Researchers at the National Institute of Standards and Technology (NIST) have developed and published a new protocol for communicating with biometric sensors over wired and wireless networks—using some of the same technologies that underpin the web.
The new protocol, called WS-Biometric Devices (WS-BD), allows desktops, laptops, tablets and smartphones to access sensors that capture biometric data such as fingerprints, iris images and face images using web services. Web services themselves are not new; for example, video-on-demand services use web services to stream videos to mobile devices and televisions.
The WS-Biometric Devices protocol will greatly simplify setting up and maintaining secure biometric systems for verifying identity because such biometric systems will be easier to assemble with interoperable components compared to current biometrics systems that generally have proprietary device-specific drivers and cables. WS-BD enables interoperability by adding a device-independent web-services layer in the communication protocol between biometric devices and systems.
Remember the last time you bought a new computer only to learn that you then had to upgrade your printer and find the appropriate drivers? For system owners, the difficulty of upgrading devices on a biometric system can mean significant costs. Using the WS-BD protocol eliminates that problem.
"This would be useful to many organizations that house biometric systems, including border control and customs agencies," explained computer scientist Kevin Mangold. Using current biometric systems, when one biometric sensor breaks, it can be expensive and time-consuming to find a replacement because manufacturers often change product lines and phase out previous generation devices. A few broken devices could entail having to rebuild the entire system, upgrade devices and drivers that may be incompatible with host operating systems, and retrain personnel, he said.
Biometrics are playing an increasing role in security, access control and identity management. And their use is expanding—for example, some theme parks use biometrics for access control. Fingerprints are used in conjunction with passwords for computer security. Many jobs require employees to provide biometrics; using WS-BD equipment could potentially reduce costs by facilitating interoperability in biometrics devices.
A 2010 National Academies study, Biometric Recognition: Challenges and Opportunities, recognized that "Biometric systems should be designed to anticipate the development and adoption of new advances and standards, modularizing components that are likely to become obsolete, such as biometric sensors, and matcher systems, so that they can be easily replaced."
NIST researchers recognized this need several years ago and developed a solution with the support of the Department of Homeland Security Science and Technology Directorate, the Federal Bureau of Investigation's Biometric Center of Excellence and NIST's Comprehensive National Cybersecurity Initiative. NIST also is working with industry through the Small Business Innovation Research Program to help bring these plug-and-play biometric devices to market.
Two NIST researchers recently demonstrated the NIST-developed WS-BD system in their lab using a tablet and two biometric sensors (see video). A tap on the tablet signals the web-enabled fingerprint sensor to capture four fingerprints from the individual whose hand is on the scanner and send it back to the tablet. A tap on another usa-button controls a camera to take a photo for facial recognition.
The new protocol, Specification for WS-Biometric Devices (NIST Special Publication 500-288) can be found at www.nist.gov/manuscript-publication-search.cfm?pub_id=910334. Additional information on this and related projects can be found at http://bws.nist.gov.
While this is a final document, NIST welcomes your feedback, comments and questions for considerations for future updates. Send your comments to the WS-BD teams by emailing 500-288comments [at] nist.gov.