This project is jointly sponsored by the IEEE Communications Society/Standards Development Board (COM/SDB) and
the IEEE Technical Activities Board/IEEE Council on RFID (CRFID) (TAB/CRFID).
Title: Biometrics Open Protocol Standard
Scope: The Biometric Open Protocol Standard (BOPS) provides Identity Assertion, Role Gathering, Multi-Level Access Control, Assurance, and Auditing. The BOPS includes software running on a client device (Android, iPhone, etc.), a trusted BOPS Server, and an IDS (Intrusion Detection System). The BOPS allows pluggable components to replace existing components functionality accepting integration into the current operating environments in a short period of time. The BOPS adheres to the principle of continuous protection in adjudicating access to resources. Accountability is the mechanism that proves a service level guarantee of security. The BOPS allows the systems to meet security needs by using the API (Application Programming Interface). The BOPS need not know whether the underlying system is a Relational Database Management System (RDBMS) or a Search Engine. The BOPS functionality offers a “point and cut” mechanism to add the appropriate security to the production systems as well as to the systems in development.
Purpose: This standard provides a biometric agnostic multi-level security protocol.
Need for the Project: Convenience drives consumers toward the biometrics based access management solutions; say studies from Ericsson, PayPal, IBM, and Microsoft. According to the Ericsson’s study “Your body is the new password”, 52 percent of smartphone users want to use their fingerprints instead of the passwords, a further 61 percent want to use fingerprints to unlock their phones, and 48 percent want to use eye- recognition. The study conducted by PayPal says that consumers approve biometrics for access management. In terms of readiness to switch from an old fashion password protection to the new technology, 53 percent of surveyed population would be comfortable replacing passwords with the fingerprints and 45 percent would choose a retinal scan, which is presumably an iris scan – the misplaced terminology points to the lack of a consumer education.IBM Fellow and Speech CTO David Nahamoo states that over the next five years, your unique biological identity and biometric data – facial definitions, iris scans, voice files, even your DNA – will become the key to the safeguarding of your personal identity and information and will replace the current user ID and password system. Microsoft Research funded a study that titled “The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes”, the cornerstone conclusion of which indicates that the vast passwords replacement transition should conform to the following criteria: nothing to carry, efficient to use, and easy recovery from a loss. The Microsoft study goes as far as concluding such criteria could be achieved mostly in the biometric schemes. Biometric technologies provide consumer with a long- awaited convenience to securely enter into the cyberspace on the frontend. The Biometric Open Standards protects digital assets and digital identities on the back-end.