Information technology — Common Biometric Exchange Formats Framework — Part 1: Data element specification

ISO/IEC 19785-1:2006 defines a basic structure for standardized biometric information records (BIRs) within the Common Biometric Exchange Formats Framework (CBEFF). This structure consists of three parts: the standard biometric header (SBH), the biometric data block (BDB), and the security block (SB). CBEFF also defines several data elements and their standardized abstract values that can be used in SBHs and SBs (CBEFF treats the BDB as opaque data). CBEFF also establishes mechanisms by which organizations, called 'patrons' by CBEFF, can specify and publish BIR format specifications, which are in turn called 'patron formats'. CBEFF enables patrons to develop BIR specifications that are fully standardized and interoperable, yet are specifically adapted to the requirements of a particular application environment. CBEFF defines rules for BIRs that contain only one BDB (simple BIR) and that contain at least one BDB (complex BIR). CBEFF defines mandatory data elements that identify the format of a BDB and its security attributes (encryption and integrity). All the other CBEFF-defined data elements and abstract values are optional. CBEFF enables patrons to define additional data elements and abstract values as required by the application environment.

Technologies de l'information — Cadre de formats d'échange biométriques communs — Partie 1: Spécifications de données d'élément

General Information

Status
Withdrawn
Publication Date
25-Apr-2006
Withdrawal Date
25-Apr-2006
Current Stage
9599 - Withdrawal of International Standard
Completion Date
20-Aug-2015
Ref Project

Relations

Buy Standard

Standard
ISO/IEC 19785-1:2006 - Information technology -- Common Biometric Exchange Formats Framework
English language
28 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

INTERNATIONAL ISO/IEC
STANDARD 19785-1
First edition
2006-05-01


Information technology — Common
Biometric Exchange Formats
Framework —
Part 1:
Data element specification
Technologies de l'information — Cadre de formats d'échange
biométriques communs —
Partie 1: Spécifications de données d'élément




Reference number
ISO/IEC 19785-1:2006(E)
©
ISO/IEC 2006

---------------------- Page: 1 ----------------------
ISO/IEC 19785-1:2006(E)
PDF disclaimer
This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but
shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In
downloading this file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secretariat
accepts no liability in this area.
Adobe is a trademark of Adobe Systems Incorporated.
Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation
parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In
the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below.


©  ISO/IEC 2006
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or
ISO's member body in the country of the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland

ii © ISO/IEC 2006 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC 19785-1:2006(E)
Contents Page
Foreword. iv
Introduction . v
1 Scope . 1
2 Conformance. 2
3 Normative references . 2
4 Terms and definitions. 3
5 Symbols and abbreviated terms . 6
6 Requirements . 6
6.1 General. 6
6.2 Defining a CBEFF patron format using the simple CBEFF BIR structure . 7
6.2.1 Standard biometric header (SBH) . 8
6.2.2 The Biometric data block (BDB). 8
6.2.3 Security block (SB). 8
6.3 Defining a CBEFF patron format using the complex CBEFF BIR structure . 8
6.4 Performing BIR transformations . 10
6.4.1 Transformations of enumerated abstract values . 11
6.4.2 Transformations of non-enumerated data element values . 11
6.5 CBEFF Data Elements . 11
6.5.1 CBEFF_BDB_format_owner . 11
6.5.2 CBEFF_BDB_format_type . 12
6.5.3 CBEFF_BDB_encryption_options. 12
6.5.4 CBEFF_BIR_integrity_options . 13
6.5.5 CBEFF_subheader_count. 13
6.5.6 CBEFF_BDB_biometric_type . 13
6.5.7 CBEFF_BDB_biometric_subtype . 15
6.5.8 CBEFF_BDB_challenge_response . 15
6.5.9 CBEFF_BDB_creation_date. 16
6.5.10 CBEFF_BDB_index. 17
6.5.11 CBEFF_BDB_processed_level . 17
6.5.12 CBEFF_BDB_product_owner . 17
6.5.13 CBEFF_BDB_product_type . 18
6.5.14 CBEFF_BDB_purpose. 18
6.5.15 CBEFF_BDB_quality. 19
6.5.16 CBEFF_BDB_validity_period. 19
6.5.17 CBEFF_BIR_creation_date . 20
6.5.18 CBEFF_BIR_creator. 20
6.5.19 CBEFF_BIR_index . 21
6.5.20 CBEFF_BIR_patron_format_owner.21
6.5.21 CBEFF_BIR_patron_format_type. 22
6.5.22 CBEFF_BIR_payload . 22
6.5.23 CBEFF_BIR_validity_period . 23
6.5.24 CBEFF_patron_header_version . 23
6.5.25 CBEFF_SB_format_owner . 24
6.5.26 CBEFF_SB_format_type . 24
6.5.27 CBEFF_ version . 25
Annex A (normative) Format and content of a patron format conformance statement . 26

© ISO/IEC 2006 – All rights reserved iii

---------------------- Page: 3 ----------------------
ISO/IEC 19785-1:2006(E)
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are members of
ISO or IEC participate in the development of International Standards through technical committees
established by the respective organization to deal with particular fields of technical activity. ISO and IEC
technical committees collaborate in fields of mutual interest. Other international organizations, governmental
and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information
technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of the joint technical committee is to prepare International Standards. Draft International
Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as
an International Standard requires approval by at least 75 % of the national bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.
ISO/IEC 19785-1 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,
Subcommittee SC 37, Biometrics.
ISO/IEC 19785 consists of the following parts, under the general title Information technology — Common
Biometric Exchange Formats Framework:
⎯ Part 1: Data element specification
⎯ Part 2: Procedures for the operation of the Biometric Registration Authority
⎯ Part 3: Patron format specifications
ISO/IEC 19785 is the first International Standard on CBEFF. Previous versions were published by the National
Institute of Standards and Technology (an agency of the government of the United States of America) and the
Biometric Consortium Working Group. Since the last official non-ISO/IEC release was designated Version 1.1,
the first version of ISO/IEC 19785-1 is designated Version 2.0. This is to distinguish the versions of CBEFF
products in the marketplace.
iv © ISO/IEC 2006 – All rights reserved

---------------------- Page: 4 ----------------------
ISO/IEC 19785-1:2006(E)
Introduction
The Common Biometric Exchange Formats Framework (CBEFF) promotes interoperability of biometric-based
applications and systems by specifying standard structures for biometric information records (BIRs) and a set
of abstract data elements and values that can be used to create the header part of a CBEFF-compliant BIR.
A biometric information record (BIR) is an encoding in accordance with a CBEFF patron format (see below). It
is a unit of biometric data for storage in a database or for interchange between systems or parts of systems. A
BIR always has at least two parts: a standard biometric header (SBH) and at least one biometric data block
(BDB). It may also have a third part called the security block (SB). CBEFF places no requirements on the
content and encoding of a BDB except that its length shall be an integral number of octets; the several parts of
ISO/IEC 19794 specify standardized BDB formats for a number of biometric types.
The primary purpose of CBEFF is to define abstract data elements (data elements with a set of defined
abstract values, with their semantics) that are expected to be of general utility as parts of the SBH in biometric
information records. This part of ISO/IEC 19785 defines these data elements.
A CBEFF patron format is defined for a particular domain of use. A CBEFF patron format is a full bit-level
specification of encodings that can carry some or all of the abstract values of some or all of the CBEFF data
elements defined in this part of ISO/IEC 19785 (possibly with additional abstract values determined by the
CBEFF patron), together with one or more biometric data blocks (BDBs) containing biometric data. It is
intended that there be a limited number of CBEFF patron formats in any given domain of use. However, new
technologies may evolve that need new encoding rules (or support of more or different CBEFF data elements)
and hence may require new CBEFF patron formats for a given domain of use.
CBEFF also has a requirement that a Biometric Registration Authority exist to assign unique identifiers to
biometric organizations, to biometric data block (BDB) formats, to security block (SB) formats, and to CBEFF
patron format specifications (see above); to publish them where appropriate; and to ensure that no conflicts
occur between identifiers. ISO/IEC 19785-2 specifies the procedures under which the Biometric Registration
Authority operates.
CBEFF introduces the concept of assigning a unique identifier to a biometric organization. A CBEFF biometric
organization is any organization, public or private, that requests and receives a biometric organization
identifier from the Biometric Registration Authority.
CBEFF also introduces the concept of a CBEFF patron. A CBEFF patron is an organization (registered as a
biometric organization) that specifies, or intends to specify, one or more CBEFF patron formats in an open
and public manner. Only public standards organizations such as a standards body, working group, or industry
consortium, can register as CBEFF patrons (other CBEFF biometric organizations are not CBEFF patrons). A
CBEFF patron obtains a biometric organization identifier from the Biometric Registration Authority, but has
privileges beyond those of ordinary CBEFF biometric organizations: it can define, register and publish one or
more CBEFF patron formats. The biometric organization identifier of a CBEFF patron can (but need not) be
encoded in BIRs conforming to the patron formats defined by that CBEFF patron.
CBEFF also defines the concept of a CBEFF biometric data block (BDB) format owner. A CBEFF BDB format
owner is an organization (registered as a CBEFF biometric organization) that specifies one or more BDB
format specifications. A BDB format owner obtains a CBEFF biometric organization identifier from the
Biometric Registration Authority. A BDB format owner can be a public standards organization (that would,
coincidentally, also qualify as a CBEFF patron) or any organization that has a need to define its own
vendor-specific BDB formats, whether they are to be published or not.
© ISO/IEC 2006 – All rights reserved v

---------------------- Page: 5 ----------------------
ISO/IEC 19785-1:2006(E)
A CBEFF BDB format owner defines one or more BDB formats and assigns a BDB format identifier that
unambiguously identifies that BDB format within those defined by the BDB format owner. A BDB format
identifier (and the corresponding format) may, but need not, be registered with the Biometric Registration
Authority.
CBEFF also defines the concept of a CBEFF biometric product owner. A CBEFF biometric product owner is
an organization (registered as a CBEFF biometric organization) that assigns a biometric product identifier to a
biometric product. A biometric product owner can be a public standards organization such as a standards
body, working group, or industry consortium (such an organization would, coincidentally, also qualify as a
CBEFF patron), or any organization, such as a vendor or integrator, that has a need to assign biometric
product identifiers to biometric products. A biometric product owner can also, but need not, be a BDB format
owner and vice versa.
A CBEFF biometric product owner assigns biometric product identifiers to one or more biometric products.
The identified products can be hardware or software products or a combination of hardware and software.
Examples of biometric products are biometric service providers (BSPs as defined by ISO/IEC 19784-1) and
biometric transforming applications. A biometric product identifier unambiguously identifies a biometric product
within those that have been assigned an identifier by the biometric product owner. A biometric product
identifier may, but need not, be registered with the Biometric Registration Authority.
CBEFF also defines the concept of a CBEFF security block (SB) format owner. A CBEFF security block
format owner is an organization (registered as a CBEFF biometric organization) that assigns a security block
format identifier to a security block format. A CBEFF security block format owner can be a public standards
organization such as a standards body, working group, or industry consortium (such an organization would,
coincidentally, also qualify as a CBEFF patron), or any organization, such as a vendor or integrator, that has a
need to assign security block format identifiers to security block formats. A security block format owner can
also, but need not, be a BDB format owner and vice versa.
A CBEFF security block format owner assigns security block format identifiers to one or more security block
formats. A security block format identifier unambiguously identifies a security block format within those that
have been assigned an identifier by the biometric security block format owner. A security block format
identifier may, but need not, be registered with the Biometric Registration Authority.
This part of ISO/IEC 19785 specifies a simple CBEFF BIR structure and a complex CBEFF BIR structure, and
gives the requirements for the specification of a CBEFF patron format based on one or the other of these
abstract data structures.
This part of ISO/IEC 19785 also specifies transformations of BIRs from one CBEFF patron format into a
different CBEFF patron format.
Clause 2 specifies the conformance requirements for CBEFF patrons that define CBEFF patron formats. It
also specifies the conformance requirements for biometric transforming applications and for implementations
claiming conformance to a specific patron format.
Clause 6.5 specifies the CBEFF abstract data elements and the biometric transformation requirements for
each data element.
Annex A is normative. It defines a patron format conformance statement that patrons are to complete and
publish as part of their patron format specifications as assurance that the format fully complies with CBEFF
requirements.

vi © ISO/IEC 2006 – All rights reserved

---------------------- Page: 6 ----------------------
INTERNATIONAL STANDARD ISO/IEC 19785-1:2006(E)

Information technology — Common Biometric Exchange
Formats Framework —
Part 1:
Data element specification
1 Scope
1.1 This part of ISO/IEC 19785 defines structures and data elements for biometric information records
(BIRs).
1.2 This part of ISO/IEC 19785 defines the concept of a domain of use to establish the applicability of a
standard or specification that complies with CBEFF requirements.
1.3 This part of ISO/IEC 19785 defines the concept of a CBEFF patron format, which is a published BIR
format specification that complies with CBEFF requirements, specified by a CBEFF patron.
1.4 This part of ISO/IEC 19785 defines the abstract values (and associated semantics) of a set of CBEFF
data elements to be used in the definition of CBEFF patron formats.
1.5 This part of ISO/IEC 19785 specifies the use of CBEFF data elements by a CBEFF patron to define the
content and encoding of a standard biometric header (SBH) to be included in a biometric information record
(i.e. the definition of a CBEFF patron format).
1.6 This part of ISO/IEC 19785 provides the means for identification of the formats of the biometric data
blocks (BDBs) in a BIR, but the standardization and interoperability of BDB formats is not in the scope of this
part of ISO/IEC 19785. It also provides a means (the security block) for BIRs to carry information about the
encryption of a BDB in the BIR and about integrity mechanisms applied to the BIR as a whole, but the
structure and content of security blocks is the responsibility of CBEFF patrons and is not in the scope of this
part of ISO/IEC 19785. Further, the specification of encryption mechanisms for BDBs and of integrity
mechanisms for BIRs is not in the scope of this part of ISO/IEC 19785.
1.7 This part of ISO/IEC 19785 specifies transformations from one CBEFF patron format to a different
CBEFF patron format.
1.8 The encoding of the abstract values of CBEFF data elements to be used in the specification of CBEFF
patron formats is not in the scope of this part of ISO/IEC 19785.
1.9 ISO/IEC 19785-2 specifies the operation of the Biometric Registration Authority for the issuing of
biometric organization identifiers and the registration of BDB formats, CBEFF patron formats, security block
formats, and biometric products.
1.10 A future part of ISO/IEC 19785 (ISO/IEC 19785-3) will specify several patron format specifications for
which ISO/IEC JTC 1 SC 37 is the CBEFF patron.
1.11 Protection of the privacy of individuals from inappropriate dissemination and use of biometric data is not
in the scope of this part of ISO/IEC 19785, but may be subject to national regulation.
© ISO/IEC 2006 – All rights reserved 1

---------------------- Page: 7 ----------------------
ISO/IEC 19785-1:2006(E)
2 Conformance
2.1 A conforming CBEFF patron
a) shall define CBEFF patron formats in accordance with the requirements of 6.2 (CBEFF simple BIR
structure) or in accordance with the requirements of 6.3 (CBEFF complex BIR structure);
b) shall include in the specification of a patron format
1) the (human-readable) name of the CBEFF patron,
2) the decimal and hex values of the patron identifier assigned by the Biometric Registration Authority
for ISO/IEC 19785-2,
3) the (human-readable) patron format name,
4) the decimal and hex values of the patron format identifier that the CBEFF patron has assigned to this
patron format,
5) the full ASN.1 object identifier for this patron format in both ASN.1 value notation and in XML value
notation formats,
6) a description of the intended domain of use,
7) the version identifier of the patron format,
8) the version of CBEFF under which the patron format is specified,
9) the specification of the CBEFF-defined data elements and abstract values that are supported,
10) the specification of any additional, patron-defined data elements and abstract values that are
supported
11) transformation requirements for the CBEFF_BDB_quality and the CBEFF_BIR_validity_period data
elements,
12) the abstract values and semantics of the content of the CBEFF_BDB_index and the
CBEFF_BIR_index (if used)”;
c) shall include a completed patron format conformance statement in its patron format specification in
accordance with Annex A.
2.2 A conforming biometric transformation implementation shall transform a BIR in one CBEFF patron
format into a BIR in the same or a different CBEFF patron format in accordance with the requirements of 6.4
and 6.5.
2.3 An implementation shall claim to support a (specified) CBEFF patron format if and only if it is capable of
encoding abstract values into or decoding abstract values from that (specified) CBEFF patron format.
3 Normative references
The following referenced documents are indispensable for the application of this document. For dated
references, only the edition cited applies. For undated references, the latest edition of the referenced
document (including any amendments) applies.
ISO 8601:2004, Data elements and interchange formats — Information interchange — Representation of
dates and times
ISO/IEC 10646:2003, Information technology — Universal Multiple-Octet Coded Character Set (UCS)
2 © ISO/IEC 2006 – All rights reserved

---------------------- Page: 8 ----------------------
ISO/IEC 19785-1:2006(E)
ISO/IEC 19784-1, Information technology — Biometric application programming interface — Part 1: BioAPI
specification
ISO/IEC 19785-2, Information technology — Common Biometric Exchange Formats Framework — Part 2:
Procedures for the operation of the Biometric Registration Authority
4 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
4.1
BDB format
format of a BDB defined by a CBEFF biometric organization
4.2
BDB format identifier
unique (within a biometric organization) identifier of a format for a BDB, where that format has been fully
defined by a CBEFF biometric organization called the BDB format owner
4.3
BDB format owner
CBEFF biometric organization that defines a BDB format and assigns a BDB format identifier to it
4.4
biometric (adj.)
pertaining to the field of biometrics
4.5
biometrics
automated recognition of individuals based on their behavioural and biological characteristics
4.6
biometric data block
BDB
block of data with a defined format that contains one or more biometric samples or biometric templates (see
6.2.2)
NOTE The parts of ISO/IEC 19794 specify internationally standardized BDB formats for several biometric types.
4.7
biometric information record
BIR
data structure containing one or more BDBs together with information identifying the BDB formats, and
possibly further information such as whether a BDB is encrypted or the BIR is signed
NOTE  This is a general definition applying to all BIRs. See 4.22 and 4.31 for complex BIR and simple BIR.
4.8
biometric product
software or hardware (or a combination of software and hardware) which is assigned a biometric product
identifier by a CBEFF biometric organization, called the biometric product owner of the biometric product
4.9
biometric product identifier
identifier assigned to a biometric product that unambiguously identifies the biometric product within the
biometric products that have been assigned an identifier by a biometric product owner
© ISO/IEC 2006 – All rights reserved 3

---------------------- Page: 9 ----------------------
ISO/IEC 19785-1:2006(E)
4.10
biometric product owner
CBEFF biometric organization that assigns biometric product identifiers to biometric products
NOTE The organization may or may not be the manufacturer of the products.
4.11
biometric sample
information obtained from a biometric device, either directly or after further processing
cf. raw biometric sample, intermediate biometric sample, processed biometric sample
4.12
biometric template
biometric sample or combination of biometric samples that is suitable for storage as a reference for future
comparison
4.13
biometric transformation
transformation of a BIR in an source patron format into a BIR in a target patron format
NOTE This can (but need not) include processing of the content of the BDB (see 6.5.11 and 6.5.14).
4.14
CBEFF biometric organization
organization that is accepted for registration with the Biometric Registration Authority in accordance with
ISO/IEC 19785-2
NOTE A CBEFF biometric organization can define BDB formats, assign BDB format identifiers to them, assign
biometric product identifiers to biometric products, define SB formats and assign SB format identifiers to them. If the
organization is also accepted as a CBEFF patron, it can also define CBEFF patron formats and assign CBEFF patron
format identifiers to them.
4.15
CBEFF biometric organization identifier
unique identifier assigned to a CBEFF biometric organization when it registers with the Biometric Registration
Authority in accordance with ISO/IEC 19785-2
4.16
CBEFF patron
recognized standards development organization (which can be a standards body, working group, or industry
consortium) that has been accepted for registration with the Biometric Registration Authority in accordance
with ISO/IEC 19785-2 as a CBEFF patron, and that can therefore specify one or more CBEFF patron formats
4.17
CBEFF patron format
format for a BIR that is fully-defined by a CBEFF patron (see 6.2 and 6.3)
4.18
CBEFF patron format identifier
identifier for a CBEFF patron format that is unambiguous within the context of a CBEFF patron identifier
4.19
CBEFF patron identifier
CBEFF biometric organization identifier of a CBEFF patron
4.20
CBEFF root header
CBEFF standard biometric header that precedes all other standard biometric headers in a complex CBEFF
BIR structure
4 © ISO/IEC 2006 – All rights reserved

---------------------- Page: 10 ----------------------
ISO/IEC 19785-1:2006(E)
4.21
CBEFF sub-header
CBEFF standard biometric header in a complex CBEFF BIR structure that follows the CBEFF root header and
that either immediately precedes a BDB or is followed by further CBEFF sub-headers (see 6.3)
4.22
complex CBEFF BIR structure
structure for a CBEFF BIR that can contain multiple BDBs, each having its own SBH, plus additional SBHs
that express the relationships among the BDBs (see 6.3)
4.23
domain of use
application space defined by a CBEFF patron where a CBEFF patron format specified by that patron is
intended to be used
4.24
intermediate biometric sample
biometric sample obtained by processing a raw biometric sample, intended for further processing
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.