acknowledgements for ansi/nist-itl 1-2011 - NIST Visual Image ...
acknowledgements for ansi/nist-itl 1-2011 - NIST Visual Image ... acknowledgements for ansi/nist-itl 1-2011 - NIST Visual Image ...
ANSI/NIST-ITL 1-2011 - UPDATE 2013 DRAFT VERSIONField 15.020: Comment / COMField 16.020: Comment / COMField 17.021: Comment / COMField 18.022: Comment / COMField 19.020: Comment / COMField 20.020: Comment / COMField 21.020: Comment / COMThe EFS comment field in Record Type-9 is limited to 200 characters. It is:Field 9.351: EFS comments / COMThe comment field in record Types 11, 12 and 22 may have up to 4000 characters.Field 11.051: Comment / COMField 12.020: Comment / COMField 22.020: Comment / COM7.5 Data Protection7.5.1 Information assuranceThe Record Type-98: Information assurance record, which was new to the 2011 versionof the standard, allows special data protection procedures to ensure the integrity of thetransmitted data. Field 98.003: IA data format owner / DFO and Field 98.005: IA dataformat type / DFT define the information assurance regime that is employed to store data inFields 98.200-899: User-defined fields / UDF .7.5.2 Data hash / HASOptional field xx.996, which was new to the 2011 version of the standard, is designed for usein Record types 10 and above that have a Field xx.999 storing the biometric data. Fieldxx.996 is comprised of 64 characters representing hexadecimal values. Thus, eachcharacter may be a digit from “0” to “9” or a letter “A” through “F”. See the latest version ofthe Federal Information Processing Standard 180, Secure Hash Standard for information oncomputing SHA-256 hashes. At the time of this standard’s publication, FIPS 180-3 18 hadbeen published.It is also possible to use Field xx.996 to contain the hash for data stored externally, which isreferenced in Field 20.994: External file reference / EFR and /or Field 21.994: Externalfile reference / EFR . The ability to store files externally is new to the 2011 version of thestandard, and is only implemented for the two new record types referred to here.Use of the hash enables the receiver of the data to perform quick searches of large databasesto determine if the data already exist in the database. It is not intended as an informationassurance check. That is handled by Record Type-98: Information assurance record.18FIPS 180-3 is available at http:// csrc.nist.gov/publications/fips/fips180-3/fips180-3_final.pdfMay, 2013 DRAFT VERSION UPDATE 2013 Page 53
ANSI/NIST-ITL 1-2011 - UPDATE 2013 DRAFT VERSION7.6 Agency codesIn the 2007 version of the standard, Record Type-1 fields for agency identification werecomprised of one information item {destination}{originating} agency identifier / DAI orORI. The 2008 version of the standard added a second optional information item{destination}{originating} agency name / DAN or OAN, and is a text description of theorganization name. In this version of the standard, the agency names (DAN and OAN) arecontained in a new field (Field 1.017 Agency names / ANM) since information itemscannot be added to existing fields in Traditional encoding and still preserve backwardcompatibility. DAN and OAN have an unlimited maximum number of characters in thisversion. XML encoding is not dependent upon the field number, so there is no changerequired for compatibility with the 2008 version. Both information items in ANM areoptional and may be encoded using alphanumeric characters with any special charactersallowed in ASCII.The affected fields are:• Field 1.007 Destination agency identifier / DAI• Field 1.008 Originating agency identifier / ORI• Field 1.017 Agency names / ANMIn many Record types, Field xx.004 contains the SRC. This is the identifier of the agencythat actually created the record and supplied the information contained in it. (The ORIspecified in Field 1.008 Originating agency identifier / ORI is the organization thatcreated the transaction, which may be assembled from record(s) received from anotheragency or agencies). SRC is unlimited in size and is “U” character type.In order to maintain backward compatibility with the 2007 version while maintainingbackward compatibility with the 2008 version, a new optional Field xx.993 has been addedfor the Source agency name / SAN. SAN is up to 125 characters and in “U” character type(unlike the information items in Field 1.017 Agency names / ANM which only allow thecharacters that can be represented in ASCII).For example, in Record Type-13, there are two fields:• Field 13.004: Source agency/ SRC• Field 13.993: Source agency name / SANIn Record Type-18 there is an information item, the name of the organization / NOO (inField 18.003: DNA laboratory setting / DLS ) that processed the DNA data. This may bedifferent from the agency in Field 18.004: Source agency / SRC and from the agency listedin Field 1.008 Originating agency identifier / ORI.[2013v>] Field 11.005: Voice recording source organization / VRSO containsinformation about the site or agency that created the voice recording referenced in therecord. It may be different from the Source agency and the Originating agency. [
- Page 44 and 45: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 46 and 47: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 48 and 49: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 50 and 51: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 52 and 53: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 54 and 55: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 56 and 57: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 58 and 59: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 60 and 61: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 62 and 63: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 64 and 65: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 66 and 67: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 68 and 69: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 70 and 71: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 72: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 75 and 76: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 77 and 78: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 79 and 80: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 81 and 82: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 83 and 84: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 85 and 86: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 87 and 88: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 89 and 90: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 91 and 92: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 93: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 97 and 98: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 99 and 100: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 101 and 102: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 103 and 104: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 105 and 106: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 107 and 108: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 109 and 110: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 111 and 112: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 113 and 114: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 115 and 116: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 117 and 118: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 119 and 120: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 121 and 122: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 123 and 124: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 125 and 126: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 127 and 128: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 129 and 130: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 132 and 133: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 134 and 135: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 136 and 137: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 138 and 139: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 140 and 141: ANSI/NIST-ITL 1-2011 - UPDATE 2013
- Page 142 and 143: ANSI/NIST-ITL 1-2011 - UPDATE 2013
ANSI/<strong>NIST</strong>-ITL 1-<strong>2011</strong> - UPDATE 2013 DRAFT VERSIONField 15.020: Comment / COMField 16.020: Comment / COMField 17.021: Comment / COMField 18.022: Comment / COMField 19.020: Comment / COMField 20.020: Comment / COMField 21.020: Comment / COMThe EFS comment field in Record Type-9 is limited to 200 characters. It is:Field 9.351: EFS comments / COMThe comment field in record Types 11, 12 and 22 may have up to 4000 characters.Field 11.051: Comment / COMField 12.020: Comment / COMField 22.020: Comment / COM7.5 Data Protection7.5.1 In<strong>for</strong>mation assuranceThe Record Type-98: In<strong>for</strong>mation assurance record, which was new to the <strong>2011</strong> versionof the standard, allows special data protection procedures to ensure the integrity of thetransmitted data. Field 98.003: IA data <strong>for</strong>mat owner / DFO and Field 98.005: IA data<strong>for</strong>mat type / DFT define the in<strong>for</strong>mation assurance regime that is employed to store data inFields 98.200-899: User-defined fields / UDF .7.5.2 Data hash / HASOptional field xx.996, which was new to the <strong>2011</strong> version of the standard, is designed <strong>for</strong> usein Record types 10 and above that have a Field xx.999 storing the biometric data. Fieldxx.996 is comprised of 64 characters representing hexadecimal values. Thus, eachcharacter may be a digit from “0” to “9” or a letter “A” through “F”. See the latest version ofthe Federal In<strong>for</strong>mation Processing Standard 180, Secure Hash Standard <strong>for</strong> in<strong>for</strong>mation oncomputing SHA-256 hashes. At the time of this standard’s publication, FIPS 180-3 18 hadbeen published.It is also possible to use Field xx.996 to contain the hash <strong>for</strong> data stored externally, which isreferenced in Field 20.994: External file reference / EFR and /or Field 21.994: Externalfile reference / EFR . The ability to store files externally is new to the <strong>2011</strong> version of thestandard, and is only implemented <strong>for</strong> the two new record types referred to here.Use of the hash enables the receiver of the data to per<strong>for</strong>m quick searches of large databasesto determine if the data already exist in the database. It is not intended as an in<strong>for</strong>mationassurance check. That is handled by Record Type-98: In<strong>for</strong>mation assurance record.18FIPS 180-3 is available at http:// csrc.<strong>nist</strong>.gov/publications/fips/fips180-3/fips180-3_final.pdfMay, 2013 DRAFT VERSION UPDATE 2013 Page 53