Identity Management Glossary of Terms
January 8, 2009Acquisition device: The hardware used to acquire biometric samples.
Acquisition device: The hardware/sensors used to acquire biometric samples. These would include finger sensors or readers, iris scanning devices, facial recognition cameras.
Automated Fingerprint Identification System (AFIS): A system that compares a single fingerprint with a database of fingerprint images.
Automated Fingerprint Identification System (AFIS): Automated Fingerprint Identification System. A system originally developed for use by law enforcement agencies, which compares one or more fingerprints from an individual with a database of fingerprint images. Subsequent developments have seen its use in commercial applications, where a client or customer has their finger image compared with existing personal data by placing a finger on a scanner, or by the scanning of inked paper impressions.
Algorithm: A sequence of instructions that tells a system how to accomplish some task. In cryptography, refers to a sequence of actions, usually mathematical calculations, performed on data to encrypt or decrypt it. In biometric systems, it is used to determine whether a sample and a template are a match.
Algorithm: A sequence of instructions that tells a system how to solve a problem. Used by biometric systems, for example, to tell whether a sample and a template are a match. Cryptographic algorithms are used to encrypt sensitive data files, to encrypt and decrypt messages, and to digitally sign documents.
Application Program Interface (API): Modular computer code that defines how a software application interacts with an application or device. When used with biometric systems, it provides an interface between the application and the biometric device.
Application Program Interface (API): Application Program Interface. A computer code that is a set of instructions or services used to standardize the interface to an application.
Authentication: The process of validating a claim of identity, binding the presented identity to the identity claimant.
Authentication: Any process that validates an identity via the matching of an individual against a system known item. Often involving a credential (unique id, logon id) and token (SecureID, Smartcard). Primary authentication methods are:
- Access passwords (something the user knows)
- Access tokens (something the user owns)
Biometrics (something the user is)
BioAPI: The API specification developed by BioAPI Consortium designed as a standard for serving various biometric technologies.
BioAPI: Designed to produce a standard biometric API aiding integration between systems and devices. Developed by the BioAPI consortium, and first released in March 2000, BioAPI has become an international standard and is used in many biometric applications deployed worldwide.
Biometric: A process by which identity is verified through the examination of behavioral or physiological characteristics, such as fingerprint or retinal scan.
Biometric: A measurable, physical characteristic or personal behavior trait used to recognize the identity, or verify the claimed identity, of an applicant. Facial images, fingerprints, and handwriting samples are all examples.
Biometric: A unique, machine measurable biological trait or characteristic that can be used to verify identity. Common biometrics are fingerprint, hand geometry, iris patterns, speaker recognition and face.
Claim of Identity or Credential: An assertion made that an individual is a recognized identity.
Credential: An object that authoritatively binds an identity (and optionally, additional attributes) to and are controlled by an individual.
Claim of Identity or Credential: A unique item, which identifies the individual. Credentials include things like ID badges, smart cards, driver’s licenses, passports and other identity credentials.
Contact & Contactless: In regard to chip cards: whether the card is read by direct contact with a reader or has a transmitter/receiver system which allows it to be read using radio frequency technology (up to a certain distance).
Contact & Contactless: In regard to identification cards: whether the card is read by direct contact with a reader or has an internal transmitter/receiver which allows it to be read using radio frequency technologies (distance limited).
Enrollment: The initial process of collecting identity authentication data from a user. When referring to biometric systems, it is the process of collecting biometric data from an individual that will be stored in a template for later comparison.
Enrollment: The process capturing an individual’s biographic and biometric data for entry into an identification system.
False Accept Rate (FAR): The frequency (usually expressed as a percentage) at which imposters are incorrectly accepted as identified or verified by an authentication system.
False Accept Rate (FAR): The probability that a biometric system will incorrectly identify an individual or will fail to reject an imposter. The rate given normally assumes passive imposter attempts. The FAR may be estimated as follows:
FAR= NFA/NIVA FAR is the False Acceptance rate, NFA is the number of false acceptances, and NIVA is the number of imposter verification attempts.
False Accept Rate (FAR): is the probability of a random user, who is not enrolled, being falsely accepted by a specific system. Sometimes referred to as a false positive or false match rate.False Reject Rate (FRR): The frequency (usually expressed as a percentage) at which enrolled persons are incorrectly rejected as unidentified or unverified persons by an authentication system.
False Rejection Rate (FRR): The probability that a biometric system will fail to identify an applicant, or verify the legitimate claimed identity of an applicant. The False Rejection Rate may be estimated as follows:
FRR=NFR/NEVA FRR is the false rejection rate, NFR is the number of false rejections, NEVA is the number of applicant verification attempts. This estimate assumes that the applicant verification attempts are representative of those for the whole population of end-users. The FRR normally excludes Failure to Acquire errors.
False Reject Rate (FRR): is the probability of a legitimate user being falsely denied access to a specific system. Sometimes called a false negative or false non-match rate.
Fingerprint Template:A highly compressed and digitally encoded mathematical representation of fingerprint features stored for future verification purposes.
Fingerprint Template:A description of all the detected minutiae in a fingerprint pattern. The template contains each minutia’s coordinate, slope, and type, thus summarizing the characteristics of the fingerprint for purposes of matching the fingerprint against candidates.
Identification: A process by which an entity is recognized and its ‘identity’ established. In biometric systems, refers to the process by which the system identifies the person through a search of the enrolled population.
Identification: The process of discovering the true identity (i.e. origin, initial history) of a person or item from the entire collection of similar persons or items.
Identification: (1:N, one-to-many, recognition) – The process of determining a person’s identity by performing matches against multiple biometric templates. Identification systems are designed to determine identity based solely on biometric information. Positive identification systems are designed to find a match for a user’s biometric information in a database of biometric information.
Identity proofing: The process of providing sufficient information (e.g., identity history, credentials, documents) to a PIV Registration Authority when attempting to establish an identity.
Identity Management: broad administrative area that deals with identifying individuals in a system (such as a country, a network, or an enterprise) and controlling their access to resources within that system by associating user rights and restrictions with the established identity.
Identity Management: IT infrastructure designed to consolidate and streamline the management of user identity, authentication and authorization data.
Identity Verification: The process of affirming that a claimed identity is correct by comparing the offered claims of identity with previously proven information stored in the identity card or PIV system.
Matching: The process of comparing a biometric sample (i.e. fingerprint) to one stored in the template to determine if they correlate.
Matching: The process of comparing biometric information against a previously stored template and scoring the level of similarity.
Matching: The comparison of biometric templates to determine their degree of similarity or correlation. A match attempt results in a score that, in most systems, is compared against a threshold. If the score exceeds the threshold, the result is a positive match; if the score falls below the threshold, the result is a non-match.
Minutiae Points: Local ridge characteristics that occur at either a ridge bifurcation or a ridge ending.
Minutiae Points: Unique characteristics or identity points of a biometric. In a finger biometric unique lines, called ridges, occur on the fingerprint surface. The finger minutiae are the points where these ridge lines terminate or intersect one another.
Sample: The identifiable, unprocessed image or recording of a physiological or behavioral characteristic, acquired during submission, used to generate biometric templates.
Smart Card: A card, not much bigger than a credit card that contains a computer chip and is used to store or process information. When used with identity authentication systems, it may contain a digital certificate or biometric template, or both.
Smart Card: A specialized ID card that contains a computer processor chip (with memory). This card can store information related to identity and privileges. The data can be in the form of a PIN, a digital signature, electronic keys, medical information or a biometric template such as are generated from a finger image.
Template: A mathematical representation of biometric data.
Template: A biometric image data record.
Template: a mathematical representation of biometric data. A template can vary in size from 9 bytes for hand geometry to several thousand bytes for facial recognition.
Response Time/Processing Time: The time period for an authentication system to return a decision on identification or verification of a biometric sample or other presented authentication data.
Response Time/Processing Time:The time period required by a biometric system to return a decision on identification or verification of a biometric sample.
Threshold: A predefined number, that establishes the degree of correlation necessary for a comparison to be deemed a match.
Threshold: A predefined number, often controlled by a biometric system administrator, which establishes the degree of correlation necessary for a comparison to be deemed a match.
Verification: The process of comparing characteristics of a valid identity to those presented to the claimant in order to establish whether or not the identity is valid and can be bound to the identity claimant. When used with biometric systems, it is the process of establishing identity validity through the comparison of the verification with the enrollment template.https://www.bestitdocuments.com/Samples