Biometric Identity Assurance Services (BIAS) SOAP Profile Version 1.0

OASIS Standard incorporating Approved Errata 01

25 October 2012

Specification URIs

This version:

http://docs.oasis-open.org/bias/soap-profile/v1.0/errata01/os/biasprofile-v1.0-errata01-os-complete.doc (Authoritative)

http://docs.oasis-open.org/bias/soap-profile/v1.0/errata01/os/biasprofile-v1.0-errata01-os-complete.html

http://docs.oasis-open.org/bias/soap-profile/v1.0/errata01/os/biasprofile-v1.0-errata01-os-complete.pdf

Previous version:

http://docs.oasis-open.org/bias/soap-profile/v1.0/os/biasprofile-v1.0-os.doc (Authoritative)

http://docs.oasis-open.org/bias/soap-profile/v1.0/os/biasprofile-v1.0-os.html

http://docs.oasis-open.org/bias/soap-profile/v1.0/os/biasprofile-v1.0-os.pdf

Latest version:

http://docs.oasis-open.org/bias/soap-profile/v1.0/errata01/biasprofile-v1.0-errata01-complete.doc (Authoritative)

http://docs.oasis-open.org/bias/soap-profile/v1.0/errata01/biasprofile-v1.0-errata01-complete.html

http://docs.oasis-open.org/bias/soap-profile/v1.0/errata01/biasprofile-v1.0-errata01-complete.pdf

Technical Committee:

OASIS Biometric Identity Assurance Services (BIAS) Integration TC

Chairs:

Cathy Tilton (cathy.tilton@daon.com), Daon

Kevin Mangold (kevin.mangold@nist.gov), NIST

Editors:

Kevin Mangold (kevin.mangold@nist.gov), NIST

Matthew Swayze (matthew.swayze@daon.com), Daon

Cathy Tilton (cathy.tilton@daon.com), Daon

Additional artifacts:

This prose specification is one component of a Work Product which also includes:

·         Biometric Identity Assurance Services (BIAS) SOAP Profile Version 1.0 Errata 01. 25 October 2012. OASIS Committee Specification Draft 01 / Public Review Draft 01. http://docs.oasis-open.org/bias/soap-profile/v1.0/errata01/csprd01/biasprofile-v1.0-errata01-csprd01.html

·         XML schema: http://docs.oasis-open.org/bias/soap-profile/v1.0/errata01/csprd01/cbeff.xsd

·         WSDL: http://docs.oasis-open.org/bias/soap-profile/v1.0/errata01/csprd01/BIAS.wsdl

Related work:

This specification is related to:

·         ANSI INCITS 442-2010, Biometric Identity Assurance Services (BIAS)

Declared XML namespaces:

http://docs.oasis-open.org/bias/ns/bias-1.0/
http://docs.oasis-open.org/bias/ns/biaspatronformat-1.0/

Abstract:

This document specifies a SOAP profile that implements the BIAS abstract operations specified in INCITS 442 as SOAP messages.

Status:

This document was last revised or approved by the membership of OASIS on the above date. The level of approval is also listed above. Check the “Latest version” location noted above for possible later revisions of this document.

Technical Committee members should send comments on this specification to the Technical Committee’s email list. Others should send comments to the Technical Committee by using the “Send A Comment” button on the Technical Committee’s web page at http://www.oasis-open.org/committees/bias/.

For information on whether any patents have been disclosed that may be essential to implementing this specification, and any offers of patent licensing terms, please refer to the Intellectual Property Rights section of the Technical Committee web page (http://www.oasis-open.org/committees/bias/ipr.php).

Citation format:

When referencing this specification the following citation format should be used:

[BIASPROFILE]

Biometric Identity Assurance Services (BIAS) SOAP Profile Version 1.0. 25 October 2012. OASIS Standard incorporating Approved Errata 01. http://docs.oasis-open.org/bias/soap-profile/v1.0/errata01/os/biasprofile-v1.0-errata01-os-complete.html.

 

 

Notices

Copyright © OASIS Open 2012. All Rights Reserved.

All capitalized terms in the following text have the meanings assigned to them in the OASIS Intellectual Property Rights Policy (the "OASIS IPR Policy"). The full Policy may be found at the OASIS website.

This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published, and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this section are included on all such copies and derivative works. However, this document itself may not be modified in any way, including by removing the copyright notice or references to OASIS, except as needed for the purpose of developing any document or deliverable produced by an OASIS Technical Committee (in which case the rules applicable to copyrights, as set forth in the OASIS IPR Policy, must be followed) or as required to translate it into languages other than English.

The limited permissions granted above are perpetual and will not be revoked by OASIS or its successors or assigns.

This document and the information contained herein is provided on an "AS IS" basis and OASIS DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY OWNERSHIP RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

OASIS requests that any OASIS Party or any other party that believes it has patent claims that would necessarily be infringed by implementations of this OASIS Committee Specification or OASIS Standard, to notify OASIS TC Administrator and provide an indication of its willingness to grant patent licenses to such patent claims in a manner consistent with the IPR Mode of the OASIS Technical Committee that produced this specification.

OASIS invites any party to contact the OASIS TC Administrator if it is aware of a claim of ownership of any patent claims that would necessarily be infringed by implementations of this specification by a patent holder that is not willing to provide a license to such patent claims in a manner consistent with the IPR Mode of the OASIS Technical Committee that produced this specification. OASIS may include such claims on its website, but disclaims any obligation to do so.

OASIS takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on OASIS' procedures with respect to rights in any document or deliverable produced by an OASIS Technical Committee can be found on the OASIS website. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this OASIS Committee Specification or OASIS Standard, can be obtained from the OASIS TC Administrator. OASIS makes no representation that any information or list of intellectual property rights will at any time be complete, or that any claims in such list are, in fact, Essential Claims.

The name "OASIS" is a trademark of OASIS, the owner and developer of this specification, and should be used only to refer to the organization and its official outputs. OASIS welcomes reference to, and implementation and use of, specifications, while reserving the right to enforce its marks against misleading uses. Please see http://www.oasis-open.org/policies-guidelines/trademark for above guidance.

 

Table of Contents

1        Introduction. 8

1.1 Purpose/Scope. 8

1.2 Overview. 8

1.3 Background. 8

1.4 Relationship to Other Standards. 9

1.5 Terminology. 9

1.6 References. 10

1.6.1 Normative References. 10

1.6.2 Non-Normative References. 11

2        Design Concepts and Architecture (non-normative) 13

2.1 Philosophy. 13

2.2 Context 13

2.3 Architecture. 13

3        Data dictionary. 16

3.1          Documentation Conventions. 16

3.2 Common Elements. 17

3.2.1 ApplicationIdentifier 17

3.2.2 ApplicationUserIdentifier 17

3.2.3 BaseBIRType. 17

3.2.4 BIASBiometricDataType. 17

3.2.5 BIASFaultCode. 18

3.2.6 BIASFaultDetail 18

3.2.7 BIASIdentity. 19

3.2.8 BIASIDType. 19

3.2.9 BinaryBIR. 19

3.2.10 BiographicDataItemType. 20

3.2.11 BiographicDataSetType. 20

3.2.12 BiographicDataType. 21

3.2.13 BiometricDataElementType. 21

3.2.14 BiometricDataListType. 22

3.2.15 CandidateListResultType. 22

3.2.16 CandidateListType. 22

3.2.17 CandidateType. 23

3.2.18 CapabilityListType. 23

3.2.19 CapabilityName. 23

3.2.20 CapabilityType. 24

3.2.21 CBEFF_BIR_ListType. 24

3.2.22 CBEFF_BIR_Type. 24

3.2.23 Classification. 25

3.2.24 ClassificationAlgorithmType. 25

3.2.25 ClassificationData. 25

3.2.26 EncounterListType. 26

3.2.27 FusionDecision. 26

3.2.28 FusionInformationListType. 26

3.2.29 FusionInformationType. 26

3.2.30 FusionResult 27

3.2.31 FusionScore. 27

3.2.32 GenericRequestParameters. 27

3.2.33 IdentifySubjectResultType. 27

3.2.34 InformationType. 27

3.2.35 ListFilterType. 28

3.2.36 MatchType. 28

3.2.37 ProcessingOptionsType. 28

3.2.38 ProductID.. 28

3.2.39 QualityData. 28

3.2.40 ResponseStatus. 29

3.2.41 ReturnCode. 29

3.2.42 Score. 29

3.2.43 TokenResultType. 29

3.2.44 TokenType. 30

3.2.45 URI_BIR. 30

3.2.46 VendorIdentifier 30

3.2.47 Version. 30

3.2.48 VersionType. 30

3.2.49 XML_BIR. 30

4        BIAS Messages. 32

4.1 Primitive Operations. 32

4.1.1 AddSubjectToGallery. 32

4.1.2 CheckQuality. 33

4.1.3 ClassifyBiometricData. 35

4.1.4 CreateSubject 37

4.1.5 DeleteBiographicData. 38

4.1.6 DeleteBiometricData. 39

4.1.7 DeleteSubject 40

4.1.8 DeleteSubjectFromGallery. 41

4.1.9 GetIdentifySubjectResults. 43

4.1.10 IdentifySubject 45

4.1.11 ListBiographicData. 47

4.1.12 ListBiometricData. 50

4.1.13 PerformFusion. 54

4.1.14 QueryCapabilities. 56

4.1.15 RetrieveBiographicInformation. 57

4.1.16 RetrieveBiometricInformation. 59

4.1.17 SetBiographicData. 61

4.1.18 SetBiometricData. 63

4.1.19 TransformBiometricData. 64

4.1.20 UpdateBiographicData. 66

4.1.21 UpdateBiometricData. 68

4.1.22 VerifySubject 69

4.2 Aggregate Operations. 71

4.2.1 Enroll 71

4.2.2 GetEnrollResults. 72

4.2.3 GetIdentifyResults. 74

4.2.4 GetVerifyResults. 75

4.2.5 Identify. 77

4.2.6 RetrieveInformation. 78

4.2.7 Verify. 79

5        Message structure and rules. 82

5.1  Purpose and constraints. 82

5.2 Message requirements. 83

5.3 Handling binary data. 84

5.3.1 Base64 encoding. 84

5.3.2 Use of XOP. 84

5.4 Discovery. 85

5.5 Identifying operations. 85

5.5.1 Operation name element 85

5.5.2 WS-Addressing Action. 86

5.6 Security. 87

5.6.1 Use of SSL 3.0 or TLS 1.0. 87

5.6.2 Data Origin Authentication. 87

5.6.3 Message Integrity. 87

5.6.4 Message Confidentiality. 87

5.6.5 CBEFF BIR security features. 87

5.6.6 Security Considerations. 88

5.6.7 Security of Stored Data. 88

5.6.8 Key Management 88

5.7 Use with other WS* standards. 88

5.8 Tailoring. 88

6        Error handling. 90

6.1 BIAS operation return codes. 90

6.2 SOAP fault codes. 90

7        Conformance. 91

Annex A.         XML Schema. 92

Annex B.         BIAS Patron format specification. 174

B.1 Patron. 174

B.2 Patron identifier 174

B.3 Patron format name. 174

B.4 Patron format identifier 174

B.5 ASN.1 object identifier for this patron format 174

B.6 Domain of use. 174

B.7 Version identifier 174

B.8 CBEFF version. 174

B.9 General 175

B.10 Specification. 175

B.11 Element <BIR>. 176

B.11.1 Syntax. 176

B.11.2 Semantics. 176

B.12 Element <Version>. 177

B.12.1 Syntax. 177

B.12.2 Semantics. 177

B.13 Element <CBEFFVersion>. 178

B.13.1 Syntax. 178

B.13.2         Semantics. 178

B.14 Element <BIRInfo>. 178

B.14.1 Syntax. 178

B.14.2 Semantics. 179

B.15 Element <BDBInfo>. 180

B.15.1 Syntax. 180

B.15.2 Semantics. 182

B.16 Element <SBInfo>. 186

B.16.1 Syntax. 186

B.16.2 Semantics. 187

B.17 Representation of Integers. 187

B.18 Representation of Octet Strings. 187

B.19 Representation of Date and Time of the Day. 188

B.20 Representation of Universally Unique Identifiers. 189

B.21 Patron format conformance statement 189

B.21.1 Identifying information. 189

B.21.2 ISO/IEC 19785-1:2006/Amd 1:2010 to Patron Format Mapping. 189

B.22 XML schema of the BIAS patron format 191

B.23 Sample BIR encoding. 194

Annex C.         Use Cases (non-normative) 196

C.1 Verification Use Case. 196

C.2 Asynchronous Verification Use Case. 197

C.3 Primitive Verification Use Case. 198

C.4 Identification Use Case. 199

C.5 Biometric Enrollment Use Case. 200

C.6 Primitive Enrollment Use Case. 201

Annex D.        Samples (non-normative) 202

D.1 Create Subject Request/Response Example. 202

D.2 Set Biographic Data Request/Response Example. 204

D.3 Set Biometric Data Request/Response Example. 205

Annex E.         Acknowledgements. 208

Annex F.         Revision History. 209

 

 


1      Introduction

1.1 Purpose/Scope

This Organization for the Advancement of Structured Information Standards (OASIS) Biometric Identity Assurance Services (BIAS) profile specifies how to use the eXtensible Markup Language (XML) [XML10] defined in ANSI INCITS 442-2010 – Biometric Identity Assurance Services [INCITS-BIAS] to invoke Simple Object Access Protocol (SOAP) -based services that implement BIAS operations.  These SOAP-based services enable an application to invoke biometric identity assurance operations remotely in a Services Oriented Architecture (SOA) infrastructure.

Not included in the scope of BIAS is the incorporation of biometric authentication as an integral component of an authentication or security protocol.  (However, BIAS services may be leveraged to implement biometric authentication in the future.)

1.2 Overview

In addition to this introduction, this standard includes the following:

·         Clause 2 presents the design concepts and architecture for invoking SOAP-based services that implement BIAS operations.

·         Clause 3 presents the namespaces necessary to implement this profile, INCITS BIAS data elements, and identifies relationships to external data definitions.

·         Clause 4 specifies the content of the BIAS messages.

·         Clause 5 presents the BIAS message structure, as well as rules and considerations for its application.

·         Clause 6 presents information on error handling.

·         Clause 7 specifies conformance requirements.

·         Annexes include the OASIS BIAS XML schema/sample Web Service Definition Language (WSDL), BIAS CBEFF Patron Format, use cases, sample code, acknowledgements, and the revision history of this profile.

1.3 Background

In late 2005/early 2006, a gap was identified in the existing biometric standards portfolio with respect to biometric services.  The Biometric Identity Assurance Services standard proposal was for a collaborative effort between government and private industry to provide a services-based framework for delivering identity assurance capabilities, allowing for platform and application independence.  This standard proposal required the attention of two major technical disciplines: biometrics and service architectures.  The expertise of both disciplines was required to ensure the standard was technically sound, market relevant, and achieved widespread adoption.  The International Committee for Information Technology Standards (INCITS) M1 provided the standards leadership relevant to biometrics, defining the “taxonomy” of biometric operations and data elements.  OASIS provided the standards leadership relevant to service architectures with an initial focus on web services, defining the schema and SOAP messaging.

The driving requirements of the BIAS standard proposal were to provide the ability to remotely invoke biometric operations across an SOA infrastructure; to provide business level operations without constraining the application/business logic that implements those operations; to be as generic as possible – technology, framework, & application domain independent; and to provide basic capabilities that can be used to construct higher level, aggregate/composite operations.

1.4 Relationship to Other Standards

This OASIS BIAS profile comprises a companion standard to ANSI INCITS 442-2010 – Biometric Identity Assurance Services, which defines the BIAS requirements and taxonomy, specifying the identity assurance operations and the associated data elements. This OASIS BIAS profile specifies the design concepts and architecture, data model and data dictionary, message structure and rules, and error handling necessary to invoke SOAP-based services that implement BIAS operations.

Together, the BIAS standard and the BIAS profile provide an open framework for deploying and remotely invoking biometric-based identity assurance capabilities that can be readily accessed across an SOA infrastructure.

This relationship allows the leveraging of the biometrics and web services expertise of the two standards development organizations. Existing standards are available in both domains and many of these standards will provide the foundation and underlying capabilities upon which the biometric services depend.

1.5 Terminology

The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in [RFC2119].

The following additional terms and definitions are used:

Note:  The terms and definitions specified in INCITS (InterNational Committee for Information Technology Standards) (Project 1823-D) also apply to this Standard.

 

BIAS operation and data element names are not defined here, but in their respective sections.

 

BIAS

Biometric Identity Assurance Services

BIR

Biometric Information Record

ESB

Enterprise Service Bus

HTTP

HyperText Transfer Protocol

HTTPS

HyperText Transfer Protocol over SSL or HTTP Secure

IRI

Internationalized Resource Identifier

SOA

Service-Oriented Architecture

SOAP

Simple Object Access Protocol

SSL

Secure Sockets Layer

TLS

Transport Layer Security

UDDI

Universal Description, Discovery, and Integration

URI

Uniform Resource Identifier

VPN

Virtual Private Network

WSDL

Web Services Description Language

WSS

Web Services Security

XML

eXtensible Markup Language

 

 

CBEFF

Common Biometric Exchange Formats Framework - data elements and BIR formats specified in ISO/IEC 19785-1

BIAS implementation

software entity that is capable of creating, processing, sending, and receiving BIAS messages

BIAS endpoint

runtime entity, identified by an endpoint URI/IRI, capable of sending and receiving BIAS messages, and containing a running BIAS implementation

BIAS message

message that can be sent from a BIAS endpoint to another BIAS endpoint through a BIAS link channel

BIAS request message

BIAS message conveying a request for an action to be performed by the receiving BIAS endpoint

BIAS response message

BIAS message conveying a response to a prior BIAS requestmessage

1.6 References

1.6.1 Normative References

[RFC2119]   S. Bradner, Key words for use in RFCs to Indicate Requirement Levels, IETF RFC 2119, March 1997
http://www.ietf.org/rfc/rfc2119.txt

 

[CBEFF]  ISO/IEC19785-1:2006, Information technology – Common Biometric Exchange Formats Framework – Part 1: Data element specification, with Amendment 1:2010
http://www.iso.org

 

[DATE-TIME]  ISO 8601:2004, Data elements and interchange formats — Information interchange — Representation of dates and times
http://www.iso.org

 

[INCITS-BIAS]  ANSI INCITS 442-2010, Biometric Identity Assurance Services (BIAS), July 2010
http://www.incits.org

 

[IRI]      M. Duerst, et al, Internationalized Resouce Identifiers, RFC3987, January 2005
http://www.ietf.org/rfc/rfc3987.txt

[SOAP11]   Simple Object Access Protocol (SOAP) 1.1, 8 May 2000
http://www.w3.org/TR/2000/NOTE-SOAP-20000508/

[URI]     T. Berners-Lee, R. Fielding, L. Masinter, Uniform Resource Identifiers (URI): Generic Syntax, RFC 3986, MIT/LCS, U.C. Irvine, Xerox Corporation, January 2005.
http://ietf.org/rfc/rfc3986

[UTF-8]   ISO/IEC 10646:2003, Information technology — Universal Multiple-Octet Coded Character Set (UCS)
http://www.iso.org

[WS-Addr]  W3C Recommendation,Web Services Addressing 1.0 - Core,  and Web Services Addressing 1.0 - SOAP Binding, 9 May 2006
http://www.w3.org/2002/ws/addr/

[WS-I-Basic]  Basic Profile Version 1.1, 10 April 2006
http://www.ws-i.org/Profiles/BasicProfile-1.1-2006-04-10.html

[WS-I-Bind]  Web Services-Interoperability Organization (WS-I) Simple SOAP Binding Profile Version 1.0, 24 August 2004
http://www.ws-i.org/Profiles/SimpleSoapBindingProfile-1.0-2004-08-24.html

[WSDL11]   Web Services Description Language (WSDL) 1.1, 15 March 2001
http://www.w3.org/TR/2001/NOTE-wsdl-20010315

[XML 10]  Extensible Markup Language (XML) 1.0, 16 August 2006
http://www.w3.org/TR/2006/REC-xml-20060816/

[XOP]   XML-binary Optimized Packaging, W3C Recommendation, 25 January 2005
http://www.w3.org/TR/2005/REC-xop10-20050125/

1.6.2 Non-Normative References

[BioAPI]     ISO/IEC 19784-1:2006, Information technology – Biometric Application Programming Interface – Part 1: BioAPI Specification
http://www.iso.org

[CBEFF-3]   ISO/IEC19785-3:2007, Information technology – Common Biometric Exchange Formats Framework – Part 3: Patron format specifications, with Amendment 1:2010
http://www.iso.org

 

[BIO SEC]   ISO 19092 Financial services -- Biometrics -- Security framework
http://www.iso.org

[EBTS-DOD]   Department of DefenseElectronic Biometric TransmissionSpecification, Version 2.0, 27 March 2009
http://www.biometrics.dod.mil/CurrentInitiatives/Standards/dodebts.aspx

[EBTS-FBI] IAFIS-DOC-01078-8.1,  “Electronic Biometric Transmission Specification (EBTS)”, Version 8.1, November 19, 2008, Federal Bureau of Investigation, Criminal Justice Information Services Division
https://www.fbibiospecs.org

[EFTS]  IAFIS-DOC-01078-7,  “Electronic Fingerprint Transmission Specification (EFTS)”, Version 7.1, May 2, 2005, Federal Bureau of Investigation, Criminal Justice Information Services Division
https://www.fbibiospecs.org

[HR-XML]    HR-XML Consortium Library, 2007 April 15
http://www.hr-xml.org

[INT-I]   Interpol Implementation of ANSI/NIST ITL1-2000, Ver 4.22b, October 28, 2005, The Interpol AFIS Expert Group
http://www.interpol.int

[NIEM]  National Information Exchange Model (NIEM), Ver 2.0, June 2007, US DOJ/DHS
http://www.niem.gov

[RFC2246]   T. Dierks & C. Allen,The TLS Protocol, Version 1.0, January 1999
http://www.ietf.org/rfc/rfc2246.txt

[RFC2617]   J. Franks, et al, HTTP Authentication: Basic and Digest Access Authentication, June 1999
http://www.ietf.org/rfc/rfc2617.txt

[RFC3280]   R. Housley, et al, Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, April 2002
http://www.ietf.org/rfc/rfc3280.txt

[SAML] Security Assertion Markup Language (SAML), Oasis Standard, March 2005
http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf

[SAML SEC]           Security and Privacy Considerations for the OASIS Security Assertion Markup Language (SAML) V2.0, Oasis Standard, 15 March 2005
http://docs.oasis-open.org/security/saml/v2.0/saml-sec-consider-2.0-os.pdf

[SSL3]  SSL 3.0 Specification
http://www.freesoft.org/CIE/Topics/ssl-draft/3-SPEC.HTM

[WSS]   Web Services Security: SOAP Message Security 1.1, (WS-Security 2004), OASIS Standard Specification, 1 February 2006
http://www.oasis-open.org/committees/download.php/16790/wss-v1.1-spec-os-SOAPMessageSecurity.pdf

[X509]   X.509: Information technology - Open Systems Interconnection - The Directory: Public-key and attribute certificate frameworks, ITU-T, August 2005
http://www.itu.int/rec/T-REC-X.509-200508-I

[xNAL]                    Customer Information Quality Specifications Version 3.0: Name (xNL), Address (xAL), Name and Address (xNAL) and Party (xPIL), Committee Specification 02, 20 September 2008
http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=ciq

2      Design Concepts and Architecture (non-normative)

2.1 Philosophy

Rather than define a totally new and unique messaging protocol for biometric services, this specification instead defines a method for using existing biometric and Web services standards to exchange biometric data and perform biometric operations. 

2.2 Context

Today, biometric systems are being developed which collect, process, store and match biometric data for a variety of purposes.  In many cases, data and/or capabilities need to be shared between systems or systems serve a number of different client stakeholders.  As architectures move towards services-based frameworks, access to these biometric databases and services is via a Web services front-end.  However, lack of standardization in this area has led implementers to develop customized services for each system/application.

BIAS is intended to provide a common, yet flexible, Web services interface that can be used within both closed and open SOA systems.  Figure 1, below, depicts the context in which the BIAS messages will be implemented.

 

 

 

Figure 1.  BIAS Context

 

The clients (requesters) may use standard discovery mechanisms (i.e., UDDI directories) to discover the BIAS service provider (implementation) or, particularly in closed systems, the URI/IRI and WSDL for the service provider may be known a priori by the client BIAS application developer.

2.3 Architecture

BIAS Web services are intended to be used within systems employing a services framework, such as a services-oriented architecture (SOA) (although implementations are not limited to this environment).  As such, it is recognized that the clients may interact directly with the BIAS service provider or layers may exist between the client and the service provider, for example as an ESB or other application layer.

The BIAS Architecture as shown in Figure 2, in which:

·                     A Client request to the BIAS Web services may be triggered by a human interaction OR any proxy system such as an ESB.

·                     Client sends and receives SOAP messages that conform to the BIAS schemas

·                     Calls to the BIAS Implementation use OASIS Service Interfaces and Bindings (via WSDL)

·                     The BIAS implementation maps the service call to the appropriate internal API or set of APIs and returns data according to the service interface.

Note that services are represented as circles.

 

 

Figure 2. Representative BIAS Architecture

 

NOTE:  It is possible that BIAS may also be used between the service provider and the managed resource (e.g., a biometric matcher).

 

At the heart of the BIAS SOAP Profile are the concepts of BIAS messages and endpoints.

 

BIAS implementation

A BIAS implementation is a software entity that is capable of creating, processing, sending, and receiving BIAS messages.  This standard does not define requirements for the BIAS implementation other than defining the messages and protocols used by the endpoints.

BIAS messages

A BIAS message is a one that can be sent from a BIAS endpoint to another BIAS endpoint over a TCP/IP link.

BIAS endpoints

A BIAS endpoint is a runtime entity, uniquely identified and accessed by an endpoint URI/IRI [URI] [IRI], capable of sending and receiving BIAS messages.

NOTE:  When not publicly and directly exposed, the endpoints for purposes of this specification are the BIAS service provider exposing BIAS services and the component that directly interacts with that service provider, e.g., the business application or ESB, rather than the ultimate end client requester.

3      Data dictionary

This section describes the BIAS data elements used within BIAS messages (as defined in Clause 4). Common data elements are defined for use in one or more operations. These include common data types or return codes. BIAS data elements are defined in ANSI INCITS 442-2010. The elements, complex types and simple types described for the BIAS messages belong to the following namespace: http://docs.oasis-open.org/bias/ns/bias-1.0/.  See Annex A for the XML schema.

NOTE:  Biographic and biometric data included in a native XML format MAY contain elements referencing external namespaces (e.g., ansi-nist).

3.1       Documentation Conventions

Each common element has a section describing its content.  Likewise, each operation has a section describing the request and response messages and the associated input and output parameters. The input and output of each message and the comment elements are detailed in a table as described in the figure below. Each field that forms part of the message request/response is detailed in the table.

 

Header Name

Description

Values

Value Meaning

Field

The name of the field.

 

 

Type

The XML schema type of the field.

 

 

#

The cardinality of the field

1

One occurrence

0..1

Zero or one occurrence

0..*

Zero or more occurrences

1..*

One or more occurrences

?

Defines if the field must be present.

Y

Yes – is always required

N

No – is not always required, an optional field.

C

Conditional – requirement is dependent on system or message conditions.

Meaning

Gives a short description of the field’s use

 

 

Figure 3. BIAS Message Input/Output Dictionary Table Headings

Fields Hierarchy Explained:

To denote the field hierarchy the symbol  is used to denote the child-of relationship.

All string types/elements MUST consist of ISO/IEC 10646 (Unicode) characters encoded in UTF-8 [UTF-8] (see ISO/IEC 10646:2003, Annex D).

3.2 Common Elements

3.2.1 ApplicationIdentifier

Type:

string

Description:

Identifies an application.

Min Length:

1

Max Length:

255

3.2.2 ApplicationUserIdentifier

Type:

string

Description:

Identifies an application user or instance.

Min Length:

1

Max Length:

255

3.2.3 BaseBIRType

Type:

Schema complexType

Description:

Base type for all BIR subtypes; see BinaryBIR, URI_BIR, and XML_BIR for currently available types.

 

3.2.4 BIASBiometricDataType

Field

Type

#

?

Meaning

BIASBiometricDataType

 

 

Y

Wraps the various BIAS biometric types.

The operations that use this type specify which elements are required.

            BIRList

CBEFF_BIR_ListType

0..1

N

A list of CBEFF-BIR elements.

            BIR

CBEFF_BIR_Type

0..1

N

Contains biometric information in either a non-XML or an XML representation.

            InputBIR

CBEFF_BIR_Type

0..1

N

Maps to specific INCITS BIAS elements as required by that specification.

            ReferenceBIR

CBEFF_BIR_Type

0..1

N

Maps to specific INCITS BIAS elements as required by that specification.

            BiometricDataList

BiometricDataListType

0..1

N

A list of biometric data elements.

3.2.5 BIASFaultCode

Type:

String

Description:

Error code referenced in a SOAP fault.

BIASFaultCode Enumeration Values

Value

Description

UNKNOWN_ERROR

The service failed for an unknown reason.

UNSUPPORTED_CAPABILITY

A requested capability is not supported by the service implementation.

INVALID_INPUT

The data in a service input parameter is invalid.

BIR_QUALITY_ERROR

Biometric sample quality is too poor for the service to succeed.

INVALID_BIR

The input BIR is empty or in an invalid or unrecognized format.

BIR_SIGNATURE_FAILURE

The service could not validate the signature, if used, on the input BIR.

BIR_DECRYPTION_FAILURE

The service could not decrypt an encrypted input BIR.

INVALID_ENCOUNTER_ID

The input encounter ID is empty or in an invalid format.

INVALID_SUBJECT_ID

The input subject ID is empty or in an invalid format.

UNKNOWN_SUBJECT

The subject referenced by the input subject ID does not exist.

UNKNOWN_GALLERY

The gallery referenced by the input gallery ID does not exist.

UNKNOWN_ENCOUNTER

The encounter referenced by the input encounter ID does not exist.

UNKNOWN_BIOGRAPHIC_FORMAT

The biographic data format is not known or not supported.

UNKNOWN_IDENTITY_CLAIM

The identity referenced by the input identity claim does not exist.

INVALID_IDENTITY_CLAIM

The identity claim requested is already in use.

NONEXISTANT_DATA

The data requested for deletion does not exist.

NOTES: 

(1)   See Clause 6 (Error handling) for an explanation of BIAS faults and return codes.

(2)   Service provider MAY define additional values specific to their service implementation.

(3)   See section 5.5 for additional information on BIAS security.

3.2.6 BIASFaultDetail

Field

Type

#

?

Meaning

BIASFaultDetail

 

 

Y

Defines the error information associated with a SOAP fault.

            BIASFaultType

BIASFaultCode

1

Y

References an error code.

            BIASFaultMessage

string

1

Y

Provides a brief explanation of the fault.

            BIASFaultDescription

string

0..1

N

Provides detailed information about a BIAS fault, such as trace details.

3.2.7 BIASIdentity

Field

Type

#

?

Meaning

BIASIdentity

 

 

Y

Defines a single element for encapsulating the data associated with an Identity. Includes the Identity’s reference identifiers, biographic data, and biometric data.

The operations that use this type specify which elements are required.

            SubjectID

BIASIDType

0..1

C

A system unique identifier for a subject.

Required as input to many operations.

            IdentityClaim

BIASIDType

0..1

N

An identifier by which a subject is known to a particular gallery or population group.

            EncounterID

BIASIDType

0..1

C

The identifier of an encounter associated with the subject.

Required for encounter-centric models.

            EncounterList

EncounterListType

0..1

N

A list of encounters associated with a subject.

            BiographicData

BiographicDataType

0..1

N

An Identity’s biographic data.

            BiographicDataElements

BiographicDataType

0..1

N

An Identity’s biographic data elements that are stored in the implementing system.

            BiometricData

BIASBiometricDataType

0..1

N

An Identity’s biometric data.

3.2.8 BIASIDType

Type:

string

Description:

A BIAS Identifier.

3.2.9 BinaryBIR

Field

Type

#

?

Meaning

BinaryBIR

BaseBIRType

 

Y

Defines a BIR type of Binary

            Binary

base64Binary

1

Y

BIR information in base64 binary format

 

3.2.10 BiographicDataItemType

Field

Type

#

?

Meaning

BiographicDataItemType

 

 

Y

Defines a single biographic data element.

            Name

string

1

Y

The name of the biographic data item.

            Type

string

1

Y

The data type for the biographic data item.

            Value

string

0..1

N

The value assigned to the biographic data item.

NOTE:  This element can be used to transmit scanned identity documents or document information (e.g., passports, driver’s license, birth certificates, utility bills, etc. required to establish an identity).

3.2.11 BiographicDataSetType

Field

Type

#

?

Meaning

BiographicDataSetType

 

 

Y

Defines a set of biographic data that is formatted according to the specified format.

            name

string

1

Y

The name of the biographic data format. Use these names for common formats: FBI-EFTS [EFTS], FBI-EBTS [EBTS-FBI], DOD-EBTS [EBTS-DOD], INT-I [INT-I], NIEM [NIEM], xNAL [xNAL], HR-XML [HR-XML].

            version

string

0..1

N

The version of the biographic data format (e.g., “7.1” for FBI-EFTS or “2.0” for NIEM).

            source

string

1

Y

Reference to a URI/IRI describing the biographic data format. For example: (FBI-EFTS and FBI-EBTS) www.fbibiospecs.org, (DOD-EBTS) www.biometrics.dod.mil, (INT-I) www.interpol.int, (NIEM) www.niem.gov, (xNAL) www.oasis-open.org, (HR-XML) www.hr-xml.org.

            type

string

1

Y

The biographic data format type. Use these types for common formats: ASCII (e.g., for non-XML versions of FBI-EFTS, FBI-EBTS, DOD-EBTS, or INT-I), XML (e.g., for NIEM, xNAL, and HR-XML or future versions of FBI-EBTS).

            unspecified

any

0..*

N

Biographic data formatted according to a specific format.

NOTE:  Biographic data formats are not limited to those listed.  The string value is not enumerated.  If one of the common types are used, it MUSTbe indicated by the specified name values; however, the service provider MAY offer other formats.  See INCITS 442 for further information.

3.2.12 BiographicDataType

Field

Type

#

?

Meaning

BiographicDataType

 

 

Y

Defines a set of biographic data elements, utilizing either the BiographicDataItemType to represent a list of elements or the BiographicDataSetType to represent a complete, formatted set of biographic information.

One of the following elements must be present.

            LastName

string

0..1

N

The last name of a subject.

            FirstName

string

0..1

N

The first name of a subject.

            BiographicDataItems

BiographicDataItemType

0..1

N

A list of biographic data elements.

            BiographicDataItems

BiographicDataItemType

1..*

N

A single biographic data element.

            BiographicDataSet

BiographicDataSetType

0..1

N

A set of biographic data information.

NOTE:  The implementer is given three choices for encoding biographic data:

·       Encode only first and last name using the defined fields within BiographicDataType

·       Define a list of biographic data elements using the BiographicDataItemType

·       Use a pre-defined set of biographic data (e.g., as specified in another standard) using the BiographicDataSetType.

See also INCITS 442, section 8.1 for further information.

3.2.13 BiometricDataElementType

Field

Type

#

?

Meaning

BiometricDataElementType

 

 

Y

Provides descriptive information about biometric data, such as the biometric type, subtype, and format, contained in the BDB of the CBEFF-BIR.

            BiometricType

oasis_cbeff:MultipleTypesType

1

Y

The type of biological or behavioral data stored in the biometric record, as defined by CBEFF.

            BiometricTypeCount

positiveInteger

0..1

N

The number of biometric records having the biometric type recorded in the biometric type field.

            BiometricSubType

oasis_cbeff:SubtypeType

0..1

N

More specifically defines the type of biometric data stored in the biometric record, as defined by CBEFF.

            BDBFormatOwner

positiveInteger

1

Y

Identifies the standards body, working group, industry consortium, or other CBEFF biometric organization that has defined the format for the biometric data.

            BDBFormatType

positiveInteger

1

Y

Identifies the specific biometric data format specified by the CBEFF biometric organization recorded in the BDB Format Owner field.

 

3.2.14 BiometricDataListType

Field

Type

#

?

Meaning

BiometricDataListType

 

 

Y

A list of biometric data elements.

            BiometricDataElement

3.2.13 BiometricDataElementType

0..*

N

Data structure containing information about a biometric record.

3.2.15 CandidateListResultType

Field

Type

#

?

Meaning

CandidateListResultType

 

 

Y

Defines a set of candidates, utilizing the CandidateType to represent each element in the set.

            CandidateList

3.2.16 CandidateListType

1

Y

The candidate list.

 

3.2.16 CandidateListType

Field

Type

#

?

Meaning

CandidateListType

 

 

Y

Defines a set of candidates, utilizing the CandidateType to represent each element in the set.

            Candidate

CandidateType

0..*

N

A single candidate.

3.2.17 CandidateType

Field

Type

#

?

Meaning

CandidateType

 

 

Y

Defines a single candidate as a possible match in response to a biometric identification request.

            Score

Score

0..1

N

The match score.

            Rank

integer

1

Y

The rank of the candidate in relation to other candidates for the same biometric identification operation.

            BiographicData

BiographicDataType

0..1

N

Biographic data associated with the candidate match.

            BIRList

CBEFF_BIR_ListType

1

Y

Biometric data associated with the candidate match.

3.2.18 CapabilityListType

Field

Type

#

?

Meaning

CapabilityListType

 

 

Y

Defines a set of capabilities.

            Capability

CapabilityType

0..*

N

A single capability.

3.2.19 CapabilityName

Type:

string

Description:

A list of capability items.

CapabilityName Enumeration Values

Value

Description

AggregateInputDataOptional

A data element accepted as optional input by the implementing system for the aggregate services.

AggregateInputDataRequired

A data element required as input by the implementing system for the aggregate services.

AggregateProcessingOption

A processing option supported by the implementing system for the aggregate services.

AggregateReturnData

A data element returned by the implementing system for the aggregate services.

AggregateServiceDescription

Describes the processing logic of an aggregate service supported by the implementing system.

BiographicDataSet

Identifies a biographic data set supported by the implementing system.

CBEFFPatronFormat

A patron format supported by the implementing system.

ClassificationAlgorithmType

A classification algorithm type supported by the implementing system.

ConformanceClass

Identifies the conformance class of the BIAS implementation.

Gallery

A gallery or population group supported by the implementing system.

IdentityModel

Identifies whether the implementing system is person-centric or encounter-centric based.

MatchScore

Identifies the use of match scores returned by the implementing system.

QualityAlgorithm

A quality algorithm vendor and algorithm vendor product ID supported by the implementing system.

SupportedBiometric

A biometric type supported by the implementing system.

TransformOperation

A transform operation type supported by the implementing system.

3.2.20 CapabilityType

Field

Type

#

?

Meaning

CapabilityType

 

 

Y

Defines a single capability supported by an implementing system.

            CapabilityName

CapabilityName

1

Y

The name of the capability.

            CapabilityID

string

0..1

N

An identifier assigned to the capability by the implementing system.

            CapabilityDescription

string

0..1

N

A description of the capability.

            CapabilityValue

string

0..1

N

A value assigned to the capability.

            CapabilitySupportingValue

string

0..1

N

A secondary value supporting the capability.

            CapabilityAdditionalInfo

string

0..1

N

Contains additional information for the supported capability.

3.2.21 CBEFF_BIR_ListType

Field

Type

#

?

Meaning

CBEFF_BIR_ListType

 

 

Y

A list of CBEFF-BIR elements.

            BIR

CBEFF_BIR_Type

0..*

N

CBEFF structure containing information about a biometric sample.

3.2.22 CBEFF_BIR_Type

Field

Type

#

?

Meaning

CBEFF_BIR_Type

 

 

Y

Represents biometric information, with either a non-XML or XML representation.

            FormatOwner

positiveInteger

1

Y

Identifies the Patron format owner.

            FormatType

positiveInteger

1

Y

Identifies the Patron format type.

            BIR_Information

 

0..1

N

Describes what is contained in a BIR.

                        BIR_Info

oasis_cbeff:BIRInfoType

0..1

N

Contains information about the CBEFF-BIR.

                        BDB_Info

oasis_cbeff:BDBInfoType

0..1

N

Contains information about the BDB in a simple CBEFF-BIR.

                        SB_Info

oasis_cbeff:SBInfoType

0..1

N

Contains information about the security block, if used, in a simple CBEFF-BIR.

            BIR

BaseBIRType

1

Y

One of the following sub-elements must be present: BinaryBIR, URI_BIR, or XML_BIR.

NOTE:  The implementer is given three choices for encoding a BIR:

The latter two alternatives can use any CBEFF Patron Format.  The optional BIR_Information provides a mechanism for exposing metadata associated with a BIR format that is not easily decoded (i.e., a non-XML BIR).  See section 5.3 for more information on handling of binary data within BIAS and INCITS 442, Clause 8.2, for more information on representing biometric data.

NOTE: 

(1)   XML BIRs MUST conform to the XML patron format in Annex B; however, non-XML (binary) and URI BIRs MAY implement any CBEFF patron format.

(2)   It is RECOMMENDED that only registered CBEFF patron formats be used; however, in closed systems, this may not be required.

3.2.23 Classification

Type:

string

Description:

The result of a classification.

3.2.24 ClassificationAlgorithmType

Type:

string

Description:

Type of classification algorithm that was used to perform the classification.

3.2.25 ClassificationData

Field

Type

#

?

Meaning

ClassificationData

 

 

Y

Contains information on classification results and the algorithm used to determine the classification.

            Classification

Classification

1

Y

The result of the classification.

            ClassificationAlgorithmType

ClassificationAlgorithmType

1

Y

Identifies the type of classification algorithm that was used to perform the classification.

3.2.26 EncounterListType

Field

Type

#

?

Meaning

EncounterListType

 

 

Y

Defines a set of encounters.

            EncounterID

BIASIDType

0..*

N

The identifier of an encounter.

3.2.27 FusionDecision

Type:

string

Description:

The match decision assigned by the matching algorithm

 

3.2.28 FusionInformationListType

Field

Type

#

?

Meaning

FusionInformationListType

 

 

Y

Contains at a minimum two sets of fusion input elements, as input to the PerformFusion operation.

            FusionElement

FusionInformationType

2..*

Y

A set of fusion information.

3.2.29 FusionInformationType

Field

Type

#

?

Meaning

FusionInformationType

 

 

Y

Represents the information necessary to perform a fusion operation.

            BiometricType

oasis_cbeff:MultipleTypesType

1

Y

The type of biological or behavioral data stored in the biometric record, as defined by CBEFF.

            BiometricSubType

oasis_cbeff: SubtypeType

0..1

N

More specifically defines the type of biometric data stored in the biometric record.

            AlgorithmOwner

string

1

Y

The owner or vendor of the algorithm used to determine the score or decision.

            AlgorithmType

string

1

Y

The Algorithm Owner’s identifier for the specific algorithm product and version used to determine the score or decision.

            FusionResult

FusionResult

0..1

C

Either FusionScore or a FusionDecision element MUST be used.

3.2.30 FusionResult

Type:

complexType

Description:

The base type for any resulting types which indicate the status of a Fusion operation

3.2.31 FusionScore

Type:

Score

Description:

The similarity score assigned by the matching algorithm.

 

3.2.32 GenericRequestParameters

Field

Type

#

?

Meaning

GenericRequestParameters

 

 

Y

Common request parameters that can be used to identify the requester.

            Application

ApplicationIdentifier

0..1

N

Identifies the requesting application.

            ApplicationUser

ApplicationUserIdentifier

0..1

N

Identifies the user or instance of the requesting application.

            BIASOperationName

string

0..1

N

Identifies the BIAS operation that is being requested.

NOTE:  See section 5.4 for alternatives for identifying the requested BIAS operation in a BIAS SOAP message.

3.2.33 IdentifySubjectResultType

Description:

A base type for all types that could be returned from the IdentifySubject operation

 

3.2.34 InformationType

Field

Type

#

?

Meaning

InformationType

 

 

Y

Allows for an unlimited number of data element types, and it does not specify nor require any particular data element.

            unspecified

any

0..*

N

 

3.2.35 ListFilterType

Field

Type

#

?

Meaning

ListFilterType

 

 

Y

Provides a method to filter the amount of information returned in a search of biometric data.

            BiometricTypeFilters

 

1

Y

 

            BiometricTypeFilter

oasis_cbeff:MultipleTypesType

1..*

Y

Limits the returned information to a specific type of biometric, as defined by CBEFF.

            IncludeBiometricSubType

boolean

1

Y

A Boolean flag indicating if biometric subtype information should be returned.

3.2.36 MatchType

Type:

boolean

Description:

The result of a fusion method.

3.2.37 ProcessingOptionsType

Field

Type

#

?

Meaning

ProcessingOptionsType

 

 

Y

BIAS aggregate operations support the ability to include various processing options which direct and possibly control the business logic for that operation. The ProcessingOptionsType provides a method to represent those options. Processing options SHOULD be defined by the implementing system.

            Option

string

0..*

N

An option supported by the implementing system.

3.2.38 ProductID

Type:

string

Description:

The vendor’s ID for a particular product.

3.2.39 QualityData

Field

Type

#

?

Meaning

QualityData

 

 

Y

Contains information about a biometric sample’s quality and the algorithm used to compute the quality.

            QualityScore

oasis_cbeff:QualityType

0..1

N

The quality of a biometric sample.

            AlgorithmVendor

VendorIdentifier

1

Y

The vendor of the quality algorithm used to determine the quality score.

            AlgorithmVendorProductID

ProductID

1

Y

The vendor’s ID for the algorithm used to determine the quality.

            AlgorithmVersion

VersionType

0..1

N

The version of the algorithm used to determine the quality.

3.2.40 ResponseStatus

Field

Type

#

?

Meaning

ResponseStatus

 

 

Y

 

            Return

ReturnCode

1

Y

The return code indicates the return status of the operation.

            Message

string

0..1

N

A short message corresponding to the return code.

3.2.41 ReturnCode

Type:

unsignedLong

Description:

Return value specifying success or other condition.

 

ReturnCode Enumeration Values

Value

Description

0

Success

3.2.42 Score

Type:

float

Description:

Match result or quality score.

NOTE:  Matching scores MAY be in a standardized or proprietary form in terms of value range and interpretation.  Quality scores, however, follow the definition found in Annex B.

3.2.43 TokenResultType

Field

Type

#

?

Meaning

TokenResultType

 

 

Y

Defines a token that is returned for asynchronous processing.

            TokenType

TokenType

1

Y

Defines a token that is returned for asynchronous processing.

 

3.2.44 TokenType

Field

Type

#

?

Meaning

TokenType

 

 

Y

Defines a token that is returned for asynchronous processing.

            TokenValue

string

1

Y

A value returned by the implementing system that is used to retrieve the results to an operation at a later time.

            Expiration

date

1

Y

A date and time at which point the token expires and the operation results are no longer guaranteed to be available.

NOTE:  Date/time format is defined in INCITS 442 and is consistent with the date format specified in Annex B and ISO 8601 [DATE-TIME].See also Annex A for schema definition.

3.2.45 URI_BIR

Field

Type

#

?

Meaning

URI_BIR

BaseBIRType

 

Y

Defines a BIR type of Binary

            URI

anyURI

1

Y

The URI of the BIR

 

3.2.46 VendorIdentifier

Type:

string

Description:

Identifies a vendor.

NOTE:  Vendor identifiers are registered with IBIA as the CBEFF registration authority (see ISO/IEC 19785-2).  Registered biometric organizations are listed at: http://www.ibia.org/cbeff/_biometric_org.php.

3.2.47 Version

Field

Type

#

?

Meaning

Version

 

 

Y

For a description or definition of each data element, see the referenced CBEFF standards in the 3.2.22 CBEFF_BIR_Typeschema.

            major

nonNegativeInteger

1

Y

            minor

nonNegativeInteger

1

Y

3.2.48 VersionType

Type:

string

Description:

The version of a component.

3.2.49 XML_BIR

Field

Type

#

?

Meaning

XML_BIR

BaseBIRType

 

Y

Defines a BIR type of Binary

            XML

Oasis_cbeff:BIRType

1

Y

BIR information in XML format

 

4      BIAS Messages

This section describes the BIAS messages implementing BIAS operations as defined in ANSI INCITS 442-2010.  The operations are listed alphabetically, with each operation containing a request and a response message.  The tables follow the conventions described in section 3.1.

4.1 Primitive Operations

4.1.1 AddSubjectToGallery

AddSubjectToGalleryRequest

AddSubjectToGalleryResponse

The AddSubjectToGallery operation registers a subject to a given gallery or population group. As an OPTIONAL parameter, the value of the claim to identity by which the subject is known to the gallery MAY be specified. This claim to identity MUST be unique across the gallery. If no claim to identity is specified, the subject ID (assigned with the CreateSubject operation) will be used as the claim to identity. Additionally, in the encounter-centric model, the encounter ID associated with the subject’s biometrics that will be added to the gallery MUST be specified.

Request Message

Field

Type

#

?

Meaning

AddSubjectToGallery

 

 

Y

Register a subject to a given gallery or population group.

AddSubjectToGalleryRequest

 

1

Y

 

            GenericRequestParameters

GenericRequestParameters

0..1

N

Common request parameters that can be used to identify the requester.

                        Application

ApplicationIdentifier

0..1

N

Identifies the requesting application.

                        ApplicationUser

ApplicationUserIdentifier

0..1

N

Identifies the user or instance of the requesting application.

                        BIASOperationName

string

0..1

N

Identifies the BIAS operation that is being requested: “AddSubjectToGallery”.

            GalleryID

BIASIDType

1

Y

The identifier of the gallery or population group to which the subject will be added.

            Identity

BIASIdentity

1

Y

The identity to add to the gallery.

                        SubjectID

BIASIDType

1

Y

A system unique identifier for a subject.

                        IdentityClaim

BIASIDType

0..1

N

An identifier by which a subject is known to a particular gallery or population group. (This could be a username or account number, for example.)

                        EncounterID

BIASIDType

0..1

C

The identifier of an encounter associated with the subject.

Required for encounter-centric models.

Response Message

Field

Type

#

?

Meaning

AddSubjectToGalleryResponse

 

 

Y

The response to an AddSubjectToGallery operation.

AddSubjectToGalleryResponsePackage

 

1

Y

 

            ResponseStatus

ResponseStatus

1

Y

Returned status for the operation.

                        Return

ReturnCode

1

Y

The return code indicates the return status of the operation.

                        Message

string

0..1

N

A short message corresponding to the return code.

4.1.2 CheckQuality

CheckQualityRequest

CheckQualityResponse

The CheckQuality operation returns a quality score for a given biometric. The biometric input is provided in a CBEFF basic structure or CBEFF record, which in this specification is called a CBEFF-BIR. The algorithm vendor and algorithm vendor product ID MAY be optionally provided in order to request a particular algorithm’s use in calculating the biometric quality. If an algorithm vendor is provided then the algorithm vendor product ID is REQUIRED. If no algorithm vendor is provided, the implementing system will provide the algorithm vendor and algorithm vendor product ID that were used to calculate the biometric quality as output parameters.

Request Message

Field

Type

#

?

Meaning

CheckQuality

 

 

Y

Calculate a quality score for a given biometric.

CheckQualityRequest

 

1

Y

 

            GenericRequestParameters

GenericRequestParameters

0..1

N

Common request parameters that can be used to identify the requester.

                        Application

ApplicationIdentifier

0..1

N

Identifies the requesting application.

                        ApplicationUser

ApplicationUserIdentifier

0..1

N

Identifies the user or instance of the requesting application.

                        BIASOperationName

string

0..1

N

Identifies the BIAS operation that is being requested: “CheckQuality”.

            BiometricData

BIASBiometricDataType

1

Y

Data structure containing a single biometric sample for which a quality score is to be determined.

                        BIR

CBEFF_BIR_Type

1

Y

The biometric sample.

            Quality

QualityData

0..1

N

Specifies a particular algorithm vendor and vender product ID.

                        AlgorithmVendor

VendorIdentifier

1

Y

The vendor of the quality algorithm used to determine the quality score.

                        AlgorithmVendorProductID

ProductID

1

Y

The vendor’s ID for the algorithm used to determine the quality.

Response Message

Field

Type

#

?

Meaning

CheckQualityResponse

 

 

Y

The response to a CheckQuality operation.

CheckQualityResponsePackage

 

1

Y

 

            ResponseStatus

ResponseStatus

1

Y

Returned status for the operation.

                        Return

ReturnCode

1

Y

The return code indicates the return status of the operation.

                        Message

string

0..1

N

A short message corresponding to the return code.

            QualityInfo

QualityData

1

Y

Contains the quality information for the submitted biometric sample.

                        QualityScore

oasis_cbeff:QualityType

0..1

N

The quality of a biometric sample.

                        AlgorithmVendor

VendorIdentifier

1

Y

The vendor of the quality algorithm used to determine the quality score.

                        AlgorithmVendorProductID

ProductID

1

Y

The vendor’s ID for the algorithm used to determine the quality.

                        AlgorithmVersion

VersionType

1

Y

The version of the algorithm used to determine the quality.

4.1.3 ClassifyBiometricData

ClassifyBiometricDataRequest

ClassifyBiometricDataResponse

The ClassifyBiometricData operation attempts to classify a biometric sample. For example, a fingerprint biometric sample may be classified as a whorl, loop, or arch (or other classification classes and sub-classes).

To obtain the types of classification algorithms and classes, see the QueryCapabilities operation.

Request Message

Field

Type

#

?

Meaning

ClassifyBiometricData

 

 

Y

Classifies a biometric sample.

*       ClassifyBiometricDataRequest

 

1

Y

 

            GenericRequestParameters

GenericRequestParameters

0..1

N

Common request parameters that can be used to identify the requester.

                        Application

ApplicationIdentifier

0..1

N

Identifies the requesting application.

                        ApplicationUser

ApplicationUserIdentifier

0..1

N

Identifies the user or instance of the requesting application.

                        BIASOperationName

string

0..1

N

Identifies the BIAS operation that is being requested: “ClassifyBiometricData”.

            BiometricData

BIASBiometricDataType

1

Y

Data structure containing a single biometric sample for which the classification is to be determined.

                        BIR

CBEFF_BIR_Type

1

Y

The biometric sample.

Response Message

Field

Type

#

?

Meaning

ClassifyBiometricDataResponse

 

 

Y

The response to a ClassifyBiometricData operation, containing the classification of a biometric sample.

ClassifyBiometricDataResponsePackage

 

1

Y

 

            ResponseStatus

ResponseStatus

1

Y

Returned status for the operation.

                        Return

ReturnCode

1

Y

The return code indicates the return status of the operation.

                        Message

string

0..1

N

A short message corresponding to the return code.

            ClassificationData

ClassificationData

1

Y

Information on the results and type of classification performed.

                        Classification

Classification

1

Y

The result of the classification.

                        ClassificationAlgorithmType

ClassificationAlgorithmType

1

Y

Identifies the type of classification algorithm that was used to perform the classification.

4.1.4 CreateSubject

CreateSubjectRequest

CreateSubjectResponse

The CreateSubject operation creates a new subject record and associates a subject ID to that record. As an optional parameter, the subject ID MAY be specified by the caller. If no subject ID is specified, the CreateSubject operation will generate one.

Request Message

Field

Type

#

?

Meaning

CreateSubject

 

 

Y

 

CreateSubjectRequest

 

1

Y

 

            GenericRequestParameters

GenericRequestParameters

0..1

N

Common request parameters that can be used to identify the requester.

                        Application

ApplicationIdentifier

0..1

N

Identifies the requesting application.

                        ApplicationUser

ApplicationUserIdentifier

0..1

N

Identifies the user or instance of the requesting application.

                        BIASOperationName

string

0..1

N

Identifies the BIAS operation that is being requested: “CreateSubject”.

Response Message

Field

Type

#

?

Meaning

CreateSubjectResponse

 

 

Y

The response to a CreateSubject operation, containing the subject ID of the new subject record.

CreateSubjectResponsePackage

 

1

Y

 

            ResponseStatus

ResponseStatus

1

Y

Returned status for the operation.

                        Return

ReturnCode

1

Y

The return code indicates the return status of the operation.

                        Message

string

0..1

N

A short message corresponding to the return code.

            Identity

BIASIdentity

1

Y

 

                        SubjectID

BIASIDType

1

Y

A system unique identifier for a subject.

4.1.5 DeleteBiographicData

DeleteBiographicDataRequest

DeleteBiographicDataResponse

The DeleteBiographicData operation erases all of the biographic data associated with a given subject record. In the encounter-centric model the operation erases all of the biographic data associated with a given encounter, and therefore the encounter ID MUST be specified.

When deleting data, BIAS implementations MAY completely erase the information in order to prevent the ability to reconstruct a record in whole or in part, or they MAY track and record the deleted information for auditing and/or quality control purposes.

Request Message

Field

Type

#

?

Meaning

DeleteBiographicData

 

 

Y

Erase all of the biographic data associated with a given subject record or, in the encounter-centric model, with a given encounter.

DeleteBiographicDataRequest

 

1

Y

 

            GenericRequestParameters

GenericRequestParameters

0..1

N

Common request parameters that can be used to identify the requester.

                        Application

ApplicationIdentifier

0..1

N

Identifies the requesting application.

                        ApplicationUser

ApplicationUserIdentifier

0..1

N

Identifies the user or instance of the requesting application.

                        BIASOperationName

string

0..1

N

Identifies the BIAS operation that is being requested: “DeleteBiographicData”.

            Identity

BIASIdentity

1

Y

 

                        SubjectID

BIASIDType

1

Y

A system unique identifier for a subject.

                        EncounterID

BIASIDType

0..1

C

The identifier of an encounter associated with the subject.

Required for encounter-centric models.

Response Message

Field

Type

#

?

Meaning

DeleteBiographicDataResponse

 

 

Y

The response to a DeleteBiographicData operation.

*       DeleteBiographicDataResponsePackage

 

1

Y

 

            ResponseStatus

ResponseStatus

1

Y

Returned status for the operation.

                        Return

ReturnCode

1

Y

The return code indicates the return status of the operation.

                        Message

string

0..1

N

A short message corresponding to the return code.

4.1.6 DeleteBiometricData

DeleteBiometricDataRequest

DeleteBiometricDataResponse

The DeleteBiometricData operation erases all of the biometric data associated with a given subject record. In the encounter-centric model the operation erases all of the biometric data associated with a given encounter, and therefore the encounter ID MUST be specified.

When deleting data, BIAS implementations MAY completely erase the information in order to prevent the ability to reconstruct a record in whole or in part, or they MAY track and record the deleted information for auditing and/or quality control purposes.

Request Message

Field

Type

#

?

Meaning

DeleteBiometricData

 

 

Y

Erase all of the biometric data associated with a given subject record or, in the encounter-centric model, with a given encounter.

*       DeleteBiometricDataRequest

 

1

Y

 

            GenericRequestParameters

GenericRequestParameters

0..1

N

Common request parameters that can be used to identify the requester.

                        Application

ApplicationIdentifier

0..1

N

Identifies the requesting application.

                        ApplicationUser

ApplicationUserIdentifier

0..1

N

Identifies the user or instance of the requesting application.

                        BIASOperationName

string

0..1

N

Identifies the BIAS operation that is being requested: “DeleteBiometricData”.

            Identity

BIASIdentity

1

Y

 

                        SubjectID

BIASIDType

1

Y

A system unique identifier for a subject.

                        EncounterID

BIASIDType

0..1

C

The identifier of an encounter associated with the subject.

Required for encounter-centric models.

Response Message

Field

Type

#

?

Meaning

DeleteBiometricDataResponse

 

 

Y

The response to a DeleteBiometricData operation.

DeleteBiometricDataResponsePackage

 

1

Y

 

            ResponseStatus

ResponseStatus

1

Y

Returned status for the operation.

                        Return

ReturnCode

1

Y

The return code indicates the return status of the operation.

                        Message

string

0..1

N

A short message corresponding to the return code.

4.1.7 DeleteSubject

DeleteSubjectRequest

DeleteSubjectResponse

The DeleteSubject operation deletes an existing subject record and, in an encounter-centric model, any associated encounter information from the system. This operation also removes the subject from any registered galleries.

When deleting a subject, BIAS implementations MAY completely erase the subject information in order to prevent the ability to reconstruct a record or records in whole or in part, or they MAY track and record the deleted information for auditing and/or quality control purposes.

Request Message

Field

Type

#

?

Meaning

DeleteSubject

 

 

Y

Delete an existing subject record and, in an encounter-centric model, any associated encounter information.

*       DeleteSubjectRequest

 

1

Y

 

            GenericRequestParameters

GenericRequestParameters

0..1

N

Common request parameters that can be used to identify the requester.

                        Application

ApplicationIdentifier

0..1

N

Identifies the requesting application.

                        ApplicationUser

ApplicationUserIdentifier

0..1

N

Identifies the user or instance of the requesting application.

                        BIASOperationName

string

0..1

N

Identifies the BIAS operation that is being requested: “DeleteSubject”.

            Identity

BIASIdentity

1

Y

The identity of the subject to delete.

                        SubjectID

BIASIDType

1

Y

A system unique identifier for a subject.

Response Message

Field

Type

#

?

Meaning

DeleteSubjectResponse

 

 

Y

The response to a DeleteSubject operation.

DeleteSubjectResponsePackage

 

1

Y

 

            ResponseStatus

ResponseStatus

1

Y

Returned status for the operation.

                        Return

ReturnCode

1

Y

The return code indicates the return status of the operation.

                        Message

string

0..1

N

A short message corresponding to the return code.

4.1.8 DeleteSubjectFromGallery

DeleteSubjectFromGalleryRequest

DeleteSubjectFromGalleryResponse

The DeleteSubjectFromGallery operation removes the registration of a subject from a gallery or population group. The subject is identified by either the subject ID or the claim to identity that was specified in the AddSubjectToGallery operation.

Request Message

Field

Type

#

?

Meaning

DeleteSubjectFromGallery

 

 

Y

Remove the registration of a subject from a gallery or population group.

DeleteSubjectFromGalleryRequest

 

1

Y

 

            GenericRequestParameters

GenericRequestParameters

0..1

N

Common request parameters that can be used to identify the requester.

                        Application

ApplicationIdentifier

0..1

N

Identifies the requesting application.

                        ApplicationUser

ApplicationUserIdentifier

0..1

N

Identifies the user or instance of the requesting application.

                        BIASOperationName

string

0..1

N

Identifies the BIAS operation that is being requested: “DeleteSubjectFromGallery”.

            GalleryID

BIASIDType

1

Y

The identifier of the gallery or population group from which the subject will be deleted.

            Identity

BIASIdentity

1

Y

The identity to remove from the gallery.

                        SubjectID

BIASIDType

0..1

C

A system unique identifier for a subject.

Required if an Identity Claim is not provided.

                        IdentityClaim

BIASIDType

0..1

C

An identifier by which a subject is known to a particular gallery or population group.

Required if a Subject ID is not provided.

Response Message

Field

Type

#

?

Meaning

DeleteSubjectFromGalleryResponse

 

 

Y

The response to a DeleteSubjectFromGallery operation.

DeleteSubjectFromGalleryResponsePackage

 

 

 

 

            ResponseStatus

ResponseStatus

1

Y

Returned status for the operation.

                        Return

ReturnCode

1

Y

The return code indicates the return status of the operation.

                        Message

string

0..1

N

A short message corresponding to the return code.

4.1.9 GetIdentifySubjectResults

GetIdentifyResultsRequest

GetIdentifySubjectResultsResponse

The GetIdentifySubjectResults operation retrieves the identification results for the specified token. This opereation is used in conjunction with the IdentifySubject operation. If the IdentifySubject operation is implemented as an asynchronous service, the implementing system returns a token and the GetIdentifySubjectResults operation is used to poll for the results of the original IdentifySubject request.

Request Message

Field

Type

#

?

Meaning

GetIdentifySubjectResults

 

 

Y

Retrieve the identification results for a specified token, which was returned by the IdentifySubject operation.

*       GetIdentifySubjectResultsRequest

 

1

Y

 

            GenericRequestParameters

GenericRequestParameters

0..1

N

Common request parameters that can be used to identify the requester.

                        Application

ApplicationIdentifier

0..1

N

Identifies the requesting application.

                        ApplicationUser

ApplicationUserIdentifier

0..1

N

Identifies the user or instance of the requesting application.

                        BIASOperationName

string

0..1

N

Identifies the BIAS operation that is being requested: “GetIdentifySubjectResults”.

            Token

TokenType

1

Y

A value used to retrieve the results of an IdentifySubject request.

                        TokenValue

string

1

Y

A value returned by the implementing system that is used to retrieve the results to an operation at a later time.

                        Expiration

date

1

Y

A date and time at which point the token expires and the operation results are no longer guaranteed to be available.

Response Message

Field

Type

#

?

Meaning

GetIdentifySubjectResultsResponse

 

 

Y

The response to a GetIdentifySubjectResults operation, which includes a candidate list.

GetIdentifySubjectResultsResponsePackage

 

1

Y

 

            ResponseStatus

ResponseStatus

1

Y

Returned status for the operation.

                        Return

ReturnCode

1

Y

The return code indicates the return status of the operation.

                        Message

string

0..1

N

A short message corresponding to the return code.

            CandidateList

CandidateListType

1

Y

A rank-ordered list of candidates that have a likelihood of matching the input biometric sample.

                        Candidate

CandidateType

0..*

N

A single candidate.

                                    Score

Score

0..1

N

The match score.

                                    BiographicData

BiographicDataType

0..1

N

Biographic data associated with the candidate match.

                                    BIRList

CBEFF_BIR_ListType

1

Y

Biometric data associated with the candidate match.

                                                BIR

CBEFF_BIR_Type

0..*

N

CBEFF structure containing information about a biometric sample.

4.1.10 IdentifySubject

IdentifySubjectRequest

IdentifySubjectResponse

The IdentifySubject operation performs an identification search against a given gallery for a given biometric, returning a rank-ordered candidate list of a given maximum size.

If the IdentifySubject operation is implemented as a synchronous service, the implementing system immediately processes the request and returns the results in the candidate list. If the IdentifySubject operation is implemented as an asynchronous service, the implementing system returns a token, which is an indication that the request is being handled asynchronously. In this case, the GetIdentifySubjectResults operation is used to poll for the results of the IdentifySubject request.

Request Message

Field

Type

#

?

Meaning

IdentifySubject

 

 

Y

Perform an identification search against a given gallery for a given biometric.

IdentifySubjectRequest

 

1

Y

 

            GenericRequestParameters

GenericRequestParameters

0..1

N

Common request parameters that can be used to identify the requester.

                        Application

ApplicationIdentifier

0..1

N

Identifies the requesting application.

                        ApplicationUser

ApplicationUserIdentifier

0..1

N

Identifies the user or instance of the requesting application.

                        BIASOperationName

string

0..1

N

Identifies the BIAS operation that is being requested: “IdentifySubject”.

            GalleryID

BIASIDType

1

Y

The identifier of the gallery or population group which will be searched.

            Identity

BIASIdentity

1

Y

Contains the BIR, a data structure containing the biometric sample for the search.

                        BiometricData

BIASBiometricDataType

1

Y

An Identity’s biometric data.

                                    BIR

CBEFF_BIR_Type

1

Y

Contains biometric information in either a non-XML or an XML representation.

            MaxListSize

positiveInteger

1

Y

The maximum size of the candidate list that should be returned.

Response Message

Field

Type

#

?

Meaning

 

IdentifySubjectResponse

 

 

Y

The response to an IdentifySubject operation, returning a rank-ordered candidate list.

 

IdentifySubjectResponsePackage

 

1

Y

 

 

            ResponseStatus

ResponseStatus

1

Y

Returned status for the operation.

 

                        Return

ReturnCode

1

Y

The return code indicates the return status of the operation.

 

                        Message

string

0..1

N

A short message corresponding to the return code.

 

            CandidateList

CandidateListResultType

(see IdentifySubjectResultType)

0..1

C

A rank-ordered list of candidates that have a likelihood of matching the input biometric sample (i.e., exceed the system threshold).

Rank ordering is from highest to lowest match score.

Returned with successful synchronous request processing.

 

                        Candidate

CandidateType

0..*

N

A single candidate.

                                    Score

string

0..1

N

The match score.

                                    BiographicData

BiographicDataType

0..1

N

Biographic data associated with the candidate match.

                                    BIRList

CBEFF_BIR_ListType

1

Y

Biometric data associated with the candidate match.

                                                BIR

CBEFF_BIR_Type

0..*

N

CBEFF structure containing information about a biometric sample.

            Token

TokenResultType

(see IdentifySubjectResultType)

0..1

C

A token used to retrieve the results of the IdentifySubject operation.

Returned with asynchronous request processing.

 

                        TokenValue

string

1

Y

A value returned by the implementing system that is used to retrieve the results to an operation at a later time.

 

                        Expiration

date

1

Y

A date and time at which point the token expires and the operation results are no longer guaranteed to be available.

 

NOTES: 

(1)   In the event that the number of candidates exceeding the threshold exceeds the MaxListSize, the system will determine which candidate is included in the last position of the rank ordered candidate list (i.e., in the event of a tie).

(2)   Requesters MAY NOT change the system thresholds.

4.1.11 ListBiographicData

ListBiographicDataRequest

ListBiographicDataResponse

The ListBiographicData operation lists the biographic data elements stored for a subject using the Biographic Data Elements output parameter. Note that no actual biographic data is returned by this operation (see the RetrieveBiographicInformation operation to obtain the biographic data). In the encounter-centric model, an encounter ID MAY be specified to indicate that only the biographic data elements stored for that encounter should be returned. If an encounter ID is not specified and encounter data exists for the subject, the operation returns the list of encounter IDs which contain biographic data using the Encounter List output parameter, and the Biographic Data Elements output parameter is empty.

Request Message

Field

Type

#

?

Meaning

ListBiographicData

 

 

Y

Lists the biographic data elements stored for a subject.

ListBiographicDataRequest

 

1

Y

 

            GenericRequestParameters

GenericRequestParameters

0..1

N

Common request parameters that can be used to identify the requester.

                        Application

ApplicationIdentifier

0..1

N

Identifies the requesting application.

                        ApplicationUser

ApplicationUserIdentifier

0..1

N

Identifies the user or instance of the requesting application.

                        BIASOperationName

string

0..1

N

Identifies the BIAS operation that is being requested: “ListBiographicData”.

            Identity

BIASIdentity

1

Y

Identifies the subject or, in the encounter-centric model, a subject and an encounter.

                        SubjectID

BIASIDType

1

Y

A system unique identifier for a subject.

                        EncounterID

BIASIDType

0..1

N

The identifier of an encounter associated with the subject.

Response Message

Field

Type

#

?

Meaning

ListBiographicDataResponse

 

 

Y

The response to a ListBiographicData request, containing a list of biographic data elements stored for a subject. In the encounter-centric model, the biographic data elements for a specific encounter are returned. If an encounter ID is not specified and encounter data exists for the subject, the list of encounter IDs which contain biographic data is returned.

ListBiographicDataResponsePackage

 

1

Y

 

            ResponseStatus

ResponseStatus

1

Y

Returned status for the operation.

                        Return

ReturnCode

1

Y

The return code indicates the return status of the operation.

                        Message

string

0..1

N

A short message corresponding to the return code.

            Identity

BIASIdentity

1

Y

Contains a list of biographic data elements associated with a subject or encounter; non-empty if the service was successful, biographic data exists, and either (a) the person-centric model is being used or (b) the encounter-centric model is being used and an encounter identifier was specified.

                        BiographicDataElements

BiographicDataType

0..1

C

An Identity’s biographic data elements that are stored in the implementing system.

                                    BiographicDataItem

BiographicDataItemType

0..*

N

A single biographic data element.

                                                Name

string

1

Y

The name of the biographic data item.

                                                Type

string

1

Y

The data type for the biographic data item.

                        EncounterList

EncounterListType

0..1

C

A list of encounter ID’s associated with a subject and which contain biographic data; non-empty if the service was successful, biographic data exists, the encounter-centric model is being used, and an encounter identifier was not specified.

                                    EncounterID

BIASIDType

0..*

N

The identifier of an encounter.

4.1.12 ListBiometricData

ListBiometricDataRequest

ListBiometricDataResponse

The ListBiometricData operation lists the biometric data elements stored for a subject using the Biometric Data List output parameter. Note that no actual biometric data is returned by this operation (see the RetrieveBiometricInformation operation to obtain the biometric data). In the encounter-centric model, an encounter ID MAY be specified to indicate that only the biometric data elements stored for that encounter should be returned. If an encounter ID is not specified and encounter data exists for the subject, the operation returns the list of encounter IDs which contain biometric data using the Encounter List output parameter, and the Biometric Data List output parameter is empty.

An optional parameter MAY be used to indicate a filter on the list of returned data. Such a filter may indicate that only biometric types should be listed (e.g., face, finger, iris, etc.) or that only biometric subtypes for a particular biometric type should be listed (e.g., all fingerprints: left slap, right index, etc.). If a filter is not specified, all biometric type and biometric subtype information are listed (e.g., left index finger, right iris, face frontal, etc.).

Request Message

Field

Type

#

?

Meaning

ListBiometricData

 

 

Y

Lists the biometric data elements stored for a subject.

ListBiometricDataRequest

 

1

Y

 

            GenericRequestParameters

GenericRequestParameters

0..1

N

Common request parameters that can be used to identify the requester.

                        Application

ApplicationIdentifier

0..1

N

Identifies the requesting application.

                        ApplicationUser

ApplicationUserIdentifier

0..1

N

Identifies the user or instance of the requesting application.

                        BIASOperationName

string

0..1

N

Identifies the BIAS operation that is being requested: “ListBiometricData”.

 

            Identity

BIASIdentity

1

Y

Identifies the subject or, in the encounter-centric model, a subject and an encounter.

                        SubjectID

BIASIDType

1

Y

A system unique identifier for a subject.

                        EncounterID

BIASIDType

0..1

N

The identifier of an encounter associated with the subject.

            ListFilterType

ListFilterType

0..1

N

Indicates what biometric information should be returned.

                        BiometricTypeFilter

oasis_cbeff:MultipleTypesType

1..*

Y

Limits the returned information to a specific type of biometric, as defined by CBEFF.

                        IncludeBiometricSubType

boolean

1

Y

A Boolean flag indicating if biometric subtype information should be returned.

Response Message

Field

Type

#

?

Meaning

ListBiometricDataResponse

 

 

Y

The response to a ListBiometricData operation, containing a list of biometric data elements stored for a subject. In the encounter-centric model, the biometric data elements for a specific encounter are returned. If an encounter ID is not specified and encounter data exists for the subject, the list of encounter IDs which contain biometric data is returned.

ListBiometricDataResponsePackage

 

1

Y

 

            ResponseStatus

ResponseStatus

1

Y

Returned status for the operation.

                        Return

ReturnCode

1

Y

The return code indicates the return status of the operation.

                        Message

string

0..1

N

A short message corresponding to the return code.

            Identity

BIASIdentity

0..1

N

Includes a list of biometric data elements associated with a subject or encounter or a list of encounter ID’s associated with a subject and which contain biometric data.

                        BiometricData

BIASBiometricDataType

0..1

C

An Identity’s biometric data.

                                    BiometricDataList

BiometricDataListType

0..1

N

A list of biometric data elements.

                                                BiometricDataElement

BiometricDataElementType

1..*

Y

Data structure containing information about a biometric record.

                                                            BiometricType

oasis_cbeff:MultipleTypesType

1

Y

The type of biological or behavioral data stored in the biometric record, as defined by CBEFF.

                                                            BiometricTypeCount

positiveInteger

0..1

N

The number of biometric records having the biometric type recorded in the biometric type field.

                                                            BiometricSubType

oasis_cbeff:SubtypeType

0..1

N

More specifically defines the type of biometric data stored in the biometric record, as defined by CBEFF.

                                                            BDBFormatOwner

positiveInteger

1

Y

Identifies the standards body, working group, industry consortium, or other CBEFF biometric organization that has defined the format for the biometric data.

                                                            BDBFormatType

positiveInteger

1

Y

Identifies the specific biometric data format specified by the CBEFF biometric organization recorded in the BDB Format Owner field.

                        EncounterList

EncounterListType

0..1

C

A list of encounter ID’s associated with a subject and which contain biometric data; non-empty if the service was successful, biometric data exists, the encounter-centric model is being used, and an encounter identifier was not specified.

                                    EncounterID

BIASIDType

1..*

Y

The identifier of an encounter.

4.1.13 PerformFusion

PerformFusionRequest

PerformFusionResponse

The PerformFusion operation accepts either match score or match decision information and creates a fused match result. The FusionInformationListType, through the FusionInformationType, provides specific elements for match score input and match decision input. The fusion method and processes are left to the implementing system.

Request Message

Field

Type

#

?

Meaning

PerformFusion

 

 

Y

Accepts either match score or match decision information and creates a fused match result.

PerformFusionRequest

 

1

Y

 

            GenericRequestParameters

GenericRequestParameters

0..1

N

Common request parameters that can be used to identify the requester.

                        Application

ApplicationIdentifier

0..1

N

Identifies the requesting application.

                        ApplicationUser

ApplicationUserIdentifier

0..1

N

Identifies the user or instance of the requesting application.

                        BIASOperationName

string

0..1

N

Identifies the BIAS operation that is being requested: “PerformFusion”.

            FusionInput

FusionInformationListType

1

Y

Score or decision input information to the fusion method.

                        FusionElement

FusionInformationType

2..*

Y

A set of fusion information.

                                    BiometricType

oasis_cbeff:MultipleTypesType

1

Y

The type of biological or behavioral data stored in the biometric record, as defined by CBEFF.

                                    BiometricSubType

oasis_cbeff:SubtypeType

0..1

N

More specifically defines the type of biometric data stored in the biometric record.

                                    AlgorithmOwner

string

1

Y

The owner or vendor of the algorithm used to determine the score or decision.

                                    AlgorithmType

string

1

Y

The Algorithm Owner’s identifier for the specific algorithm product and version used to determine the score or decision.

                                    FusionResult

FusionResult

0..1

C

Either FusionScore  or a FusionDecision element MUST be used.

Response Message

Field

Type

#

?

Meaning

PerformFusionResponse

 

 

Y

The response to the PerformFusion operation.

PerformFusionResponsePackage

 

1

Y

 

            ResponseStatus

ResponseStatus

1

Y

Returned status for the operation.

                        Return

ReturnCode

1

Y

The return code indicates the return status of the operation.

                        Message

string

0..1

N

A short message corresponding to the return code.

            Match

MatchType

1

1

Indicates the result of the fusion method.

4.1.14 QueryCapabilities

QueryCapabilitiesRequest

QueryCapabilitiesResponse

The QueryCapabilities operation returns a list of the capabilities, options, galleries, etc. that are supported by the BIAS implementation. Refer to Annex A in the INCITS BIAS standard [INCITS-BIAS] for conformance requirements regarding which capability names an implementation must use in the QueryCapabilities operation.

Request Message

Field

Type

#

?

Meaning

QueryCapabilities

 

 

Y

Returns a list of the capabilities, options, galleries, etc. that are supported by the BIAS implementation.

QueryCapabilitiesRequest

 

1

Y

 

            GenericRequestParameters

GenericRequestParameters

0..1

N

Common request parameters that can be used to identify the requester.

                        Application

ApplicationIdentifier

0..1

N

Identifies the requesting application.

                        ApplicationUser

ApplicationUserIdentifier

0..1

N

Identifies the user or instance of the requesting application.

                        BIASOperationName

string

0..1

N

Identifies the BIAS operation that is being requested: “QueryCapabilities”.

Response Message

Field

Type

#

?

Meaning

QueryCapabilitiesResponse

 

 

Y

The response to a QueryCapabilities operation.

*       QueryCapabilitiesResponsePackage

 

1

Y

 

            ResponseStatus

ResponseStatus

1

Y

Returned status for the operation.

                        Return

ReturnCode

1

Y

The return code indicates the return status of the operation.

                        Message

string

0..1

N

A short message corresponding to the return code.

            CapabilityList

CapabilityListType

1

Y

A list of capabilities supported by the BIAS implementation.

                        Capability

CapabilityType

0..*

N

A single capability.

                                    CapabilityName

CapabilityName

1

Y

The name of the capability.

                                    CapabilityID

string

0..1

N

An identifier assigned to the capability by the implementing system.

                                    CapabilityDescription

string

0..1

N

A description of the capability.

                                    CapabilityValue

string

0..1

N

A value assigned to the capability.

                                    CapabilitySupportingValue

string

0..1

N

A secondary value supporting the capability.

                                    CapabilityAdditionalInfo

string

0..1

N

Contains additional information for the supported capability.

4.1.15 RetrieveBiographicInformation

RetrieveBiographicInformationRequest

RetrieveBiographicInformationResponse

The RetrieveBiographicInformation operation retrieves the biographic data associated with a subject ID. In the encounter-centric model, the encounter ID MAY be specified and the operationwill return the biographic data associated with that encounter. If the encounter ID is not specified in the encounter-centric model, the operation returns the biographic information associated with the most recent encounter.

Request Message

Field

Type

#

?

Meaning

RetrieveBiographicInformation

 

 

Y

Retrieves the biographic data associated with a subject ID.

*       RetrieveBiographicInformationRequest

 

1

Y

 

            GenericRequestParameters

GenericRequestParameters

0..1

N

Common request parameters that can be used to identify the requester.

                        Application

ApplicationIdentifier

0..1

N

Identifies the requesting application.

                        ApplicationUser

ApplicationUserIdentifier

0..1

N

Identifies the user or instance of the requesting application.

                        BIASOperationName

string

0..1

N

Identifies the BIAS operation that is being requested: “RetrieveBiographicInformation”.

            Identity

BIASIdentity

1

Y

Identifies the subject or, in the encounter-centric model, a subject and an encounter.

                        SubjectID

BIASIDType

1

Y

A system unique identifier for a subject.

                        EncounterID

BIASIDType

0..1

N

The identifier of an encounter associated with the subject.

Response Message

Field

Type

#

?

Meaning

RetrieveBiographicInformationResponse

 

 

Y

The response to a RetrieveBiographicInformation operation.

RetrieveBiographicInformationResponsePackage

 

1

Y

 

            ResponseStatus

ResponseStatus

1

Y

Returned status for the operation.

                        Return

ReturnCode

1

Y

The return code indicates the return status of the operation.

                        Message

string

0..1

N

A short message corresponding to the return code.

            Identity

BIASIdentity

1

Y

Includes the set of biographic data associated with a subject.

                        BiographicData

BiographicDataType

1

Y

An Identity’s biographic data.

One of the following elements MUST be present.

                                    LastName

string

0..1

C

The last name of a subject.

                                    FirstName

string

0..1

C

The first name of a subject.

                                    BiographicDataItem

BiographicDataItemType

0..*

C

A single biographic data element.

                                    BiographicDataSet

BiographicDataItemType

0..1

C

A set of biographic data information.

4.1.16 RetrieveBiometricInformation

RetrieveBiometricInformationRequest

RetrieveBiometricInformationResponse

The RetrieveBiometricInformation operation retrieves the biometric data associated with a subject ID. In the encounter-centric model, the encounter ID MAY be specified and the operationwill return the biometric data associated with that encounter. If the encounter ID is not specified in the encounter-centric model, the operation returns the biometric information associated with the most recent encounter.The operation provides an OPTIONAL input parameter to specify that only biometric data of a certain type should be retrieved.

Request Message

Field

Type

#

?

Meaning

RetrieveBiometricInformation

 

 

Y

Retrieves the biometric data associated with a subject ID.

RetrieveBiometricInformationRequest

 

1

Y

 

            GenericRequestParameters

GenericRequestParameters

0..1

N

Common request parameters that can be used to identify the requester.

                        Application

ApplicationIdentifier

0..1

N

Identifies the requesting application.

                        ApplicationUser

ApplicationUserIdentifier

0..1

N

Identifies the user or instance of the requesting application.

                        BIASOperationName

string

0..1

N

Identifies the BIAS operation that is being requested: “RetrieveBiometricInformation”.

            Identity

BIASIdentity

1

Y

Identifies the subject or, in the encounter-centric model, a subject and an encounter.

                        SubjectID

BIASIDType

1

Y

A system unique identifier for a subject.

                        EncounterID

BIASIDType

0..1

N

The identifier of an encounter associated with the subject.

            BiometricType

oasis_cbeff:MultipleTypesType

0..1

N

The type of biological or behavioral data to retrieve.

Response Message

Field

Type

#

?

Meaning

RetrieveBiometricInformationResponse

 

 

Y

The response to a RetrieveBiometricInformation operation.

RetrieveBiometricInformationResponsePackage

 

1

Y

 

            ResponseStatus

ResponseStatus

1

Y

Returned status for the operation.

                        Return

ReturnCode

1

Y

The return code indicates the return status of the operation.

                        Message

string

0..1

N

A short message corresponding to the return code.

            Identity

BIASIdentity

1

Y

Includes the biometric data associated with a subject.

                        BiometricData

BIASBiometricDataType

1

Y

An Identity’s biometric data.

                                    BIRList

CBEFF_BIR_ListType

1

Y

A list of CBEFF-BIR elements.

                                                BIR

CBEFF_BIR_Type

0..*

N

CBEFF structure containing information about a biometric sample.

4.1.17 SetBiographicData

SetBiographicDataRequest

SetBiometricDataResponse

The SetBiographicData operation associates biographic data to a given subject record. The identity model of the system determines whether the biographic information should replace any existing biographic information (person-centric model) or if a new encounter should be created and associated with the subject (encounter-centric model). For encounter-centric models, the encounter ID MAY be specified by the caller in order to link biographic and biometric information (assuming biometric information was previously associated using the SetBiometricData operation). If the encounter ID is omitted for the encounter-centric model, the operation returns a system-assigned encounter ID.

Request Message

Field

Type

#

?

Meaning

SetBiographicData

 

 

Y

Associates biographic data to a given subject record.

SetBiographicDataRequest

 

1

Y

 

            GenericRequestParameters

GenericRequestParameters

0..1

N

Common request parameters that can be used to identify the requester.

                        Application

ApplicationIdentifier

0..1

N

Identifies the requesting application.

                        ApplicationUser

ApplicationUserIdentifier

0..1

N

Identifies the user or instance of the requesting application.

 

                        BIASOperationName

string

0..1

N

Identifies the BIAS operation that is being requested: “SetBiographicData”.

 

            Identity

BIASIdentity

1

Y

Identifies the subject or, in the encounter-centric model, a subject and an encounter, and includes the biographic data to store.

 

                        SubjectID

BIASIDType

1

Y

A system unique identifier for a subject.

 

                        EncounterID

BIASIDType

0..1

N

The identifier of an encounter associated with the subject.

 

                        BiographicData

BiographicDataType

1

Y

An Identity’s biographic data.

One of the following elements MUST be present.

 

                                    LastName

string

0..1

C

The last name of a subject.

 

                                    FirstName

string

0..1

C

The first name of a subject.

 

                                    BiographicDataItem

BiographicDataItemType

0..*

C

A single biographic data element.

 

                                    BiographicDataSet

BiographicDataSetType

0..1

C

A set of biographic data information.

 

Response Message

Field

Type

#

?

Meaning

SetBiographicDataResponse

 

 

Y

The response to a SetBiographicData operation.

*       SetBiographicDataResponsePackage

 

1

Y

 

            ResponseStatus

ResponseStatus

1

Y

Returned status for the operation.

                        Return

ReturnCode

1

Y

The return code indicates the return status of the operation.

                        Message

string

0..1

N

A short message corresponding to the return code.

            Identity

BIASIdentity

0..1

C

In an encounter-centric model, identifies the encounter ID assigned to a new encounter.

                        EncounterID

BIASIDType

1

Y

The identifier of an encounter associated with the subject.

4.1.18 SetBiometricData

SetBiometricDataRequest

SetBiometricDataResponse

The SetBiometricData operation associates biometric data to a given subject record. The identity model of the system determines whether the biometric information should replace any existing biometric information (person-centric model) or if a new encounter should be created and associated with the subject (encounter-centric model). For encounter-centric models, the encounter ID MAY be specified by the caller in order to link biographic and biometric information (assuming biographic information was previously associated using the SetBiographicData operation). If the encounter ID is omitted for the encounter-centric model, the operation returns a system-assigned encounter ID.

Request Message

Field

Type

#

?

Meaning

SetBiometricData

 

 

Y

Associates biometric data to a given subject record.

SetBiometricDataRequest

 

1

Y

 

            GenericRequestParameters

GenericRequestParameters

0..1

N

Common request parameters that can be used to identify the requester.

                        Application

ApplicationIdentifier

0..1

N

Identifies the requesting application.

                        ApplicationUser

ApplicationUserIdentifier

0..1

N

Identifies the user or instance of the requesting application.

                        BIASOperationName

string

0..1

N

Identifies the BIAS operation that is being requested: “SetBiometricData”.

            Identity

BIASIdentity

1

Y

Identifies the subject or, in the encounter-centric model, a subject and an encounter, and includes the biometric data to store.

                        SubjectID

BIASIDType

1

Y

A system unique identifier for a subject.

                        EncounterID

BIASIDType

0..1

N

The identifier of an encounter associated with the subject.

                        BiometricData

BIASBiometricDataType

1

Y

An Identity’s biometric data.

                                    BIRList

CBEFF_BIR_ListType

1

Y

A list of CBEFF-BIR elements.

                                                BIR

CBEFF_BIR_Type

1..*

Y

CBEFF structure containing information about a biometric sample.

Response Message

Field

Type

#

?

Meaning

SetBiometricDataResponse

 

 

Y

The response to a SetBiometricData operation.

SetBiometricDataResponsePackage

 

1

Y

 

            ResponseStatus

ResponseStatus

1

Y

Returned status for the operation.

                        Return

ReturnCode

1

Y

The return code indicates the return status of the operation.

                        Message

string

0..1

N

A short message corresponding to the return code.

            Identity

BIASIdentity

0..1

C

In an encounter-centric model, identifies the encounter ID assigned to a new encounter.

                        EncounterID

BIASIDType

1

Y

The identifier of an encounter associated with the subject.

4.1.19 TransformBiometricData

TransformBiometricDataRequest

TransformBiometricDataResponse

The TransformBiometricData operation transforms or processes a given biometric in one format into a new target format.

Request Message

Field

Type

#

?

Meaning

TransformBiometricData

 

 

Y

Transforms or processes a given biometric in one format into a new target format.

TransformBiometricDataRequest

 

1

Y