ITU

Committed to connecting the world

Question 9/17

​​
Question 9/17 – Telebiometrics
(Continuation of Q9/17)

Motivation

During the previous study period, Q9/17 prepared the environment for the usage of biometrics in telecommunication applications and achieved necessary Recommendations. As biometrics has been widely accepted for identity verification in applications such as e-commerce and e-health, biometric application systems have presented various challenges related to privacy protection, reliability and security of biometric data. These challenges become more complicated and demanding when biometric authentication is adopted in an open network environment.

Currently, telecommunication applications using mobile terminals and Internet services demand authentication methods that not only provide high security but are also convenient for users. Online-banking using a mobile phone and video surveillance using network cameras or CCTV are examples of such emerging applications, where telebiometric authentication is expected to satisfy these demands. Hence, it is necessary to specify requirements for the usage of Recommendations related to security, safety, and privacy protection. Furthermore, it is required to address issues like conformance and interoperability testing for the Recommendations, as well as populating the telebiometric database.

Recommendations under responsibility of this Question as of 1 December 2012: X.1080.1, X.1081, X.1082, X.1083, X.1084, X.1086, X.1088, X.1089, X.1090, and X.1091.
Texts under development: X.bhsm, X.tam, X.th2, X.th3, X.th4, X.th5, X.th6, and X.tif.

 

Question
Study items to be considered include, but are not limited to:
  1. How to further enhance or revise the current Recommendations for their wide deployment and usage?
  2. What are the requirements for biometrics authentication in a high functionality network such as NGN?
  3. How should security countermeasures be assessed for particular applications of telebiometrics?
  4. How should biometric systems and operations be developed in order to be conformant to the security requirements for any application of telebiometrics including cloud computing services?
  5. How can identification and authentication of users be improved in the aspects of safety and security by the use of interoperable models in telebiometrics?
  6. What mechanisms need to be supported to ensure safe and secure manipulation of biometric data in not only existing but also emerging application of telebiometrics, e.g., e-health, tele-medicine, e-commerce, online-banking, video surveillance?

Tasks

Tasks include, but are not limited to:

  1.  Enhance and revise current Recommendations of telebiometric authentication and populate the telebiometric database.
  2.  Review the similarities and differences among the existing telebiometrics Recommendations in ITUT and standards in ISO/IEC.
  3. Study and develop security requirements and guidelines for any application of telebiometrics using architectures and frameworks including the ones developed under Question 2/17.
  4. Study and develop requirements for evaluating security, conformance and interoperability with privacy protection techniques for any application of telebiometrics.
  5. Study and develop requirements for telebiometric applications in a high functionality network.
  6. Study and develop integrated frameworks and requirements of telebiometric architectures for cloud computing services.
  7. Study and develop requirements of telebiometric authentication for trust identity framework.
  8. Study and develop requirements for appropriate generic protocols providing safety, security, privacy protection, and consent “for manipulating biometric data” in any application of telebiometrics, e.g., e-health, tele-medicine, e-commerce, online-banking, video surveillance.

Relationships

Recommendations:

  • X.200, X.273, X.274, X.509, X.680, X.805 and X.1051

Questions:

  • ITU‑T Questions 1/17, 2/17, 3/17, 4/17, 5/17, 6/17, 7/17, 10/17, 11/17, 7/13 and 14/15

Study groups

  • ITU‑T SGs 2, 5, 9, 11, 13, 15 and 16; ITU-R

Standardization bodies:

  • ISO/IEC JTC 1/SCs 17, 27 and 37; ISO/TCs 12, 68 and 215; IEC/TC 25; IETF; IEEE

Other bodies:

  • International Bureau of Weights and Measures (BIPM); World Health Organization (WHO); International Labour Organization (ILO).
​​​