There is a new protocol for communicating with biometric sensors over wired and wireless networks, using some of the same technologies that underpin the web.
The new protocol, called WS-Biometric Devices (WS-BD), allows desktops, laptops, tablets and smartphones to access sensors that capture biometric data such as fingerprints, iris images and face images using web services. Web services themselves are not new; for example, video-on-demand services use web services to stream videos to mobile devices and televisions.
The WS-Biometric Devices protocol, developed and published by the National Institute of Standards and Technology (NIST), can simplify setting up and maintaining secure biometric systems for verifying identity because such biometric systems will be easier to assemble with interoperable components compared to current biometric systems that generally have proprietary device-specific drivers and cables. WS-BD enables interoperability by adding a device-independent web-services layer in the communication protocol between biometric devices and systems.
Remember the last time you bought a new computer only to learn that you then had to upgrade your printer and find the appropriate drivers? For system owners, the difficulty of upgrading devices on a biometric system can mean significant costs. Using the WS-BD protocol should eliminate that problem.
“This would be useful to many organizations that house biometric systems, including border control and customs agencies,” said computer scientist Kevin Mangold. Using current biometric systems, when one biometric sensor breaks, it can be expensive and time-consuming to find a replacement because manufacturers often change product lines and phase out previous generation devices. A few broken devices could entail having to rebuild the entire system, upgrade devices and drivers that may be incompatible with host operating systems, and retrain personnel, he said.
Biometrics are playing an increasing role in security, access control and identity management. And their use is expanding — for example, some theme parks use biometrics for access control. Fingerprints work in conjunction with passwords for computer security. There are jobs that require employees to provide biometrics; using WS-BD equipment could potentially reduce costs by facilitating interoperability in biometrics devices.
A 2010 National Academies study, Biometric Recognition: Challenges and Opportunities, said “Biometric systems should be designed to anticipate the development and adoption of new advances and standards, modularizing components that are likely to become obsolete, such as biometric sensors, and matcher systems, so that they can be easily replaced.”
NIST developed a solution with the support of the Department of Homeland Security Science and Technology Directorate, the Federal Bureau of Investigation’s Biometric Center of Excellence and NIST’s Comprehensive National Cybersecurity Initiative. NIST also is working with industry through the Small Business Innovation Research Program to help bring these plug-and-play biometric devices to market.