Resources
- Identity Use Cases & Scenarios.
- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- D3.1: Overview on IMS.
- D3.2: A study on PKI and biometrics.
- D3.3: Study on Mobile Identity Management.
- D3.5: Workshop on ID-Documents.
- D3.6: Study on ID Documents.
- D3.7: A Structured Collection on RFID Literature.
- D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication.
- D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management.
- D3.10: Biometrics in identity management.
- D3.11: Report on the Maintenance of the IMS Database.
- D3.15: Report on the Maintenance of the ISM Database.
- D3.17: Identity Management Systems – recent developments.
- D12.1: Integrated Workshop on Emerging AmI Technologies.
- D12.2: Study on Emerging AmI Technologies.
- D12.3: A Holistic Privacy Framework for RFID Applications.
- D12.4: Integrated Workshop on Emerging AmI.
- D12.5: Use cases and scenarios of emerging technologies.
- D12.6: A Study on ICT Implants.
- D12.7: Identity-related Crime in Europe – Big Problem or Big Hype?.
- D12.10: Normality Mining: Results from a Tracking Study.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D3.10: Biometrics in identity management
Annex 1: Acronyms and Glossary
Note of the editors:
For biometric terms and terminology, the editors refer in the first place to the definitions and terms as currently being drafted by the ISO JOINT TECHNICAL COMMITTEE ISO/IEC JTC 1, SUBCOMMITTEE SC 37.
The latest version of the working document is named Biometrics. Standing Document 2 (SD 2) version 8, Harmonized Biometric Vocabulary, is dated 22 August 2007 and is available at: http://isotc.iso.org/livelink/livelink/fetch/2000/2122/327993/2262372/2263034/2299802/JTC001-SC37-N-2263.pdf?nodeid=6714553&vernum=0 (last visited on 30 August 2007).
Terms of the glossary of the present report which are defined in that working document are indicated with an asterisk and the suggested definition of the aforementioned working document of JTC 1/SC 37 is used in this glossary.
An extract of the terms of a previous version of a working document of this group is also available at:
http://isotc.iso.org/livelink/livelink?func=ll&objId=2262372&objAction=browse&sort=name (last visited on 29 June 2007))
A shorter list of biometric terms which is already available since some time can be found on the CESG-Homepage (National Technical Authority for Information Assurance, UK), at:
http://www.cesg.gov.uk/site/ast/index.cfm?menuSelected=4&subMenu=4&displayPage=401 (last visited on 30 August 2007).
Some of the terms mentioned at the CESG page are also mentioned in this glossary.
Because the definition of biometric vocabulary is in full development, full consistency of the terms used in this glossary as well as in the present report has been strived for but is not guaranteed.
Attempt | The submission of a biometric sample to a biometric system for identification or verification. A biometric system may allow more than one attempt to identify or verify |
AFIS | Automated Fingerprint Identification System |
AFNOR | Association Française de Normalisation |
BAC | Basic Access Control |
BEM | Biometric Evaluation Methodology |
BEM WG | BEM Working Group |
Biometrics* | Automated recognition of individuals based on their behavioural and biological characteristics |
BioAPI | Biometrics Application Programming Interface standard |
Biometric data* | Biometric sample at any stage of processing, biometric reference, biometric feature or biometric property |
Biometric feature* | Numbers or labels extracted from biometric samples and used for comparison |
Biometric identification application* | System which contains an open-set or closed-set identification application |
Biometric reference* | One or more stored biometric samples, biometric templates or biometric models attributed to a biometric data subject and used for comparison |
Biometric sample | A biometric measure presented by the user and captured by the data collection system |
Biometric system* | System for the purpose of the automated recognition of individuals based on their behavioural and biological characteristics Note that in CC evaluation terms, a biometric system may be a product or may be (part of) a system for evaluation |
Biometric template* | Set of stored biometric features comparable directly to biometric features of a recognition biometric sample |
Biometric verification (application)* | Application that shows true or false a claim about the similarity of biometric reference(s) and recognition biometric sample(s) by making a comparison(s) |
BIR* | Biometric Information Record |
CBEFF | Common Biometric Exchange File Format standard |
CC-BEM | Common Criteria Biometric Evaluation Methodology |
CEM | Common Criteria Evaluation Methodology |
Closed-set identification* | Application that ranks the biometric references in the enrolment database in order of decreasing similarity against a recognition biometric sample |
Common Criteria | An international scheme for the security evaluation and certification of IT systems |
Comparison* | Estimation, calculation or measurement of similarity or dissimilarity between recognition biometric sample(s)/biometric features/biometric models and biometric reference(s) |
EAC | Extended Access Control |
EAL | Evaluation Assurance Level |
EDPS | European Data Protection Supervisor |
Enrolee | A user with a stored biometric reference template on file |
Failure to acquire rate (FTA) | The failure to acquire rate is the proportion of attempts for which a biometric system is unable to capture an image of sufficient quality. When a biometric system allows multiple attempts, FTA measures failure to capture over these multiple attempts |
Failure to enrol rate (FTE) | The failure to enrol rate is the proportion of the user population for whom the biometric system is unable to generate reference templates of sufficient quality. It is the equivalent of FTA for the enrolment process, and depends on the procedures used in enrolment (which may differ from the procedures for later identification). It includes those who, for physical or behavioural reasons, are unable to present the required biometric feature |
False Acceptance | An incorrect identification of an individual, or an incorrect verification of an impostor |
False Accept Rate (FAR) | The probability that a biometric system will incorrectly identify an individual, or will fail to reject an impostor. For a positive (verification) system, it can be estimated from: (the number of false acceptances) ÷ (the number of impostor verification attempts) |
False Match Rate (FMR) | The rate for incorrect positive matches by the matching algorithm for single template comparison attempts. For a biometric system that uses just one attempt to decide acceptance, FMR is the same as FAR. When multiple attempts are combined in some manner to decide acceptance, FAR is more meaningful at the system level than FMR |
False Non-Match Rate (FNMR) | The rate for incorrect negative matches by the matching algorithm for single template comparison attempts. For a biometric system that uses just one attempt to decide acceptance, FNMR is the same as FRR. When multiple attempts are combined in some manner to decide acceptance, FRR is more meaningful at the system level than FNMR |
False Rejection | A failure to identify or verify a genuine enrolee |
False Reject Rate (FRR) | The probability that a biometric system will fail to identify a genuine enrolee. For a positive (verification) system, it can be estimated from: (the number of false rejects) ÷ (the number of enrolee verification attempts) |
Impostor | A person making a false claim about identity to the biometric system |
ICTs | Informaton and Communication Technologies |
Matching score | A measure of similarity or dissimilarity between the biometric data and a stored template, used in the comparison process |
Multimodal biometric | A biometric device which uses information from different biometrics - e.g. fingerprint and hand shape; or fingerprints from two separate fingers. All statistical analysis of multimodal systems should consider how the modes are combined in the comparison process |
Negative claim | A claim by a user not to be enrolled in the biometric system. This may be needed to establish that double claims are not being made |
MRTDs | Machine Readable Travel Documents |
NIST | National Institute of Standards and Technology |
|
|
One-to-many comparison* | Process in which a recognition biometric sample/biometric feature/biometric model set of one biometric data subject is compared against the biometric references of more than one biometric data subject to return a set of comparison scores |
One-to-one comparison* | Process in which a recognition biometric sample/biometric feature/biometric model set from one biometric data subject is compared to biometric reference(s) to produce a comparison score with respect to one biometric data subject, perhaps using additional data from the enrolment database |
Open-set identification* | Application that determines a possible empty candidate list by collecting one or more biometric samples from a biometric capture subject and searching the enrolment database for similar biometric references |
Positive claim | A claim by a user to be enrolled in the biometric system. An explicit claim is often accompanied by a user identification, and may also be associated with a password or PIN. |
PP | Protection Profile. A form of generic Security Target defined in the Common Criteria |
Receiver Operating Characteristics (ROC) | A method of showing the performance of the biometric system over a range of decision criteria - usually shown as a graph that relates FAR to FRR as the decision threshold varies |
ROC | Receiver Operating Characteristics |
ROC curve | Receiver Operation Characteristic curve |
SOF | Strength of Function |
Template ageing | The gradual change of a user’s biometric feature(s) which requires periodic updating of the user’s reference template |
Threat | An intentional or unintentional potential event that could compromise the security integrity of the system |
Threshold | A parametric value used to convert a matching score to a decision. A threshold change will usually change both FAR and FRR - as FAR decreases, FRR increases |
UI | User Interface |
UKBWG | UK Biometric Working Group |
Vulnerability | The potential for the function of a biometric system to be compromised by e.g. intention (fraudulent activity); design flaw (including usage error); accident; hardware failure; or external environmental condition |
39 / 40 |