Tuesday, November 11, 2014

Large company CTO's should read the DHS biometrics RFI

The Office of Biometric Identity Management (OBIM) of the Department of Homeland Security (DHS) stores and analyzes biometric data, digital fingerprints and photographs, and links that data with biographic information to identify/enroll identities and subsequently match or verify the established identities. OBIM is proactively addressing its next-generation architecture and capabilities for replacing the current biometric system. The vision for this activity represents a major investment to ensure that OBIM can continue to accommodate the expected growth of populations and new applications of multimodal biometric identity screening based on OBIM mission and our customers' identity service needs.
Below are some of the things the government is interested in learning more about [warning: link downloads a .pdf file]. Reading through the items below, scalability, interoperability, accuracy and integration with other systems seem to be real priorities for DHS.

It's also worth noting that while these issues have become pressing for this early adopter of large-scale biometric technologies, all large-scale biometrics deployments will have to meet some or all of these challenges eventually. Strategic planners in some of the larger organizations contemplating biometric solutions would be wise to consider the following as early in their development process as possible and to plan for the future.

A. Identity Deconfliction:
OBIM desires a system that has the ability to determine a person’s unique identity based on a combination of biometric and biographic traits and contextual data. Respondents should also detail the best approach to determine a level of confidence based on the combination of traits used in the identification, and should provide methods for continuous identity management, including enrollment of identities, splitting/merging of identities, and updating identity confidence levels based on new information.

B. Advanced Biometric Matching:
OBIM is requesting information on a system through the application of state- of-the-art techniques that can improve the accuracy and efficiency of its biometric services. Specifically, OBIM is interested in learning about:
1. Approaches and architectures for leveraging multiple biometric modalities in very large-scale systems to improve accuracy and identity assurance and to decrease failure-to-enroll rates. The provided information must address multimodal fusion techniques and include the known benefits and architectural limitations of such approaches.
2. Methods to reduce the computational requirements of biometric matching without decreasing accuracy. Examples of such techniques could include ways to decrease the need for full gallery searches (1:N), decrease the penetration rate of 1:N searches, and leverage multiple modalities to reduce computational intensity.
3. Approaches and architectures for decreasing operations and maintenance (O&M) costs for large-scale systems, including system virtualization, footprint, energy usage, and licensing costs.

C. Advanced Biographic Searching:
OBIM is requesting information on a system through the application of state- of-the-art techniques that can improve the accuracy and efficiency of its biographic pre-verify services. OBIM is interested in various approaches for using biographic information to assist in the deconfliction and disambiguation of identity information. The biographic information would typically contain various elements and combinations of biographic information, including name, birth date and location, gender, and citizenship. In particular, OBIM is interested in performance in terms of accuracy, speed, and other performance profiles and products in production or currently in technical readiness testing and evaluation to facilitate more 1:1 transactions.

D. High-Performance Transaction Processing:
OBIM requests information on the status, trends, and direction of large-scale biometric and biographic transaction processing systems and related technologies, including processing speeds and high-volume, high-reliability, and high- availability systems and architectures. Information should also be provided on demonstrated scalability and managing a high volume of transactions with varying response requirements.

E. Business Intelligence Capabilities:
Respondents should provide information on business intelligence architectures, techniques, and software where these capabilities provide better historical, current, and predictive analysis of available biometric and biographic information, including the analysis of both operational and content data.

F. Storage:
Respondents should provide information on current capabilities, trends and alternatives to store, index, and correlate structured and unstructured data in all formats regardless of type or size. In addition respondents should present their ability for organizing and retrieving large quantities of data and/or images (>109). This should also include hardware specifications. The Government is interested in industry’s experience and offerings for tiered and/or distributed storage and in minimizing processing and storage overhead, while maximizing input/output performance, the retrieval of data, application independence, portability, and data integrity.

G. Information Linking:
OBIM seeks information on the best methods and techniques to link data items to unique identities, and to maintain the linkage on an ongoing basis, including capturing additional links, removing links, and providing linkage information to stakeholders as permitted according to a predefined set of business rules. Linked information could be made available in a variety of ways, including publish/subscribe methods. It is assumed that the actual data would still reside in separate systems/databases within and outside DHS.

H. International Biometrics:
Respondents should provide information on developing an architecture capable of supporting and managing a federated international biometric and identity- verification schema with multiple stakeholders worldwide that ensures responsiveness while tailoring privacy, security, and person-centric data to individual stakeholder needs. An analogous business and technical construct might be the topology for international automated teller machines, banking, clearinghouses, and credit/debit cards.