CBEFF

Last updated

CBEFF (Common Biometric Exchange Formats Framework) is a set of ISO/IEC standards defining an approach to facilitate serialisation and sharing of biometric data in an implementation agnostic manner. This is achieved through use of a data structure which both describes, and contains, biometric data.

Contents

Overview

CBEFF defines abstract data elements used to construct Biometric Information Record (BIRs). A BIR consists of:

The Biometric Data Block (BDB) format requirements are not defined by CBEFF. Instead, the root header (SBH) identifies the remaining BIR data elements, such as the BDB type and information related to any child or sibling BIRs. If included, the optional Security Block (SB) specifies encryption and integrity information for the entire structure.

Overview of a simple CBEFF BIR structure CBEFF structure.png
Overview of a simple CBEFF BIR structure

CBEFF defines the following types of CBEFF BIR structures:

These CBEFF BIR structures allow different BIR contents and configurations, including single BIRs, child BIRs, and multiple linked BIRs to meet the demands of a given domain of use. A CBEFF patron format is then defined using one of the CBEFF BIR structures. The CBEFF patron format definition will specify the required and optional CBEFF data elements, any patron-specific data elements, and any abstract values. A specific CBEFF patron format can then be used by one or more entities to exchange biometric data. CBEFF BIR structures and data elements can be seen as the building blocks for the CBEFF patron formats used for biometric data exchange.

History

CBEFF was developed through a series of workshops from 1999 to 2000 by the CBEFF Development Team composed of the National Institute of Standards and Technology (NIST) and the BioAPI Consortium. From 2001 until 2006 CBEFF was maintained as the NISTIR 6529 standard, until February 2005 when it was adopted as the ANSI INCITS 398-2005 standard. In May 2006, it was adopted as an international standard ISO/IEC 19785 by ISO/IEC. CBEFF is presently maintained within ISO/IEC JTC 1/SC 37. ISO/IEC 19785 is a multipart standard consisting of:

Purpose

The intent of CBEFF is to define an approach to generically store and exchange biometric data in a structure where accompanying meta-data defines the data it carries. This means a client application need not be concerned with the specifics of every possible biometric type (eg: face, finger, iris, etc) or encoding format (eg: XML, TLV encoded, simple byte encoded, etc), rather it needs know only two things to access data it is interested in:

  1. how to parse the header (SBH) of a CBEFF compliant data structure, and;
  2. know the identifier for each specific biometric type it is capable of parsing (where the identifier is obtained from the SBH)

The motivation for a self-describing data format reduces the burden on client applications in dealing with a multitude of biometric types and encodings. This strategy permits an application to effectively ignore any biometric data unknown to it. Using CBEFF an application needs only know how to read a CBEFF structure to gain knowledge about whether the biometric data it contains is of interest.

CBEFF patron formats combine the abstract CBEFF data elements into application and domain specific structures for particular use cases. A patron is simply any organisation authorised to define a CBEFF patron format. Use of one of these patron formats is necessary for the client application to know what format to expect for the SBH. In some cases, a particular patron format may use a self-identifying structure, which includes meta-data informing the client of the type of patron format to expect.

CBEFF may be of use in any system where a variety of biometric types and/or encoding formats are present. In this case sub-systems within a system may each specialise in a particular biometric characteristic where use of CBEFF permits each sub-system to selectively consume or ignore data based on information in the CBEFF header without concern for the specific biometric.

An example may be a system capable of enrolling either face or finger biometric samples, where all captured biometric data is input to a common location. If all captured data is contained in CBEFF structures each sub-system (finger or face) could poll the incoming location to inspect and select only the data relating to the biometric modality that system is interested in. The important point is the ‘inspect and select’ process is completed without regard for the actual biometric data contained in the CBEFF structure and the decision on whether to consume biometric data is based solely on meta-data in the Standard Biometric Header

Biometric Identifiers and Biometric Registry

CBEFF makes use of well-defined identifiers to inform applications about the data contained in the CBEFF structure. To ensure the set of identifiers are universally accepted and used consistently, the CBEFF standard requires a registry (the Biometric Registration Authority) be maintained to record identifiers used by CBEFF. Currently this authority is the International Biometrics + Identity Association (IBIA). IBIA maintain lists of identifiers specifying various information which may be conveyed in a CBEFF structure. Examples of some of the identifier lists maintained in the registry include:

Any organisation working in the field of biometrics may apply for registration to the registry as a Biometric Organisation, but registration as a CBEFF patron requires the organization to be a producer of open standards. Once accepted the organisation may then register identifiers to define biometric elements for containment in a CBEFF structure. The registration procedure is defined at IBIA registration

Example Biometric Identifiers

A notable use case for CBEFF is in ePassports. The chip of an ePassport may optionally contain a variety of biometric types (eg: face, finger, iris) as permitted by the ICAO 9303 standard, however all ICAO compliant ePassports are required to contain a face biometric reference relating to the holder of the passport. This is typically an image of the passport holder and a small amount of meta-data describing the image.

The face biometric reference for the passport is contained within a BIR, where the Standard Biometric Header of the CBEFF will contain the following values to denote:

Data is encoded on the ePassport chip in a binary format; an extract of which shows part of the Standard Biometric Header of the CBEFF structure.

9303 data group 2 cutdown.png

It is worth noting that in this example data is formatted in a Tag-Length-Value (TLV) structure which is not a self-identifying CBEFF patron format. As such, a client reading data from an ePassport needs be aware that the TLV patron format is used in ePassports as the format is not specified in any fields in the BIR (Biometric Information Record).

Specifically of interest are the sections highlighted, which are described in the table below:

TagField Length (bytes)Identifier (hex)Specified in the registry as...
CBEFF Patron Header Version80020101Version Major = 1, Minor = 1
BDB Biometric Type81102BDB contains biometric Face data
BDB Format Owner8720101ISO/IEC JTC 1 SC 37-Biometrics
BDB Format Type8820008ISO/IEC 19794-5 face image exchange format

In the case of an ePassport these values inform an application of the following information related to the CBEFF structure:

Note: all values are universally defined in the Biometrics ID Registry maintained by IBIA.

Related Research Articles

MPEG-2 Video encoding standard

MPEG-2 is a standard for "the generic coding of moving pictures and associated audio information". It describes a combination of lossy video compression and lossy audio data compression methods, which permit storage and transmission of movies using currently available storage media and transmission bandwidth. While MPEG-2 is not as efficient as newer standards such as H.264/AVC and H.265/HEVC, backwards compatibility with existing hardware and software means it is still widely used, for example in over-the-air digital television broadcasting and in the DVD-Video standard.

XML Markup language by the W3C for encoding of data

Extensible Markup Language (XML) is a markup language and file format for storing, transmitting, and reconstructing arbitrary data. It defines a set of rules for encoding documents in a format that is both human-readable and machine-readable. The World Wide Web Consortium's XML 1.0 Specification of 1998 and several other related specifications—all of them free open standards—define XML.

ISO/IEC 7816 is an international standard related to electronic identification cards with contacts, especially smart cards, and more recently, contactless mobile devices, managed jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).

JPEG 2000 Image compression standard and coding system

JPEG 2000 (JP2) is an image compression standard and coding system. It was developed from 1997 to 2000 by a Joint Photographic Experts Group committee chaired by Touradj Ebrahimi, with the intention of superseding their original JPEG standard, which is based on a discrete cosine transform (DCT), with a newly designed, wavelet-based method. The standardized filename extension is .jp2 for ISO/IEC 15444-1 conforming files and .jpx for the extended part-2 specifications, published as ISO/IEC 15444-2. The registered MIME types are defined in RFC 3745. For ISO/IEC 15444-1 it is image/jp2.

The JPEG File Interchange Format (JFIF) is an image file format standard published as ITU-T Recommendation T.871 and ISO/IEC 10918-5. It defines supplementary specifications for the container format that contains the image data encoded with the JPEG algorithm. The base specifications for a JPEG container format are defined in Annex B of the JPEG standard, known as JPEG Interchange Format (JIF). JFIF builds over JIF to solve some of JIF's limitations, including unnecessary complexity, component sample registration, resolution, aspect ratio, and color space. Because JFIF is not the original JPG standard, one may expect another mime-type, but somehow it's still registered as "image/jpeg".

ISO/IEC 14443Identification cards -- Contactless integrated circuit cards -- Proximity cards is an international standard that defines proximity cards used for identification, and the transmission protocols for communicating with it.

Advanced Audio Coding (AAC) is an audio coding standard for lossy digital audio compression. Designed to be the successor of the MP3 format, AAC generally achieves higher sound quality than MP3 encoders at the same bit rate.

Proximity card Contactless smart card

A proximity card or prox card also known as a key card or keycard is a contactless smart card which can be read without inserting it into a reader device, as required by earlier magnetic stripe cards such as credit cards and contact type smart cards. The proximity cards are part of the contactless card technologies. Held near an electronic reader for a moment they enable the identification of an encoded number. The reader usually produces a beep or other sound to indicate the card has been read.

ISO/IEC 2022Information technology—Character code structure and extension techniques, is an ISO/IEC standard in the field of character encoding. Originating in 1971, it was most recently revised in 1994.

Electronic Product Code

The Electronic Product Code (EPC) is designed as a universal identifier that provides a unique identity for every physical object anywhere in the world, for all time. The EPC structure is defined in the EPCglobal Tag Data Standard, which is an open standard freely available for download from the website of EPCglobal, Inc. The canonical representation of an EPC is a URI, namely the 'pure-identity URI' representation that is intended for use when referring to a specific physical object in communications about EPCs among information systems and business application software.

Registration authorities exist for many standards organizations, such as ANNA, the Object Management Group, W3C, IEEE and others. In general, registration authorities all perform a similar function, in promoting the use of a particular standard through facilitating its use. This may be by applying the standard, where appropriate, or by verifying that a particular application satisfies the standard's tenants. Maintenance agencies, in contrast, may change an element in a standard based on set rules – such as the creation or change of a currency code when a currency is created or revalued. The Object Management Group has an additional concept of certified provider, which is deemed an entity permitted to perform some functions on behalf of the registration authority, under specific processes and procedures documented within the standard for such a role.

The ISO/IEC 11179 Metadata Registry (MDR) standard is an international ISO/IEC standard for representing metadata for an organization in a metadata registry. It documents the standardization and registration of metadata to make data understandable and shareable.

An IETF BCP 47 language tag is a standardized code or tag that is used to identify human languages in the Internet. The tag structure has been standardized by the Internet Engineering Task Force (IETF) in Best Current Practice (BCP) 47; the subtags are maintained by the IANA Language Subtag Registry.

Program stream is a container format for multiplexing digital audio, video and more. The PS format is specified in MPEG-1 Part 1 and MPEG-2 Part 1, Systems. The MPEG-2 Program Stream is analogous and similar to ISO/IEC 11172 Systems layer and it is forward compatible.

MPEG-1 Audio Layer I, commonly abbreviated to MP1, is one of three audio formats included in the MPEG-1 standard. It is a deliberately simplified version of MPEG-1 Audio Layer II, created for applications where lower compression efficiency could be tolerated in return for a less complex algorithm that could be executed with simpler hardware requirements. While supported by most media players, the codec is considered largely obsolete, and replaced by MP2 or MP3.

ISO/IEC base media file format (ISOBMFF) defines a general structure for time-based multimedia files such as video and audio. It is standardized in ISO/IEC 14496-12, a.k.a. MPEG-4 Part 12, and was formerly also published as ISO/IEC 15444-12, a.k.a. JPEG 2000 Part 12.

ISO/IEC 19794 Information technology — Biometric data interchange formats — Part 5: Face image data, or ISO/IEC 19794-5 for short, is the fifth of 8 parts of the ISO/IEC standard ISO/IEC 19794, published in 2005, which describes interchange formats for several types of biometric data. ISO/IEC 19794-5 defines specifically a standard scheme for codifying data describing human faces within a CBEFF-compliant data structure, for use in facial recognition systems. Modern biometric passport photos should comply with this standard. Many organizations and have already started enforcing its directives, and several software applications have been created to automatically test compliance to the specifications.

X.690 is an ITU-T standard specifying several ASN.1 encoding formats:

ISO/IEC JTC 1/SC 37 Biometrics is a standardization subcommittee in the Joint Technical Committee ISO/IEC JTC 1 of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), which develops and facilitates standards within the field of biometrics. The international secretariat of ISO/IEC JTC 1/SC 37 is the American National Standards Institute (ANSI), located in the United States.

References


    This page is based on this Wikipedia article
    Text is available under the CC BY-SA 4.0 license; additional terms may apply.
    Images, videos and audio are available under their respective licenses.