copyright(c) 2002, all rights reserved. sdl, hitachi, ltd. and waseda university.1 trends of...

Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 1

Trends of Biometrics TechnologyStandardization

14 May 2002Naohisa Komatsu

Waseda University, Japan

ITU-T Workshop on Security


Authentication process

networksystem

user

terminal

terminalauthentication

userauthentication

cryptosystem

Knowledge-based : Threat of forgetting e.g. passwordPossession-based : Threat of loss e.g. cardIndividual characteristics : No threat of forgetting or loss e.g. fingerprint, voice, handwriting


Parameters for User Authentication

knowledge possessions physiologicalcharacteristics

fingerprint ， face

hand ， eye ......

handwriting ， voice

keystroke ......

password

......

key ， ID card

......

stored data → personal features

input data → personal features

stored data = input data?

＝

?

Individual characteristics

behavioralcharacteristics

stored data = input data?

threat offorgetting

threat ofloss

change through time passing

a.

b.


Characteristics of Biometrics (OMRON Corp.)

Each biometrics has its own merits or Each biometrics has its own merits or demerits.demerits.There are no ideal biometrics.There are no ideal biometrics.

high

accu

r acy

acceptability

low

highlow

ideal0

Retina

Fingerprint

Hand geometry

0.5ｍ Iris

0.1m Voice0

Signature １～３ｍ

Face

number

Finger geometry

Pattern of vein

1%

0.1%

0.01%

10-4%

0.01m

0

0

0

Distance between system and user


The Standardization of Biometrics Technologies

Why standardization is necessary? Data format (CBEFF) and Application Program Interface (BioAPI) Security requirements (X9.84) Accuracy test (Best Practice)


Needs of Standards To accelerate fair competition by clarifying

vulnerability and countermeasures. Accuracy test Standards for applying biometrics

To reduce the cost of system development Application program interface Data format

For effective development through common framework for biometric system. Common Criteria Privacy guideline


Data interoperabity ： CBEFF Program interoperability ： BioAPI

Goal of BioAPI & CBEFF


Purpose of BioAPI

Purpose Interoperability and development cost

reduction of biometric authentication systems.

Providing a high-level generic biometric authentication model

Authentication/Identification, Server/Client

Scope Any form of biometric technology Enrollment,authentication,identification,dat

abaseinterface


History of BioAPI

NIST merged HA-API, BAPI and BioAPI.

NIST:National Institute of Standards and TechnologiesHA-API: Human Authentication API

1997 1998 1999 2000 2001 ～

Former

BioAPIDRAFT

HA-API1.0

HA-API2.0

BAPI1.0

BioAPIReference

ImplementationVer1.0 Beta

BioAPISpecification

Ver.1.0

I/O Software joinedBioAPI consortium

BioAPIReference

ImplementationVer1.1

BioAPISpecification

Ver.1.1


Outline of BioAPI Structure

Application

BioAPI Framework

BSP BSP BSP

Device Device Device

API

SPI SPI SPIBSP ： Biometrics Service Provider Biometric function provided by technology vendors

SPI ： Service Provider Interface

API ： Application Program Interface

Biometric Device fingerprint scanner, camera, etc...

Middleware mediates between API & SPI ・ Reference implementation for windows is available


Outline of CBEFF Purpose

Interoperability between different systems. Accommodation to any biometric technology.

History Sponsor

NIST ITL ， Biometrics Consortium Developing organization

CBEFF Technical Development Team Cooperating with

BioAPI Consortium ， X9.F4 Working Group ， IBIA ， TeleTrustT

Publication NISTIR6529 “Common Biometric Exchange File

Format” (NIST, January 3, 2001) http://www.nist.gov/cbeff

NIST ITL ： Information Technology LaboratoryIBIA ： International Biometric Industrial Association


CBEFF Data Structure Includes three blocks SBH （ Standard Biometric Header ）

Header of CBEFF file BSMB （ Biometric Specific Memory Block ）

Contains the biometric data Vendors can place any biometric data directly into this

block Biometric information, template, original header, etc...

SB （ Signature Block ） Contains signature or MAC for integrity Optional

SBH（ Standard Biometric Header ）

BSMB（ Biometric Specific Memory Block ）

SB（ Signature Block ）


Relation Among Standardizations

The standardizations are progressing to convergence on BioAPI and CBEFF BioAPI Specification ver.1.1 （ 2001/3 ） “CBEFF” NISTIR6529 （ 2001/1 ）

BioAPI

CBEFF

ANSI X9.84

BAPI

HA-API

ANSI X9.84 ： Operating requirements for biometrics authentication systems for the financial industry

adoption

adoption

merged into

ISO7816-11

considering adoption


Outline of X9.84

Approved in March, 2001 by committee on Financial Services, X9 and subcommittee on Information Security, X9F.

A standard of biometric data management and security for financial biometric system.

X9.84 specifies Security requirements of enrollment,

verification/identification, storage, termination,etc...

Template format compatible with CBEFF


Requirements of X9.84

To maintain the integrity of biometric data and verification results

To mutually authenticate between sender and receiver component of biometric data and verification results.

To ensure the confidentiality of the biometric data

Common requirements of data management in enrollment,

verification/identification, storage, termination, etc...


Initial Enrollment for Example

Authorization to perform the enrollment process Authentication of the enrollee Maintain integrity and authenticity of templates Meet level 2 physical security requirement in a controlled

environment and level 3 in an uncontrolled environment.

DataCollection Signal

Processiong

Storage

Matching

Enrollment Model

Mechanism and procedure shall be in place to


Outline of “Best Practice” Purpose

To provide the best method for the accuracy test of biometric system in real world

Scope Any biomerics and application

Features Experimental evaluation Three test methods depending on the aim of evaluation

Technology evaluation: algorithm Scenario evaluation: Specific system assumed by an evaluator Operational evaluation: Running system

Definition of experimental condition How to select subjects, to collect biometric data, to match them…

Representation of performance ROC curve for accuracy Failure to enroll and acquire for usability Detailed report for repeatability


The Standardization of Biometrics Technologies in

Japan

Position of INSTAC/AIM/JBAA Activities of JBAA

Operating Requirements Decision Guideline Vulnerability of Biometrics Technologies Biometrics and PKI Biometrics and Privacy


Standardization Activities in Japan

ECOM WG6△ V0.5 △ Evaluation criteria for biometrics authentication V1.0

IPA Project△ Accuracy Test Guideline△ ORD Guideline

Accuracy TestJIS-TRJIS-TR△ 　　　

　△

JBAABDPP,X9.84

1996 1997 1998 1999 2001 2002 以降2000

1994CC V1.0

1995BS7799

ECOM ： Electronic Commerce Promotion Council of Japan

IPA ： Information-technology Promotion Agency,Japan

INSTAC ： Information Technology Research and Standardization Center

JIS ： Japanese Industrial Standard

JBAA ： Japan Biometric Authentication Association

CC ： Common Criteria

BS7799 ： British Standard7799

BDPP ： Biometric Devices Protection Profile

ORD: Operating Requirements Decision


ASIA Committee

（ International ）Standardization

EU/USA Committee

Biometrics Consortium

Biometrics Working Group

Bio WGMalaysia

Bio WGTaiwan BEAM Consortium

SIngapore

BEAM: Biometrics EnAbled Mobile Commerce

Korea BiometricsAssociation(KBA)JBAA

Asia Biometrics Joint Meeting

AIMJ

INSTAC/JSAISO/IEC

SC17/SC27

Position of INSTAC,AIM,JBAA

INSTAC/JSA : Information Technology Research and Standardization Center / Japanese Standards Association AIM : Automatic Identification Manufactures Association, JapanJBAA: Japan Biometric Authentication Association


How to Expand Biometrics Market?

Solution for market creation is necessary.Solution for market creation is necessary.

Image processing 　 → Security technology

Image processing 　 → Security technology

- Based on different methods and data for accuracy test- Publication of the best results

- Based on different methods and data for accuracy test- Publication of the best results

- Few examples- Indefinite requirements for security, convenience, etc.

- Few examples- Indefinite requirements for security, convenience, etc.

Standardization of accuracy test is important.

IPA/Hitachi Project ’99

（ 16 companies ）

IPA/Hitachi Project ’99

（ 16 companies ）

IPA:　Information-Technology　Promotion　Agency,Japan

(2) Cost effectiveness ？（ Business ）(3) User acceptability ？（ Social ）

(1) Accuracy ？（ Technology ）


Outline of Complete Activities

(1) ECOM Personal Authentication WG April/1996 ～ March/1998 Examine the scheme of the test and evaluation and

the personal authentication model using biometrics (www.ecom.or.jp)

(2) IPA/Hitachi National Project January/1999 ～ December/1999 Examine the standards scheme of accuracy test and

operation requirements sponsored by IPA(MITI) (www.sdl.hitachi.co.jp/ipa_biotest/ipa/english.htm)

ECOM: Electronic Commerce Promotion Council of JapanMITI: The ministry of International Trade and IndustryIPA: Information-technologies Promotion Agency of Japan


Outline of Current Activities

Standardization activities are done in two organizations

(1) Biometrics WG of INSTAC/JSA “Make a Standardization of test and evaluation of

biometrics device and system in Electronic Commerce application”

(2) Biometrics WG of AIM “Enlighten the biometrics technology and research the

biometrics market”

(3) Biometrics WG of JBAA Discussion about implementation of “Biometric

Authentication Authority” which provides network type biometric identification


Biometrics WG of INSTAC/JSAPurpose The standardization of the biometrics authentication

technologies is done in Electric Commerce application

Members of WG Chairman : N. Komatsu(Waseda Univ.) Members : METI, Animo*, Casio, Fujitsu, Hitachi*, KDDI,

Matsushita, MELCO, NEC, NTT-data* , OKI, Sony, Toshiba, etc.

* : Working Group leader

Contents of activities (1) Draft Japanese Industrial Standards of Test and

Evaluation (Physical and behavioral characteristics) (2)Liaison with ISO/IEC JTC1/SC17


Creation of real-based biometric market

Purpose of The Project

Guidelines for accuracy test

Guidelines for accuracy test

Vendors

Users

ProposalGuidelines for requirements

decision

Guidelines for requirements

decision

guide for Design Evaluation method

Valuation basisRequirements decision


(1) Objective evaluation for multiform products, various evaluators “viewpoints” and individual tests

(2) Common basis with Europe and America・ Japanese accuracy test could be accepted

・ Refer to proposals of NBTC about mathematical basis

(3) Focus on fingerprint based authentication systems

Policy of Accuracy Test


Fingerprintcapture

Decisionfunction

Fingerprint

Result(True/False)

Result(True/False)

Authentication system

Verification Device

Distance

Image enhancementFeature extraction

TemplatesMatching functionsOutput distance

Fingerprint captureFingerprint Matcher

Output distance

Verification DeviceDecision function

Output result

Verification Device

Fingerprint Matcher

Authentication system

Classification of Functional Structures

FingerprintMatcher

FingerprintMatcher

Parameters


start

・ ROC Curve・ Availability

Rate

Gu

idelin

es f

or

accu

racy

tests

Gu

idelin

es f

or

accu

racy

tests

FingerprintCollection

FingerprintCollection

VerificationVerification

AccuracyCalculationAccuracy

Calculation

Defined Items

・ Collection environment ・ Number of fingers

・ Number of fingerprints・ Experimental subjects・ Training to input finger

・ Combination of genuine ・ Combination of imposter

・ Calculation methods・ Result descriptionA

ccura

cy T

est

Soft

ware

Definition of Test ItemsTest process


Results Description FMR & FNMR as ROC curve

Calculated at each threshold or parameters Described by a logarithmic ROC curve

Availability rate Rate of persons who can use the product

０ 0.1%False Non-Match Rate(FNMR)

Fals

e M

atc

h R

ate

(FM

R)

0.01%

0.1%

0.01%

Distance （ t ）

Fre

quency

Genuine hi (t)

Imposterhg (t)

Threshold Th

FMRFNMR

Distance DistributionROC Curve


Comparison with Best Practice

Accuracy Test Guideline Best Practice Biometrics Fingerprint All biometrics technologies

Application

Verification only (1 to 1)

All applications ・Verification ・（Positive） Identification ・Negative Identification

Targ

et

Depend on a object of evaluation For algorithms Technical For devices

Scenario Evaluation

Method For systems

Operational

Results Description

・ROC(FNMR,FMR) curve ・Accuracy Test Guideline ・Test Specification

・ROC（FNMR，FMR） curve ・Failure to acquire, Failure to enroll ・Test Specification ・BinningError vs Penetration curve


Comparison with Best Practice

Item Accuracy Test Guideline Best Practice Number of Biometric

Information

Decided with expected accuracy

・As many as possible ・No strict criterion

Requirements for Fingerprint

Collection

・There must be enough time interval between collecting enrollment data and test data. ・The length of interval is not specified.

・The time interval must be longer than general time of healing of that body part. （2 to 3 weeks for fingerprints）

Availability Rate

Fingerprint data that failed to enroll or verify are not used for accuracy evaluation.

・Fingerprint data that failed to enroll or verify are not used for accuracy evaluation. ・Failure to Enroll Rate ・Failure to Acquire Rate


Outline of the ORD Guideline

(1) The guidelines provide the methods to decide the requirements for application

(2) Investigation of applications using authentication 6 fields (Finance, Public, Medical, PD/Retail, Housing,etc.) Hearing from 50 users

(3) Application model leads requirements on usability

(4) Risk analysis leads requirements on security

ORD: Operating Requirements Decision


Security Level Classification

UsabilitySafety

Level （ H ）（ M ）（ L ）

Criterion ・ Very Highl Risk・ Relation to Social Safety

・ High Risk・ Relation to Social Trust

・ Low Risk・ No necessary Security

Example Applications

・ Area Control in Nuclear Power Plant・ Area Control in Mint Bureau・ Access Control for Arms・ Area Control in Smart Card Issuer・ Access Control of CA’s Private Key

・ Area Control in Bank・ Immigration・ Access Control of Smart Card・ Debit/Credit Card・ Remote Banking・ Medical chart ・ＡＴＭ・ DB in Enterprise

・ＰＣ Log in・ Entrance of Apartment・ Attendance of Office・ User Tracking・ Observing

FAR(:ex) 0.00006 ％ 1 ％～ 0.01 ％ About １％

Expression

FRR takes first priority

FRR FAR takes first priority Functional Requirements

）（PCORPopulation )(

1

）（）（）（

PCORMember

FARPermisible


①Access Control

Authenticate Value

Real Space

Protected Space(Physical or Electronic)

③Tracking

AuthenticateID Place Time

Real Space

②Flow ControlElectronic Space

Flow of Sanction

・ Signature・ Seal

e-Doc

Real Space

Electronic Record(Log)

Safe

ty

Usability

Authenticate

Model Classification for Biometric

Applications

Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 35Requirements

Procedure of ORD

CB

Risk Analysis

Functional RequirementsSpecification

Threats Analysis

Occurrence Rate

Safety Requirements

Usability Requirements

Evaluation

Reportof device:

A

Security Level Classification

Adjustment

Value

ValueEvaluation

Model Classification

Start


ObjectTo create the fair biometric market, JBAA(1) Investigates problems of standardization of biometric

authentication(2) Proposes activities for standardization, promote projects for

common framework by academic, business, and governmental circles

Agenda(1) Interoperability　　・ Investigation of standardization of data format and API　　・ Clarifying PKI model(2) Performance　　・ Investigation of standardization for accuracy test　　・ Investigation of privacy and other compliance(3) Assurance　　・ Investigation of security standardization and protection profiles　　・ Investigation of operating requirements decision guideline and proposal of a draft.　　・ Clarifying policy for examination of vulnerability

Japan Biometric Authentication Association


Purpose - System integrators/users can select appropriate biometric

devices

Term - Sep 2000 - now

Members - Hitachi, Omron, Oki, Mitsubishi, Computer Associates, Japan

Telecom, NEC, Secure Generation, Sharp, Secom, Cyber Sign, Waseda university etc.

Outline of project (1) Research of biometric technologies (2) Discussion about problems of service/business model (3) Comprehensive discussion about common technical

problems for standardization (4) Experiment to verify above problems

Activities of Technology WG of JBAA


Privacy Consideration Biometric information can be easily stolen and forged

→ Vulnerability Biometrics is the ultimate privacy data Privacy protection in X9.84 is based on HIPAA

(Healthcare Insurance Portability and Accountability Act). Act on the prohibition of unauthorized access to

computer systems (Feb, 2000) bans dishonest acquisition and use of identification code.Biometrics fall under this category.

We should make a privacy guideline for biometric authentication systems and lead system integrator and operator to a better understanding of privacy.


Vulnerability Consideration

What’s “Vulnerability” for information systems? Characteristic of the system causes the system not to perform the

requirement designed. Vulnerability for Biometric authentication systems is…

The characteristics causes impersonation The characteristics causes the impediment of the system availability

For secure biometric authentication systems To define all of the vulnerability on the system To define the risk of every vulnerable characteristic To define the countermeasure of the vulnerable characteristics

Need for definition of the vulnerability of biometric systems


Biometrics specific vulnerability False Acceptance rate Artificial biometric object Hill-climbing attack etc…

Common vulnerability for information system Forgery or alternation of

Template data of users Matching software Result of the matching Electronic Biometric data

etc…

Examples of The Vulnerability for Biometric Authentication Systems


Comparison of PKI/Biometrics Models

Client Model Server Model

Basic model

Authentication server

Model

Basic model


Model

Templates are stored in

Client Client BCA BCA

Verified in Client ClientApplicatio

nAuthenticati

on server

Digital authenticati

on inApplication


Application


Security Requiremen

ts

・ Confidentiality in client・ Consistency with PKI

・ Integrity of biometric info. ・ Consistency with PKISuitable model should be selected according to

various system requirements


Server Model （ Basic Model ）

PKI based authentication →Biometrics authentication

Verification ofSignature &Biometrics

ApplicationServer

BCACertificate

(1)Challenge code

(2)User signature, Certificate & biometrics

(3)Service

CA

CRL

Inputbiometrics

& Sign

ClientTerminal

Secret key

UserCertificate

UserTemplate

BCA

TemplateDatabase

CACertificate

BiometricData


Client Model （ Basic Model ）

Biometrics authentication → PKI based authentication

SignatureVerification

ApplicationServer

CACertificate

(1) Challenge code

(2) User signature & Certificate

(3) Service

BiometricVerification

& Sign

ClientTerminal

Secret key

UserCertificate

UserTemplate

CA

CRL

BCA

BiometricData

Copyright(C) 2002, All rights reserved. SDL, Hitachi, Ltd. and Waseda University. 44Sign

Secret key

UIM

Certificate

CACertificate

BaseStation

CA Certificate

Signature Verification

①Challenge code

② Signature,Certificate,fingerprint data

CarrierNet

Biometric Verification

Mobile phone

BCA

Biometric CertificateDatabase

IP Network

③ Biometric Certificate

④Service

－　 Server Model －

Application Server

Biometric Authentication on Mobile Phones

Biometric

Data


Biometric DB

BiometricAuthentication

Server

Biometric Authentication Authority

Verification Engine

PKI Certificate Authority

Client① Access

② Authentication Request

EC Sites

Biometric Data

④ Authentication Request

③ Acquisition of Biometric Data

⑤ Verificatio

n⑥ Result

・・・

Biometrics

SignatureFingerprint Iris VoceHand-geometry Face

⑥ Result

Biometric Authentication Authority (Japan Telecom)


Intra-CampusＬＡＮ

Internet

Satellite CampusSatellite Campus

Mobile CampusMobile Campus

Home CampusHome Campus

　　　　　 Theater ／ Restaurant ／

Salon

　　　　　 Theater ／ Restaurant ／

Salon Ticketing CenterTicketing Center

Biometrics Campus (Mitsubishi Corp.)

COOPCOOP

Issuing Machines for

Certificates

Issuing Machines for

Certificates

Lecture RoomLecture Room

Copy MachineCopy MachineSafety BoxSafety Box

Library SystemLibrary

System

　　　　 Labs ／ Computer Rooms Library ／ Dormitory

　　　　 Labs ／ Computer Rooms Library ／ Dormitory

Workflow System for office workers

Workflow System for office workers

Student Discount User Authentication

On-line Registration for Certificates/ Student Discount

Parking LotParking Lot

Authentication Servers

Authentication Servers

ServersServers

Access Control

User AuthenticationUser Authentication

Authorization AuthenticationAttendance

On-line Attendance

On-line Registration ／On-line inquiry

Access Control for Intra-campus LAN

Application for Parking Lot

Vending MachineVending Machine

User Authentication

Cell. PhoneCell. Phone

User Authentication

ID Card(IC)ID Card(IC)

Holder Authentication


Study Items

■Standardization・ Operating requirement decision guideline・ Privacy consideration・ Vulnerability consideration・ Authentication model (PKI+biometrics)・ etc.■Utilizing merits of biometrics・ Authentication without user’s consciousness・ Authentication with user’s feelings

copyright(c) 2002, all rights reserved. sdl, hitachi, ltd. and waseda university.1 trends of...

Documents

user slide

security slide

handwriting slide

bioapi draft haapi

data format cbeff

human authentication

database interface slide

history of bioapi nist