ࡱ > ) '` bjbjLULU .? .? "} "} "} "} "} "} "} D f} . . . # f} 0 6: 2 d ,3 ,3 ,3 +4 B v P/ R/ R/ R/ R/ R/ R/ $ 3 h 6 : v/ "} ~ +4 +4 ~ ~ v/ "} "} ,3 ,3 0 |( |( |( ~ D; "} ,3 "} ,3 P/ |( ~ P/ |( |( t "} "} | ,3 @ A . : w T ~ 0 0 0 fw Y8 Y8 | | Y8 "} h O > , |( $ ݑ O O O v/ v/ ( d , 6 O O O 0 ~ ~ ~ ~ f} f} f} w J f} f} f} J f} f} f} "} "} "} "} "} "}
Biometric Identity Assurance Services (BIAS) SOAP Profile Version 1.0
Committee Specification Draft 03 /Public Review Draft 02
23 February 2011
Specification URIs:
This Version:
HYPERLINK "http://docs.oasis-open.org/bias/soap-profile/v1.0/csprd02/biasprofile-v1.0-csprd02.doc"http://docs.oasis-open.org/bias/soap-profile/v1.0/csprd02/biasprofile-v1.0-csprd02.doc (Authoritative)HYPERLINK "http://docs.oasis-open.org/bias/soap-profile/v1.0/csprd02/biasprofile-v1.0-csprd02.pdf"http://docs.oasis-open.org/bias/soap-profile/v1.0/csprd02/biasprofile-v1.0-csprd02.pdf
HYPERLINK "http://docs.oasis-open.org/bias/soap-profile/v1.0/csprd02/biasprofile-v1.0-csprd02.html"http://docs.oasis-open.org/bias/soap-profile/v1.0/csprd02/biasprofile-v1.0-csprd02.html
Previous Version:
HYPERLINK "http://docs.oasis-open.org/bias/soap-profile/v1.0/csd02/biasprofile-v1.0-csd02.doc"http://docs.oasis-open.org/bias/soap-profile/v1.0/csd02/biasprofile-v1.0-csd02.doc (Authoritative)
HYPERLINK "http://docs.oasis-open.org/bias/soap-profile/v1.0/csd02/biasprofile-v1.0-csd02.pdf"http://docs.oasis-open.org/bias/soap-profile/v1.0/csd02/biasprofile-v1.0-csd02.pdf
HYPERLINK "http://docs.oasis-open.org/bias/soap-profile/v1.0/csd02/biasprofile-v1.0-csd02.html"http://docs.oasis-open.org/bias/soap-profile/v1.0/csd02/biasprofile-v1.0-csd02.html
Latest Version:
HYPERLINK "http://docs.oasis-open.org/bias/soap-profile/v1.0/biasprofile-1.0.doc"http://docs.oasis-open.org/bias/soap-profile/v1.0/biasprofile-1.0.doc (Authoritative)
HYPERLINK "http://docs.oasis-open.org/bias/soap-profile/v1.0/biasprofile-1.0.pdf"http://docs.oasis-open.org/bias/soap-profile/v1.0/biasprofile-1.0.pdf
HYPERLINK "http://docs.oasis-open.org/bias/soap-profile/v1.0/biasprofile-1.0.html"http://docs.oasis-open.org/bias/soap-profile/v1.0/biasprofile-1.0.html
Technical Committee:
HYPERLINK "http://www.oasis-open.org/committees/bias/"OASIS Biometric Identity Assurance Services (BIAS) Integration TC
Chair(s):
Cathy Tilton, Daon
Editor(s):
Matthew Swayze
Cathy Tilton, Daon
Related Work:
This specification is related to:
ANSI INCITS 442-2008, Biometric Identity Assurance Services (BIAS)
Declared XML Namespace(s):
HYPERLINK "http://docs.oasis-open.org/bias/ns/bias-1.0/"http://docs.oasis-open.org/bias/ns/bias-1.0/
Abstract:
This document specifies a SOAP profile that implements the BIAS abstract operations specified in INCITS 442 as SOAP messages.
Status:
This document was last revised or approved by the OASIS Biometric Identity Assurance Services (BIAS) Integration TC on the above date. The level of approval is also listed above. Check the Latest Version location noted above for possible later revisions of this document.
Technical Committee members should send comments on this specification to the Technical Committees email list. Others should send comments to the Technical Committee by using the HYPERLINK "http://www.oasis-open.org/committees/comments/form.php?wg_abbrev=bias"Send A Comment button on the Technical Committees web page at HYPERLINK "http://www.oasis-open.org/committees/bias/"http://www.oasis-open.org/committees/bias/.
For information on whether any patents have been disclosed that may be essential to implementing this specification, and any offers of patent licensing terms, please refer to the Intellectual Property Rights section of the Technical Committee web page (HYPERLINK "http://www.oasis-open.org/committees/bias/ipr.php"http://www.oasis-open.org/committees/bias/ipr.php).
Citation Format:
When referencing this specification the following citation format should be used:
[BIAS SOAP PROFILE] Biometric Identity Assurance Services (BIAS) SOAP Profile Version 1.0. 23 February 2011. OASIS Committee Specification Public Review Draft. HYPERLINK "http://docs.oasis-open.org/bias/soap-profile/v1.0/csprd02/biasprofile-v1.0-csprd02.doc"http://docs.oasis-open.org/bias/soap-profile/v1.0/csprd02/biasprofile-v1.0-csprd02.doc
Notices
Copyright OASIS 2009-2011. All Rights Reserved.
All capitalized terms in the following text have the meanings assigned to them in the OASIS Intellectual Property Rights Policy (the "OASIS IPR Policy"). The full Policy may be found at the OASIS website.
This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published, and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this section are included on all such copies and derivative works. However, this document itself may not be modified in any way, including by removing the copyright notice or references to OASIS, except as needed for the purpose of developing any document or deliverable produced by an OASIS Technical Committee (in which case the rules applicable to copyrights, as set forth in the OASIS IPR Policy, must be followed) or as required to translate it into languages other than English.
The limited permissions granted above are perpetual and will not be revoked by OASIS or its successors or assigns.
This document and the information contained herein is provided on an "AS IS" basis and OASIS DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY OWNERSHIP RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
OASIS requests that any OASIS Party or any other party that believes it has patent claims that would necessarily be infringed by implementations of this OASIS Committee Specification or OASIS Standard, to notify OASIS TC Administrator and provide an indication of its willingness to grant patent licenses to such patent claims in a manner consistent with the IPR Mode of the OASIS Technical Committee that produced this specification.
OASIS invites any party to contact the OASIS TC Administrator if it is aware of a claim of ownership of any patent claims that would necessarily be infringed by implementations of this specification by a patent holder that is not willing to provide a license to such patent claims in a manner consistent with the IPR Mode of the OASIS Technical Committee that produced this specification. OASIS may include such claims on its website, but disclaims any obligation to do so.
OASIS takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on OASIS' procedures with respect to rights in any document or deliverable produced by an OASIS Technical Committee can be found on the OASIS website. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this OASIS Committee Specification or OASIS Standard, can be obtained from the OASIS TC Administrator. OASIS makes no representation that any information or list of intellectual property rights will at any time be complete, or that any claims in such list are, in fact, Essential Claims.
The names "OASIS" and BIAS are trademarks of OASIS, the owner and developer of this specification, and should be used only to refer to the organization and its official outputs. OASIS welcomes reference to, and implementation and use of, specifications, while reserving the right to enforce its marks against misleading uses. Please see HYPERLINK "http://www.oasis-open.org/who/trademark.php"http://www.oasis-open.org/who/trademark.php for above guidance.
Table of Contents
TOC \o "1-3" \h \z \u HYPERLINK \l "_Toc282005221"1 Introduction PAGEREF _Toc282005221 \h 8
HYPERLINK \l "_Toc282005222"1.1 Purpose/Scope PAGEREF _Toc282005222 \h 8
HYPERLINK \l "_Toc282005223"1.2 Overview PAGEREF _Toc282005223 \h 8
HYPERLINK \l "_Toc282005224"1.3 Background PAGEREF _Toc282005224 \h 8
HYPERLINK \l "_Toc282005225"1.4 Relationship to Other Standards PAGEREF _Toc282005225 \h 8
HYPERLINK \l "_Toc282005226"1.5 Terminology PAGEREF _Toc282005226 \h 9
HYPERLINK \l "_Toc282005227"1.6 References PAGEREF _Toc282005227 \h 10
HYPERLINK \l "_Toc282005228"1.6.1 Normative References PAGEREF _Toc282005228 \h 10
HYPERLINK \l "_Toc282005229"1.6.2 Non-Normative References PAGEREF _Toc282005229 \h 11
HYPERLINK \l "_Toc282005230"2 Design Concepts and Architecture (non-normative) PAGEREF _Toc282005230 \h 13
HYPERLINK \l "_Toc282005231"2.1 Philosophy PAGEREF _Toc282005231 \h 13
HYPERLINK \l "_Toc282005232"2.2 Context PAGEREF _Toc282005232 \h 13
HYPERLINK \l "_Toc282005233"2.3 Architecture PAGEREF _Toc282005233 \h 13
HYPERLINK \l "_Toc282005234"3 Data dictionary PAGEREF _Toc282005234 \h 16
HYPERLINK \l "_Toc282005235"3.1 Documentation Conventions PAGEREF _Toc282005235 \h 16
HYPERLINK \l "_Toc282005236"3.2 Common Elements PAGEREF _Toc282005236 \h 17
HYPERLINK \l "_Toc282005237"3.2.1 ApplicationIdentifier PAGEREF _Toc282005237 \h 17
HYPERLINK \l "_Toc282005238"3.2.2 ApplicationUserIdentifier PAGEREF _Toc282005238 \h 17
HYPERLINK \l "_Toc282005239"3.2.3 BaseBIRType PAGEREF _Toc282005239 \h 17
HYPERLINK \l "_Toc282005240"3.2.4 BIASBiometricDataType PAGEREF _Toc282005240 \h 17
HYPERLINK \l "_Toc282005241"3.2.5 BIASFaultCode PAGEREF _Toc282005241 \h 17
HYPERLINK \l "_Toc282005242"3.2.6 BIASFaultDetail PAGEREF _Toc282005242 \h 18
HYPERLINK \l "_Toc282005243"3.2.7 BIASIdentity PAGEREF _Toc282005243 \h 19
HYPERLINK \l "_Toc282005244"3.2.8 BIASIDType PAGEREF _Toc282005244 \h 19
HYPERLINK \l "_Toc282005245"3.2.9 BinaryBIR PAGEREF _Toc282005245 \h 19
HYPERLINK \l "_Toc282005246"3.2.10 BiographicDataItemType PAGEREF _Toc282005246 \h 20
HYPERLINK \l "_Toc282005247"3.2.11 BiographicDataSetType PAGEREF _Toc282005247 \h 20
HYPERLINK \l "_Toc282005248"3.2.12 BiographicDataType PAGEREF _Toc282005248 \h 21
HYPERLINK \l "_Toc282005249"3.2.13 BiometricDataElementType PAGEREF _Toc282005249 \h 22
HYPERLINK \l "_Toc282005250"3.2.14 BiometricDataListType PAGEREF _Toc282005250 \h 22
HYPERLINK \l "_Toc282005251"3.2.15 CandidateListResultType PAGEREF _Toc282005251 \h 22
HYPERLINK \l "_Toc282005252"3.2.16 CandidateListType PAGEREF _Toc282005252 \h 23
HYPERLINK \l "_Toc282005253"3.2.17 CandidateType PAGEREF _Toc282005253 \h 23
HYPERLINK \l "_Toc282005254"3.2.18 CapabilityListType PAGEREF _Toc282005254 \h 23
HYPERLINK \l "_Toc282005255"3.2.19 CapabilityName PAGEREF _Toc282005255 \h 23
HYPERLINK \l "_Toc282005256"3.2.20 CapabilityType PAGEREF _Toc282005256 \h 24
HYPERLINK \l "_Toc282005257"3.2.21 CBEFF_BIR_ListType PAGEREF _Toc282005257 \h 24
HYPERLINK \l "_Toc282005258"3.2.22 CBEFF_BIR_Type PAGEREF _Toc282005258 \h 25
HYPERLINK \l "_Toc282005259"3.2.23 Classification PAGEREF _Toc282005259 \h 25
HYPERLINK \l "_Toc282005260"3.2.24 ClassificationAlgorithmType PAGEREF _Toc282005260 \h 25
HYPERLINK \l "_Toc282005261"3.2.25 ClassificationData PAGEREF _Toc282005261 \h 26
HYPERLINK \l "_Toc282005262"3.2.26 EncounterListType PAGEREF _Toc282005262 \h 26
HYPERLINK \l "_Toc282005263"3.2.27 FusionDecision PAGEREF _Toc282005263 \h 26
HYPERLINK \l "_Toc282005264"3.2.28 FusionInformationListType PAGEREF _Toc282005264 \h 26
HYPERLINK \l "_Toc282005265"3.2.29 FusionInformationType PAGEREF _Toc282005265 \h 26
HYPERLINK \l "_Toc282005266"3.2.30 FusionResult PAGEREF _Toc282005266 \h 27
HYPERLINK \l "_Toc282005267"3.2.31 FusionScore PAGEREF _Toc282005267 \h 27
HYPERLINK \l "_Toc282005268"3.2.32 GenericRequestParameters PAGEREF _Toc282005268 \h 27
HYPERLINK \l "_Toc282005269"3.2.33 IdentifySubjectResultType PAGEREF _Toc282005269 \h 27
HYPERLINK \l "_Toc282005270"3.2.34 InformationType PAGEREF _Toc282005270 \h 27
HYPERLINK \l "_Toc282005271"3.2.35 ListFilterType PAGEREF _Toc282005271 \h 28
HYPERLINK \l "_Toc282005272"3.2.36 MatchType PAGEREF _Toc282005272 \h 28
HYPERLINK \l "_Toc282005273"3.2.37 ProcessingOptionsType PAGEREF _Toc282005273 \h 28
HYPERLINK \l "_Toc282005274"3.2.38 ProductID PAGEREF _Toc282005274 \h 28
HYPERLINK \l "_Toc282005275"3.2.39 QualityData PAGEREF _Toc282005275 \h 28
HYPERLINK \l "_Toc282005276"3.2.40 ResponseStatus PAGEREF _Toc282005276 \h 29
HYPERLINK \l "_Toc282005277"3.2.41 ReturnCode PAGEREF _Toc282005277 \h 29
HYPERLINK \l "_Toc282005278"3.2.42 Score PAGEREF _Toc282005278 \h 29
HYPERLINK \l "_Toc282005279"3.2.43 TokenResultType PAGEREF _Toc282005279 \h 29
HYPERLINK \l "_Toc282005280"3.2.44 TokenType PAGEREF _Toc282005280 \h 30
HYPERLINK \l "_Toc282005281"3.2.45 URI_BIR PAGEREF _Toc282005281 \h 30
HYPERLINK \l "_Toc282005282"3.2.46 VendorIdentifier PAGEREF _Toc282005282 \h 30
HYPERLINK \l "_Toc282005283"3.2.47 Version PAGEREF _Toc282005283 \h 30
HYPERLINK \l "_Toc282005284"3.2.48 VersionType PAGEREF _Toc282005284 \h 30
HYPERLINK \l "_Toc282005285"3.2.49 XML_BIR PAGEREF _Toc282005285 \h 30
HYPERLINK \l "_Toc282005286"4 BIAS Messages PAGEREF _Toc282005286 \h 32
HYPERLINK \l "_Toc282005287"4.1 Primitive Operations PAGEREF _Toc282005287 \h 32
HYPERLINK \l "_Toc282005288"4.1.1 AddSubjectToGallery PAGEREF _Toc282005288 \h 32
HYPERLINK \l "_Toc282005289"4.1.2 CheckQuality PAGEREF _Toc282005289 \h 33
HYPERLINK \l "_Toc282005290"4.1.3 ClassifyBiometricData PAGEREF _Toc282005290 \h 35
HYPERLINK \l "_Toc282005291"4.1.4 CreateSubject PAGEREF _Toc282005291 \h 36
HYPERLINK \l "_Toc282005292"4.1.5 DeleteBiographicData PAGEREF _Toc282005292 \h 37
HYPERLINK \l "_Toc282005293"4.1.6 DeleteBiometricData PAGEREF _Toc282005293 \h 39
HYPERLINK \l "_Toc282005294"4.1.7 DeleteSubject PAGEREF _Toc282005294 \h 40
HYPERLINK \l "_Toc282005295"4.1.8 DeleteSubjectFromGallery PAGEREF _Toc282005295 \h 41
HYPERLINK \l "_Toc282005296"4.1.9 GetIdentifySubjectResults PAGEREF _Toc282005296 \h 43
HYPERLINK \l "_Toc282005297"4.1.10 IdentifySubject PAGEREF _Toc282005297 \h 45
HYPERLINK \l "_Toc282005298"4.1.11 ListBiographicData PAGEREF _Toc282005298 \h 47
HYPERLINK \l "_Toc282005299"4.1.12 ListBiometricData PAGEREF _Toc282005299 \h 49
HYPERLINK \l "_Toc282005300"4.1.13 PerformFusion PAGEREF _Toc282005300 \h 53
HYPERLINK \l "_Toc282005301"4.1.14 QueryCapabilities PAGEREF _Toc282005301 \h 55
HYPERLINK \l "_Toc282005302"4.1.15 RetrieveBiographicInformation PAGEREF _Toc282005302 \h 57
HYPERLINK \l "_Toc282005303"4.1.16 RetrieveBiometricInformation PAGEREF _Toc282005303 \h 59
HYPERLINK \l "_Toc282005304"4.1.17 SetBiographicData PAGEREF _Toc282005304 \h 60
HYPERLINK \l "_Toc282005305"4.1.18 SetBiometricData PAGEREF _Toc282005305 \h 62
HYPERLINK \l "_Toc282005306"4.1.19 TransformBiometricData PAGEREF _Toc282005306 \h 64
HYPERLINK \l "_Toc282005307"4.1.20 UpdateBiographicData PAGEREF _Toc282005307 \h 65
HYPERLINK \l "_Toc282005308"4.1.21 UpdateBiometricData PAGEREF _Toc282005308 \h 67
HYPERLINK \l "_Toc282005309"4.1.22 VerifySubject PAGEREF _Toc282005309 \h 69
HYPERLINK \l "_Toc282005310"4.2 Aggregate Operations PAGEREF _Toc282005310 \h 71
HYPERLINK \l "_Toc282005311"4.2.1 Enroll PAGEREF _Toc282005311 \h 71
HYPERLINK \l "_Toc282005312"4.2.2 GetEnrollResults PAGEREF _Toc282005312 \h 72
HYPERLINK \l "_Toc282005313"4.2.3 GetIdentifyResults PAGEREF _Toc282005313 \h 73
HYPERLINK \l "_Toc282005314"4.2.4 GetVerifyResults PAGEREF _Toc282005314 \h 75
HYPERLINK \l "_Toc282005315"4.2.5 Identify PAGEREF _Toc282005315 \h 76
HYPERLINK \l "_Toc282005316"4.2.6 RetrieveInformation PAGEREF _Toc282005316 \h 78
HYPERLINK \l "_Toc282005317"4.2.7 Verify PAGEREF _Toc282005317 \h 79
HYPERLINK \l "_Toc282005318"5 Message structure and rules PAGEREF _Toc282005318 \h 82
HYPERLINK \l "_Toc282005319"5.1 Purpose and constraints PAGEREF _Toc282005319 \h 82
HYPERLINK \l "_Toc282005320"5.2 Message requirements PAGEREF _Toc282005320 \h 83
HYPERLINK \l "_Toc282005321"5.3 Handling binary data PAGEREF _Toc282005321 \h 84
HYPERLINK \l "_Toc282005322"5.3.1 Base64 encoding PAGEREF _Toc282005322 \h 84
HYPERLINK \l "_Toc282005323"5.3.2 Use of XOP PAGEREF _Toc282005323 \h 84
HYPERLINK \l "_Toc282005324"5.4 Discovery PAGEREF _Toc282005324 \h 85
HYPERLINK \l "_Toc282005325"5.5 Identifying operations PAGEREF _Toc282005325 \h 85
HYPERLINK \l "_Toc282005326"5.5.1 Operation name element PAGEREF _Toc282005326 \h 85
HYPERLINK \l "_Toc282005327"5.5.2 WS-Addressing Action PAGEREF _Toc282005327 \h 86
HYPERLINK \l "_Toc282005328"5.6 Security PAGEREF _Toc282005328 \h 87
HYPERLINK \l "_Toc282005329"5.6.1 Use of SSL 3.0 or TLS 1.0 PAGEREF _Toc282005329 \h 87
HYPERLINK \l "_Toc282005330"5.6.2 Data Origin Authentication PAGEREF _Toc282005330 \h 87
HYPERLINK \l "_Toc282005331"5.6.3 Message Integrity PAGEREF _Toc282005331 \h 87
HYPERLINK \l "_Toc282005332"5.6.4 Message Confidentiality PAGEREF _Toc282005332 \h 87
HYPERLINK \l "_Toc282005333"5.6.5 CBEFF BIR security features PAGEREF _Toc282005333 \h 87
HYPERLINK \l "_Toc282005334"5.6.6 Security Considerations PAGEREF _Toc282005334 \h 88
HYPERLINK \l "_Toc282005335"5.6.7 Security of Stored Data PAGEREF _Toc282005335 \h 88
HYPERLINK \l "_Toc282005336"5.6.8 Key Management PAGEREF _Toc282005336 \h 88
HYPERLINK \l "_Toc282005337"5.7 Use with other WS* standards PAGEREF _Toc282005337 \h 88
HYPERLINK \l "_Toc282005338"5.8 Tailoring PAGEREF _Toc282005338 \h 88
HYPERLINK \l "_Toc282005339"6 Error handling PAGEREF _Toc282005339 \h 90
HYPERLINK \l "_Toc282005340"6.1 BIAS operation return codes PAGEREF _Toc282005340 \h 90
HYPERLINK \l "_Toc282005341"6.2 SOAP fault codes PAGEREF _Toc282005341 \h 90
HYPERLINK \l "_Toc282005342"7 Conformance PAGEREF _Toc282005342 \h 91
HYPERLINK \l "_Toc282005343"Annex A.XML Schema PAGEREF _Toc282005343 \h 92
HYPERLINK \l "_Toc282005344"Annex B. Use Cases (non-normative) PAGEREF _Toc282005344 \h 175
HYPERLINK \l "_Toc282005345"B.1 Verification Use Case PAGEREF _Toc282005345 \h 175
HYPERLINK \l "_Toc282005346"B.2 Asynchronous Verification PAGEREF _Toc282005346 \h 176
HYPERLINK \l "_Toc282005347"B.3 Primitive Verification PAGEREF _Toc282005347 \h 177
HYPERLINK \l "_Toc282005348"B.4 Identification Use Case PAGEREF _Toc282005348 \h 178
HYPERLINK \l "_Toc282005349"B.5 Biometric Enrollment PAGEREF _Toc282005349 \h 179
HYPERLINK \l "_Toc282005350"B.6 Primitive Enrollment PAGEREF _Toc282005350 \h 180
HYPERLINK \l "_Toc282005351"Annex C. Samples (non-normative) PAGEREF _Toc282005351 \h 181
HYPERLINK \l "_Toc282005352"C.1 Create Subject Request/Response Example PAGEREF _Toc282005352 \h 181
HYPERLINK \l "_Toc282005353"C.2 Set Biographic Data Request/Response Example PAGEREF _Toc282005353 \h 183
HYPERLINK \l "_Toc282005354"C.3 Set Biometric Data Request/Response Example PAGEREF _Toc282005354 \h 184
HYPERLINK \l "_Toc282005355"Annex D. Acknowledgements PAGEREF _Toc282005355 \h 186
HYPERLINK \l "_Toc282005356"Annex E. Revision History PAGEREF _Toc282005356 \h 187
Introduction
Purpose/Scope
This Organization for the Advancement of Structured Information Standards (OASIS) Biometric Identity Assurance Services (BIAS) profile specifies how to use the eXtensible Markup Language (XML) [ HYPERLINK \l "XML10" XML10] defined in ANSI INCITS 442-2008 Biometric Identity Assurance Services [ HYPERLINK \l "INCITSBIAS" INCITS-BIAS] to invoke Simple Object Access Protocol (SOAP) -based services that implement BIAS operations. These SOAP-based services enable an application to invoke biometric identity assurance operations remotely in a Services Oriented Architecture (SOA) infrastructure.
Not included in the scope of BIAS is the incorporation of biometric authentication as an integral component of an authentication or security protocol. (However, BIAS services may be leveraged to implement biometric authentication in the future.)
Overview
In addition to this introduction, this standard includes the following:
Clause 2 presents the design concepts and architecture for invoking SOAP-based services that implement BIAS operations.
Clause 3 presents the namespaces necessary to implement this profile, INCITS BIAS data elements, and identifies relationships to external data definitions.
Clause 4 specifies the content of the BIAS messages.
Clause 5 presents the BIAS message structure, as well as rules and considerations for its application.
Clause 6 presents information on error handling.
Clause 7 specifies conformance requirements.
Annexes include the OASIS BIAS XML schema/sample Web Service Definition Language (WSDL), use cases, sample code, acknowledgements, and the revision history of this profile.
Background
In late 2005/early 2006, a gap was identified in the existing biometric standards portfolio with respect to biometric services. The Biometric Identity Assurance Services standard proposal was for a collaborative effort between government and private industry to provide a services-based framework for delivering identity assurance capabilities, allowing for platform and application independence. This standard proposal required the attention of two major technical disciplines: biometrics and service architectures. The expertise of both disciplines was required to ensure the standard was technically sound, market relevant, and achieved widespread adoption. The International Committee for Information Technology Standards (INCITS) M1 provided the standards leadership relevant to biometrics, defining the taxonomy of biometric operations and data elements. OASIS provided the standards leadership relevant to service architectures with an initial focus on web services, defining the schema and SOAP messaging.
The driving requirements of the BIAS standard proposal were to provide the ability to remotely invoke biometric operations across an SOA infrastructure; to provide business level operations without constraining the application/business logic that implements those operations; to be as generic as possible technology, framework, & application domain independent; and to provide basic capabilities that can be used to construct higher level, aggregate/composite operations.
Relationship to Other Standards
This OASIS BIAS profile comprises a companion standard to ANSI INCITS 442-2008 Biometric Identity Assurance Services, which defines the BIAS requirements and taxonomy, specifying the identity assurance operations and the associated data elements. This OASIS BIAS profile specifies the design concepts and architecture, data model and data dictionary, message structure and rules, and error handling necessary to invoke SOAP-based services that implement BIAS operations.
Together, the BIAS standard and the BIAS profile provide an open framework for deploying and remotely invoking biometric-based identity assurance capabilities that can be readily accessed across an SOA infrastructure.
This relationship allows the leveraging of the biometrics and web services expertise of the two standards development organizations. Existing standards are available in both domains and many of these standards will provide the foundation and underlying capabilities upon which the biometric services depend.
Terminology
The key words MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD, SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL in this document are to be interpreted as described in REF rfc2119 \h \* MERGEFORMAT HYPERLINK \l "rfc2119" [RFC2119].
The following additional terms and definitions are used:
Note: The terms and definitions specified in INCITS (InterNational Committee for Information Technology Standards) (Project 1823-D) also apply to this Standard.
BIAS operation and data element names are not defined here, but in their respective sections.
BIAS
Biometric Identity Assurance Services
BIR
Biometric Information Record
ESB
Enterprise Service Bus
HTTP
HyperText Transfer Protocol
HTTPS
HyperText Transfer Protocol over SSL or HTTP Secure
IRI
Internationalized Resource Identifier
SOA
Service-Oriented Architecture
SOAP
Simple Object Access Protocol
SSL
Secure Sockets Layer
TLS
Transport Layer Security
UDDI
Universal Description, Discovery, and Integration
URI
Uniform Resource Identifier
VPN
Virtual Private Network
WSDL
Web Services Description Language
WSS
Web Services Security
XML
eXtensible Markup Language
CBEFF
Common Biometric Exchange Formats Framework - data elements and BIR formats specified in ISO/IEC 19785-1
BIAS implementation
software entity that is capable of creating, processing, sending, and receiving BIAS messages
BIAS endpoint
runtime entity, identified by an endpoint URI/IRI, capable of sending and receiving BIAS messages, and containing a running BIAS implementation
BIAS message
message that can be sent from a BIAS endpoint to another BIAS endpoint through a BIAS link channel
BIAS request message
BIAS message conveying a request for an action to be performed by the receiving BIAS endpoint
BIAS response message
BIAS message conveying a response to a prior BIAS requestmessage
References
Normative References
[RFC2119] S. Bradner, Key words for use in RFCs to Indicate Requirement Levels, IETF RFC 2119, March 1997.
HYPERLINK "http://www.ietf.org/rfc/rfc2119.txt"http://www.ietf.org/rfc/rfc2119.txt
[CBEFF] ISO/IEC19785, Information technology Common Biometric Exchange Formats Framework Part 1: Data element specification & Part 3: Patron format specificationsHYPERLINK "http://www.iso.org"http://www.iso.org
[DATE-TIME] ISO 8601:2004, Data elements and interchange formats Information interchange Representation of dates and timesHYPERLINK "http://www.iso.org"http://www.iso.org
[INCITS-BIAS] ANSI INCITS 442-2010, Biometric Identity Assurance Services (BIAS), July 2010
HYPERLINK "http://www.incits.org"http://www.incits.org
[IRI] M. Duerst, et al, Internationalized Resouce Identifiers, W3C RFC3987, January 2005
HYPERLINK "http://www.ietf.org/rfc/rfc3987.txt"http://www.ietf.org/rfc/rfc3987.txt
[SOAP11] Simple Object Access Protocol (SOAP) 1.1, 8 May 2000HYPERLINK "http://www.w3.org/TR/2000/NOTE-SOAP-20000508/" \o "blocked::http://www.w3.org/TR/2000/NOTE-SOAP-20000508/"http://www.w3.org/TR/2000/NOTE-SOAP-20000508/
[URI] T. Berners-Lee, R. Fielding, L. Masinter, Uniform Resource Identifiers (URI): Generic Syntax, RFC 3986, MIT/LCS, U.C. Irvine, Xerox Corporation, January 2005.HYPERLINK "http://ietf.org/rfc/rfc3986"http://ietf.org/rfc/rfc3986
[UTF-8] ISO/IEC 10646:2003, Information technology Universal Multiple-Octet Coded Character Set (UCS)HYPERLINK "http://www.iso.org"http://www.iso.org
[WS-Addr] W3C Recommendation,Web Services Addressing 1.0 - Core, and Web Services Addressing 1.0 - SOAP Binding, 9 May 2006 HYPERLINK "http://www.w3.org/2002/ws/addr/" http://www.w3.org/2002/ws/addr/
[WS-I-Basic] Basic Profile Version 1.1, 10 April 2006HYPERLINK "http://www.ws-i.org/Profiles/BasicProfile-1.1-2006-04-10.html" \o "blocked::http://www.ws-i.org/Profiles/BasicProfile-1.1-2006-04-10.html"http://www.ws-i.org/Profiles/BasicProfile-1.1-2006-04-10.html
[WS-I-Bind] Web Services-Interoperability Organization (WS-I) Simple SOAP Binding Profile Version 1.0, 24 August 2004HYPERLINK "http://www.ws-i.org/Profiles/SimpleSoapBindingProfile-1.0-2004-08-24.html" \o "blocked::http://www.ws-i.org/Profiles/SimpleSoapBindingProfile-1.0-2004-08-24.html"http://www.ws-i.org/Profiles/SimpleSoapBindingProfile-1.0-2004-08-24.html
[WSDL11] Web Services Description Language (WSDL) 1.1, 15 March 2001HYPERLINK "http://www.w3.org/TR/2001/NOTE-wsdl-20010315" \o "blocked::http://www.w3.org/TR/2001/NOTE-wsdl-20010315"http://www.w3.org/TR/2001/NOTE-wsdl-20010315
[XML 10] Extensible Markup Language (XML) 1.0, 16 August 2006HYPERLINK "http://www.w3.org/TR/2006/REC-xml-20060816/" \o "blocked::http://www.w3.org/TR/2006/REC-xml-20060816/"http://www.w3.org/TR/2006/REC-xml-20060816/
[XOP] XML-binary Optimized Packaging, W3C Recommendation, 25 January 2005HYPERLINK "http://www.w3.org/TR/2005/REC-xop10-20050125/"http://www.w3.org/TR/2005/REC-xop10-20050125/
Non-Normative References
[BioAPI] ISO/IEC 19784-1:2006, Information technology Biometric Application Programming Interface Part 1: BioAPI SpecificationHYPERLINK "http://www.iso.org"http://www.iso.org
[BIO SEC] ISO 19092 Financial services -- Biometrics -- Security frameworkHYPERLINK "http://www.iso.org"http://www.iso.org
[EBTS-DOD] Department of DefenseElectronic Biometric TransmissionSpecification, Version 2.0, 27 March 2009
HYPERLINK "http://www.biometrics.dod.mil/CurrentInitiatives/Standards/dodebts.aspx"http://www.biometrics.dod.mil/CurrentInitiatives/Standards/dodebts.aspx
[EBTS-FBI] IAFIS-DOC-01078-8.1, Electronic Biometric Transmission Specification (EBTS), Version 8.1, November 19, 2008, Federal Bureau of Investigation, Criminal Justice Information Services Division
HYPERLINK "https://www.fbibiospecs.org" https://www.fbibiospecs.org
[EFTS] IAFIS-DOC-01078-7, Electronic Fingerprint Transmission Specification (EFTS), Version 7.1, May 2, 2005, Federal Bureau of Investigation, Criminal Justice Information Services Division
HYPERLINK "https://www.fbibiospecs.org" https://www.fbibiospecs.org
[HR-XML] HR-XML Consortium Library, 2007 April 15
HYPERLINK "http://www.hr-xml.org"http://www.hr-xml.org
[INT-I] Interpol Implementation of ANSI/NIST ITL1-2000, Ver 4.22b, October 28, 2005, The Interpol AFIS Expert Group
HYPERLINK "http://www.interpol.int"http://www.interpol.int
[NIEM] National Information Exchange Model (NIEM), Ver 2.0, June 2007, US DOJ/DHS
HYPERLINK "http://www.niem.gov/"http://www.niem.gov
[RFC2246] T. Dierks & C. Allen,The TLS Protocol, Version 1.0, January 1999
HYPERLINK "http://www.ietf.org/rfc/rfc2246.txt"http://www.ietf.org/rfc/rfc2246.txt
[RFC2617] J. Franks, et al, HTTP Authentication: Basic and Digest Access Authentication, June 1999 HYPERLINK "http://www.ietf.org/rfc/rfc2617.txt" http://www.ietf.org/rfc/rfc2617.txt
[RFC3280] R. Housley, et al, Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, April 2002HYPERLINK "http://www.ietf.org/rfc/rfc3280.txt"http://www.ietf.org/rfc/rfc3280.txt
[SAML] Security Assertion Markup Language (SAML), Oasis Standard, March 2005 HYPERLINK "http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf" http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf
[SAML SEC] Security and Privacy Considerations for the OASIS Security Assertion Markup Language (SAML) V2.0, Oasis Standard, 15 March 2005 HYPERLINK "http://docs.oasis-open.org/security/saml/v2.0/saml-sec-consider-2.0-os.pdf" http://docs.oasis-open.org/security/saml/v2.0/saml-sec-consider-2.0-os.pdf
[SSL3] SSL 3.0 SpecificationHYPERLINK "http://www.freesoft.org/CIE/Topics/ssl-draft/3-SPEC.HTM"http://www.freesoft.org/CIE/Topics/ssl-draft/3-SPEC.HTM
[WSS] Web Services Security: SOAP Message Security 1.1, (WS-Security 2004), OASIS Standard Specification, 1 February 2006HYPERLINK "http://www.oasis-open.org/committees/download.php/16790/wss-v1.1-spec-os-SOAPMessageSecurity.pdf"http://www.oasis-open.org/committees/download.php/16790/wss-v1.1-spec-os-SOAPMessageSecurity.pdf
[X509] X.509: Information technology - Open Systems Interconnection - The Directory: Public-key and attribute certificate frameworks, ITU-T, August 2005 HYPERLINK "http://www.itu.int/rec/T-REC-X.509-200508-I" http://www.itu.int/rec/T-REC-X.509-200508-I
[xNAL] Customer Information Quality Specifications Version 3.0: Name (xNL), Address (xAL), Name and Address (xNAL) and Party (xPIL), Committee Specification 02, 20 September 2008
HYPERLINK " http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=ciq" http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=ciq
Design Concepts and Architecture (non-normative)
Philosophy
Rather than define a totally new and unique messaging protocol for biometric services, this specification instead defines a method for using existing biometric and Web services standards to exchange biometric data and perform biometric operations.
Context
Today, biometric systems are being developed which collect, process, store and match biometric data for a variety of purposes. In many cases, data and/or capabilities need to be shared between systems or systems serve a number of different client stakeholders. As architectures move towards services-based frameworks, access to these biometric databases and services is via a Web services front-end. However, lack of standardization in this area has led implementers to develop customized services for each system/application.
BIAS is intended to provide a common, yet flexible, Web services interface that can be used within both closed and open SOA systems. Figure 1, below, depicts the context in which the BIAS messages will be implemented.
Figure 1. BIAS Context
The clients (requesters) may use standard discovery mechanisms (i.e., UDDI directories) to discover the BIAS service provider (implementation) or, particularly in closed systems, the URI/IRI and WSDL for the service provider may be known a priori by the client BIAS application developer.
Architecture
BIAS Web services are intended to be used within systems employing a services framework, such as a services-oriented architecture (SOA) (although implementations are not limited to this environment). As such, it is recognized that the clients may interact directly with the BIAS service provider or layers may exist between the client and the service provider, for example as an ESB or other application layer.
The BIAS Architecture as shown in Figure 2, in which:
A Client request to the BIAS Web services may be triggered by a human interaction OR any proxy system such as an ESB.
Client sends and receives SOAP messages that conform to the BIAS schemas
Calls to the BIAS Implementation use OASIS Service Interfaces and Bindings (via WSDL)
The BIAS implementation maps the service call to the appropriate internal API or set of APIs and returns data according to the service interface.
Note that services are represented as circles.
Figure 2. Representative BIAS Architecture
NOTE: It is possible that BIAS may also be used between the service provider and the managed resource (e.g., a biometric matcher).
At the heart of the BIAS messaging protocol are the concepts of BIAS messages and endpoints.
BIAS implementation
A BIAS implementation is a software entity that is capable of creating, processing, sending, and receiving BIAS messages. This standard does not define requirements for the BIAS implementation other than defining the messages and protocols used by the endpoints.
BIAS messages
A BIAS message is a one that can be sent from a BIAS endpoint to another BIAS endpoint over a TCP/IP link.
BIAS endpoints
A BIAS endpoint is a runtime entity, uniquely identified and accessed by an endpoint URI/IRI REF URI \h \* MERGEFORMAT [ HYPERLINK \l "URI" URI] REF IRI \h \* MERGEFORMAT [ HYPERLINK \l "IRI" IRI], capable of sending and receiving BIAS messages.
Note that when not publicly and directly exposed, the endpoints for purposes of this specification are the BIAS service provider exposing BIAS services and the component that directly interacts with that service provider, e.g., the business application or ESB, rather than the ultimate end client requester.
Data dictionary
This section describes the BIAS data elements used within BIAS messages (as defined in Clause 4). Common data elements are defined for use in one or more operations. These include common data types or return codes. BIAS data elements are defined in ANSI INCITS 442-2010. The elements, complex types and simple types described for the BIAS messages belong to the following namespace: HYPERLINK "http://docs.oasis-open.org/bias/ns/bias-1.0/"http://docs.oasis-open.org/bias/ns/bias-1.0/. See Annex A for the XML schema.
NOTE: Biographic and biometric data included in a native XML format MAY contain elements referencing external namespaces (e.g., ansi-nist).
Documentation Conventions
Each common element has a section describing its content. Likewise, each operation has a section describing the request and response messages and the associated input and output parameters. The input and output of each message and the comment elements are detailed in a table as described in the figure below. Each field that forms part of the message request/response is detailed in the table.
Header NameDescriptionValuesValue MeaningFieldThe name of the field.TypeThe XML schema type of the field.#The cardinality of the field1One occurrence0..1Zero or one occurrence0..*Zero or more occurrences1..*One or more occurrences?Defines if the field must be present.YYes is always requiredNNo is not always required, an optional field.CConditional requirement is dependent on system or message conditions.MeaningGives a short description of the fields useFigure 3. BIAS Message Input/Output Dictionary Table Headings
Fields Hierarchy Explained:
To denote the field hierarchy the symbol is used to denote the child-of relationship.
All string types/elements MUST consist of ISO/IEC 10646 (Unicode) characters encoded in UTF-8 [ HYPERLINK \l "UTF8" UTF-8] (see ISO/IEC 10646:2003, Annex D).
Common Elements
ApplicationIdentifier
Type:stringDescription:Identifies an application.Min Length:1Max Length:255ApplicationUserIdentifier
Type:stringDescription:Identifies an application user or instance.Min Length:1Max Length:255BaseBIRType
Type:Schema complexTypeDescription:Base type for all BIR subtypes; see HYPERLINK \l "_BinaryBIR" BinaryBIR, HYPERLINK \l "_URI_BIR" URI_BIR, and HYPERLINK \l "_XML_BIR" XML_BIR for currently available types.
BIASBiometricDataType
FieldType#?MeaningBIASBiometricDataTypeYWraps the various BIAS biometric types.
The operations that use this type specify which elements are required. BIRList HYPERLINK \l "_CBEFF_BIR_ListType" CBEFF_BIR_ListType0..1NA list of CBEFF-BIR elements. BIR HYPERLINK \l "_CBEFF_BIR_Type" CBEFF_BIR_Type0..1NContains biometric information in either a non-XML or an XML representation. InputBIR HYPERLINK \l "_CBEFF_BIR_Type" CBEFF_BIR_Type0..1NMaps to specific INCITS BIAS elements as required by that specification. ReferenceBIR HYPERLINK \l "_CBEFF_BIR_Type" CBEFF_BIR_Type0..1NMaps to specific INCITS BIAS elements as required by that specification. BiometricDataList HYPERLINK \l "_BiometricDataListType" BiometricDataListType0..1NA list of biometric data elements.BIASFaultCode
Type:StringDescription:Error code referenced in a SOAP fault.BIASFaultCode Enumeration Values
ValueDescriptionUNKNOWN_ERRORThe service failed for an unknown reason.UNSUPPORTED_CAPABILITYA requested capability is not supported by the service implementation.INVALID_INPUTThe data in a service input parameter is invalid.BIR_QUALITY_ERRORBiometric sample quality is too poor for the service to succeed.INVALID_BIRThe input BIR is empty or in an invalid or unrecognized format.BIR_SIGNATURE_FAILUREThe service could not validate the signature, if used, on the input BIR.BIR_DECRYPTION_FAILUREThe service could not decrypt an encrypted input BIR.INVALID_ENCOUNTER_IDThe input encounter ID is empty or in an invalid format.INVALID_SUBJECT_IDThe input subject ID is empty or in an invalid format.UNKNOWN_SUBJECTThe subject referenced by the input subject ID does not exist.UNKNOWN_GALLERYThe gallery referenced by the input gallery ID does not exist.UNKNOWN_ENCOUNTERThe encounter referenced by the input encounter ID does not exist.UNKNOWN_BIOGRAPHIC_FORMATThe biographic data format is not known or not supported.UNKNOWN_IDENTITY_CLAIMThe identity referenced by the input identity claim does not exist.INVALID_IDENTITY_CLAIMThe identity claim requested is already in use.NONEXISTANT_DATAThe data requested for deletion does not exist.NOTES:
See Clause 6 (Error handling) for an explanation of BIAS faults and return codes.
Service provider MAY define additional values specific to their service implementation.
See section 5.5 for additional information on BIAS security.
BIASFaultDetail
FieldType#?MeaningBIASFaultDetailYDefines the error information associated with a SOAP fault. BIASFaultTypeHYPERLINK \l "_BIASFaultCode"BIASFaultCode1YReferences an error code. BIASFaultMessagestring1YProvides a brief explanation of the fault. BIASFaultDescriptionstring0..1NProvides detailed information about a BIAS fault, such as trace details.BIASIdentity
FieldType#?MeaningBIASIdentityYDefines a single element for encapsulating the data associated with an Identity. Includes the Identitys reference identifiers, biographic data, and biometric data.
The operations that use this type specify which elements are required. SubjectID HYPERLINK \l "_BIASIDType" BIASIDType0..1CA system unique identifier for a subject.
Required as input to many operations. IdentityClaim HYPERLINK \l "_BIASIDType" BIASIDType0..1NAn identifier by which a subject is known to a particular gallery or population group. EncounterID HYPERLINK \l "_BIASIDType" BIASIDType0..1CThe identifier of an encounter associated with the subject.
Required for encounter-centric models. EncounterList HYPERLINK \l "_EncounterListType" EncounterListType0..1NA list of encounters associated with a subject. BiographicData HYPERLINK \l "_BiographicDataType" BiographicDataType0..1NAn Identitys biographic data. BiographicDataElements HYPERLINK \l "_BiographicDataType" BiographicDataType0..1NAn Identitys biographic data elements that are stored in the implementing system. BiometricData HYPERLINK \l "_BIASBiometricDataType" BIASBiometricDataType0..1NAn Identitys biometric data.BIASIDType
Type:stringDescription:A BIAS Identifier.BinaryBIR
FieldType#?MeaningBinaryBIRBaseBIRTypeYDefines a BIR type of Binary Binarybase64Binary1YBIR information in base64 binary format
BiographicDataItemType
FieldType#?MeaningBiographicDataItemTypeYDefines a single biographic data element. Namestring1YThe name of the biographic data item. Typestring1YThe data type for the biographic data item. Valuestring0..1NThe value assigned to the biographic data item.NOTE: This element can be used to transmit scanned identity documents or document information (e.g., passports, drivers license, birth certificates, utility bills, etc. required to establish an identity).
BiographicDataSetType
FieldType#?MeaningBiographicDataSetTypeYDefines a set of biographic data that is formatted according to the specified format. namestring1YThe name of the biographic data format. Use these names for common formats: FBI-EFTS REF EFTS \h \* MERGEFORMAT [ HYPERLINK \l "EFTS" EFTS], FBI-EBTS REF EBTSFBI \h \* MERGEFORMAT [ HYPERLINK \l "EBTSFBI" EBTS-FBI], DOD-EBTS REF EBTSDoD \h \* MERGEFORMAT [ HYPERLINK \l "EBTSDoD" EBTS-DOD], INT-I REF INTI \h \* MERGEFORMAT HYPERLINK \l "INTI" [INT-I], NIEM REF NIEM \h \* MERGEFORMAT [ HYPERLINK \l "NIEM" NIEM], xNAL REF xNAL \h \* MERGEFORMAT [ HYPERLINK \l "xNAL" xNAL], HR-XML [ HYPERLINK \l "HRXML" HR-XML]. versionstring0..1NThe version of the biographic data format (e.g., 7.1 for FBI-EFTS or 2.0 for NIEM). sourcestring1YReference to a URI/IRI describing the biographic data format. For example: (FBI-EFTS and FBI-EBTS) www.fbibiospecs.org, (DOD-EBTS) www.biometrics.dod.mil, (INT-I) www.interpol.int, (NIEM) www.niem.gov, (xNAL) www.oasis-open.org, (HR-XML) www.hr-xml.org. typestring1YThe biographic data format type. Use these types for common formats: ASCII (e.g., for non-XML versions of FBI-EFTS, FBI-EBTS, DOD-EBTS, or INT-I), XML (e.g., for NIEM, xNAL, and HR-XML or future versions of FBI-EBTS). unspecifiedany0..*NBiographic data formatted according to a specific format.NOTE: Biographic data formats are not limited to those listed. The string value is not enumerated. If one of the common types are used, it MUST be indicated by the specified name values; however, the service provider MAY offer other formats. See INCITS 442 for further information.
BiographicDataType
FieldType#?MeaningBiographicDataTypeYDefines a set of biographic data elements, utilizing either the HYPERLINK \l "_BiographicDataItemType" BiographicDataItemType to represent a list of elements or the HYPERLINK \l "_BiographicDataSetType" BiographicDataSetType to represent a complete, formatted set of biographic information.
One of the following elements must be present. LastNamestring0..1NThe last name of a subject. FirstNamestring0..1NThe first name of a subject. BiographicDataItems HYPERLINK \l "_BiographicDataItemType" BiographicDataItemType0..1NA list of biographic data elements. BiographicDataItems HYPERLINK \l "_BiographicDataItemType" BiographicDataItemType1..*NA single biographic data element. BiographicDataSet HYPERLINK \l "_BiographicDataSetType" BiographicDataSetType0..1NA set of biographic data information.NOTE: The implementer is given three choices for encoding biographic data:
Encode only first and last name using the defined fields within BiographicDataType
Define a list of biographic data elements using the BiographicDataItemType
Use a pre-defined set of biographic data (e.g., as specified in another standard) using the BiographicDataSetType.
See also INCITS 442, section 8.1 for further information.
BiometricDataElementType
FieldType#?MeaningBiometricDataElementTypeYProvides descriptive information about biometric data, such as the biometric type, subtype, and format, contained in the BDB of the CBEFF-BIR. BiometricTypeiso-iec19785-3-7:MultipleTypesType1YThe type of biological or behavioral data stored in the biometric record, as defined by CBEFF. BiometricTypeCountpositiveInteger0..1NThe number of biometric records having the biometric type recorded in the biometric type field. BiometricSubTypeiso-iec19785-3-7:SubtypeType0..1NMore specifically defines the type of biometric data stored in the biometric record, as defined by CBEFF. BDBFormatOwnerpositiveInteger1YIdentifies the standards body, working group, industry consortium, or other CBEFF biometric organization that has defined the format for the biometric data. BDBFormatTypepositiveInteger1YIdentifies the specific biometric data format specified by the CBEFF biometric organization recorded in the BDB Format Owner field.NOTE: XML biometric metadata (BIR header elements) is aligned with ISO/IEC 19785-3, XML Patron Format. REF CBEFF \h \* MERGEFORMAT [ HYPERLINK \l "CBEFF" CBEFF]
BiometricDataListType
FieldType#?MeaningBiometricDataListTypeYA list of biometric data elements. BiometricDataElement REF _Ref236212209 \h BiometricDataElementType0..*NData structure containing information about a biometric record.CandidateListResultType
FieldType#?MeaningCandidateListResultTypeYDefines a set of candidates, utilizing the HYPERLINK \l "_CandidateType" CandidateType to represent each element in the set. CandidateList REF _Ref276646552 \h CandidateListType1YThe candidate list.
CandidateListType
FieldType#?MeaningCandidateListTypeYDefines a set of candidates, utilizing the HYPERLINK \l "_CandidateType" CandidateType to represent each element in the set. Candidate HYPERLINK \l "_CandidateType" CandidateType0..*NA single candidate.CandidateType
FieldType#?MeaningCandidateTypeYDefines a single candidate as a possible match in response to a biometric identification request. Score HYPERLINK \l "_Score" Score0..1NThe match score. Rankinteger1YThe rank of the candidate in relation to other candidates for the same biometric identification operation. BiographicData HYPERLINK \l "_BiographicDataType" BiographicDataType0..1NBiographic data associated with the candidate match. BIRList HYPERLINK \l "_CBEFF_BIR_ListType" CBEFF_BIR_ListType1YBiometric data associated with the candidate match.CapabilityListType
FieldType#?MeaningCapabilityListTypeYDefines a set of capabilities. Capability HYPERLINK \l "_CapabilityType" CapabilityType0..*NA single capability.CapabilityName
Type:stringDescription:A list of capability items.CapabilityName Enumeration Values
ValueDescriptionAggregateInputDataOptionalA data element accepted as optional input by the implementing system for the aggregate services.AggregateInputDataRequiredA data element required as input by the implementing system for the aggregate services.AggregateProcessingOptionA processing option supported by the implementing system for the aggregate services.AggregateReturnDataA data element returned by the implementing system for the aggregate services.AggregateServiceDescriptionDescribes the processing logic of an aggregate service supported by the implementing system.BiographicDataSetIdentifies a biographic data set supported by the implementing system.CBEFFPatronFormatA patron format supported by the implementing system.ClassificationAlgorithmTypeA classification algorithm type supported by the implementing system.ConformanceClassIdentifies the conformance class of the BIAS implementation.GalleryA gallery or population group supported by the implementing system.IdentityModelIdentifies whether the implementing system is person-centric or encounter-centric based.MatchScoreIdentifies the use of match scores returned by the implementing system.QualityAlgorithmA quality algorithm vendor and algorithm vendor product ID supported by the implementing system.SupportedBiometricA biometric type supported by the implementing system.TransformOperationA transform operation type supported by the implementing system.CapabilityType
FieldType#?MeaningCapabilityTypeYDefines a single capability supported by an implementing system. CapabilityName HYPERLINK \l "_CapabilityName" CapabilityName1YThe name of the capability. CapabilityIDstring0..1NAn identifier assigned to the capability by the implementing system. CapabilityDescriptionstring0..1NA description of the capability. CapabilityValuestring0..1NA value assigned to the capability. CapabilitySupportingValuestring0..1NA secondary value supporting the capability. CapabilityAdditionalInfostring0..1NContains additional information for the supported capability.CBEFF_BIR_ListType
FieldType#?MeaningCBEFF_BIR_ListTypeYA list of CBEFF-BIR elements. BIR HYPERLINK \l "_CBEFF_BIR_Type" CBEFF_BIR_Type0..*NCBEFF structure containing information about a biometric sample.CBEFF_BIR_Type
FieldType#?MeaningCBEFF_BIR_TypeYRepresents biometric information, with either a non-XML or XML representation. FormatOwnerpositiveInteger1YIdentifies the Patron format owner. FormatTypepositiveInteger1YIdentifies the Patron format type. BIR_Information0..1NDescribes what is contained in a BIR. BIR_Infoiso-iec19785-3-7:BIRInfoType0..1NContains information about the CBEFF-BIR. BDB_Infoiso-iec19785-3-7:BDBInfoType0..1NContains information about the BDB in a simple CBEFF-BIR. SB_Infoiso-iec19785-3-7:SBInfoType0..1NContains information about the security block, if used, in a simple CBEFF-BIR. BIR HYPERLINK \l "_BaseBIRType" BaseBIRType1YOne of the following sub-elements must be present: HYPERLINK \l "_BinaryBIR" BinaryBIR, HYPERLINK \l "_URI_BIR" URI_BIR, or HYPERLINK \l "_XML_BIR" XML_BIR.NOTE: The implementer is given three choices for encoding a BIR:
As an XML BIR (following the XML Patron format as specified in REF CBEFF \h \* MERGEFORMAT [ HYPERLINK \l "CBEFF" CBEFF] Part 3, Clause 13)
As a reference to a URI (from which the receiver would retrieve the actual BIR)
As a complete Base64 encoded binary (non-XML) BIR.
The latter two alternatives can use any CBEFF Patron Format. The optional BIR_Information provides a mechanism for exposing metadata associated with a BIR format that is not easily decoded (i.e., a non-XML BIR). See section 5.3 for more information on handling of binary data within BIAS and INCITS 442, Clause 8.2, for more information on representing biometric data.
NOTE:
XML BIRs MUST conform to ISO/IEC 19785-3 (clause 13, XML Patron Format); however, non-XML (binary) and URI BIRs MAY implement any CBEFF patron format.
It is RECOMMENDED that only registered CBEFF patron formats be used; however, in closed systems, this may not be required.
Classification
Type:stringDescription:The result of a classification.ClassificationAlgorithmType
Type:stringDescription:Type of classification algorithm that was used to perform the classification.ClassificationData
FieldType#?MeaningClassificationDataYContains information on classification results and the algorithm used to determine the classification. Classification HYPERLINK \l "_Classification" Classification1YThe result of the classification. ClassificationAlgorithmType HYPERLINK \l "_ClassificationAlgorithmType" ClassificationAlgorithmType1YIdentifies the type of classification algorithm that was used to perform the classification.EncounterListType
FieldType#?MeaningEncounterListTypeYDefines a set of encounters. EncounterID HYPERLINK \l "_BIASIDType" BIASIDType0..*NThe identifier of an encounter.FusionDecision
Type:stringDescription:The match decision assigned by the matching algorithm
FusionInformationListType
FieldType#?MeaningFusionInformationListTypeYContains at a minimum two sets of fusion input elements, as input to the HYPERLINK \l "_PerformFusion" PerformFusion operation. FusionElement HYPERLINK \l "_FusionInformationType" FusionInformationType2..*YA set of fusion information.FusionInformationType
FieldType#?MeaningFusionInformationTypeYRepresents the information necessary to perform a fusion operation. BiometricTypeiso-iec19785-3-7:MultipleTypesType1YThe type of biological or behavioral data stored in the biometric record, as defined by CBEFF. BiometricSubTypeiso-iec19785-3-7: SubtypeType0..1NMore specifically defines the type of biometric data stored in the biometric record. AlgorithmOwnerstring1YThe owner or vendor of the algorithm used to determine the score or decision. AlgorithmTypestring1YThe Algorithm Owners identifier for the specific algorithm product and version used to determine the score or decision. FusionResult HYPERLINK \l "_FusionResult" FusionResult0..1CEither HYPERLINK \l "_FusionScore" FusionScore or a HYPERLINK \l "_FusionDecision" FusionDecision element MUST be used.FusionResult
Type:complexTypeDescription:The base type for any resulting types which indicate the status of a Fusion operationFusionScore
Type: HYPERLINK \l "_Score" ScoreDescription:The similarity score assigned by the matching algorithm.
GenericRequestParameters
FieldType#?MeaningGenericRequestParametersYCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested.NOTE: See section 5.4 for alternatives for identifying the requested BIAS operation in a BIAS SOAP message.
IdentifySubjectResultType
Description:A base type for all types that could be returned from the IdentifySubject operation
InformationType
FieldType#?MeaningInformationTypeYAllows for an unlimited number of data element types, and it does not specify nor require any particular data element. unspecifiedany0..*NListFilterType
FieldType#?MeaningListFilterTypeYProvides a method to filter the amount of information returned in a search of biometric data. BiometricTypeFilters1Y BiometricTypeFilteriso-iec19785-3-7:MultipleTypesType1..*YLimits the returned information to a specific type of biometric, as defined by CBEFF. IncludeBiometricSubTypeboolean1YA Boolean flag indicating if biometric subtype information should be returned.MatchType
Type:booleanDescription:The result of a fusion method.ProcessingOptionsType
FieldType#?MeaningProcessingOptionsTypeYBIAS aggregate operations support the ability to include various processing options which direct and possibly control the business logic for that operation. The ProcessingOptionsType provides a method to represent those options. Processing options SHOULD be defined by the implementing system. Optionstring0..*NAn option supported by the implementing system.ProductID
Type:stringDescription:The vendors ID for a particular product.QualityData
FieldType#?MeaningQualityDataYContains information about a biometric samples quality and the algorithm used to compute the quality. QualityScoreiso-iec19785-3-7:QualityType0..1NThe quality of a biometric sample. AlgorithmVendor HYPERLINK \l "_VendorIdentifier" VendorIdentifier1YThe vendor of the quality algorithm used to determine the quality score. AlgorithmVendorProductID HYPERLINK \l "_ProductID" ProductID1YThe vendors ID for the algorithm used to determine the quality. AlgorithmVersion HYPERLINK \l "_VersionType" VersionType0..1NThe version of the algorithm used to determine the quality.ResponseStatus
FieldType#?MeaningResponseStatusY Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code.ReturnCode
Type:unsignedLongDescription:Return value specifying success or other condition.
ReturnCode Enumeration Values
ValueDescription0SuccessScore
Type:floatDescription:Match result or quality score.NOTE: Matching scores MAY be in a standardized or proprietary form in terms of value range and interpretation. Quality scores, however, follow the definition found in ISO/IEC 19785-3, Clause 13.
TokenResultType
FieldType#?MeaningTokenResultTypeYDefines a token that is returned for asynchronous processing. TokenType HYPERLINK \l "_TokenType" TokenType1YDefines a token that is returned for asynchronous processing.
TokenType
FieldType#?MeaningTokenTypeYDefines a token that is returned for asynchronous processing. TokenValuestring1YA value returned by the implementing system that is used to retrieve the results to an operation at a later time. Expirationdate1YA date and time at which point the token expires and the operation results are no longer guaranteed to be available.NOTE: Date/time format is defined in INCITS 442 and is consistent with the date format specified in ISO/IEC 19785-3 and ISO 8601 REF DATETIME \h \* MERGEFORMAT [ HYPERLINK \l "DATETIME" DATE-TIME].See also Annex A for schema definition.
URI_BIR
FieldType#?MeaningURI_BIRBaseBIRTypeYDefines a BIR type of Binary URIanyURI1YThe URI of the BIR
VendorIdentifier
Type:stringDescription:Identifies a vendor.NOTE: Vendor identifiers are registered with IBIA as the CBEFF registration authority (see ISO/IEC 19785-2). Registered biometric organizations are listed at: HYPERLINK "http://www.ibia.org/cbeff/_biometric_org.php"http://www.ibia.org/cbeff/_biometric_org.php.
Version
FieldType#?MeaningVersionYFor a description or definition of each data element, see the referenced CBEFF standards in the REF _Ref201723258 \h CBEFF_BIR_Typeschema. majornonNegativeInteger1Y minornonNegativeInteger1YVersionType
Type:stringDescription:The version of a component.XML_BIR
FieldType#?MeaningXML_BIRBaseBIRTypeYDefines a BIR type of Binary XMLIso-iec19785-3-7:BIRType1YBIR information in XML format
BIAS Messages
This section describes the BIAS messages implementing BIAS operations as defined in ANSI INCITS 442-2010. The operations are listed alphabetically, with each operation containing a request and a response message. The tables follow the conventions described in section 3.1.
Primitive Operations
AddSubjectToGallery
HYPERLINK \l "AddSubjectToGalleryRequest" AddSubjectToGalleryRequest
HYPERLINK \l "AddSubjectToGalleryResponse" AddSubjectToGalleryResponse
The AddSubjectToGallery operation registers a subject to a given gallery or population group. As an OPTIONAL parameter, the value of the claim to identity by which the subject is known to the gallery MAY be specified. This claim to identity MUST be unique across the gallery. If no claim to identity is specified, the subject ID (assigned with the HYPERLINK \l "_CreateSubject" CreateSubject operation) will be used as the claim to identity. Additionally, in the encounter-centric model, the encounter ID associated with the subjects biometrics that will be added to the gallery MUST be specified.
Request Message
FieldType#?MeaningAddSubjectToGalleryYRegister a subject to a given gallery or population group.AddSubjectToGalleryRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: AddSubjectToGallery. GalleryID HYPERLINK \l "_BIASIDType" BIASIDType1YThe identifier of the gallery or population group to which the subject will be added. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity1YThe identity to add to the gallery. SubjectID HYPERLINK \l "_BIASIDType" BIASIDType1YA system unique identifier for a subject. IdentityClaim HYPERLINK \l "_BIASIDType" BIASIDType0..1NAn identifier by which a subject is known to a particular gallery or population group. (This could be a username or account number, for example.) EncounterID HYPERLINK \l "_BIASIDType" BIASIDType0..1CThe identifier of an encounter associated with the subject.
Required for encounter-centric models.Response Message
FieldType#?MeaningAddSubjectToGalleryResponseYThe response to an AddSubjectToGallery operation.AddSubjectToGalleryResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code.CheckQuality
HYPERLINK \l "CheckQualityRequest" CheckQualityRequest
HYPERLINK \l "CheckQualityResponse" CheckQualityResponse
The CheckQuality operation returns a quality score for a given biometric. The biometric input is provided in a CBEFF basic structure or CBEFF record, which in this specification is called a CBEFF-BIR. The algorithm vendor and algorithm vendor product ID MAY be optionally provided in order to request a particular algorithms use in calculating the biometric quality. If an algorithm vendor is provided then the algorithm vendor product ID is REQUIRED. If no algorithm vendor is provided, the implementing system will provide the algorithm vendor and algorithm vendor product ID that were used to calculate the biometric quality as output parameters.
Request Message
FieldType#?MeaningCheckQualityYCalculate a quality score for a given biometric.CheckQualityRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: CheckQuality. BiometricData HYPERLINK \l "_BIASBiometricDataType" BIASBiometricDataType1YData structure containing a single biometric sample for which a quality score is to be determined. BIR HYPERLINK \l "_CBEFF_BIR_Type" CBEFF_BIR_Type1YThe biometric sample. Quality HYPERLINK \l "_QualityData" QualityData0..1NSpecifies a particular algorithm vendor and vender product ID. AlgorithmVendor HYPERLINK \l "_VendorIdentifier" VendorIdentifier1YThe vendor of the quality algorithm used to determine the quality score. AlgorithmVendorProductID HYPERLINK \l "_ProductID" ProductID1YThe vendors ID for the algorithm used to determine the quality.Response Message
FieldType#?MeaningCheckQualityResponseYThe response to a CheckQuality operation.CheckQualityResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code. QualityInfo HYPERLINK \l "_QualityData" QualityData1YContains the quality information for the submitted biometric sample. QualityScoreiso-iec19785-3-7:QualityType0..1NThe quality of a biometric sample. AlgorithmVendor HYPERLINK \l "_VendorIdentifier" VendorIdentifier1YThe vendor of the quality algorithm used to determine the quality score. AlgorithmVendorProductID HYPERLINK \l "_ProductID" ProductID1YThe vendors ID for the algorithm used to determine the quality. AlgorithmVersion HYPERLINK \l "_VersionType" VersionType1YThe version of the algorithm used to determine the quality.ClassifyBiometricData
HYPERLINK \l "ClassifyBiometricDataRequest" ClassifyBiometricDataRequest
HYPERLINK \l "ClassifyBiometricDataResponse" ClassifyBiometricDataResponse
The ClassifyBiometricData operation attempts to classify a biometric sample. For example, a fingerprint biometric sample may be classified as a whorl, loop, or arch (or other classification classes and sub-classes).
To obtain the types of classification algorithms and classes, see the HYPERLINK \l "_QueryCapabilities" QueryCapabilities operation.
Request Message
FieldType#?MeaningClassifyBiometricDataYClassifies a biometric sample.ClassifyBiometricDataRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: ClassifyBiometricData. BiometricData HYPERLINK \l "_BIASBiometricDataType" BIASBiometricDataType1YData structure containing a single biometric sample for which the classification is to be determined. BIR HYPERLINK \l "_CBEFF_BIR_Type" CBEFF_BIR_Type1YThe biometric sample.Response Message
FieldType#?MeaningClassifyBiometricDataResponseYThe response to a ClassifyBiometricData operation, containing the classification of a biometric sample.ClassifyBiometricDataResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code. ClassificationData HYPERLINK \l "_ClassificationData" ClassificationData1YInformation on the results and type of classification performed. Classification HYPERLINK \l "_Classification" Classification1YThe result of the classification. ClassificationAlgorithmType HYPERLINK \l "_ClassificationAlgorithmType" ClassificationAlgorithmType1YIdentifies the type of classification algorithm that was used to perform the classification.CreateSubject
HYPERLINK \l "CreateSubjectRequest" CreateSubjectRequest
HYPERLINK \l "CreateSubjectResponse" CreateSubjectResponse
The CreateSubject operation creates a new subject record and associates a subject ID to that record. As an optional parameter, the subject ID MAY be specified by the caller. If no subject ID is specified, the CreateSubject operation will generate one.
Request Message
FieldType#?MeaningCreateSubjectYCreateSubjectRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: CreateSubject.Response Message
FieldType#?MeaningCreateSubjectResponseYThe response to a CreateSubject operation, containing the subject ID of the new subject record.CreateSubjectResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity1Y SubjectID HYPERLINK \l "_BIASIDType" BIASIDType1YA system unique identifier for a subject.DeleteBiographicData
HYPERLINK \l "DeleteBiographicDataRequest" DeleteBiographicDataRequest
HYPERLINK \l "DeleteBiographicDataResponse" DeleteBiographicDataResponse
The DeleteBiographicData operation erases all of the biographic data associated with a given subject record. In the encounter-centric model the operation erases all of the biographic data associated with a given encounter, and therefore the encounter ID MUST be specified.
When deleting data, BIAS implementations MAY completely erase the information in order to prevent the ability to reconstruct a record in whole or in part, or they MAY track and record the deleted information for auditing and/or quality control purposes.
Request Message
FieldType#?MeaningDeleteBiographicDataYErase all of the biographic data associated with a given subject record or, in the encounter-centric model, with a given encounter.DeleteBiographicDataRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: DeleteBiographicData. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity1Y SubjectID HYPERLINK \l "_BIASIDType" BIASIDType1YA system unique identifier for a subject. EncounterID HYPERLINK \l "_BIASIDType" BIASIDType0..1CThe identifier of an encounter associated with the subject.
Required for encounter-centric models.Response Message
FieldType#?MeaningDeleteBiographicDataResponseYThe response to a DeleteBiographicData operation.DeleteBiographicDataResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code.DeleteBiometricData
HYPERLINK \l "DeleteBiometricDataRequest" DeleteBiometricDataRequest
HYPERLINK \l "DeleteBiometricDataResponse" DeleteBiometricDataResponse
The DeleteBiometricData operation erases all of the biometric data associated with a given subject record. In the encounter-centric model the operation erases all of the biometric data associated with a given encounter, and therefore the encounter ID MUST be specified.
When deleting data, BIAS implementations MAY completely erase the information in order to prevent the ability to reconstruct a record in whole or in part, or they MAY track and record the deleted information for auditing and/or quality control purposes.
Request Message
FieldType#?MeaningDeleteBiometricDataYErase all of the biometric data associated with a given subject record or, in the encounter-centric model, with a given encounter.DeleteBiometricDataRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: DeleteBiometricData. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity1Y SubjectID HYPERLINK \l "_BIASIDType" BIASIDType1YA system unique identifier for a subject. EncounterID HYPERLINK \l "_BIASIDType" BIASIDType0..1CThe identifier of an encounter associated with the subject.
Required for encounter-centric models.Response Message
FieldType#?MeaningDeleteBiometricDataResponseYThe response to a DeleteBiometricData operation.DeleteBiometricDataResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code.DeleteSubject
HYPERLINK \l "DeleteSubjectRequest" DeleteSubjectRequest
HYPERLINK \l "DeleteSubjectResponse" DeleteSubjectResponse
The DeleteSubject operation deletes an existing subject record and, in an encounter-centric model, any associated encounter information from the system. This operation also removes the subject from any registered galleries.
When deleting a subject, BIAS implementations MAY completely erase the subject information in order to prevent the ability to reconstruct a record or records in whole or in part, or they MAY track and record the deleted information for auditing and/or quality control purposes.
Request Message
FieldType#?MeaningDeleteSubjectYDelete an existing subject record and, in an encounter-centric model, any associated encounter information.DeleteSubjectRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: DeleteSubject. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity1YThe identity of the subject to delete. SubjectID HYPERLINK \l "_BIASIDType" BIASIDType1YA system unique identifier for a subject.Response Message
FieldType#?MeaningDeleteSubjectResponseYThe response to a DeleteSubject operation.DeleteSubjectResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code.DeleteSubjectFromGallery
HYPERLINK \l "DeleteSubjectFromGalleryRequest" DeleteSubjectFromGalleryRequest
HYPERLINK \l "DeleteSubjectFromGalleryResponse" DeleteSubjectFromGalleryResponse
The DeleteSubjectFromGallery operation removes the registration of a subject from a gallery or population group. The subject is identified by either the subject ID or the claim to identity that was specified in the HYPERLINK \l "_AddSubjectToGallery" AddSubjectToGallery operation.
Request Message
FieldType#?MeaningDeleteSubjectFromGalleryYRemove the registration of a subject from a gallery or population group.DeleteSubjectFromGalleryRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: DeleteSubjectFromGallery. GalleryID HYPERLINK \l "_BIASIDType" BIASIDType1YThe identifier of the gallery or population group from which the subject will be deleted. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity1YThe identity to remove from the gallery. SubjectID HYPERLINK \l "_BIASIDType" BIASIDType0..1CA system unique identifier for a subject.
Required if an Identity Claim is not provided. IdentityClaim HYPERLINK \l "_BIASIDType" BIASIDType0..1CAn identifier by which a subject is known to a particular gallery or population group.
Required if a Subject ID is not provided.Response Message
FieldType#?MeaningDeleteSubjectFromGalleryResponseYThe response to a DeleteSubjectFromGallery operation.DeleteSubjectFromGalleryResponsePackage ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code.GetIdentifySubjectResults
HYPERLINK \l "GetIdentifyResultsRequest" GetIdentifyResultsRequest
HYPERLINK \l "GetIdentifySubjectResultsResponse" GetIdentifySubjectResultsResponse
The GetIdentifySubjectResults operation retrieves the identification results for the specified token. This opereation is used in conjunction with the HYPERLINK \l "_IdentifySubject" IdentifySubject operation. If the IdentifySubject operation is implemented as an asynchronous service, the implementing system returns a token and the GetIdentifySubjectResults operation is used to poll for the results of the original IdentifySubject request.
Request Message
FieldType#?MeaningGetIdentifySubjectResultsYRetrieve the identification results for a specified token, which was returned by the HYPERLINK \l "_IdentifySubject" IdentifySubject operation.GetIdentifySubjectResultsRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: GetIdentifySubjectResults. Token HYPERLINK \l "_TokenType" TokenType1YA value used to retrieve the results of an IdentifySubject request. TokenValuestring1YA value returned by the implementing system that is used to retrieve the results to an operation at a later time. Expirationdate1YA date and time at which point the token expires and the operation results are no longer guaranteed to be available.Response Message
FieldType#?MeaningGetIdentifySubjectResultsResponseYThe response to a GetIdentifySubjectResults operation, which includes a candidate list.GetIdentifySubjectResultsResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code. CandidateList HYPERLINK \l "_CandidateListType" CandidateListType1YA rank-ordered list of candidates that have a likelihood of matching the input biometric sample. Candidate HYPERLINK \l "_CandidateType" CandidateType0..*NA single candidate. Score HYPERLINK \l "_Score" Score0..1NThe match score. BiographicData HYPERLINK \l "_BiographicDataType" BiographicDataType0..1NBiographic data associated with the candidate match. BIRList HYPERLINK \l "_CBEFF_BIR_ListType" CBEFF_BIR_ListType1YBiometric data associated with the candidate match. BIR HYPERLINK \l "_CBEFF_BIR_Type" CBEFF_BIR_Type0..*NCBEFF structure containing information about a biometric sample.IdentifySubject
HYPERLINK \l "IdentifySubjectRequest" IdentifySubjectRequest
HYPERLINK \l "IdentifySubjectResponse" IdentifySubjectResponse
The IdentifySubject operation performs an identification search against a given gallery for a given biometric, returning a rank-ordered candidate list of a given maximum size.
If the IdentifySubject operation is implemented as a synchronous service, the implementing system immediately processes the request and returns the results in the candidate list. If the IdentifySubject operation is implemented as an asynchronous service, the implementing system returns a token, which is an indication that the request is being handled asynchronously. In this case, the HYPERLINK \l "_GetIdentifySubjectResults" GetIdentifySubjectResults operation is used to poll for the results of the IdentifySubject request.
Request Message
FieldType#?MeaningIdentifySubjectYPerform an identification search against a given gallery for a given biometric.IdentifySubjectRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: IdentifySubject. GalleryID HYPERLINK \l "_BIASIDType" BIASIDType1YThe identifier of the gallery or population group which will be searched. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity1YContains the BIR, a data structure containing the biometric sample for the search. BiometricData HYPERLINK \l "_BIASBiometricDataType" BIASBiometricDataType1YAn Identitys biometric data. BIR HYPERLINK \l "_CBEFF_BIR_Type" CBEFF_BIR_Type1YContains biometric information in either a non-XML or an XML representation. MaxListSizepositiveInteger1YThe maximum size of the candidate list that should be returned.Response Message
FieldType#?MeaningIdentifySubjectResponseYThe response to an IdentifySubject operation, returning a rank-ordered candidate list.IdentifySubjectResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code. CandidateList HYPERLINK \l "_CandidateListResultType" CandidateListResultType
(see HYPERLINK \l "_IdentifySubjectResultType" IdentifySubjectResultType)0..1CA rank-ordered list of candidates that have a likelihood of matching the input biometric sample (i.e., exceed the system threshold).
Rank ordering is from highest to lowest match score.
Returned with successful synchronous request processing. Candidate HYPERLINK \l "_CandidateType" CandidateType0..*NA single candidate. Scorestring0..1NThe match score. BiographicData HYPERLINK \l "_BiographicDataType" BiographicDataType0..1NBiographic data associated with the candidate match. BIRList HYPERLINK \l "_CBEFF_BIR_ListType" CBEFF_BIR_ListType1YBiometric data associated with the candidate match. BIR HYPERLINK \l "_CBEFF_BIR_Type" CBEFF_BIR_Type0..*NCBEFF structure containing information about a biometric sample. Token HYPERLINK \l "_TokenResultType" TokenResultType
(see HYPERLINK \l "_IdentifySubjectResultType" IdentifySubjectResultType)0..1CA token used to retrieve the results of the IdentifySubject operation.
Returned with asynchronous request processing. TokenValuestring1YA value returned by the implementing system that is used to retrieve the results to an operation at a later time. Expirationdate1YA date and time at which point the token expires and the operation results are no longer guaranteed to be available.NOTES:
In the event that the number of candidates exceeding the threshold exceeds the MaxListSize, the system will determine which candidate is included in the last position of the rank ordered candidate list (i.e., in the event of a tie).
Requesters MAY NOT change the system thresholds.
ListBiographicData
HYPERLINK \l "ListBiographicDataRequest" ListBiographicDataRequest
HYPERLINK \l "ListBiographicDataResponse" ListBiographicDataResponse
The ListBiographicData operation lists the biographic data elements stored for a subject using the Biographic Data Elements output parameter. Note that no actual biographic data is returned by this operation (see the HYPERLINK \l "_RetrieveBiographicInformation" RetrieveBiographicInformation operation to obtain the biographic data). In the encounter-centric model, an encounter ID MAY be specified to indicate that only the biographic data elements stored for that encounter should be returned. If an encounter ID is not specified and encounter data exists for the subject, the operation returns the list of encounter IDs which contain biographic data using the Encounter List output parameter, and the Biographic Data Elements output parameter is empty.
Request Message
FieldType#?MeaningListBiographicDataYLists the biographic data elements stored for a subject.ListBiographicDataRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: ListBiographicData. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity1YIdentifies the subject or, in the encounter-centric model, a subject and an encounter. SubjectID HYPERLINK \l "_BIASIDType" BIASIDType1YA system unique identifier for a subject. EncounterID HYPERLINK \l "_BIASIDType" BIASIDType0..1NThe identifier of an encounter associated with the subject.Response Message
FieldType#?MeaningListBiographicDataResponseYThe response to a ListBiographicData request, containing a list of biographic data elements stored for a subject. In the encounter-centric model, the biographic data elements for a specific encounter are returned. If an encounter ID is not specified and encounter data exists for the subject, the list of encounter IDs which contain biographic data is returned.ListBiographicDataResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity1YContains a list of biographic data elements associated with a subject or encounter; non-empty if the service was successful, biographic data exists, and either (a) the person-centric model is being used or (b) the encounter-centric model is being used and an encounter identifier was specified. BiographicDataElements HYPERLINK \l "_BiographicDataType" BiographicDataType0..1CAn Identitys biographic data elements that are stored in the implementing system. BiographicDataItem HYPERLINK \l "_BiographicDataItemType" BiographicDataItemType0..*NA single biographic data element. Namestring1YThe name of the biographic data item. Typestring1YThe data type for the biographic data item. EncounterList HYPERLINK \l "_EncounterListType" EncounterListType0..1CA list of encounter IDs associated with a subject and which contain biographic data; non-empty if the service was successful, biographic data exists, the encounter-centric model is being used, and an encounter identifier was not specified. EncounterID HYPERLINK \l "_BIASIDType" BIASIDType0..*NThe identifier of an encounter.ListBiometricData
HYPERLINK \l "ListBiometricDataRequest" ListBiometricDataRequest
HYPERLINK \l "ListBiometricDataResponse" ListBiometricDataResponse
The ListBiometricData operation lists the biometric data elements stored for a subject using the Biometric Data List output parameter. Note that no actual biometric data is returned by this operation (see the HYPERLINK \l "_RetrieveBiometricInformation" RetrieveBiometricInformation operation to obtain the biometric data). In the encounter-centric model, an encounter ID MAY be specified to indicate that only the biometric data elements stored for that encounter should be returned. If an encounter ID is not specified and encounter data exists for the subject, the operation returns the list of encounter IDs which contain biometric data using the Encounter List output parameter, and the Biometric Data List output parameter is empty.
An optional parameter MAY be used to indicate a filter on the list of returned data. Such a filter may indicate that only biometric types should be listed (e.g., face, finger, iris, etc.) or that only biometric subtypes for a particular biometric type should be listed (e.g., all fingerprints: left slap, right index, etc.). If a filter is not specified, all biometric type and biometric subtype information are listed (e.g., left index finger, right iris, face frontal, etc.).
Request Message
FieldType#?MeaningListBiometricDataYLists the biometric data elements stored for a subject.ListBiometricDataRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: ListBiometricData. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity1YIdentifies the subject or, in the encounter-centric model, a subject and an encounter. SubjectID HYPERLINK \l "_BIASIDType" BIASIDType1YA system unique identifier for a subject. EncounterID HYPERLINK \l "_BIASIDType" BIASIDType0..1NThe identifier of an encounter associated with the subject. ListFilterType HYPERLINK \l "_ListFilterType" ListFilterType0..1NIndicates what biometric information should be returned. BiometricTypeFilteriso-iec19785-3-7:Multiple-types1..*YLimits the returned information to a specific type of biometric, as defined by CBEFF. IncludeBiometricSubTypeboolean1YA Boolean flag indicating if biometric subtype information should be returned.Response Message
FieldType#?MeaningListBiometricDataResponseYThe response to a ListBiometricData operation, containing a list of biometric data elements stored for a subject. In the encounter-centric model, the biometric data elements for a specific encounter are returned. If an encounter ID is not specified and encounter data exists for the subject, the list of encounter IDs which contain biometric data is returned.ListBiometricDataResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity0..1NIncludes a list of biometric data elements associated with a subject or encounter or a list of encounter IDs associated with a subject and which contain biometric data. BiometricData HYPERLINK \l "_BIASBiometricDataType" BIASBiometricDataType0..1CAn Identitys biometric data. BiometricDataList HYPERLINK \l "_BiometricDataListType" BiometricDataListType0..1NA list of biometric data elements. BiometricDataElement HYPERLINK \l "_BiometricDataElementType" BiometricDataElementType1..*YData structure containing information about a biometric record. BiometricTypeiso-iec19785-3-7:MultipleTypesType1YThe type of biological or behavioral data stored in the biometric record, as defined by CBEFF. BiometricTypeCountpositiveInteger0..1NThe number of biometric records having the biometric type recorded in the biometric type field. BiometricSubTypeiso-iec19785-3-7:SubtypeType0..1NMore specifically defines the type of biometric data stored in the biometric record, as defined by CBEFF. BDBFormatOwnerpositiveInteger1YIdentifies the standards body, working group, industry consortium, or other CBEFF biometric organization that has defined the format for the biometric data. BDBFormatTypepositiveInteger1YIdentifies the specific biometric data format specified by the CBEFF biometric organization recorded in the BDB Format Owner field. EncounterList HYPERLINK \l "_EncounterListType" EncounterListType0..1CA list of encounter IDs associated with a subject and which contain biometric data; non-empty if the service was successful, biometric data exists, the encounter-centric model is being used, and an encounter identifier was not specified. EncounterID HYPERLINK \l "_BIASIDType" BIASIDType1..*YThe identifier of an encounter.PerformFusion
HYPERLINK \l "PerformFusionRequest" PerformFusionRequest
HYPERLINK \l "PerformFusionResponse" PerformFusionResponse
The PerformFusion operation accepts either match score or match decision information and creates a fused match result. The HYPERLINK \l "_FusionInformationListType" FusionInformationListType, through the HYPERLINK \l "_FusionInformationType" FusionInformationType, provides specific elements for match score input and match decision input. The fusion method and processes are left to the implementing system.
Request Message
FieldType#?MeaningPerformFusionYAccepts either match score or match decision information and creates a fused match result.PerformFusionRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: PerformFusion. FusionInput HYPERLINK \l "_FusionInformationListType" FusionInformationListType1YScore or decision input information to the fusion method. FusionElement HYPERLINK \l "_FusionInformationType" FusionInformationType2..*YA set of fusion information. BiometricTypeiso-iec19785-3-7:MultipleTypesType1YThe type of biological or behavioral data stored in the biometric record, as defined by CBEFF. BiometricSubTypeiso-iec19785-3-7:SubtypeType0..1NMore specifically defines the type of biometric data stored in the biometric record. AlgorithmOwnerstring1YThe owner or vendor of the algorithm used to determine the score or decision. AlgorithmTypestring1YThe Algorithm Owners identifier for the specific algorithm product and version used to determine the score or decision. FusionResult HYPERLINK \l "_FusionResult" FusionResult0..1CEither HYPERLINK \l "_FusionScore" FusionScore or a HYPERLINK \l "_FusionDecision" FusionDecision element MUST be used.Response Message
FieldType#?MeaningPerformFusionResponseYThe response to the PerformFusion operation.PerformFusionResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code. Match HYPERLINK \l "_MatchType" MatchType11Indicates the result of the fusion method.QueryCapabilities
HYPERLINK \l "QueryCapabilitiesRequest" QueryCapabilitiesRequest
HYPERLINK \l "QueryCapabilitiesResponse" QueryCapabilitiesResponse
The QueryCapabilities operation returns a list of the capabilities, options, galleries, etc. that are supported by the BIAS implementation. Refer to Annex A in the INCITS BIAS standard for conformance requirements regarding which capability names an implementation must use in the QueryCapabilities operation.
Request Message
FieldType#?MeaningQueryCapabilitiesYReturns a list of the capabilities, options, galleries, etc. that are supported by the BIAS implementation.QueryCapabilitiesRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: QueryCapabilities.Response Message
FieldType#?MeaningQueryCapabilitiesResponseYThe response to a QueryCapabilities operation.QueryCapabilitiesResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code. CapabilityList HYPERLINK \l "_CapabilityListType" CapabilityListType1YA list of capabilities supported by the BIAS implementation. Capability HYPERLINK \l "_CapabilityType" CapabilityType0..*NA single capability. CapabilityName HYPERLINK \l "_CapabilityName" CapabilityName1YThe name of the capability. CapabilityIDstring0..1NAn identifier assigned to the capability by the implementing system. CapabilityDescriptionstring0..1NA description of the capability. CapabilityValuestring0..1NA value assigned to the capability. CapabilitySupportingValuestring0..1NA secondary value supporting the capability. CapabilityAdditionalInfostring0..1NContains additional information for the supported capability.RetrieveBiographicInformation
HYPERLINK \l "RetrieveBiographicInformationRequest" RetrieveBiographicInformationRequest
HYPERLINK \l "RetrieveBiographicInformationResponse" RetrieveBiographicInformationResponse
The RetrieveBiographicInformation operation retrieves the biographic data associated with a subject ID. In the encounter-centric model, the encounter ID MAY be specified and the operationwill return the biographic data associated with that encounter. If the encounter ID is not specified in the encounter-centric model, the operation returns the biographic information associated with the most recent encounter.
Request Message
FieldType#?MeaningRetrieveBiographicInformationYRetrieves the biographic data associated with a subject ID.RetrieveBiographicInformationRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: RetrieveBiographicInformation. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity1YIdentifies the subject or, in the encounter-centric model, a subject and an encounter. SubjectID HYPERLINK \l "_BIASIDType" BIASIDType1YA system unique identifier for a subject. EncounterID HYPERLINK \l "_BIASIDType" BIASIDType0..1NThe identifier of an encounter associated with the subject.Response Message
FieldType#?MeaningRetrieveBiographicInformationResponseYThe response to a RetrieveBiographicInformation operation.RetrieveBiographicInformationResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity1YIncludes the set of biographic data associated with a subject. BiographicData HYPERLINK \l "_BiographicDataType" BiographicDataType1YAn Identitys biographic data.
One of the following elements MUST be present. LastNamestring0..1CThe last name of a subject. FirstNamestring0..1CThe first name of a subject. BiographicDataItem HYPERLINK \l "_BiographicDataItemType" BiographicDataItemType0..*CA single biographic data element. BiographicDataSet HYPERLINK \l "_BiographicDataItemType" BiographicDataItemType0..1CA set of biographic data information.RetrieveBiometricInformation
HYPERLINK \l "RetrieveBiometricInformationRequest" RetrieveBiometricInformationRequest
HYPERLINK \l "RetrieveBiometricInformationResponse" RetrieveBiometricInformationResponse
The RetrieveBiometricInformation operation retrieves the biometric data associated with a subject ID. In the encounter-centric model, the encounter ID MAY be specified and the operationwill return the biometric data associated with that encounter. If the encounter ID is not specified in the encounter-centric model, the operation returns the biometric information associated with the most recent encounter.The operation provides an OPTIONAL input parameter to specify that only biometric data of a certain type should be retrieved.
Request Message
FieldType#?MeaningRetrieveBiometricInformationYRetrieves the biometric data associated with a subject ID.RetrieveBiometricInformationRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: RetrieveBiometricInformation. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity1YIdentifies the subject or, in the encounter-centric model, a subject and an encounter. SubjectID HYPERLINK \l "_BIASIDType" BIASIDType1YA system unique identifier for a subject. EncounterID HYPERLINK \l "_BIASIDType" BIASIDType0..1NThe identifier of an encounter associated with the subject. BiometricTypeiso-iec19785-3-7:Multiple-types0..1NThe type of biological or behavioral data to retrieve.Response Message
FieldType#?MeaningRetrieveBiometricInformationResponseYThe response to a RetrieveBiometricInformation operation.RetrieveBiometricInformationResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity1YIncludes the biometric data associated with a subject. BiometricData HYPERLINK \l "_BIASBiometricDataType" BIASBiometricDataType1YAn Identitys biometric data. BIRList HYPERLINK \l "_CBEFF_BIR_ListType" CBEFF_BIR_ListType1YA list of CBEFF-BIR elements. BIR HYPERLINK \l "_CBEFF_BIR_Type" CBEFF_BIR_Type0..*NCBEFF structure containing information about a biometric sample.SetBiographicData
HYPERLINK \l "SetBiographicDataRequest" SetBiographicDataRequest
HYPERLINK \l "SetBiometricDataResponse" SetBiometricDataResponse
The SetBiographicData operation associates biographic data to a given subject record. The identity model of the system determines whether the biographic information should replace any existing biographic information (person-centric model) or if a new encounter should be created and associated with the subject (encounter-centric model). For encounter-centric models, the encounter ID MAY be specified by the caller in order to link biographic and biometric information (assuming biometric information was previously associated using the HYPERLINK \l "_SetBiometricData" SetBiometricData operation). If the encounter ID is omitted for the encounter-centric model, the operation returns a system-assigned encounter ID.
Request Message
FieldType#?MeaningSetBiographicDataYAssociates biographic data to a given subject record.SetBiographicDataRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: SetBiographicData. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity1YIdentifies the subject or, in the encounter-centric model, a subject and an encounter, and includes the biographic data to store. SubjectID HYPERLINK \l "_BIASIDType" BIASIDType1YA system unique identifier for a subject. EncounterID HYPERLINK \l "_BIASIDType" BIASIDType0..1NThe identifier of an encounter associated with the subject. BiographicData HYPERLINK \l "_BiographicDataType" BiographicDataType1YAn Identitys biographic data.
One of the following elements MUST be present. LastNamestring0..1CThe last name of a subject. FirstNamestring0..1CThe first name of a subject. BiographicDataItem HYPERLINK \l "_BiographicDataItemType" BiographicDataItemType0..*CA single biographic data element. BiographicDataSet HYPERLINK \l "_BiographicDataSetType" BiographicDataSetType0..1CA set of biographic data information.Response Message
FieldType#?MeaningSetBiographicDataResponseYThe response to a SetBiographicData operation.SetBiographicDataResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity0..1CIn an encounter-centric model, identifies the encounter ID assigned to a new encounter. EncounterID HYPERLINK \l "_BIASIDType" BIASIDType1YThe identifier of an encounter associated with the subject.SetBiometricData
HYPERLINK \l "SetBiometricDataRequest" SetBiometricDataRequest
HYPERLINK \l "SetBiometricDataResponse" SetBiometricDataResponse
The SetBiometricData operation associates biometric data to a given subject record. The identity model of the system determines whether the biometric information should replace any existing biometric information (person-centric model) or if a new encounter should be created and associated with the subject (encounter-centric model). For encounter-centric models, the encounter ID MAY be specified by the caller in order to link biographic and biometric information (assuming biographic information was previously associated using the HYPERLINK \l "_SetBiographicData" SetBiographicData operation). If the encounter ID is omitted for the encounter-centric model, the operation returns a system-assigned encounter ID.
Request Message
FieldType#?MeaningSetBiometricDataYAssociates biometric data to a given subject record.SetBiometricDataRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: SetBiometricData. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity1YIdentifies the subject or, in the encounter-centric model, a subject and an encounter, and includes the biometric data to store. SubjectID HYPERLINK \l "_BIASIDType" BIASIDType1YA system unique identifier for a subject. EncounterID HYPERLINK \l "_BIASIDType" BIASIDType0..1NThe identifier of an encounter associated with the subject. BiometricData HYPERLINK \l "_BIASBiometricDataType" BIASBiometricDataType1YAn Identitys biometric data. BIRList HYPERLINK \l "_CBEFF_BIR_ListType" CBEFF_BIR_ListType1YA list of CBEFF-BIR elements. BIR HYPERLINK \l "_CBEFF_BIR_Type" CBEFF_BIR_Type1..*YCBEFF structure containing information about a biometric sample.Response Message
FieldType#?MeaningSetBiometricDataResponseYThe response to a SetBiometricData operation.SetBiometricDataResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity0..1CIn an encounter-centric model, identifies the encounter ID assigned to a new encounter. EncounterID HYPERLINK \l "_BIASIDType" BIASIDType1YThe identifier of an encounter associated with the subject.TransformBiometricData
HYPERLINK \l "TransformBiometricDataRequest" TransformBiometricDataRequest
HYPERLINK \l "TransformBiometricDataResponse" TransformBiometricDataResponse
The TransformBiometricData operation transforms or processes a given biometric in one format into a new target format.
Request Message
FieldType#?MeaningTransformBiometricDataYTransforms or processes a given biometric in one format into a new target format.TransformBiometricDataRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: TransformBiometricData. InputBIR HYPERLINK \l "_CBEFF_BIR_Type" CBEFF_BIR_Type1YData structure containing the biometric information to be transformed. TransformOperationunsignedLong1YValue indicating the type of transformation to perform. TransformControlstring0..1NSpecifies controls for the requested transform operation.
Note: This could be a compression ratio, target data format, etc.NOTE: The values for TransformOperation and TransformControl are implementation specific.
Response Message
FieldType#?MeaningTransformBiometricDataResponseYThe response to a TransformBiometricData operation.TransformBiometricDataResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code. OutputBIR HYPERLINK \l "_CBEFF_BIR_Type" CBEFF_BIR_Type0..1NData structure containing the new, transformed biometric information.UpdateBiographicData
HYPERLINK \l "UpdateBiographicDataRequest" UpdateBiographicDataRequest
HYPERLINK \l "UpdateBiographicDataResponse" UpdateBiographicDataResponse
The UpdateBiographicData operation updates the biographic data for an existing subject record. The operation replaces any existing biographic data with the new biographic data. In the encounter-centric model, the encounter ID MUST be specified.
Request Message
FieldType#?MeaningUpdateBiographicDataYUpdates the biographic data for a given subject record.UpdateBiographicDataRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: UpdateBiographicData. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity1YIdentifies the subject or, in the encounter-centric model, a subject and an encounter, and includes the biographic data to update. SubjectID HYPERLINK \l "_BIASIDType" BIASIDType1YA system unique identifier for a subject. EncounterID HYPERLINK \l "_BIASIDType" BIASIDType0..1CThe identifier of an encounter associated with the subject.
Required for encounter-centric models. BiographicData HYPERLINK \l "_BiographicDataType" BiographicDataType1YAn Identitys biographic data.
One of the following elements MUST be present. LastNamestring0..1CThe last name of a subject. FirstNamestring0..1CThe first name of a subject. BiographicDataItem HYPERLINK \l "_BiographicDataItemType" BiographicDataItemType0..*CA single biographic data element. BiographicDataSet HYPERLINK \l "_BiographicDataSetType" BiographicDataSetType0..1CA set of biographic data information.Response Message
FieldType#?MeaningUpdateBiographicDataResponseYThe response to an UpdateBiographicData operation.UpdateBiographicDataResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code.UpdateBiometricData
HYPERLINK \l "UpdateBiometricDataRequest" UpdateBiometricDataRequest
HYPERLINK \l "UpdateBiometricDataResponse" UpdateBiometricDataResponse
The UpdateBiometricData operation updates the biometric data for an existing subject record. The operation includes an OPTIONAL parameter indicating if the new biometric sample should be merged with the existing biometric sample. If this parameter is set to False or is not used in the request, the operation replaces the existing biometric sample with the new biometric sample. In the encounter-centric model, the encounter ID MUST be specified.
Request Message
FieldType#?MeaningUpdateBiometricDataYUpdates a single biometric sample for a given subject record.UpdateBiometricDataRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: UpdateBiometricData. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity1YIdentifies the subject or, in the encounter-centric model, a subject and an encounter, and includes the biometric data to update. SubjectID HYPERLINK \l "_BIASIDType" BIASIDType1YA system unique identifier for a subject. EncounterID HYPERLINK \l "_BIASIDType" BIASIDType0..1CThe identifier of an encounter associated with the subject.
Required for encounter-centric models. BiometricData HYPERLINK \l "_BIASBiometricDataType" BIASBiometricDataType1YAn Identitys biometric data. BIR HYPERLINK \l "_CBEFF_BIR_Type" CBEFF_BIR_Type1YContains biometric information in either a non-XML or an XML representation. Mergeboolean0..1NValue indicating if the input biometric sample should be merged with any existing biometric information.Response Message
FieldType#?MeaningUpdateBiometricDataResponseYThe response to an UpdateBiometricData operation.UpdateBiometricDataResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code.VerifySubject
HYPERLINK \l "VerifySubjectRequest" VerifySubjectRequest
HYPERLINK \l "VerifySubjectResponse" VerifySubjectResponse
The VerifySubject operation performs a 1:1 verification match between a given biometric and either a claim to identity in a given gallery or another given biometric. As such either the Identity Claim or Reference BIR input parameters are REQUIRED.
Request Message
FieldType#?MeaningVerifySubjectYPerforms a 1:1 verification match between a given biometric and either a claim to identity in a given gallery or another given biometric.VerifySubjectRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: VerifySubject. GalleryID HYPERLINK \l "_BIASIDType" BIASIDType0..1CThe identifier of the gallery or population group of which the subject must be a member.
Required if an Identity Claim is provided. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity1YIncludes the identifying information and/or input and reference biometric samples. IdentityClaim HYPERLINK \l "_BIASIDType" BIASIDType0..1CAn identifier by which a subject is known to a particular gallery or population group.
Required if a Reference BIR is not provided. BiometricData HYPERLINK \l "_BIASBiometricDataType" BIASBiometricDataType1YAn Identitys biometric data. InputBIR HYPERLINK \l "_CBEFF_BIR_Type" CBEFF_BIR_Type1YMaps to specific INCITS BIAS elements as required by that specification. ReferenceBIR HYPERLINK \l "_CBEFF_BIR_Type" CBEFF_BIR_Type0..1CMaps to specific INCITS BIAS elements as required by that specification.
Required if an Identity Claim is not provided.Response Message
FieldType#?MeaningVerifySubjectResponseYThe response to a VerifySubject operation.VerifySubjectResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code. Matchboolean0..1NIndicates if the Input BIR matched either the biometric information associated with the Identity Claim or the Reference BIR. Score HYPERLINK \l "_Score" Score0..1NThe score if the biometric information matched.Aggregate Operations
Enroll
HYPERLINK \l "EnrollRequest" EnrollRequest
HYPERLINK \l "EnrollResponse" EnrollResponse
The Enroll operation adds a new subject or, in an encounter-centric model, a new encounter to the system. This may be accomplished in a number of different ways according to system requirements and/or resources.If the Enroll operation is implemented as a synchronous service, the implementing system immediately processes the request and returns the results in the Return Data parameter. If the Enroll operation is implemented as an asynchronous service, the implementing system returns a token in the Return Data parameter, which is an indication that the request is being handled asynchronously. In this case, the HYPERLINK \l "_GetEnrollResults" GetEnrollResults operationis used to poll for the results of the Enroll request.
Request Message
FieldType#?MeaningEnrollYAdds a new subject or, in an encounter-centric model, a new encounter to the system.EnrollRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: Enroll. ProcessingOptions HYPERLINK \l "_ProcessingOptionsType" ProcessingOptionsType1YOptions that guide how the aggregate service request is processed. Optionstring0..*NAn option supported by the implementing system. InputData HYPERLINK \l "_InformationType" InformationType1YContains the input data for the operation, as required by the implementing system.Response Message
FieldType#?MeaningEnrollResponseYThe response to an Enroll operation.EnrollResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code. ReturnData HYPERLINK \l "_InformationType" InformationType0..1NContains the output data for the response.GetEnrollResults
HYPERLINK \l "GetEnrollResultsRequest" GetEnrollResultsRequest
HYPERLINK \l "GetEnrollResultsResponse" GetEnrollResultsResponse
The GetEnrollResults operation retrieves the enrollment results for the specified token. This operation is used in conjunction with the HYPERLINK \l "_Enroll" Enroll operation. If the Enroll operation is implemented as an asynchronous service, the implementing system returns a token and the GetEnrollResults operation is used to poll for the results of the original Enroll request.
If the service provider implements an asynchronous Enroll operation, then it MUST also implement the GetEnrollResults operation.
Request Message
FieldType#?MeaningGetEnrollResultsYRetrieves the enrollment results for the specified token.GetEnrollResultsRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: GetEnrollResults. Token HYPERLINK \l "_TokenType" TokenType1YA value used to retrieve the results of the Enroll request. TokenValuestring1YA value returned by the implementing system that is used to retrieve the results to an operation at a later time. Expirationdate1YA date and time at which point the token expires and the operation results are no longer guaranteed to be available.Response Message
FieldType#?MeaningGetEnrollResultsResponseYThe response to a GetEnrollResults operation.GetEnrollResultsResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code. ReturnData HYPERLINK \l "_InformationType" InformationType0..1NContains the output data for the response.GetIdentifyResults
HYPERLINK \l "GetIdentifyResultsRequest" GetIdentifyResultsRequest
HYPERLINK \l "GetIdentifyResultsResponse" GetIdentifyResultsResponse
The GetIdentifyResults operation retrieves the identification results for the specified token. This operation is used in conjunction with the HYPERLINK \l "_Identify" Identify operation. If the Identify operation is implemented as an asynchronous service, the implementing system returns a token and the GetIdentifyResults operation is used to poll for the results of the original Identify request.
If the service provider implements an asynchronous Identify operation, then it MUST also implement the GetIdentifyResults operation.
Request Message
FieldType#?MeaningGetIdentifyResultsYRetrieves the identification results for the specified tokenGetIdentifyResultsRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: GetIdentifyResults. Token HYPERLINK \l "_TokenType" TokenType1YA value used to retrieve the results of the Identify request. TokenValuestring1YA value returned by the implementing system that is used to retrieve the results to an operation at a later time. Expirationdate1YA date and time at which point the token expires and the operation results are no longer guaranteed to be available.Response Message
FieldType#?MeaningGetIdentifyResultsResponseYThe response to a GetIdentifyResults operation.GetIdentifyResultsResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code. ReturnData HYPERLINK \l "_InformationType" InformationType0..1NContains the output data for the response.GetVerifyResults
HYPERLINK \l "GetVerifyResultsRequest" GetVerifyResultsRequest
HYPERLINK \l "GetVerifyResultsResponse" GetVerifyResultsResponse
The GetVerifyResults operation retrieves the verification results for the specified token. This operation is used in conjunction with the HYPERLINK \l "_Verify" Verify operation. If the Verify operation is implemented as an asynchronous service, the implementing system returns a token and the GetVerifyResults operation is used to poll for the results of the original Verify request.
If the service provider implements an asynchronous Verifyoperation, then it MUST also implement the GetVerifyResults operation.
Request Message
FieldType#?MeaningGetVerifyResultsYRetrieves the verification results for the specified tokenGetVerifyResultsRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: GetVerifyResults. Token HYPERLINK \l "_TokenType" TokenType1YA value used to retrieve the results of the Verify request. TokenValuestring1YA value returned by the implementing system that is used to retrieve the results to an operation at a later time. Expirationdate1YA date and time at which point the token expires and the operation results are no longer guaranteed to be available.Response Message
FieldType#?MeaningGetVerifyResultsResponseYThe response to a GetVerifyResults operation.GetVerifyResultsResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code. ReturnData HYPERLINK \l "_InformationType" InformationType0..1NContains the output data for the response. Matchboolean0..1NIndicates if the Input BIR matched either the biometric information associated with the Identity Claim or the Reference BIR. Score HYPERLINK \l "_Score" Score0..1NThe score if the biometric information matched.Identify
HYPERLINK \l "IdentifyRequest" IdentifyRequest
HYPERLINK \l "IdentifyResponse" IdentifyResponse
The Identify operation performs an identification function according to system requirements and/or resources.If the Identify operation is implemented as a synchronous service, the implementing system immediately processes the request and returns the results in the Return Data parameter. If the Identify operation is implemented as an asynchronous service, the implementing system returns a token in the Return Data parameter, which is an indication that the request is being handled asynchronously. In this case, the HYPERLINK \l "_GetIdentifyResults" GetIdentifyResults operation is used to poll for the results of the Identify request.
Request Message
FieldType#?MeaningIdentifyYPerforms an identification function.IdentifyRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: Identify. ProcessingOptions HYPERLINK \l "_ProcessingOptionsType" ProcessingOptionsType1YOptions that guide how the aggregate service request is processed. Optionstring0..*NAn option supported by the implementing system. InputData HYPERLINK \l "_InformationType" InformationType1YContains the input data for the aggregate services.Response Message
FieldType#?MeaningIdentifyResponseYThe response to an Identify operation.IdentifyResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code. ReturnData HYPERLINK \l "_InformationType" InformationType0..1NContains the output data for the response.RetrieveInformation
HYPERLINK \l "RetrieveInformationRequest" RetrieveInformationRequest
HYPERLINK \l "RetrieveInformationResponse" RetrieveInformationResponse
The RetrieveInformation operation retrieves requested information about a subject, or in an encounter-centric model about an encounter. In a person-centric model, this operation can be used to retrieve both biographic and biometric information for a subject record. In an encounter-centric model, this operation can be used to retrieve biographic and/or biometric information for either a single encounter or all encounters. Either a subject ID or encounter ID MUST be specified.
Request Message
FieldType#?MeaningRetrieveInformationYRetrieves requested information about a subject or encounter.RetrieveInformationRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: RetrieveInformation. ProcessingOptions HYPERLINK \l "_ProcessingOptionsType" ProcessingOptionsType1YOptions that guide how the aggregate service request is processed, and MAY identify what type(s) of information should be returned. Optionstring0..*NAn option supported by the implementing system. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity1YIncludes the identifier of the subject or encounter. SubjectID HYPERLINK \l "_BIASIDType" BIASIDType0..1CA system unique identifier for a subject.
Required if an Encounter ID is not provided. EncounterID HYPERLINK \l "_BIASIDType" BIASIDType0..1CThe identifier of an encounter associated with the subject.
Required if a Subject ID is not provided.Response Message
FieldType#?MeaningRetrieveInformationResponseYResponse to a RetrieveInformation operation.RetrieveInformationResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code. ReturnData HYPERLINK \l "_InformationType" InformationType0..1NContains the output data for the response.Verify
HYPERLINK \l "VerifyRequest" VerifyRequest
HYPERLINK \l "VerifyResponse" VerifyResponse
The Verify operation performs a 1:1 verification function according to system requirements and/or resources. Either the Identity Claim or Reference BIR input parameters are REQUIRED.If the Verify operation is implemented as a synchronous service, the implementing system immediately processes the request and returns the results in the Return Data parameter. If the Verify operation is implemented as an asynchronous service, the implementing system returns a token in the Return Data parameter, which is an indication that the request is being handled asynchronously. In this case, the HYPERLINK \l "_GetVerifyResults" GetVerifyResults operation is used to poll for the results of the Verify request.
Request Message
FieldType#?MeaningVerifyYPerforms a 1:1 verification function.VerifyRequest1Y GenericRequestParameters HYPERLINK \l "_GenericRequestParameters" GenericRequestParameters0..1NCommon request parameters that can be used to identify the requester. Application HYPERLINK \l "_ApplicationIdentifier" ApplicationIdentifier0..1NIdentifies the requesting application. ApplicationUser HYPERLINK \l "_ApplicationUserIdentifier" ApplicationUserIdentifier0..1NIdentifies the user or instance of the requesting application. BIASOperationNamestring0..1NIdentifies the BIAS operation that is being requested: Verify. ProcessingOptions HYPERLINK \l "_ProcessingOptionsType" ProcessingOptionsType1YOptions that guide how the aggregate service request is processed. Optionstring0..*NAn option supported by the implementing system. InputData HYPERLINK \l "_InformationType" InformationType1YContains the input data for the aggregate services. Identity HYPERLINK \l "_BIASIdentity" BIASIdentity1YIncludes either the Identity Claim or Reference BIR. IdentityClaim HYPERLINK \l "_BIASIDType" BIASIDType0..1CAn identifier by which a subject is known to a particular gallery or population group.
Required if a Reference BIR is not provided. BiometricData HYPERLINK \l "_BIASBiometricDataType" BIASBiometricDataType0..1NAn Identitys biometric data. ReferenceBIR HYPERLINK \l "_CBEFF_BIR_Type" CBEFF_BIR_Type0..1CMaps to specific INCITS BIAS elements as required by that specification.
Required if an Identity Claim is not provided. GalleryID HYPERLINK \l "_BIASIDType" BIASIDType0..1CThe identifier of the gallery or population group of which the subject must be a member.
Required if an Identity Claim is provided.Response Message
FieldType#?MeaningVerifyResponseYThe response to a Verify operation.VerifyResponsePackage1Y ResponseStatus HYPERLINK \l "_ResponseStatus" ResponseStatus1YReturned status for the operation. Return HYPERLINK \l "_ReturnCode" ReturnCode1YThe return code indicates the return status of the operation. Messagestring0..1NA short message corresponding to the return code. ReturnData HYPERLINK \l "_InformationType" InformationType0..1NContains the output data for the response. Matchboolean0..1NIndicates if the Input BIR matched either the biometric information associated with the Identity Claim or the Reference BIR. Score HYPERLINK \l "_Score" Score0..1NThe score if the biometric information matched.
Message structure and rules
BIAS operations and data elements are defined in XML in the INCITS 422 BIAS standard. This OASIS standard further specifies the full XML schema (see AnnexA) and specifies how this XML is packaged and exchanged as SOAP messages.
Annex A provides a WSDL of operations and structures aggregated from all the conformance classes, both synchronous and asynchronous. A specific implementations WSDL must only expose its respective operations and structures. For example, for a Class 5-only conformant implementation, all of the primitive operations must not be exposed as operations (with the exception of QueryCapabilities) unless that functionality is supported. Additionally, the WSDL exposed by an implementation shall not contain instances of xsd:any, xsd:anyType, or xsd:anyAttribute; these instances must be replaced with explicit schema contents. An example is the XML complex type, InformationType, which has xsd:any as its only child. This type is used to represent implementation-specific input data and return data. The children of InformationType must be replaced with explicit content. Doing so removes the ability to transmit unexpected or arbitrary data. Also, it provides a clear definition of information that a client needs to provide to the server,or expect to receive,to optimally perform an operation.
SOAP 1.1 messages consist of three elements: an envelope, header data, and a message body. BIAS request-response elements MUST be enclosed within the SOAP message body. The general structure of the BIAS SOAP message is shown in Figure 4, below. The data model for BIAS is addressed in Section3 and BIAS messages in Section 4.
Figure 4. BIAS SOAP Structure
Biometric data, regardless of native format, is carried as a binary structure. As such, options exist on how this data is carried within the SOAP structure. It can be carried as embedded Base-64 objects or REF XOP \h \* MERGEFORMAT [ HYPERLINK \l "XOP" XOP] can be used this standard allows for either method (See section 5.3).
Purpose and constraints
This document defines a SOAP profile describing how the XML elements defined in INCITS 442 are to be used as the payload of a SOAP message and the rules for structuring and exchanging such messages. Philosophical tenets include:
SOAP messages will carry BIAS XML REF XML10 \h \* MERGEFORMAT [ HYPERLINK \l "XML10" XML 10] payloads.
SOAP messages will follow WS-I and will deviate only when absolutely necessary.
Message structures and interchanges will be kept as simple as possible nice to have features will be addressed in future revisions.
XML schemas will be produced based on INCITS 442.
BIAS will support a broad range of application domains.
BIAS will allow for a variety of biometric and biographic data formats to be used
Only the SOAP messaging will be defined no message protocols or client/server agents will be defined.
Basic usage/formatting rules (beyond WS-I) will be defined.
Existing biometric and Web services standards will be leveraged wherever possible.
Sample WSDL and use cases will be provided as an aid in implementation.
Use of basic SOAP will allow all other compatible WS* standards (and discovery mechanisms) to be used in conjunction with BIAS messaging.
BIAS will support both secure (i.e., using existing security mechanisms such as WS-Security, SAML, etc,) and non-secure implementations.
Generic biometric operations will be defined use of biometrics within a Web services authentication protocol is not addressed.
OASIS namespace rules will be followed, though some external schemas MAY also be referenced.
Message requirements
BIAS SOAP messages MUST conform to REF WSIBasic \h \* MERGEFORMAT [ HYPERLINK \l "WSIBasic" WS-I-Basic] and REF WSIBind \h \* MERGEFORMAT [ HYPERLINK \l "WSIBind" WS-I-Bind]. A single BIAS SOAP message MUST contain only one BIAS service request (or single BIAS service response). Binary components of BIAS messages are already Base-64 encoded and therefore do not need to be conveyed as SOAP attachments (though XOP MAY be utilized).
The system model used for BIAS conversations over SOAP is a simple request-response model. BIAS comprises both synchronous and asynchronous operations, with the majority being of the former type. Asynchronous operations are implemented through message pairs. That is, there are separate messages to request the operation and to request the results of the operation. These have been defined for those operations that are likely to take significant time to complete. For example, an identify operation can be implemented as either a synchronous or asynchronous service as follows:
Figure 5. Example of Synchronous and Asynchronous BIAS Operations
The basic process for using SOAP for BIAS operations is:
A system entity acting as a BIAS requester transmits a BIAS request element within the body of a SOAP message to a system entity acting as a BIAS responder. The BIAS requester MUST NOT include more than one BIAS request per SOAP message or include any additional XML elements in the SOAP body.
The BIAS responder MUST return either a BIAS response element within the body of another SOAP message or generate a SOAP fault. The BIAS responder MUST NOT include more than one BIAS response per SOAP message or include any additional XML elements in the SOAP body. If a BIAS responder cannot, for some reason, process a BIAS request, it MUST generate a SOAP fault. (SOAP 1.1 faults and fault codes are discussed in REF SOAP11 \h \* MERGEFORMAT [ HYPERLINK \l "SOAP11" SOAP11] section 5.1.)
On receiving a BIAS response in a SOAP message, the BIAS requester MUST NOT send a fault code or other error messages to the BIAS responder. Since the format for the message interchange is a simple request-response pattern, adding additional items such as error conditions would needlessly complicate the protocol.
SOAP 1.1 also defines an optional data encoding system. This system is not used within the BIAS SOAP binding. This means that BIAS messages can be transported using SOAP without re-encoding from the standard BIAS schema to one based on the SOAP encoding.
NOTE: REF SOAP11 \h \* MERGEFORMAT [ HYPERLINK \l "SOAP11" SOAP11] references an early draft of the XML Schema specification including an obsolete namespace. BIAS requesters SHOULD generate SOAP documents referencing only the final XML schema namespace. BIAS responders MUST be able to process both the XML schema namespace used in REF SOAP11 \h \* MERGEFORMAT [ HYPERLINK \l "SOAP11" SOAP11] as well as the final XML schema namespace.
Handling binary data
BIAS messages frequently contain binary data (e.g., biometric data, scanned identity documents, etc.). Two methods are provided for dealing with this:
Embedded Base64 encoding
XOP REF XOP \h \* MERGEFORMAT [ HYPERLINK \l "XOP" XOP]
Use of SOAP with Attachments (SWA) is deprecated.
Base64 encoding
This method is the default method for including binary data. Binary data is Base64 encoded and included between the tags in the XML SOAP body for the appropriate data elements. Data elements using this method are indicated as such in the schema.
As an example, the CBEFF_BIR_Type includes, as one of the BIR types, BinaryBIR of type base64binary.
However, even an XML_BIR as defined within REF CBEFF \h \* MERGEFORMAT [ HYPERLINK \l "CBEFF" CBEFF] Part 3, contains a biometric data block (BDB) which may be entirely binary (most common),
or contain an element which is binary (e.g., an image within an XML BDB).
Use of XOP
When XOP is used, the binary content is replaced with a reference (URI) to an attachment (i.e., MIME) which contains that stripped content via an xop:include. The advantage of this method is overall message size during transmission since the overhead of the embedded Base64 is not present (since the MIME attachment contains the native binary format).
Use of XOP is generally transparent to the developer, other than in how they configure their toolset. Most frameworks support this; however, there is a possibility of mismatch if the transmitter supports and uses XOP but the receiver does not.
Discovery
BIAS implementers (service providers) MUST provide WSDL [ HYPERLINK \l "WSDL11" WSDL11] to describe their implementations. This WSDL MAY or may not be made public via a standard discovery mechanism (such as UDDI) or other method.
In addition, it is REQUIRED that the BIAS implementation include the HYPERLINK \l "_QueryCapabilities" QueryCapabilities operation to provide dynamic information regarding BIAS capabilities, options, galleries, etc. that are supported.
Identifying operations
Receivers of BIAS SOAP messages require a method of easily identifying the operation being requested (or response being provided). This SHOULD be possible without the receiver needing to infer it from the sum of the elements provided within the body of the SOAP message. The BIAS SOAP profile allows for two methods of identifying BIAS operations:
Explicit named element in body of the SOAP message
Use of WS-Addressing Action element
Operation name element
The BIAS message sender (requester) will include within the body of the BIAS SOAP message an XML element . The receiver (service provider) can search for this tag within a received BIAS SOAP message to determine what operation is being requested. There is no requirement related to the ordering of this element within the message, though it is RECOMMENDED that it be included early in the message to aid in human readability.
An example of this method for the CreateSubject operation is shown below:
POST /bias HTTP/1.1
Host: www.acme.com
Content-Type: application/soap+xml; charset=utf-8
Content-Length: nnnn
SOAPAction:
<