The following charter for the OASIS XML Common Biometric Format Technical Committee is taken from the proposal to create the TC submitted to OASIS January 2002.
Biometrics are used to prove or help prove identity based on human characteristics such as DNA, fingerprints, iris scans, hand geometry, etc. This Technical Committee will define a common set of XML 1.0 encodings for the patron formats defined in CBEFF, the Common Biometric Exchange File Format (NISTIR 6529, available at http://www.nist.gov/NISTIR-6529-CBEFF). These formats will be specified in accordance with the ASN.1 schema definitions published in ANS X9.84:2000 Biometrics Information Management and Security For The Financial Services Industry© (available from the ANSI electronic bookstore at http://www.ansi.org/public/std_info.html).
Neither of the existing biometric standards, CBEFF and X9.84, provide an XML schema for securing, displaying, logging or performing database queries using biometric information. All of the security mechanisms provided in these standards are based strictly on binary, not XML, representations of information. There needs to be a standard way for such tasks to be done using XML; this is the reason for forming the XCBF TC. Provision of a standard XML schema for biometrics will also serve to promote interoperability and data exchange among the different patron formats defined in CBEFF.
The Common Biometric Exchange File Format defines a common set of data elements necessary to support multiple biometric technologies and to promote interoperability of biometric-based application programs and systems by allowing for biometric data exchange. CBEFF describes a set of "required" and "optional" data fields, a "domain of use", and "CBEFF Patron" formats that utilize some combination of these standard elements.
Patron formats specify encoding of the data elements and any additional (non-common) data elements. The two defined CBEFF Patron formats are the BioAPI Biometric Identification Record (BIR) format specified in the BioAPI Consortium BioAPI Specification Version 1.0 and the X9.84:2000 BiometricSyntax type. But all of the encoding formats defined in CBEFF and X9.84 are binary encodings, making their use in XML systems and applications limited or difficult.
A common XML schema that can carry the values in all of the CBEFF standard elements will promote the ability to exchange biometric information, between users of binary patron formats, and with XML-aware applications and systems. As new patron formats are added to CBEFF in future revisions, a common XML schema based on the X9.84 definitions should make it possible to exchange data with applications implemented using earlier versions of CBEFF.
Common, underlying type definitions will allow information to be validated and exchanged without ambiguity. The exact same values specified in binary encodings will be used in XML representations of these values. This feature of the work will serve to promote interoperable solutions.
The canonical variant of the XML Encoding Rules (CXER) will produce inputs suitable for cryptographic enhancement of the XML representations of X9.84 biometric objects, but which in that standard are expected to be processed solely in binary. All processing and security requirements used by this TC will be harmonized with standardization of the XML formats of CMS messages undertaken by ANSI X9F working groups.
The primary list of deliverables and projected dates are
As currently envisioned, the XCBF work will take place in three phases:
This phase will also require obtaining copies of all of the documents needed to complete the work of XCBF and making these available to members, which may involve forging liaisons. It may be necessary to create tutorial materials on using ASN.1 schema and the XML Encoding Rules (XER). A start at creating presentation materials to promote XCBF will begin during this phase and should be completed as soon as possible.
A second phase will concentrate on the digital signature and and authentication techniques applied to the XER encodings of the ASN.1 values whose types are defined in X9.84. XCBF digital signature processing techniques and security requirements should follow the work being done on X9.96 XML Cryptographic Message Syntax (XCMS) in the X9F3 working group. This will ensure that the XCBF results are suitable for use in the Financial Services industry and electronic commerce applications.
As the X9.84 and BIR CBEFF patron format values will be aligned, the same XML markup will be used for both patron formats, though the actual content values will be based on the ASN.1 schema defined in X9.84. A mapping between the two formats will need to be described, and attention should be given to those cases in which for a given BIR representation there is no comperable representation in X9.84. For example, some of the BIR values are represented as bit masks that map to single integers in X9.84.
It is estimated then that the first phase will take two to three months to complete. The second phase will take roughly nine months, and the third may take an additional three to six months. Some delays are possible since the security aspects of XCBF will depend on the progression of X9.96 in ANSI X9F3.
In order to achieve maximum interoperability between the efforts of various standards organizations, XCBF deliverables may depend on completion of the ongoing smart card work being done by NIST in CBEFF, any new work undertaken by the INCITS M1 Biometrics TC, and activities of liaison organizations related to XCBF.
The language in which the TC will conduct business will be English. Speakers of other languages are encouraged to participate.