(Continuation of Q.8/17)
During the previous study period, Q.8/17 prepared the environment for the
usage of biometrics in telecommunication applications and provided necessary
Recommendations. As biometrics has been widely accepted for identity
verification in applications such as e-commerce and e-passport, biometric
application systems have presented various challenges related to privacy,
reliability and security of biometric data. These challenges become more
complicated and demanding when biometric authentication is adopted in an open
Currently, telecommunication applications using mobile terminals and Internet
services demand authentication methods that not only provide high security but
are also convenient for users. Tele-medicine, tele-health and e-health are
emerging examples of such applications. Biometric authentication is expected to
satisfy these requirements but it is also necessary to specify requirements
related to usage of Recommendations related to security, safety, and privacy
protection. Furthermore, it is intended to address issues like conformance and
interoperability testing for the Recommendations, as well as populating the
Recommendations under responsibility of this Question as of 1 December 2008:
X.1081, X.1082, X.1083, X.1084, X.1086, X.1088, and X.1089.
Study items to be considered include, but are not limited to:
- How to further enhance the current Recommendations for their wide
deployment and usage?
- What are the requirements for biometrics authentication in a high
functionality network such as NGN?
- How should security countermeasures be assessed for particular
applications of telebiometrics?
- How should biometric systems and operations including multi-factor
authentication be designed in order to be conformant to the security
requirements for any application of telebiometrics?
- How can identification and authentication of users be improved by the
use of interoperable models for safe and secure telebiometric methods?
- What mechanisms need to be supported to ensure safe and secure
manipulation of biometric data in any application of telebiometrics, e.g.,
e-health, tele-medicine or tele-health?
Tasks include, but are not limited to:
- Enhance current Recommendations to accelerate their adoption to various
telebiometric applications and populate the telebiometric database.
- Review the similarities and differences among the existing
telebiometrics Recommendations in ITU-T and ISO/IEC standards.
- Study and develop security requirements and guidelines for any
application of telebiometrics.
- Study and develop requirements for evaluating security, conformance and
interoperability with privacy protection techniques for any application of
- Study and develop requirements for telebiometric applications in a high
- Study and develop requirements for telebiometric multi-factor
authentication techniques based on biometric data protection and biometric
- Study and develop requirements for appropriate generic protocols
providing safety, security, privacy protection, and consent “for
manipulating biometric data” in any application of telebiometrics, e.g.,
e-health, tele-medicine, tele-health.
Recommendations: X.200, X.273, X.274, X.509, X.680, X.805 and X.1051
Questions: ITU-T Qs 1, 2, 3, 4, 5, 6, 7, 10, 11, 12, 15/17, 17/13 and 14/15
Study groups: ITU-T SGs 2, 5, 9, 11, 13, 15 and 16; ITU-R
Standardization bodies: ISO/IEC JTC 1/SCs 17, 27 and 37; ISO/TCs 12, 68 and
215; IEC/TC 25; IETF; IEEE
Other bodies: International Bureau of Weights and Measures (BIPM)