Upload
lisa-mcdaniel
View
213
Download
0
Embed Size (px)
Citation preview
The BioAPI Specification:Recipe for Interoperability & Interchangeability
Catherine Tilton
SAFLINK
Chair, BioAPI Consortium703-708-9280
NCITS M1 Meeting16 February 2002
M1/02-0017
NCITS M1 2
Overview
• Introduction
• The BioAPI Specification
• Reference Implementation
• Conformance Test Suite
• Linux Port
• Open Systems
• Products
• Summary
NCITS M1 3
API Standards
A biometric API standard defines a generic way of interfacing to a broad range of biometric technologies.
Benefits:
o Easy substitution of biometric technologies
o Use of biometric technology across multiple applications
o Easy integration of multiple biometrics using the same interface
o Rapid application development - increased competition (tend to lower costs)
NCITS M1 4
Who is the BioAPI Consortium?
• Founded in 1998
• Purpose: – Development of a standard biometric API to bring platform and
device independence to application developers, integrators, and end-users
• Membership– Over 90 members– International– Representatives from industry, government, academia– Biometrics vendors, integrators, end-users; OEMs, IT
• Organization– 7 member steering committee– 4 working groups
NCITS M1 5
BioAPI MembershipAcys Biometrics USA, Inc.Ambition Global Co., Ltd.Ankari, Inc. AuthentecBarclays BankBergdata USA, Inc.BioFinger Tech. Corp.BioLink Technologies Intl.BioIDBiometixBiometric Verification Inc.Biometrics.co.zaBioNetrixBioPassword Security SystemsBioScrypt Inc. *BITS, Inc.Cognitec AGCompaq Computer Corp. *Configate, Ltd.Cyberlink SystemsDaon Intervaces Ltd.Datastrip, Inc.Defense Info. Sys. AgencyDigital PersonaeCryp, Inc.emagineitonlineEthenticaeTrue, Inc.EviveFAAFidelica Microsystems, Inc.
Fingerprint Cards ABFingersecGemplusHewlett-PackardHunno Technologies, Inc.IdentalinkIdentification & Verification Intl.Identification Systems DERMALOG GMBHIdentixIkendiImage Computing Inc. (ICI)Infineon TechnologiesIntel Corporation *I/O Software, Inc.Iridian Technologies *ISC/US Inc.ITT IndustriesJ. Markowitz ConsultingJanus AssociatesKaiser PermanenteKeyware TechnologiesLCI SmartPen n.v.Leading Edge Security Ltd.Locus DialogueLogico Smartcard Solns GMBHMiaxis Biometrics CompanyNanyang Tech. Univ.National Biometrics Test Cen.NIST *National Security Agency (NSA)\
NgeeAnn Polytechnic of IndustryNEC CorporationNeurodynamics Ltd.OKI Electric Industry Co., Ltd.OmnikeyPrecise Biometrics RaytheonRecognition SystemsSAFLINK Corp. *Sagem-MorphoSec2WirelessSecugenSensecurity Pty. Ltd.StartekSTMicroelectronicsSupremaSystemneeds, Inc.TechGuard SecurityTelework CorporationTransaction SecurityTransforming TechnologiesTRWTunitas GroupUniSoft CorporationUnisys *VeridicomViatec ResearchVisionicsVoice IQ, Inc.Voice VotingYuropa
* Steering Committee
NCITS M1 6
BioAPI Leadership
• Steering Committee– Bioscrypt, Colin Soutar– Compaq, Manny Novoa– Intel, John Wilson
(Technical Editor)– Iridian, Jim Cambier
(Treasurer)– NIST, Fernando Podio– SAFLINK, Cathy Tilton
(Chair)– Unisys, Ralph Hayne
(Secretary)
Note: SC election in progress
• Working Groups– Applications (AWG)
• John Wilson, Intel– External Liaison (XWG)
• Fernando Podio, NIST– Reference Implementation
(RWG)• Colin Soutar, Bioscrypt
– Conformance Test Suite (CWG)
• Jim Cambier, Iridian
Note: New WG under consideration (module arch)
NCITS M1 7
BioAPI SpecificationBASIC FUNCTIONS
• BSP management functions– ModuleLoad
• Load BSP & enable events
– ModuleAttach• Attach BSP to BioAPI framework
• Enroll user– Enroll
• Create template & store in user account DB
• Verify asserted identity (1:1)– Verify
• Live input matched against one stored template
• Discover user’s identity (1:N)– Identify
• Live input matched against set of stored templates
PRIMITIVE FUNCTIONS• Capture
– CapturedBIR is an “intermediate” BIR– Purpose recorded in BIR– AuditData is “raw” BIR
• CreateTemplate– Purpose must be “Enroll…”– NewTemplate can be an adaptation of a
StoredTemplate
• Process – Purpose must be Verify or Identify– Converts “intermediate” to “processed”
BIR (if algorithm installed in BSP)
• VerifyMatch– Perform 1:1 match
• IdentifyMatch– Perform 1:N match against specified DB
• Import– Imports non-real-time data for processing
NCITS M1 8
Optional Capabilities
• Return of raw/audit data• Return of quality• Application-controlled GUI• GUI streaming callbacks
• Detection of source presence
• Payload carry• BIR signing• BIR encryption
• Return of FRR• Model adaptation• Binning• Client/server
communication• Self-contained device
NCITS M1 9
BioAPI Architecture
Biometric Functions
Callback/Event Functions
Module ManagementFunctions
Application
Mgmt Functions
Biometric Service Provider Interface
Internal biometric service providers development interface
Capture Process
Verify
Create Temp
Bio API 1.0
Finger BSP
VoiceBSP
FaceBSP
CaptureDevice
CaptureDevice
CaptureDevice
HandBSP
CaptureDevice
SignatureBSP
CaptureDevice
Bio
API R
unti
me
ID_Match
Enroll
Handle Operations Import Ver_Match
Identify
Database Functions
Add
Delete
Get
Query
NCITS M1 10
BioAPI Features
• Standardizes functions PLUS– Standard biometric data record format (CBEFF)– Normalizes scoring & thresholding
• Rich feature set supports:– True client/server implementations– Model adaptation– Application control of GUI– App or BSP/internal database options– Data payloads– Configuration flexibility through basic and primitive
operations
NCITS M1 11
How does it work?
BioAPI
BSP
ProcessCapture
GUIVerify (h,template,result….)
“live”
Bitmap/stream
Match
Get template
Bitmap/stream Responses
ApplicationDatabase
Template
Result = probability that user matches template
“stored”
Compare “live” v “stored”
NCITS M1 12
Reference Implementation
• BioAPI runtime software– Middleware between BioAPI
compliant application and BioAPI compliant BSP
• Major functions:– Module loading/attaching
– Module management
– Module registry
– Call passthrough/API-SPI translation
• Components– Framework, MDS
– Password BSP (sample)
– Sample app/exerciser
– Installers
• Written in C, Win32 implementation
• Based on proven CDSA HRS code base
• Code portable to other environments– No OS specific calls
– Port library / file system access
• Open source/public domain• Downloadable from web• BSPs in development• Linux/Unix port – need sponsor• Code update in progress
NCITS M1 13
Conformance Test Suite• Effort initiated
– Lead by Iridian Tech
• Coordinating with DoD BMO• Potential vendor(s) identified• Effort estimate developed• Detailed project plan/SOW in
progress• Goals:
– Single CTS– Publicly available (open
source)– Broad use by vendors, end
users, labs, consortium
• No certification/branding program yet planned, but being considered
Test Harness• Build• Auto test/doc
Test Mgmt/Reporting
API Tests
Reference Implementation
BSP (under test)
NCITS M1 14
Linux Port
• Planned to begin porting effort immediately since release of Ver 1.1 of Win32 reference implementation
• CDSA HRS already ported– BioAPI uses same code
base, same port library
• Effort estimated to be relatively small– Plug in new port library– Recompile, debug– Optionally port utilities
Framework MDS
ModuleRegistry
PortLibrary
Utilities
• API-SPI translation• Module management• Module load/attach
•Registry editor•Sample application•Sample BSP (password)
NCITS M1 15
Open Systems
• Platform (OS) independent– Designed for use in any environment– Supports cross-platform implementations– Heterogeneous environments– Can support Windows, Unix, Linux, Java
• Open system standards provide:– Broader market for biometric technologies– Lower risk to integrators & end users– Adds flexibility– Expands selections
NCITS M1 16
Open Systems (cont’d)
• Scenario– Windows workstation with browser– Sun Solaris web server
• BioAPI is public domain & open source
Open Systems = Freedom of Choice
BioAPI R/T
BSP BSP
Web Browser
Windows PC
BioAPI R/T
BSP BSP
Web App
Sun Solaris
NCITS M1 17
BioAPI Status
• Ver 1.1 accepted into NCITS Fast Track Process• Ver 1.1 of specification released 16 March 2001
– Minor corrections to Ver 1.0 published 30 Mar 2000
• Reference Implementation released concurrently (Win32)• Conformance Test Suite in progress• Unix/Linux port planned – investigating sponsors• BioAPI User’s & Developer’s Seminar held 6 Apr 00
– Transcripts (tutorial format) in progress
• Membership continues to grow (currently 86)• US DoD BMO and GSA Smart Card Program requiring BioAPI
compliance• Compatible with CBEFF, ANSI X9.84, CDSA HRS• Products now available (list is growing)
NCITS M1 18
BioAPI Compliant Products
• Announced:– Visionics (face)
– SOFTPRO (signature)
– PenFlow (signature)
– Identification Systems Dermalog GmbH (fingerprint)
– Fingerprint Cards (fingerprint)
– BioID (multiple)
– Secugen (fingerprint)
– BioScrypt (fingerprint)
• Reported in progress:– Ikendi (fingerprint)
– Infineon (fingerprint)
– STMicro (fingerprint)
– Iridian (iris)
– Cognitec (face)
– Precise Biometrics (finger)
• Apps:
– Omnikey (screen saver)– Ankari (in progress)
– SAFLINK (in progress)• Notes: – BioAPI compliance is based on vendor self-claim. The BioAPI Consortium does not warrant product conformance to the BioAPI specification.– Check with vendors to confirm product availability.
NCITS M1 19
NCITS Fast Track Status
• 11 July, NCITS voted to accept BioAPI as for its Fast Track process, pending approval by BioAPI members
• MOU drafted 7/27; tailored 8/17• BioAPI ballot 8/31 – 9/7; approved 9/7
– 62 ballots received – all YES– Press release issued on 9/20
• Specification reformatted as BSR NCITS 358 (project 1538-L)• Public review completed 12/3• Next steps:
– Complete management review; letter ballot; ANSI approval
• Entire process takes 4-6 months• If no roadblocks, BioAPI is licensed to ANSI to publish• Inquiries have been made regarding subsequent transition to
ISO
NCITS M1 20
Summary
• It’s here!– BioAPI Specification Ver 1.1– Reference Implementation 1.1– Products
• www.bioapi.org