biometrics an overview of standardisation activities · 0 urd 27 / ndx / 2006-01-17 biometrics an...
TRANSCRIPT
0
URD 27 / NDx / 2006-01-17
0
Biometricsan overview of standardisation activities
ETSI Future Security Workshop :the threats, risks and opportunities
16-17 January – Sophia Antipolis, France
by Nicolas DELVAUXCEN Biometric Focus Group chairman
1
URD 27 / NDx / 2006-01-17
1
Agenda
�SAGEM Defence Security
�Biometric overview
�Biometric & Security
�Biometric standardisation bodies
�Biometric standards
2
URD 27 / NDx / 2006-01-17
2
A short introduction
3
URD 27 / NDx / 2006-01-17
3
Sales6,812 M€
Workforce39,700
Sales3,570 M
Workforce15,000
SNECMA SAGEM
Sales+10.3 billion €
Workforce55,000
SAFRAN
CommunicationsPropulsion Equipment Defence Security
Propulsion
Aerospace Equipment Defence and Security
Communications
€
MAY 2005: SAGEM – SNECMA MERGER
4
URD 27 / NDx / 2006-01-17
4
5
URD 27 / NDx / 2006-01-17
5
SecurityWorld Nb 1 in fingerprint-based biometricsFrench Nb 1 in secure terminalsFrench Nb 1 in lottery terminalsEuropean Nb 2 in payment terminals
�Secure terminals, biometrics identification systems, smart cards and certification, payment and lottery terminals
SAGEM EFT 930PPortable POS terminal with infrared link
SAGEM S8Lottery terminal
AFISAutomated fingerprint identification systems
SIM card Java MorphoAccessFingerprint identification terminal for access control
SAGEM TWIN 30Handheld health programme terminal
6
URD 27 / NDx / 2006-01-17
6
�������������� ������ � ��
Providing identification or authentication of individuals, based on theuse of fingerprints, for countries, state or federal agencies, municipal organisations, commercial customers
�������������
The Civil AFIS effectively reducesfraud by eliminating multipleapplications for:
- obtaining:. asylum status. ID documents
(identity card, passport,drivers licence...)
- entitlement to:. social security benefits. welfare payments. retirement pensions
- Faster resolution of criminalcases
- Accurate identification ofindividuals
������ ��� �� ����� ����
MetaMorpho ensures:
������ � � � �� �� � ��� � � � ������
- Banking:. credit card. interbank payment
- Insurance:. network access. virtual shopping
- “Key”:. house. car
- “Password”:. mobile phone. PC
7
URD 27 / NDx / 2006-01-17
7
Biometry
A short introduction
8
URD 27 / NDx / 2006-01-17
8
Biometrics Technologies
Biometrics technologies are automated techniques that are designed to verify or identify people based on their physical characteristics
Various forms have emerged.
9
URD 27 / NDx / 2006-01-17
9
Biometric Technologies
10
URD 27 / NDx / 2006-01-17
10
Two complementary concepts ...
IDENTIFICATIONIDENTIFICATION VERIFICATIONVERIFICATION
11
URD 27 / NDx / 2006-01-17
11
Biometry and Security
12
URD 27 / NDx / 2006-01-17
12
�������
� � �
� � �
� �
� �
�����
�����
Biometry & security - Principles
�Biometric data are anonymous data
�Biometric data are not “secret”
�Biometric data is owned and unique for each individual
�Major new application : Biometry to secure border control
13
URD 27 / NDx / 2006-01-17
13
Biometry & Security: travel documents for border control
�Regulations• ICAO recommendation on travel document 9303• EU regulation 2254/2004 (JOCE 29-Dec-2004)
+ Annexe technique du 28 II 1005
�e-passport• Biometry : To link the ID document and the person• Electronic facilities : fake e-passport detection
�Biometry to be deployed• Facial recognition (ICAO mandatory)• Fingerprint recognition (ICAO option – EU mandatory)• Iris recognition (ICAO option – EU option)
14
URD 27 / NDx / 2006-01-17
14
Biometric standardisation bodies
15
URD 27 / NDx / 2006-01-17
15
Organisation dedicated to standards
EuropeanUnion
CEN CENELEC ETSI
ISO IEC ITUInternational
NationalBodies
AFNOR(France)
DIN(Germany)
BSI(UK) …
JTC 1
SC37SC27SC17
FG
forums
IBIA
BC
ANSI M1
(USA)
16
URD 27 / NDx / 2006-01-17
16
Standardisation activities in European Union
�National Bodies• DIN, BSI, AFNOR, UNINFO, SIS, … are the official representatives in the ISO committees (SC37, SC27)• Governmental actors are dealing with biometrics as a technical and political issues : ICAO, ILO, article 29 working party, …
�CEN ISSS has started a Biometric Focus Group• A forum to deal on biometric standardisation issue for Europe• A support for identify specific standardisation topics for Europe needs
• An information flow to use biometric for identity verification in various work group : the TC224 WG15 for ECC, …
• http://www.uninfo.polito.it/FG_Biometric
17
URD 27 / NDx / 2006-01-17
17
Biometric Standards
18
URD 27 / NDx / 2006-01-17
18
Biometrics standards deployed
�Mainly drafted by NIST - FBI
• ANSI/NIST-ITL 1-2000: “Data Format for the interchange of Fingerprint, Facial Information”
• CJIS/FBI IAFIS-IC-0110: “ Wavelet Scalar Quantization” (WSQ compression )
• CJIS-RS-0010 Appendix G: “Interim IAFIS Image Quality Specifications forScanners (IQS scanner)
19
URD 27 / NDx / 2006-01-17
19
Interoperability of processing tools
Security
Logical Structure for data: CBEFF
Standards for biometry in ISO Sub-Committees
Common use & understanding
SC37 WG3 : Data Interchange format
SC37 WG2 : CBEFF
SC37 WG4 : Profiles for applicationSC37 WG5 : PerformancesSC27 : Security provided
SC37 WG2 : Bio APISC17 : card based
SC37 WG1 : harmonised vocabularySC37 WG6 : societal & jurisdictional issues
formats to interchange
20
URD 27 / NDx / 2006-01-17
20
International Standards published – highly relevant
http://www.iso.ch1.ISO/IEC 19794-2:2005 Finger minutiae data
Information technology -- Biometric data interchange formats -- Part 2: Finger minutiae dataTechnologies de l'information -- Formats d'échange de données biométriques -- Partie 2: Données du point
caractéristique du doigt
2.ISO/IEC 19794-4:2005 Finger image dataInformation technology -- Biometric data interchange formats -- Part 4: Finger image dataTechnologies de l'information -- Formats d'échange de données biométriques -- Partie 4: Données d'image du
doigt
3.ISO/IEC 19794-5:2005 Face image dataInformation technology -- Biometric data interchange formats -- Part 5: Face image dataTechnologies de l'information -- Formats d'échange de données biométriques -- Partie 5: Données d'image de la
face
4.ISO/IEC 19794-6:2005 Iris image dataInformation technology -- Biometric data interchange formats -- Part 6: Iris image dataTechnologies de l'information -- Formats d'échange de données biométriques -- Partie 6: Données d'image de l'iris
21
URD 27 / NDx / 2006-01-17
21
International Standards submit to Final ballot
�ISO/IEC 19785: Common Biometric Exchange Formats Framework (CBEFF)
• 19785-1 : CBEFF – Part 1: Data Element Specification• 19785-2 : CBEFF – Part 2: Registration Authority
�ISO/IEC 19784-1 : Biometric Application Programming Interface (BioAPI)
• 19784-1 : BioAPI - Part 1: BioAPI Specification
22
URD 27 / NDx / 2006-01-17
22
Standards in the future : the work load 06
� Data interchange format :• ISO/IEC19794-1 : Framework (FCD)• ISO/IEC19794-3 : Finger Pattern Spectral data (FDIS) • ISO/IEC19794-7 : Signature/Sign time series data (FCD)• ISO/IEC19794-8 : Finger Pattern Skeletal data (FCD)• ISO/IEC19794-9 : Vascular Image data (CD)• ISO/IEC19794-10: Hand geometry data (CD)• ISO/IEC19794-11: Signature/Sign processed dynamic data (WD)
� For performance testing• ISO/IEC 19795-1 : Principles and Framework (FDIS)• ISO/IEC 19795-2 : Testing Methodologies (CD2)• ISO/IEC 19795-3 : Modality Specific Testing => TR• ISO/IEC 19795-4 : Performance and Interoperability Testing of Interchange Formats (CD2) • ISO/IEC 19795-5 : Tests of Physical Access Control Systems (NP)
� For application profiles • ISO/IEC 24713–1 : Biometric Reference Architecture (CD3)• ISO/IEC 24713–2 : Biometric access control for employees at airport (CD3)• ISO/IEC 24713–3 :Biometric based verification and identification of Seafarers (WD)
23
URD 27 / NDx / 2006-01-17
23
Biometrics Standard related to Security
�SC27 : ISO/IEC 19792: Security evaluation of biometric technology• 4th Working Draft
• To differentiate Security from performance – conformance – interoperability
• To split interference with legal & privacy issues
24
URD 27 / NDx / 2006-01-17
24
Thank you
for your attention
THE END !