Electronic identification and trust services (including e-signature)

A biometric lifeless attack is one of the indispensable issues within biometric authentication. There are three major components in liveness detection systems: lifeless attack presentation, liveness detection, and lifeless attack instruments. The lifeless attack presentation is divided into artifact presentation and human-based presentation. The liveness detection method includes subject-based and scenario-based solutions, as well as other attributes such as decision elements, detection patterns, and implementations. The lifeless attack instrument is specified from aspects such as production elements, production types of artifacts, efficacy, etc. This document establishes terms and definitions in the field of biometric liveness detection and identifies characterizations of lifeless attack and liveness detection methods, with analysis on lifeless attack instruments. In addition, this document specifies the liveness detection process, implementation model, and metrics.

The IEEE Standards Association (IEEE SA) pre-standards workstream for Clinical Internet of Things (IoT) data validation and interoperability with blockchain was initiated to determine if a viable standards framework could be established to enable the validation of data generated from a clinical-grade IoT device and shared through the interoperability of blockchain technology. Participants in the workstream were gathered from an IEEE SA workshop held at Johns Hopkins University in Rockville, Maryland in April 2018, and grew to include their network of healthcare and Health-IT ecosystem players, as well as participants in prior IEEE SA efforts in related areas. The workstream commenced in August 2018 and completed in February 2019. Participants in this pre-standards workstream who are the authors of this paper are listed in Appendix A. The pre-standards workstream led to the recommendation of the development of an IEEE SA Standards effort on Clinical IoT data and device interoperability with TIPPSS-Trust, Identity, Privacy, Protection, Safety and Security-in connected healthcare to improve data sharing and healthcare outcomes. The pre-standards workstream team decided that blockchain is not necessary for clinical IoT data and device interoperability and validation, nor does it necessarily meet the robust TIPPSS needs in connected healthcare. The workstream recommendation includes a draft TIPPSS Architectural Framework for Clinical IoT data validation & interoperability, which could include digital ledger technology but does not need to do so. The resulting IEEE Standards Association P2733 working group to develop a standard for Clinical IoT Data and Device Interoperability with TIPPSS kick off meeting is scheduled for July 17, 2019, sponsored by the IEEE SA Engineering in Medicine and Biology Society (EMBS).

Identity assertion, role gathering, multilevel access control, assurance, and auditing are provided by the Biometric Open Protocol Standard (BOPS). An implementation of the BOPS III spec is described, which includes both the software running on the client device as well as the server. Pluggable components are allowed to replace existing components' functionality, accepting integration into current operating environments in a short period of time. A “point-and-cut” mechanism to add the appropriate security to both development and production systems is offered through the BOPS implementation functionality. Homomorphic encryption and a tremendous simplification of the API are also described.

This standard specifies the requirements and methods for verifying the identity of a person equipped with human augmentation technologies. Human augmentation, also known as human enhancement, refers to technologies that add to the human body and enhance human productivity or capability. Recent advancements in many technical areas have led to a large variety of implants, wearables and other technologies that could be classified as human augmentation.

The standard describes an authentication scheme including the following features: 1) User needs single unique login credentials to logon to multi-Server setup 2) It offers a two-factor authentication scheme comprising of password as one and the soft token/hardware token as the second factor for authentication 3) The scheme does not require a password table to be maintained at the server 4) The scheme resists various known authentication related attacks

The standard defines methods of out-of-band third-party individual identity attestation and secure conveyance requiring no key storage on the endpoint device.