JTC 1 SC 37 Biometrics International Standards

Transcription

1 JTC 1 SC 37 Biometrics International Standards Dr. Stephen Elliott Biometrics Standards, Performance, and Assurance Laboratory Purdue University

2 Overview Market Opportunities for Biometric Technologies and Standards SC Planning Activities Cooperation With Other Organizations Adoption Examples

3 Market Opportunities for Biometric Technologies and Standards Using biometrics for identifying human beings offers some unique advantages. Used alone, or together with other authentication technologies such as tokens, biometric technologies can provide higher degrees of security than other technologies used alone and can also be used to overcome their weaknesses.

4 Market Opportunities for Biometric Technologies and Standards Ensuring uniqueness of identity (de duplication of records) Deploying biometric based systems for interoperability and data interchange requires a comprehensive set of international standards that meet the customers needs.

5 Market Opportunities for Biometric Technologies and Standards Examples 1,2 Increasing number of global government projects Border, aviation, maritime, and transportation security Physical / logical access control Financial institutions Employee-based / customer-based (e.g., safe deposit boxes) Healthcare industry Service provider security to protect patient privacy Patient delivery verification protecting patient and provider Educational applications School lunch programs / online identity verification Parent / Guardian verification for child release 1, 2: Frost & Sullivan, July 2008 & International Biometric Industry Association 2008

6 Market Opportunities for Biometric Technologies and Standards Examples 1,2 Consumer uses expected to significantly increase: Personal security and convenient: Cell phones Mobile computing devices laptops, PDS, etc. Portable memory storage Home automation and security: Home alarm systems & environmental controls Door locks & access control systems Retail: Point of purchase authentication at retail locations Gaming and hospitality industries 1, 2: Frost & Sullivan, July 2008 & International Biometric Industry Association 2008

7 Landscape of Biometrics / Related Standards Development within ISO/IEC ISO IEC ITU-T SG17 ISO/IEC JTC 1 Information Technology ILO / ICAO SC 17 Cards & Personal Identification SC 37 Biometrics SC 27 IT Security Techniques BioAPI Consortium IBIA

8 Cooperation Examples Across Subcommittees SC 37 expert team contributes to SC 27 projects: Authentication context for biometrics (ACBio) Security evaluation of biometrics Glossary of IT security terminology Template protection Interest in reviewing: Framework for Identity Management Privacy framework Privacy reference architecture Liveness detection

9 Cooperation Examples Across Subcommittees SC 37 expert team contributes to SC 17 projects: Identification cards -- Integrated circuit cards -- Part 11: Personal verification through biometric methods Identification cards On-Card matching Collaborative work with ITU-T SG17 Q.8: BioAPI Interworking Protocol Liaison relationship with ILO: Biometric profile for Seafarers

10 Current Status SC37 continues the development of the second generation of biometric standards goal of improving the existing standards, adding functionality to the published standards and, reflecting technology innovations and new customers needs

11 Examples of Organizations / Countries Requiring / Recommending SC 37 Standards International Civil Aviation Organization (ICAO): Requirements for Machine Readable Travel Documents International Labor Office of the United Nations Requirements for a Seafarer s ID Card The EU passport specification working document Based on EU s Council Regulation on standards for security features and biometrics in passports and travel documents issued by Member States. Spain: National ID Cards / Passports USA: Registered Traveller / Registry of USG Recommended Biometric Standards

12 Program of Work 41 international standards published 6 Technical Reports

13 Structure of SC37 Biometric Profile Biometric Security Biometric Application Programming Interface ISO/IEC JTC 1 SC 37/WG 4 (e.g., IS ) ISO TC 68 (e.g., IS &2) ISO/IEC JTC 1 SC 27 ISO/IEC JTC 1 SC 37/WG 2 (e.g., IS &2) Common Biometric Exchange Formats Framework ISO/IEC JTC 1 SC 37/WG 2 (e.g., IS &2) Biometric Data Interchange Formats ISO/IEC JTC 1 SC 37/WG 3 (e.g., IS )

14 SC37 Structure WG1 Vocabulary develop a harmonized vocabulary of biometric terms WG2 Biometric technical interfaces continues to address the standardization of all necessary interfaces and interactions between biometric components and sub systems, including the possible use of security mechanisms to protect stored data and data transferred between systems.

15 SC37 Structure WG3 Biometric data interchange formats addresses the standardization of the content, meaning, and representation of biometric data formats which are specific to a particular biometric technology or technologies

16 SC 37 Structure WG 4 Biometric functional architecture and related profiles addresses the standardization of biometric functional architecture and related profiles that bind together the various biometric related base standards in a manner consistent with functional blocks of operation of biometric systems.

17 SC 37 Structure WG 5 Biometric testing and reporting addresses the standardization of testing and reporting methodologies and metrics that cover biometric technologies, systems and components.

18 SC 37 Structure WG 6 Cross jurisdictional and societal aspects of biometrics addresses standardization in the field of crossjurisdictional and societal aspects in the application of international biometrics standards.

19 Conclusions ISO/IEC JTC 1 SC 37 continues to work on biometric standards that are relevant to the marketplace Our next meeting is in January 2011, Stockholm, Sweden.