|Open Group Technical Standard|
|CDSA/CSSM Authentication: Human Recognition Service (HRS) API|
|Document Number: C909|
©September 2000, The Open Group All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior permission of the copyright owners.
Any comments relating to the material contained in this document may be submitted to The Open Group at:
The Open Groupor by electronic mail to:
Berkshire, RG1 1AX
The Open Group is a vendor and technology-neutral consortium which ensures that multi-vendor information technology matches the demands and needs of customers. It develops and deploys frameworks, policies, best practices, standards, and conformance programs to pursue its vision: the concept of making all technology as open and accessible as using a telephone.
The mission of The Open Group is to deliver assurance of conformance to open systems standards through the testing and certification of suppliers' products.
The Open group is committed to delivering greater business efficiency and lowering the cost and risks associated with integrating new technology across the enterprise by bringing together buyers and suppliers of information systems.
Membership of The Open Group is distributed across the world, and it includes some of the world's largest IT buyers and vendors representing both government and commercial enterprises.
More information is available on The Open Group Web Site at http://www.opengroup.org.
The Open Group publishes a wide range of technical documentation, the main part of which is focused on development of Technical and Product Standards and Guides, but which also includes white papers, technical studies, branding and testing documentation, and business titles. Full details and a catalog are available on The Open Group Web Site at http://www.opengroup.org/pubs.
A Product Standard is the name used by The Open Group for the documentation that records the precise conformance requirements (and other information) that a supplier's product must satisfy. Product Standards, published separately, refer to one or more Technical Standards.
The "X" Device is used by suppliers to demonstrate that their products conform to the relevant Product Standard. By use of the Open Brand they guarantee, through the Open Brand Trademark License Agreement (TMLA), to maintain their products in conformance with the Product Standard so that the product works, will continue to work, and that any problems will be fixed by the supplier. The Open Group runs similar conformance schemes involving different trademarks and license agreements for other bodies.
Open Group Technical Standards, along with standards from the formal standards bodies and other consortia, form the basis for our Product Standards (see above). The Technical Standards are intended to be used widely within the industry for product development and procurement purposes.
Technical Standards are published as soon as they are developed, so enabling suppliers to proceed with development of conformant products without delay.
Anyone developing products that implement a Technical Standard can enjoy the benefits of a single, widely supported industry standard. Where appropriate, they can demonstrate product compliance through the Open Brand.
CAE Specifications and Developers' Specifications published prior to January 1998 have the same status as Technical Standards (see above).
Preliminary Specifications have usually addressed an emerging area of technology and consequently are not yet supported by multiple sources of stable conformant implementations. There is a strong preference to develop or adopt more stable specifications as Technical Standards.
The Open Group has published specifications on behalf of industry consortia. For example, it published the NMF SPIRIT procurement specifications on behalf of the Network Management Forum (now TMF). It also published Technology Specifications relating to OSF/1, DCE, OSF/Motif, and CDE.
In addition, The Open Group publishes Product Documentation. This includes product documentation-programmer's guides, user manuals, and so on-relating to the DCE, Motif, and CDE. It also includes the Single UNIX Documentation, designed for use as common product documentation for the whole industry.
As with all live documents, Technical Standards and Specifications require revision to align with new developments and associated international standards. To distinguish between revised specifications which are fully backwards compatible and those which are not:
Readers should note that Corrigenda may apply to any publication. Corrigenda information is published on The Open Group Web Site at http://www.opengroup.org/corrigenda.
Full catalog and ordering information on all Open Group publications is available on The Open Group Web Site at http://www.opengroup.org/pubs.
This HRS API provides a high-level generic authentication model - one suited to use with any form of human authentication - for operation with CDSA. Particular emphasis has been put on designing it for performing authentication using biometric technology.
The development of this specification has passed through several
organizational groups, but was integrated into a generic authentication
API by the BioAPI Consortium - see
This CDSA/HRS specification is based on BioAPI Version 1.0 8, published March 30, 2000, and uses the EMM facilities provided in CSSM to provide a generic authentication service for CDSA. It covers the basic functions of Enrollment, Verification, and Identification, and includes a database interface to allow a biometric service provider (BSP) to manage the identification population for optimum performance. It also provides primitives which allow the application to manage the capture of samples on a client, and the functions of Enrollment, Verification, and Identification, on a server. It is designed to support multiple authentication methods, both singularly and when used in a combined or "layered" manner.
To make the integration of the technology as straight-forward as possible (thus enhancing its commercial viability), the design approach has been to hide or encapsulate to the extent possible the complexities of the biometric technology. This approach also serves to extend the generality of the interface to address a larger set of potential biometric technologies and applications.
Motif®, OSF/1®, UNIX®, and the "X Device" are registered trademarks and IT DialToneTM; and The Open GroupTM; are trademarks of The Open Group in the U.S. and other countries.
The Open Group also acknowledges the work of the BioAPI Consortium, in the development of this HRS specification. Intel were prime contributors to the BioAPI (biological authentication application programming interface) Consortium. Special recognition is due to John Wilson (Intel) who chaired and did the technical editing for their Application Working Group, whose work resulted in a BioAPI specification.
The BioAPI Consortium published several revisions of their BioAPI specification, as their work evolved. Intel's CDSA/HRS specification is based on BioAPI Version 1.0 8, published March 30, 2000.
Information on the BioAPI Consortium is available from their Web site at http://www.bioapi.org. The following list of BioAPI member organizations (as at June 2000) indicates the broad support for their BioAPI work on defining a common biologically-based authentication API and associated measurement devices and mechanisms:
Biometric Identification Inc.
Business Integrated Technology Solutions (BITS)
Dialog Communications Systems AG
Image Computing Incorporated (ICI)
Infineon Technologies (formerly Seimens)
Integrated Visions, Inc.
Intel Corporation *
I/O Software, Inc.
J. Markowitz Consulting
Mytec Technologies *
National Biometrics Test Center
The following documents are referenced in this Technical Standard: