Middleware: Getting Between Biometric Readers and
Template Transfer/Storage
Mira LaCousCTO, VP Technology and Development
BIO-key International, Inc.
Abstract
• A crucial factor in the acceptance of biometrics is getting information and templates from biometric readers into a usable format for storage and comparison against a database. "Middleware" solutions play a major role in streamlining this information for use with other biometric templates and solutions.
Agenda
• Purpose of Middleware with Biometrics.• What does Middleware Really Do?
– User Interface– Application Interfaces– Security– Logic Control– Communications– Storage / Retrieval
• Biometrics• Thoughts on Standards.
Purpose of Middleware
• Users interacting with complex systems.• Managing the overall process.
• A case example…
What does Middleware Do?
• Provide essential functions:– User Interface– Application Interfaces– Security– Logic Control– Communications– Storage / Retrieval
• We’ll focus on Biometric Authentications.
The Architecture
Device
Application
Algorithm
Drivers
Application
API's / Interface
Authentication
Database
Transport
ClientSystem
ServerSystem
User Interface Requirements
• User interaction and prompting.• User training and guidance.• Error and Exception handling.• Cool look and feel… it is a ‘new’ technology.
API Requirements
• Must be flexible for various systems.• Provide the key functionality of:
– Administration– Enrollment– Authentication– Reports and Logs
• May conform to standards, like BioAPI.
Security Requirements
• Examine all forms of spoofing/hacking. • Protect templates and models.• Prohibit replay and other attacks.• Preserve privacy.• Stop identity theft or use.
Logic Control Requirements
• Must make decisions at various levels.• Determine flow and control of authentication.
– User Interaction– Security handling– Retry / Fail
• Ultimately the decision for access / denial.
Communications Requirements
• Handles the transport of data and control.• Issues of Firewalls must be considered.• Consider standards:
– TCP/IP & HTTP– 802.11b & Blue Tooth– USB & USB2 & Firewire– and many, many more
• Again, must fit various needs.
Storage Requirements
• Centralized or Distributed.• Manages significant data for Biometrics.• Support Verification or Identification.• Suitable for various applications.• Meets standards and open… yet secure.• Cost effective…
Now, the Biometric
• Accuracy is required– Low False Accepts (major security issue)– Low False Rejects (piss off factor)– Low Failure to Enroll (missing populations)
• Accessibility– Must be easy to use– Non-intrusive– Intuitive operation, when possible
• Cost effective
Standards
• Each are can have a standard…– Templates (CBEFF, NIST, etc)– APIs (BioAPI, BAPI, HAAPI, etc)– Security (FIPS, X.509, CDSA, IPSEC, etc)– Storage (M1, Relational, ODBC, etc)– Industry (AAMVA, HIPAA, LDAP, Novell, etc)
• Can fall to lowest common denominator.• Costs, advantages, requirements must all be
weighed and examined.
Is it Magic?
• With the right components and structure, anything is possible.
• There are many ways to the solution…
Questions?
Mira LaCous
CTO, VP Technology and Development
BIO-key International, Inc.
651-687-0414