryptographic Service Provider Biometric Architecture Example Application BIR BioAPI Framework Biometric Service Provider

  35. INCITS 358-2002, BioAPI V1.1 SpecificationAn Open Systems Interface Standardfor Biometric Integration

  36. Application BioAPI Interface Biometric Service Provider Biometric Service Provider Biometric Service Provider Biometric Device Biometric Device Biometric Device BioAPI - An Open Systems Interface Standardfor Biometric Integration A biometric API standard defines a generic way of interfacing to a broad range of biometric technologies. • Benefits: • Easy substitution of biometric technologies • Use of biometric technology across multiple applications • Easy integration of multiple biometrics using the same interface • Rapid application development - increased competition (tends to lower costs)

  37. Linux Server Windows PC Web Browser Web App BSP BSP BSP BSP BioAPI R/T Open Systems • BioAPI specification and Win32 reference implementation both available at: www.bioapi.org • Plans underway to port to Unix (IBG) and Linux (NIST) • Conformance test suite for Win32 and Unix/Linux • Seeking sponsors for port efforts BioAPI R/T • Fast track candidate to ISO through INCITS & M1 – Biometrics Technical Committee

  38. BioAPI Consortium A Bit of History BioAPI Spec. v1.1 released BioAPI Spec. v1.0 released Unification of Biometric API development industry efforts BioAPI Reference implementation released BioAPI v1.1 approved as ANSI/INCITS 358 2002 2001 2000 1999 CBEFF published NISTIR 6529 Common Biometric Exchange File Format (CBEFF) development starts Revised CBEFF Ballot (planned) Users’ and Developers’ Seminar CBEFF Upward revision starts

  39. Status of Approved Projects in INCITS M1- Biometrics • INCITS Web site: • www.incits.org • M1 – Biometrics: • www.ncits.org/tc_home/m1.htm • M1 Document Register: www.ncits.org/tc_home/m1htm/docs/m1docreg.htm

  40. INCITS/M1 Biometrics • Purpose: • Established in November 2001 by the Executive Board of INCITS to accelerate the deployment of significantly better, open systems standard-based security solutions for purposes such as homeland defense and the prevention of ID theft. • Elevate consortia standards to national and international voluntary consensus standards (e.g., BioAPI, CBEFF). • Develop application profiles (e.g., airport security, border crossing), and other biometric generic standards as needed (e.g., data formats). • Legislative accelerants such as: • Public Law 107-71 - Aviation and Transportation Security • Public Law 107-56 - “The USA Patriot Act” • Public Law 107-173 – “Border Security Act”

  41. INCITS M1 Biometrics - Status • Meetings: • January/May/August/December 2002 • Officers: • F. Podio, Chairman • C. Tilton, IR • C. Soutar, Vice Chairman • S. Elliot, Secretary • M1 is the US TAG to JTC 1 SC 37 • Five Approved Development Projects • INCITS 358 BioAPI: JTC 1 SC 37 Fast Track candidate • Revised CBEFF: INCITS/JTC 1 SC37 Fast Track candidate

  42. M1 Projects and ISO SC37 INCITS Fast Track Five projects under development INCITS/M1 Application Profile Verification & Identification of Transportation Workers (01/03) BioAPI V1.1 ANSI/INCITS 358 INCITS Fast Track (Planned) Application Profile Personal identification for Border Crossing (01/03) Proposed to M1 Revised CBEFF NISTIR 6529-A Finger Image Interchange Format Finger Minutiae Format For Data Interchange (01/03) Face Image Interchange Format JTC 1 Fast Track (Planned) Finger Pattern-Based Interchange Format (04/03) Iris Recognition Interchange Format ISO/IEC JTC 1 SC37 Face Recognition Format for Data Interchange (07/03) Application Profile Biometric Verificationin POS Systems

  43. www.biometrics.org www.nist.gov/bcwg www.nist.gov/cbeff www.bioapi.org www.ibia.org www.biometricfoundation.org M1 Biometrics Standards Incubators www.itl.nist.org

  44. Status of JTC 1 SC 37 - Biometrics

  45. Current Scope of Work(SC 37 and INCITS M1) Transportation Workers, Border Crossing, Point of Sale Application Profiles for ID and Verification Biometric Application Programming Interfaces CBEFF (NISTIR 6529), NISTIR 6529-A under development Common Biometric Exchange Framework Format Fingerprint MinutiaeFinger Pattern-BasedFace Landmarks Biometric Interchange Data Formats INCITS 358 (BioAPI V1.1 Spec) Derived from Colin Soutar’s Onion view on Biometrics standardization

  46. Status of JTC 1 SC 37 – Biometrics • Call for P Members (countries) closes September 2002. • US funding of SC 37 Secretariat • NIST & M1 are pursuing funding at $150K/year • $50K secured (NIST) – PO being processed. • ANSI will perform Secretariat duties • Initial SC 37 Plenary Meeting: • Meeting planned for December 11 – 13, 2002 • Hosted by US (M1) in Orlando, FL. • M1 anticipates submitting at least seven contributions.

  47. Smart Cards and Biometrics Interoperability Requirements • Can BioAPI fully satisfy the requirements or is further work required? • Possible approach: • Form an M1-Biometrics Ad-Hoc Group: • Work would be coordinated with the BioAPI Consortium, INCITS B10 and other smart card experts. • Review BioAPI’s capability to fully provide the required level of interoperability for different architectures (e.g., different biometric data matching and storage locations) • BioAPI extension required (e.g., another parameter in the Verify function)? • Is a layer on top on BioAPI needed? • Coordinate work with possible augmentation of BioAPI when it goes for ISO Fast Track. • Coordination with international efforts (e.g., SC37). • Possible funding required.

  48. 美國Biometrics標準化活動 NIST 標準化技術研究所 NCITS(ANSI認定機關) 資訊技術標準化委員會 ANS 美國標準局 ISO NIST-ITL 標情報技術研究部 X9 金融 B10 ID Card X9F Information Security B10.8 Driver License 美國政府Bio/API AAMVA 美國自動車連合 SC17 ID Card X9F8 Biometrics BioAPI 標準Biometrics API B10.8 Data Format Standard of Driver License 美國警察 X9.84 Interoperability of Biometrics data on ID Card CBEFF The Common Biometrics Exchange File Format IBIA Private Com. CBEFF 標準Data Format 完全性驗證 CBEFF 標準 Smart Card ANSIxxx ISOxxx Tele Trust INTEL及Biometrics Intel & Biometrics Vendor

  49. Summary • Base generic standards (e.g., CBEFF, BioAPI) developed in the last few years set the foundation for achieving system interoperability and biometric data interchange. • NIST, the BC, the IT industry and end-users are leveraging from these base generic standards to accelerate the deployment of open systems standard-based security solutions for different applications (e.g., Prevention of ID Theft, Homeland Security, Heath Care, Enterprise Networks, Multi-OS Architectures). • The end goal is the approval of formal - generic national and international standards necessary to enable interoperability and data interchange between applications and systems.

More Related