New Biometric Framework and Driver Model

Slides:

Advertisements

Similar presentations

.NET Technology. Introduction Overview of.NET What.NET means for Developers, Users and Businesses Two.NET Research Projects:.NET Generics AsmL.

Advertisements

User-Mode Driver Framework: Technical Synopsis Peter Wieland Development Lead Windows Device Experience Group Microsoft Corporation.

WHO WILL BENEFIT FROM THIS TALK TOPICS WHAT YOU’LL LEAVE WITH Server Application, Device and System vendors that wish to participate in the Software and.

TAC Vista Security. Target  TAC Vista & Security Integration  Key customer groups –Existing TAC Vista users Provide features and hardware for security.

Building Enterprise Applications Using Visual Studio ®.NET Enterprise Architect.

Tools and Services for the Long Term Preservation and Access of Digital Archives Joseph JaJa, Mike Smorul, and Sangchul Song Institute for Advanced Computer.

WORKDAY TECHNOLOGY Stan Swete CTO - Workday 1.

Chapter 8: Network Operating Systems and Windows Server 2003-Based Networking Network+ Guide to Networks Third Edition.

Introduction To The Wireless WAN Program Hong Liu Program Manager – WWAN Windows Networking and Devices Microsoft Corporation.

WDK Driver Test Manager. Outline HCT and the history of driver testing Problems to solve Goals of the WDK Driver Test Manager (DTM) Automated Deployment.

Created by the Community for the Community Building a RFID solution in BTS 09.

Best Practices for Developing Printer Drivers Justin Hutchings Program Manager Microsoft Corporation Shawn Maloney Program Manager Microsoft Corporation.

Print Verifier Ashwin Needamangala Senior Test Development Lead Documents and Printing Team

SP2 Mikael Nystrom. Agenda Översikt Installation.

Winter Consolidated Server Deployment Guide for Hosted Messaging and Collaboration version 3.5 Philippe Maurent Principal Consultant Microsoft.

System Design/Implementation and Support for Build 2 PDS Management Council Face-to-Face Mountain View, CA Nov 30 - Dec 1, 2011 Sean Hardman.

Microsoft ® Application Virtualization 4.6 Infrastructure Planning and Design Published: September 2008 Updated: February 2010.

Introduction to User-Mode Driver Framework. Outline What is UMDF? When should I use UMDF? When shouldn’t I use UMDF? What does UMDF give me? What kind.

DXVA 2.0 A new Hardware Video Acceleration Pipeline for Windows Vista

Windows Vista: Volume Activation 2.0

Windows Internet Connection Sharing Dave Eitelbach Program Manager Networking And Communications Microsoft Corporation.

Lecture 8 – Platform as a Service. Introduction We have discussed the SPI model of Cloud Computing – IaaS – PaaS – SaaS.

Crystal Hoyer Program Manager IIS Team Preview of features that will be announced at MIX09 Please do not blog, take pictures or video of session.

Using the WDK for Windows Logo and Signature Testing Craig Rowland Program Manager Windows Driver Kits Microsoft Corporation.

Technology Overview. Agenda What’s New and Better in Windows Server 2003? Why Upgrade to Windows Server 2003 ?  From Windows NT 4.0  From Windows 2000.

ATA Miniport Nuts and Bolts

Module 7: Fundamentals of Administering Windows Server 2008.

1 Tradedoubler & Mobile Mobile web & app tracking technical overview.

Engr. M. Fahad Khan Lecturer Software Engineering Department University Of Engineering & Technology Taxila.

Compatibility and Interoperability Requirements

Mobile Broadband Driver Development for Windows 7

Introduction to Biometrics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #23 Biometrics Standards - II November 14, 2005.

MIDORI The Post Windows Operating System Microsoft Research’s.

Rational Unified Process Fundamentals Module 5: Implementing RUP.

Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 13 FTP and Telnet.

Page 1 © 2001, Epicentric - All Rights Reserved Epicentric Modular Web Services Alan Kropp Web Services Architect WSRP Technical Committee – March 18,

Windows Role-Based Access Control Longhorn Update

Enhanced Storage Architecture

© 2013, published by Flat World Knowledge Chapter 10 Understanding Software: A Primer for Managers 10-1.

Workforce Scheduling Release 5.0 for Windows Implementation Overview OWS Development Team.

System/SDWG Update Management Council Face-to-Face Flagstaff, AZ August 22-23, 2011 Sean Hardman.

WHQL Code Coverage Prototype Program Andy Wen. 2 Agenda What is Code Coverage Prototype Program? What is Code Coverage Prototype Program? A prototype.

Customer and Partner Connections Design and Develop Assess and Certify.

Secure Mobile Development with NetIQ Access Manager

Time Series Data Repository #ODSummit - The Generic, Extensible, and Elastic Data Repository in OpenDaylight for Advanced Analytics.

Troubleshooting Windows Vista Lesson 11. Skills Matrix Technology SkillObjective DomainObjective # Troubleshooting Installation and Startup Issues Troubleshoot.

Wednesday NI Vision Sessions

BY : MS ARTI B BAVANE. INTRODUCTION Formed on February 15,2010. Jointly found by two pillars Intel and Nokia by joining their existing open source projects.

ArcGIS for Server Security: Advanced

The Post Windows Operating System

L25 - PlantPAx Process Application Development Lab I

Make your app a native part of Office with Add-ins

What is Apertis? Apertis is a versatile open source infrastructure tailored to the automotive needs and fit for a wide variety of electronic devices.

Introduction to Windows Azure AppFabric

SaaS Application Deep Dive

Developing Drivers in Visual Studio

Chapter 18 MobileApp Design

I/O Manager, 64-bit Porting, and New Driver Models

Introducing low-power buses for Windows 8

Building Metro style apps that connect to specialized devices

Architecting and integrating sensor drivers

Device Apps Joseph Ngari| Program Manager.

Saranya Sriram Developer Evangelist | Microsoft

Site scripts and Site Design

Microsoft Core Storage Update

Best practices for packaging and distributing device drivers

Delivering great hardware solutions for Windows

Device Access Tomas Lukša.

Mark Quirk Head of Technology Developer & Platform Group

WDF Custom Driver Design Pattern

Presentation transcript:

New Biometric Framework and Driver Model Dave Bossio Principal Group Program Manager Windows Security Janet Schneider Senior Software Design Engineer

Agenda Introduction Windows Biometric Framework (WBF) Core Architecture Overview Windows Biometric Service (WBS) Adapters Windows Biometric Driver Interface (WBDI) Deep Dive: WBS Adapters Engine Adapter Deep Dive: WBDI Interface and Implementation Tips WBF Adoption Wrap-up

Introduction

Quality, Quantity & Strategy Quality: Vista as an Indicator for Windows 7 Driver Quality Issues Inconsistent User Experience (UX) Windows 7 aims to restore eco-system health Fewer crashes, consistent UX, reduced support costs Quantity: Fingerprint Device Proliferation 61 million devices ship in 2009 alone 188 million ship in 2011 Strategy: Foundation for Windows 7 and Beyond Enable consistent end-to-end access control scenarios

WBF: Long-Term View Core WBF User Experience Certification Management Distribution Device Logo

WBF: Windows 7 Core WBF User Experience Certification Management Distribution Device Logo

Windows 7 Objectives Platform stability and serviceability Framework foundations Windows Biometric Device Interface (WBDI) Windows Biometric Service (WBS) Consistent user experience Supported scenarios Local/Domain logon, User Account Control (UAC), and management Integration points Feature discovery and launch points

WBF Overview

WBF Core Architecture WBF Fingerprint Management Application and Third Party Apps IHV/ISV (e.g. FUS, Enrollment, Web Single Sign On (SSO), Time & Attendance) Integration Points Logon/UAC Biometric API Windows Biometric Service Fingerprint Biometric Service Provider Sensor Adapter Engine Adapter Storage Adapter Windows Biometric Driver Interface UMDF Driver KMDF Driver WDM Driver

WBF Service Structure Biometric Service Provider (BSP) Biometric Unit Sensor Adapter Engine Adapter Storage Adapter

Deep Dive: WBF Service Adapters

WBF Service Adapters Purpose Types and responsibilities Plug-in binary component that exposes a standard interface Connects Biometric Unit (BU) to sensor hardware Supplements capabilities of simple sensors Types and responsibilities Sensor Adapter—data capture Engine Adapter—processing and matching Storage Adapter—secure template storage

What Should You Write? IHV / ISV Microsoft provides (with Windows 7) Sensor Simple sensor – can use Microsoft adapter or can write your own. Complex sensor – must write sensor adapter Adapter for any simple sensor that has a WBDI driver Engine Always written by vendor (None) Storage Sensor without built-in storage – can use Microsoft adapter or can write your own. Sensor with built-in storage – must write storage adapter. Adapter for disk-file based cryptographically secure storage

WBF Engine Adapter Receives sample data from Sensor Adapter Performs biometric processing: Data cleanup and feature extraction Template generation – enrollment Template matching – verify and identify Template index generation (“binning”) Calls Storage Adapter to store/retrieve templates

Writing WBF Adapter Plug-Ins Start with the sample adapters Adapter methods Implement all methods for adapter type Follow documentation exactly for error codes and return values Threading issues Adapter shared among multiple threads No global variables Store per-BU state in adapter context block

Deep Dive: Windows Biometric Driver Interface

Fingerprint Management Application and Third Party Apps WBF Fingerprint Management Application and Third Party Apps IHV/ISV (e.g. FUS, Enrolment, Web SSO, Time & Attendance) Integration Points Logon/UAC Biometric API Windows Biometric Service Fingerprint Biometric Service Provider WinBio Sensor Adapter Engine Adapter WinBio Storage Adapter Windows Biometric Driver Interface UMDF Driver KMDF Driver WDM Driver

Windows Biometric Driver Interface UMDF WBDI Driver Windows Biometric Driver Interface WBF WDF WUDF Host Process IHV/ISV UMDF Driver DLL WUDFr WinUsb

UMDF Benefits User-mode driver won’t cause BSOD Simplified PnP and power management – well-defined callbacks WinUSB I/O target System Wake and Device Idle support built in Some devices may need to keep multiple read requests pending to capture all scan data

WBDI Requirements Expose the WBDI driver interface GUID Implement mandatory IOCTLs Handle multiple requests UMDF – use parallel I/O queue Support cancellation UMDF – request objects support cancellation callback

WBDI IOCTLs Mandatory IOCTLs: IOCTL_BIOMETRIC_GET_ATTRIBUTES IOCTL_BIOMETRIC_GET_SENSOR_STATUS IOCTL_BIOMETRIC_RESET IOCTL_BIOMETRIC_CALIBRATE IOCTL_BIOMETRIC_CAPTURE_DATA Optional IOCTLs (Advanced Features): IOCTL_BIOMETRIC_GET_SUPPORTED_ALGORITHMS IOCTL_BIOMETRIC_UPDATE_FIRMWARE IOCTL_BIOMETRIC_GET_INDICATOR IOCTL_BIOMETRIC_SET_INDICATOR Vendor IOCTLs

WBF Sensor Adapter Calling Sequence Sensor Start-up: IOCTL_BIOMETRIC_GET_ATTRIBUTES Called by both the service and the sensor adapter Capture Sequence: IOCTL_BIOMETRIC_GET_SENSOR_STATUS IOCTL_BIOMETRIC_CALIBRATE Called only when sensor status indicates calibration is needed IOCTL_BIOMETRIC_CAPTURE_DATA Initial call determines buffer size needed for typical capture Only one capture can be pending at any time CancelIoEx Can be called at any time, followed by another capture sequence

Recommendations Follow DEVFUN-0010 guidelines for terminal services re-direction in the Windows Hardware Logo Program Device Requirements. See the Windows Logo Program Web site for details: http://go.microsoft.com/fwlink/?LinkID=40629 http://download.microsoft.com/download/d/e/1/de1e0c8f-a222-47bc-b78b-1656d4cf3cf7/WLP-Reqs-DEVICE_03-21-08.pdf Use WDF technology. UMDF is preferred.

WBDI Driver Testing Resources Static tools PREfast for Drivers Runtime tools WDF Verifier Application Verifier Potential WDK tools WBDI driver verification test suite Engine Adapter test suite

WBDI Driver Installation Set the Biometric Reader class GUID in the INF Configure a Biometric Unit in the INF, including adapter and database settings Install adapter DLLs Set device icon WBF Service opens the device with exclusive access The “Exclusive” bit MUST be set The Feature Score differentiates WBDI and legacy drivers See “Feature Score” in the WDK for details http://msdn2.microsoft.com/en-us/library/aa477006.aspx

WBDI Driver Maintenance Post drivers on Windows Update for easy deployment!

Resources We’re working on finalizing WDK content for Beta. It could include: WBF documentation, including WBDI, adapter interfaces and WinBio API. UMDF WBDI shell code sample WBDI driver test suite Engine Adapter code sample Engine Adapter test suite

WBF Adoption

P WBF Components Company Driver Plug-ins Apps AuthenTec WBF IHV Adoption WBF Components Company Driver Plug-ins Apps AuthenTec P Digital Persona UPEK Validity

Partner Feedback Ease of implementation/adoption Complexity Driver development is straightforward and can be easily ported from existing drivers to WBF Complexity Understandable and workable but may require some clarification and assistance from Microsoft Improvements Testing framework still under development WBF needs a method to inject known swipes at the start of the pipeline to facilitate false acceptance testing

Call to Action Write UMDF drivers Work with OEMs on WBF adoption Distribute drivers through Windows Update

Demo time!

Questions?