Deliverables

So far, the Project has issued 33 deliverables out of 48 scheduled for the entire Project and submitted them to the European Commission.

This Project Management Handbook (PMH) sets the management rules, methods and practices to facilitate orderly cooperation in the OCTAVE Project. The Handbook refines and extends, in due operational detail, the management elements announced in the Grant Agreement and in the related Consortium Agreement. It defines a set of rules for the organisation of day-to-day cooperative work, and internal and external communications. Special emphasis is devoted to a secure cloud space to share work in progress and to store deliverables. The rules, guidelines and recommendations contained in this PMH basically serve the purpose of ensuring that each Partner has the same references for decision-making, reporting, delivery of results, control of information and quality assurance. Based on worldwide standards, the Handbook also defines a governance framework to ease the work of OCTAVE management for delivering reports and software on time, within the budget and with adherence to expected specifications. This document is released by the due date indicated in the Grant Agreement, Annex 1, Part A. However it is to be considered a living document that will be maintained and kept up-to-date as deemed necessary in the course of the Project.

Source: WP 1 Project Management

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

This deliverable is twofold: a report on the design of the OCTAVE website and the initial website itself (home page and some basic pages, as of delivery month, i.e. July 2015). The website is of course a living product, as it will be constantly informing the target audiences about the existence of the OCTAVE project and the potential benefits for companies and experts operating in the applicable fields. The website will make available social-network targeted information on the themes of access control and biometric data. The website contents will address the general public (by presenting the advantages of voice biometrics for easy access to information services and critical infrastructures) and all stakeholders (e.g., enterprises requiring access control, smart service developers, educators, researchers, etc.) by providing them with outputs that are publishable according to OCTAVE classification policies. This document contains:

  • the requirements that were taken into account, when designing the site;
  • the structure of the site;
  • the structure of the pages created as of July 2015;
  • a description of the content management system, associated with the site, and the workflows for posting contents on the site at different authorization levels;
  • highlights on contents to appear within the first six months of the Project life.

Source: WP 2 Dissemination and Exploitation

Dissemination level: Confidential.  For the public version of this report please check out Deliverable D52.

This report provides an overview of speaker verification and its potential vulnerabilities, particularly with reference to the objectives within OCTAVE. The scope of the study covers the two individual modes of text-dependent and text-independent, which are considered in the formation of a complete voice biometric system for operating under unsupervised conditions. The report details the fundamental approaches involved, and the most recent developments in the field, including the state-of-the-art methods for speaker modelling and classification. Based on the outcomes of relevant experimental studies reported in the literature, the characteristics and performance of speaker verification in the aforementioned modes of operation are appropriately defined and analysed. Another important aspect of the study is that related to the vulnerability of speaker verification to spoofing. This is a rapidly growing challenge in the field, posing potentially serious threats to the reliability and hence usability of the technology in real applications. Various categories of spoofing, ranging from replay attacks to voice conversion, are analysed, and the level of vulnerability in each case is discussed. Whilst the study involves reference to the standard speaker verification approaches, a core facet of the report is that concerned with a commercial-grade speaker verification system developed by ValidSoft (a main industrial partner in OCTAVE). The study examines the efficiency and operational potential of ValidSoft’s speaker verification system for the realisation of the unsupervised access control required in the considered onsite and online scenarios. The detailed system analysis applied in this case is shown to be appropriately aligned with the requirements in the adopted application areas. This together with the analysis of vulnerability to spoofing are expected to facilitate the introduction of effective approaches for achieving appropriately high levels of reliability and robustness in unsupervised operating conditions.

Source: WP 3 Robustness in Speaker Verification

Dissemination level: Confidential. A public version of this report is available as Deliverable D53.

 

This deliverable details the key considerations and requirements for the effective realisation and deployment of voice biometrics in the application scenarios within OCTAVE. As a main facet of the report, the effects of extrinsic and intrinsic nuisance factors (other than spoofing) on the speaker recognition performance are reviewed. These include variations in the acoustic environments and channel characteristics, and also the particular effects of text-related parameters (e.g. duration). Another aspect of the study is the analysis of the application modes of speaker verification, with particular reference to the recognition accuracy, convenience for clients and robustness against spoofing. Based on the review of a set of use cases defined by the end-user partners within OCTAVE (i.e. Findomestic/Advalia and SEA), the operational characteristics and specifications in different access control scenarios are reviewed. In order to further facilitate progress towards the effective deployment of voice biometrics in practice, the report also provides discussions on various operational requirements and challenges expected in the applications areas considered in OCTAVE.

Source: WP 4 Hybrid Voice Biometrics

Dissemination level: Confidential. A public version of this report is available as Deliverable D54.

The main purpose of this document is to provide an early, brief description of the Trial scenario of OCTAVE TBAS application for the two project end users SEA and Findomestic. Processes, technologies and requirements are presented, which must be met by the application, in order to both realize a successful Trial and grant the subsequent effective implementation of the Solution for the exploitation. Focus is on two real context scenarios:

1) An ecological platform inside Linate Airport Air Side.

2) A customer assistance multi-purpose desk for Findomestic clients.

The document has therefore been articulated in seven sections, as follows:

  • a basic introduction containing the description of the two main processes which are common to both end users (i.e.: enrolment and authentication);
  • a brief description of SEA and Findomestic followed by a brief description of the areas and circumstances in which the TBAS will be tested;
  • a description, arising from the “nature” of the end users, containing the operating and practical instructions to be fully achieved in order to make an appropriate use of the TBAS in each of the two scenarios;
  • particular attention is given to the fact that both end users will protect personal and voiceprint data, in terms of safe collection, manipulation and storage (as better defined in deliverable D6: “Survey of the Legal framework for the secure collection and manipulation of personal data”);
  • a brief explanation of the roll-out plan to point out the key actions to optimize and adjust the TBAS system in order for the theory to become “exploitable”;
  • each pilot demonstration has been carefully described and analysed; the results and conclusions regarding each demonstration will be used to adjust the system by customizing it on the end users’ needs;
  • two requirement tables containing end-user requirements in terms of interaction with the system, environmental needs, procedures description, usability and acceptance of the system and security and performance standards to achieve.

Source: WP 8 Selected Applications

Dissemination level: Public

Please login to download document.

 

The goal of OCTAVE is the delivery of a safe remote access control platform called TBAS (Trusted Biometric Authentication Service) that will rely on the use of personal data including biometric ones. The platform is intended for data-sensitive and mission-critical applications; in the context of the project, it will be demonstrated in two real scenarios: airport security (by the Beneficiary SEA) and financial services (by the Beneficiary Findomestic). The use of personal data gives rise to a series of ethical issues concerning the risk of dealing with legal and normative implications of sensitive data collection and their management in terms of transmission, storage and processing. Of critical importance is the handling of digital biometric data. This document provides a survey of the legal framework for the secure collection and manipulation of personal data. In particular, European legislation as well as national legislations for the countries that are represented in the consortium related to data protection are reviewed and presented, focusing on fundamental key points that must be respected when developing and implementing the TBAS platform as well as during the trial itself. The document is meant to give the context and provide the necessary feedback to the technical parts of the project with respect to the legislation in effect, to guarantee that the developments duly consider it. The final goal is to complement the developments in OCTAVE in conformity with all appropriate regulations and technical standards related to user data protection.

Source: WP 5 Standards and Procedures for Personal Data Protection

Dissemination level: Public

Please login or register to download the document.

Since the technological target of the OCTAVE system is to deliver effective methods for introducing robustness into speaker verification to environmental variability and against spoofing attacks of any type, this deliverable identifies both the core determinants which may affect the performance and the relevant sets of metrics. OCTAVE is also expecting to realize a secure and user-friendly generation of biometrics-based access control, in particular assessing the system performance by security measures, mainly centred on the issues of Privacy, Data Protection, Security, Usability, Trust and Accuracy. To this extent a number of metrics have been identified for the assessment of the envisaged platform (OCTAVE TBAS), which must also be validated during either the laboratory test-bed testing single components and by the in-field experiments involving real end-users running physical scenarios as online banking and accessing secure airport areas. This deliverable also provides some basic inputs to the writing of relevant dissemination material. Actually, the issues here developed are significant to clearly address the concise text provided by leaflets (see Annexes), especially about the topics of Challenges and Expected Benefits the project is going to devise, by taking into account the security aspects by both the end-users point of view and the technical system performance.

Source: WP 7 Test and Verification

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

This report provides a detailed analysis of the trial and testing scenarios of the Trusted Biometric Authentication Service (TBAS) targeted by the OCTAVE Project. The report assesses the requirements expressed by the two Partners involved as Application Owners in the in-field trial scenario, defines the trial needs, and outlines procedures, methods, evaluation models to be carried on in order to exhaustively and effectively test the Solution, in each individual module and as a whole platform, with reference to the standards adopted. The main purpose of the document is to provide a complete set of instructions and guidelines to manage all tasks and activities involved with carrying out technology and user trials of the Project.

Source: WP 7 Test and Verification

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

This deliverable outlines existing countermeasures for the protection of automatic speaker verification technology from spoofing. This can take the form of impersonation, replayed speech, synthetic speech and converted voice. The latter three forms of attack have all been shown to present a significant threat to verification performance and are thus the focus within OCTAVE. In support of this work, the deliverable first describes a new, standard database which has recently been made available to the research community for the study of spoofing from synthetic speech and converted voice attacks. Automatic speaker verification (ASV) results for the new ASVspoof database are presented and demonstrate the threat posed by spoofing. These results show the need for dedicated spoofing countermeasures later explored within the OCTAVE project, the first incarnations of which are presented in this Deliverable. Most of these take the form of standard, statistical pattern classification and signal processing strategies and are largely effective in detecting most synthetic speech and converted voice spoofing attacks. It is argued in the deliverable, however, that replay attacks present a significant practical threat in OCTAVE’s use case scenarios and hence a strategy for the deflection of such attacks is presented here. This involves first of all the development of algorithms for the direct detection of replayed audio. This can be reinforced with the use of hybrid speaker verification as a means of providing inherent robustness. Finally, the deliverable presents a high-level overview of the most widely explored approach to spoofing detection. With a separate focus on front-end feature analysis and back-end statistical pattern classification, this analysis shows that known spoofing attacks, that is to say spoofing attacks for which training data is readily available, can be detected with relative ease. This is a reassuring finding for the OCTAVE project. However, unknown attacks, namely attacks for which no training data is available, present a significant challenge. Since the nature of a spoofing attack can never be known with certainty in any practical application, this is a concern and the focus of further work within the Project. That work will develop advanced and generalised spoofing countermeasures, the need for which is evident from the work presented here.

Source: WP 3 Robustness in Speaker Verification

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

As more and more information and communication systems are being developed with capabilities that enable the processing and collection of individual personal data, there is an increased concern regarding a greater exposure to potential threats. The more personal data a system contains, the more interesting it becomes to potential fraudsters. Consequently, policy makers, research organisations and industrial bodies have been focusing on controlling the emergence of these privacy threats. Although most systems contain some sort of protection and privacy mechanism to avoid the disclosure of data (personal or not), it does seem that these security measures are added on requirements, rather than an embedded philosophy whilst designing, developing and upgrading them. “Privacy by Design” is a framework that brings the focus of privacy to the centre of software development. It lays out several principles to adhere to, starting from the early phases of development, and considers techniques such as data minimisation, data separation, user control and accountability. In this document, we define and explain the guidelines of Privacy by Design and how they are applied in the context of the OCTAVE consortium, while developing the TBAS system. The principles of “Privacy by Design” were considered in order to define eight design strategies (minimise, separate, aggregate, hide, enforce, inform, control and demonstrate) that the Consortium will apply to all the phases of the implementation of TBAS. These strategies were a foundation to define a secure and privacy-centric architecture. In section 3, we define which techniques shall be used for each of the development life cycle phases (design, development, test and acceptance/trial). These techniques range from established encryption protocols to the use of untraceable voice biometric templates.

Source: WP 6 Speaker Verification Platform

Dissemination level: Public

Please login or register to download document.

This document accompanies the program code of the OCTAVE deliverable D11 ‘Single mode biometric engines’. Here, an engine is understood as a collection of pre-configured wrappers combined with existing open-source speaker verification systems. The main intention of D11 is to provide a simple baseline recognizer to enable studying relevant data engineering questions in later stages of OCTAVE. By a ‘simple baseline’ we refer to a system that (1) requires as few additional hyper-parameter training sets or additional parameter tuning as possible; (2) is representative of state-of-the-art for short-duration speech utterances, the core of OCTAVE use cases. The adopted technical solution to fulfil these constraints is a standard Gaussian mixture model, universal background model (GMM-UBM) system that includes mainly selection of the UBM training data and optimizing the number of Gaussians. It is known, however, that GMM-UBM systems are sensitive to changes in channel, noise and intersession variability, calling enhancements to the feature extraction part. To this end, the provided package contains a few alternative configurations for feature extraction whose benefits are demonstrated by experiments. In general, the engine is designed to be a complete package including feature extraction, UBM training, speaker adaptation, scoring and error rate computation. It contains two alternative reference implementations for the back-end processing modules, based on two popular open-source speaker recognition toolkits: MSRidentity toolbox and Alize. OCTAVE partners can adopt either baseline system. The engine is written to support Windows and Linux environments and has been independently set up and executed at all the sites contributing to D11. This document provides a tentative set of results on the recent RSR 2015 corpus intended for benchmarking text-dependent automatic speaker verification. In particular, we provide training and trial lists (definition of speaker pairs) to simulate system evaluation of three different configurations concerning speech content, (a) fixed pass-phrase, (b) text-prompted phrases, and (c) text-prompted text-independent engines. The first case includes a fixed phrase shared by all the users; the second case refers to a scenario whereby a system prompts a randomly selected phrase out of a close subset of passphrases. The last scenario is essentially a text-independent one with arbitrary enrolment and test phrases.

Source: WP 4 Hybrid Voice Biometrics

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

This document aims at supporting the software delivery of the voice biometrics platform based on existing products from the technology providers which include improvements in terms of robustness from early work in WP4. Although this deliverable (D12) is effectively a software release into a cloud environment, the OCTAVE Consortium believes that an auxiliary report summarises its purpose, its functionalities and its integration in one central element. The document acts as an aggregator of the information/documentation that is normally attached to any software release to a production environment.

The goal of D12 deliverable is to provide to all the members of the OCTAVE Consortium the voice biometrics platform based on the existing product from the technology provider ValidSoft and including improvements in terms of robustness from earlier work in the Project. This delivery is based on ValidSoft’s UA (User Authentication) platform deployed in the cloud with access to the voice biometrics functionalities through a RESTful API.

Source: WP 6 Speaker Verification Platform

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

This Deliverable opens the phase of the Project dedicated to the provision of the speech and audio data required for completion of laboratory tests aiming to assess the voice biometrics and enhancing modules of the TBAS, the Trusted Biometric Authentication Platform envisaged by OCTAVE. The subsequent Deliverables, namely “Corpora collection” and “Spoofing corpora”, will close that phase. The Deliverable is organised as described below.

The first chapter introduces the “spoken corpora” as a linguistic resource, and outlines the main characteristics we have to look for, when considering the use of a corpus in voice biometric assessment. An explanation of the importance and the function of the present report in the project, concludes the chapter.

In the second chapter, after framing the role of speech corpora in research and development of speaker verification technologies, provides a history and review of activities, organisations, and projects, devoted to the topic of voice corpora, or in general on “linguistic resources”. The chapter also discusses and justifies the main characteristics that a speech corpus must have.

The third chapter is dedicated to the description of linguistic resources available in OCTAVE and useful to its objectives. The strategies implemented to collect this info, and the resulting material are then illustrated in detail, first on the basis of the selected language for the speech material and then focusing on noise corpora. Thereafter, spoofing corpora are introduced and reviewed, as a forward reference to a subsequent Deliverable.

The fourth chapter is of crucial value: here we exploit the concept of “corpus of corpora” already announced in the OCTAVE Technical Plan, as one of relevant role for the Project. Moreover, the necessary standards and formats required for the “corpus of corpora” are defined, as well as possible software tools for its management. A forecast of the corpora that might be used to assess the various test conditions defined in the defined plan, is also provided. A preview of the activities planned for the next stages of work, and particularly for the forthcoming “corpora collection” report, concludes chapter 4.

A conclusion section summarizes key points, advantages, risks and mitigation measures of the proposed approach to vocal corpora for the objectives of OCTAVE.

Source: WP 7 Test and Verification

Dissemination level: Confidential. A public version of this report is available as Deliverable D55.

 

This report aims at defining the requirements that the OCTAVE platform must fulfil to guarantee the most effective business impact of the technical solutions proposed by the Project. The end objective is to pave the way to the exploitation strategies of the Consortium. The main steps of this report are: to outline the market scenario within which the Project solutions will be implemented; to provide a background of the Project, by emphasizing its objectives and describing the relationship among the Partners of the Consortium; and to identify key business indicators that will define metrics to assess the market impact of the OCTAVE Trusted Biometric Authentication System (TBAS). This report builds upon the output of project Deliverable D5 ‘Process and operative procedure assessment document’, which organised the user requirements of the trial applications. It expands the output of that deliverable, by addressing the user requirements on the TBAS, in a wider perspective, not limited to the scope of SEA and Findomestic processes.

Source: WP 8 Selected Applications

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

 

This deliverable is a software artefact that reflects the first phase of the integration of existing solutions related to voice biometrics verification and aiming at addressing the requirements of the target applications of the project. This report provides the relevant support as the basic information and documentation attached to any software delivery and release of the voice biometrics platform Phase 1 and related to the baseline technologies adopted. The deliverable establishes the overall architecture of the envisaged TBAS and the first phase interfaces between components that come from different partners. The delivered software artefact will form the basis for updates and enhancements to meet the voice biometrics requirements that are set forth by the project.

Source: WP 6 Speaker Verification Platform

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

This document aims at supporting the software delivery of the spoofing countermeasures based on existing solutions from the technology providers as well as some improvements from early work in the Project. This deliverable is a software release and works in conjunction with the Voice Biometrics baseline Deliverable (D12). This auxiliary report summarises its purpose, its functionalities and its integration in one central element. The document acts as an aggregator of the information/documentation that is normally attached to any software release to a production environment.

The goal of D16 is to provide a software baseline for the anti-spoofing component of the TBAS platform. The principle of spoofing and its associated countermeasure have been exposed in Deliverables D3 and D9. This delivery adds anti-spoofing capability to the User Authentication (UA) platform as described in D12. There are two main modules:

– Anti-replay: based on ValidSoft own replay detection feature;

– Anti-artificial voice: integration of a system developed and validated in WP3 on the ASVSpoof database.

These two components represent the baseline technology for the two main spoofing attack vector and are expected to be improved through further work in the Project, documented in follow-up deliverables.

Source: WP 6 Speaker Verification Platform

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

The present Deliverable addresses the objective of assembling, in the most appropriate way, the necessary datasets and their associated metadata for the purpose of testing the modules implemented for the OCTAVE platform (TBAS) and of validating the TBAS as a whole. A challenging and innovative solution was anticipated in the Description of Work (DoW), that is, Annex 1 of the Grant Agreement: the “corpus of corpora”. By this Deliverable, the solution materializes as a product that we have implemented by using open source software and the necessary hardware resources. We have based the solution on two important factors that characterise the ‘corpus’:

  • the normalisation of the different available datasets (the audio samples of the native corpora) in a unified format, which is also very simple;
  • the organisation of all the associated information (metadata) into an indexing database, which can be accessed by a database management system (mySQL in our case).

Having been made remotely accessible, as a service on the Internet, the “corpus” can be seen as the fuel that powers the test and validation process distributed among several Beneficiaries in the Consortium. Specifically, it will drive trial execution in the laboratory, and support the optimisation of the TBAS by collecting data from later user validation activities.The database structure and the format of the physical audio files as well as of the different metadata are described. Software tools to enrich the description of the speech sample by means of additional descriptors, as automatic transcription and quality measure, have also been implemented. Specific attention has been devoted in describing the data which will be collected in the trials in the field, and that will be used to validate and evaluate the TBAS with the end-users accessing the pilot services for SEA and FINDOMESTIC. A description of the actual status of the “corpus” and of its potential use in the second year of the project, closes the report.

Source: WP 7 Test and Verification

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

 

OCTAVE will deliver an access control platform through a trusted biometric authentication service (TBAS) for use in data-sensitive and mission-critical applications in real business/commercial environments. While simultaneously relieving end-users from the inconvenience of dealing with textual passwords, the OCTAVE platform will reduce the practical burden of users related to password loss and recovery. Through the use of biometrics, OCTAVE will ensure the users secure access to diverse and trustworthy smart services. However the use of biometrics raises Ethical concerns that should be coped with and cleared before the Project starts its detailed design and implementation work. This document has been produced under guidance of the OCTAVE Ethics Committee, a body added to the OCTAVE Management Structure, in order to comply with the provisions stated in the Ethical Screening Report that was carried out on the OCTAVE Proposal. As regards the issues raised by the above mentioned Report, this document recalls the Consortium’s replies as stated in the Grant Agreement, Annex 1, Part B, (for short, the Description of the Action), and complements them with the results of deeper analysis and with the views of Ethics Committee. The deliverable consists of the following parts:

1) An overview of Project Objectives from the stand point of end-users.

2) An outline of user-related challenges.

3) A description of the user trials, with particular reference to the geographical localisation of server applications, client applications, Automated Speaker verification engines, user databases and user-sensitive data communications flows.

4) A list of relevant European and National regulations on user data protection, for subsequent use in the Project.

5) An analysis of the Ethics Screening Report, whereby the Responses given by the Consortium at Grant negotiation time are complemented with the views of the OCTAVE Ethics Committee.

6) A review of the WPs dealing with user enrolment and with user data handling (processing, communications, testing and evaluation).

7) A review of Partners dealing with the same aspects as in the previous point.

8) A summary of the OCTAVE Ethics Committee guidelines.

Source: WP 1 Project Management

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

The document is the text of a communication sent to the Italian Data Protection Authority (Autorità Garante per la protezione dei dati personali), about the intention to process and maintain biometric vocal data of some employees and operators selected by the Italian organisations SEA and Findomestic Banca S.p.A., for the purpose of on-field trial applications, and of users of a test panel put up by Fondazione Ugo Bordoni for laboratory trials, in the context of execution of the OCTAVE Project, cofunded by the Eureopean Commission, under the Horizon 2020 Program.

Source: WP 1 Project Management

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

 

The main purpose of this document is to provide a detailed dissemination plan for the OCTAVE project. The document updates and refines in detail the dissemination plan provided in the Description of Work (DoW), that is, Annex 1 of the Grant Agreement, by exposing the adopted dissemination and communication strategy. It provides also information about the planned and performed dissemination activities within the OCTAVE project as of end of Year 1.

Source: WP 2 Dissemination and Exploitation

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

 

This deliverable provides a cumulative overview of the Project’s dissemination activities that have been undertaken and carried out during the First Year. These activities have been executed as main consequence of the Dissemination Plan implementation (for further information about the Dissemination Plan, please check the deliverable D20 (Dissemination and communication plan). Firstly, information about OCTAVE project is provided in order to highlight main project objectives, research activities to be conducted and the S/T methodology behind the envisaged work to be performed. Secondly, a description of dissemination target groups identified by OCTAVE project is provided. In chapter 3, captions of the main dissemination tools such as project website and project leaflet are included. Information about publications and events is also summarized, being possible to find the whole abstract of produced publications at the end of the document (see Annex I). Information and statistics about social media accounts is also provided. Finally, a table summarizes all the aforementioned activities, providing information about the main Beneficiaries involved, the target audience and the countries addressed by such a dissemination activity.

Source: WP 2 Dissemination and Exploitation

Dissemination level: Confidential. A public version of this report is available as Deliverable D56.

 

This document is an accompanying technical documentation to the OCTAVE deliverable D22 ‘Methods for environmental robustness’. The deliverable consists of software modules, including code and wrapper scripts, and this supporting document. The document details the modules, their formal evaluation and the code framework used to obtain the results from a large number of experiments based on which an optimum combination of methods is subsequently evaluated. The main purpose of D22 is to provide algorithmic modules to enhance the performance of the OCTAVE platform TBAS within real-world, often adverse, environments where noise and other distortions are likely to be encountered. The main focus has been on front-end processing in terms of robust voice activity detection (VAD), robust feature extraction, speech enhancement and noise characterization. Furthermore, model-domain acoustic normalization, score normalization, and data collection using a throat microphone are investigated. The back-end automatic speaker verification system is chosen to be the one from D11 (single mode voice biometric engines), which is used to evaluate the performance of each module. A large array of noise-robustness algorithms and an optimised end-to-end system have been evaluated using the standard RSR2015 database, with a variety of manually added noise in addition to a speech codec. Several speech enhancement algorithms are evaluated through subjective listening tests. The experiments and comparison of a wide range of methods for environmental robustness provide a solid basis and guidance for tailoring the TBAS platform for various application scenarios. The software modules are a pool of code that can facilitate the execution of trials, the implementation of robust voice biometric engines and the development of real applications for user validation.

Source: WP 3 Robustness in Speaker Verification

Dissemination level: Public

This document is available for download, just click here.

This deliverable, D23 details different hybrid architectures for fusing the scores from three different modes of speaker verification. The suitability of existing voice biometrics in the application scenarios within OCTAVE (D4) and single mode voice biometric engines (D11) are the main related deliverables to D23, and their outcome has been used for D23. Speaker verification engines are widely used in biometric authentication applications. Their major drawback is their sensitivity to spoofing attacks. Since in real-world authentication applications the use of different modes of operation is feasible, in this report we present a preliminary fusion methodology for improving the overall speaker verification performance. Specifically, we fuse in score level three modes of operation, namely the unique pass-phrase, text-dependent-prompted and text-independent, using both linear/nonlinear regression algorithms. We also investigate a knowledge-based (rule-based) method, based on biometrics and security knowledge, a data-driven method, based on machine learning fusion models and a combination of them. The experimental results indicate that the hybrid fusion architecture, which is the combination of knowledge-based and data-driven based fusion, offers an improvement in speaker verification performance. Proposed architectures can also be useful in case of spoofing attacks, but as RSR2015 does not contain spoofed speech we could not test its capability against spoofing attacks.

Source: WP 4 Hybrid Voice Biometrics

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

The main purpose of this document is to provide a useful description of the safety and security standards, procedures and technologies for the collection, transmission, storage and processing of personal data, that are adopted or taken into account by the OCTAVE project in developing its platform, in designing its connections to the End-User Applications, and in dealing with sensitive data and privacy of the ‘data subjects’ i.e. all persons that will be involved in laboratory tests or in on-field trials.This document provides:

  • a brief introduction concerning the benefits and dangers implied in the use of the biometric data for authentication (uniqueness);
  • a recap of the “Data Management Requirements” (D8.2);
  • a brief discussion on the importance of embedding the seven principles of Privacy by Design in the Architecture (background, theory);
  • a brief description of ISO/IEC 27001 standard – Information security management;
  • a brief description of the roles of Controller and Processor, and an explanation of how and why the definition have been applied to each of the Partners;
  • a recap of the rules concerning the processing of biometric data laid down by the General Data Protection Regulation (GDPR), with a focus on the security actions to be considered “appropriate to the risk” – (in particular pseudonymisation and encryption of personal data);
  • a deep, complete description of the technical framework including, among others the PET (Privacy Enhancing Technologies) and the OpenID Connect standard;
  • and, an overview of a selection of PETs that may be applied for SEA and Findomestic use Cases, namely anonymisation/revocability, multiple identity and linkability restriction.

Source: WP 5 Standards and Procedures for Personal Data Protection

Dissemination level: Confidential. A public version of this report is available as Deliverable D57.

This document accompanies a related collection of audio material referred to as the OCTAVE spoofing corpus. In detail, the spoofing corpus reported here contains a representative sample of replayed audio material originating from a number of varied playback and re-capture devices. Besides the audio material, the corpus definition contains a set of pre-configured evaluation protocols containing partitioning of the data into training and evaluation parts and consisting of two related, but disjoint, tasks: (a) speaker verification under replay spoofing, and (b) standalone spoofing detection. This accompanying documentation explains, firstly, the rationale of focusing on replay spoofing as opposed to other, more advanced spoofing attacks such as speech synthesis or voice conversion. It then describes how the specific replay data was defined, collected and post-processed to define the audio files and how this data was partitioned to define the protocols. In short, the data collection consisted of a voluntary collection effort by multiple “friendly attackers” recruited from within the OCTAVE project members to provide as wide array of varied replay devices, recapture devices and environments as possible. This particular, crowd-sourced effort to collect variable data represents, in fact, a unique feature of the collected spoofing corpus in relation to earlier off-the-shelf replay corpora available prior to OCTAVE that have usually contained relatively homogenous conditions. The deliverable provides a tentative validation of the collected data by reporting preliminary speaker verification and stand-alone spoofing countermeasure results.

Source: WP 7 Test and Verification

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

 

This deliverable represents optimization and evaluation of single mode voice biometric engines defined in the earlier OCTAVE project deliverable D11. To this end, we extend the speaker verification evaluation protocols and then execute extended experiments to enhance the robustness and operability of the earlier baseline system. Specifically, we improve both feature extraction (introduction of new features) and back-end speaker modelling components (addition of i-vector and HMM recognizer, optimization of acoustic model parameters, addition of score normalization) to enhance speaker verification performance. Further, with the motivations to verify verbal content besides the speaker identity, to prevent replay attacks and to ensure high quality of enrolment utterances, several new methods for utterance verification (UV) are implemented and compared on specifically designed evaluation protocol. In addition, noting that most state-of-the-art speaker verification systems assume knowledge of the speaker’s gender either at enrolment or verification stage or require training of gender-specific universal background models, we address the question of gender-independent speaker verification where such requirements are not necessary; this includes implementation of new gender detection modules. Finally, studies on the effects of signal bandwidth, duration and language mismatch between the development and operational languages are addressed.

Source: WP 4 Hybrid Voice Biometrics

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

 

 

 

Information systems and critical infrastructures often need to securely identify their users. It has long been recognised that alternatives are needed to textual passwords for access control. While tokens can still be stolen, or transferred to other persons, biometrics technology can provide reliable, cost-effective and user-friendly solutions, particularly for unsupervised authentication at a distance. By ‘unsupervised’ we mean that no security staff is physically nearby to supervise the process and challenge obvious or suspected intruders. By ‘at a distance’ we mean that the authentication process relies on informatic means that are located remotely (“in the cloud”), due to complexity of the algorithms involved, or just to limited trust on the physical access device made available to legitimate users. Being natural, non-intrusive and readily compatible with smart and mobile devices, automatic speaker verification (ASV) is an appealing solution. The OCTAVE project is mostly devoted to advancing today’s state-of-the-art of ASV systems, so as to maximise robustness to environmental variability and resilience to spoofing. However, ASV-based user access control may be unpractical to be supplied by every single Service Provider. On the other side, users may not like to have to register again and again their own voiceprints (i.e., to enrol) with any new service or critical infrastructure they want to access. Therefore, the OCTAVE platform, named Trusted Biometric Authentication Service (TBAS) assumes delegation of user authentication on behalf of the Service Providers, in addition to providing biometric voice verification. Under this scenario, a trust chain must be established between the user, the application provider and the authentication provider. The purpose of this deliverable is two-fold: (a) to demonstrate how OCTAVE biometric data are protected in the TBAS, via several best practices following secure communications and safe use of databases and the Privacy By Design paradigm; (b) to explore the benefits of federation for authentication according to principles and protocols laid down in standards such as OAuth2.0, SAML and OIDC (OpenID Connect), and (c) to establish the OCTAVE roadmap for an OIDCconformant implementation of the TBAS. The document aims at being as self-contained as possible, thus including a lot of tutorial and background information that probably the readers would not find all in one place. While doing so, OCTAVE-related solutions, already implemented in the first year of the project, brought about in the second year or left for technical exploitation beyond project’s lifetime, are progressively presented and explained. The document, beyond referring to the two trial applications targeted by the Project, also provides other utilisation scenarios for solutions based both on the OCTAVE TBAS and OpenID Connect.

Source: WP 6 Speaker Verification Platform

Dissemination level: Confidential. A public version of this report is available for download as Deliverable D58.

How well does a voice biometric authentication service work? How easy is it to use? How reliable is it? What performance can I expect when integrating this service in my application for my customers? All these questions cannot be answered by any open evaluation campaign, like those organized by international standardization bodies and scientific associations. Moreover, here we address the evaluation of a pre-commercial system, which is not available to third parties as ‘open’ software but as a service or, in some cases, as closed software. This document reports about an operational approach defined and adopted by OCTAVE, to answer all the issues above.

To do this, we have used both the classical approach of validating the OCTAVE platform by means of standard evaluation campaigns, and a novel approach based on the use of an ad hoc client application, named TEM (The Evaluation Machine), which massively tests the voice biometric authentication service provided by OCTAVE. Massive testing is performed by simulating, in all and for all, a very large class of users working under specific environmental conditions. In doing so, we have examined the other client applications developed by the Project for direct use by human users, to assess how smooth is the process of calling the OCTAVE Trusted Biometric Authentication Service (TBAS).

We had to develop an ad hoc solution, because nothing was found, in the open market, that would satisfy our specific needs. Therefore, we have designed and developed TEM, an application based on a new paradigm that leverages on the “corpus of corpora” database, developed in the first year of the Project. This is a database that collects and provides structured and open access to speech/audio signals uniquely described and managed through their metadata, whereas speech/audio data themselves can reside anywhere in the Web. TEM allows the evaluation of a voice authentication service based on biometrics by resorting to a description of the tests to be performed; its core task is to execute experiments by impersonating a class of users, and to store the results into another database for further analysis and for evaluation purposes. Signals in various datasets have been used to enroll thousands of virtual users with the TBAS and, thereafter, to have those virtual users access the TBAS under various conditions.

As a result of the approach, millions of speech sample comparisons have been executed on the TBAS, by exploring: different modalities (fixed passphrase, text independent, hybrid); different speech qualities (high quality, telephonic quality, speech encoded quality); different environmental conditions (noiseless and noisy with various noises at several signal-to-noise ratio levels); and different languages. All this exercise has allowed to objectively evaluate not only genuine speaker verification, but also the spoofing countermeasures modules included in the authentication by voice biometric service.

Detailed assessment procedures, for each dataset, have first demonstrated that the service is easy to use, reliable and affordable, since the TBAS has proved very resilient and highly scalable with the size of the user population. In addition, we have measured performance figures that in most cases are above the reference top-level. In rare cases when the system does not get better results than others, performance ranks anyway in the high range.

Source: WP 7 Test and Verification

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

 

The vulnerability of automatic speaker verification (ASV) systems to spoofing attacks is now well acknowledged. If exposed, these vulnerabilities not only threaten reliability, but also have potential to damage user-confidence and hence hinder the future exploitation of ASV technology. It is thus critical that countermeasures to protect from spoofing are integrated into the OCTAVE platform or trusted biometric authentication service (TBAS). The first set of OCTAVE spoofing countermeasures were reported in the companion deliverable, D9 “Robustness to spoofing with existing countermeasures”. Results reported therein demonstrate the potential to detect and deflect certain spoofing attacks with reasonable reliability. Since spoofing attacks in the wild are likely to evolve over time, however, and since spoofers will inevitably change tactics in response to deployed countermeasures, it is essential that the development of countermeasures keep apace with the evolving sophistication of spoofing attacks. This deliverable is therefore a follow-up to D9 and reports the OCTAVE consortium’s progress in anti-spoofing. Reported is a second set of advanced countermeasures and related studies that either deliver enhanced detection performance, better generalization to unforeseen attacks, or develop our understanding of likely, practical performance in OCTAVE’s user-case scenarios. Enhanced detection performance is required to improve reliability to even the most sophisticated spoofing algorithms. Generalisation will help protect today’s systems from tomorrow’s attacks. Other, advanced studies reported here fill gaps in the current technology and understanding. The literature lacks sufficient attention to replay attacks that will likely be the most prolific form of attack in the wild. The performance of existing countermeasures in the face of varying acoustic and system conditions also needs to be assessed. The current deliverable thus presents pioneering new studies in addition to the latest state-of-the-art developments in spoofing countermeasures. Among these is a number of new countermeasures that deliver significant improvements to spoofing detection across three common databases, several new approaches to replay detection and the first studies of the impact of bandwidth and additive noise on detection performance. Findings from all of this work will be used to inform the selection of countermeasure candidates and their configuration for integration into the OCTAVE TBAS later in the project.

Source: WP 3 Robustness in Speaker Verification

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

This report is a supporting document for the software delivery of the voice biometrics platform for final deployment. It reports on strategy and integration activities including supporting experiments from research partners. As the software delivered is an evolution of the platform delivered in D12 this report also discusses the new feature and the API changes made to support the requirements for the final pilot.  The Deliverable is completed in annex with some release notes and an integration guide to assist with the integration activities for the full TBAS platform in Task 6.1.

Source: WP 6 Speaker Verification Platform

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

This deliverable focuses on the use of fusion to attain better performances than single-mode speaker verification engines in Automatic Speaker Verification (ASV) systems. An ASV system based on a single-mode operation engine has been shown to provide differences in performance depending on the operational mode. The three operational modes, fixed-phrase, text-prompted text-dependent and text-prompted, text-independent modes represent increasing difficulties for machine-learning algorithms to cope with respectively. However, the creation of hybrid engines by fusing the results of the three modes increases the chances of getting much better performances due to the higher screening criteria imposed by the hybrid. There are other benefits to using hybrid engines, notably in terms of spoofing robustness. This deliverable improves the evaluation procedures and provides an evaluation of best performance fusion approach. Standard approaches such as GMM-UBM (Gaussian Mixture Models with a Universal Background Model) and HMM-UBM (Hidden Markov Models with a Universal Background Model) and approaches that are more current such as i-vector and HMM-UBM using DNN (Deep Neural Networks) features and a hybrid thereof were used as single-mode verification engines and fused at the score level to determine best performances. Results indicate fusion of HMM-UBM based approaches topping performances for fixed-phrase and text-dependent modes and the i-vector approach being best for text-independent modes. In the case of spoofing robustness, the results were similar to the speaker verification results. Fusion proved to perform better than any single-mode approach. Of the approaches to the implementation of the fusion model, Multi-Layer Perceptron (MLP), Support Vector Regression (SVR) and Linear Regression (LR) were investigated with none performing significantly better than others do. We conclude that potential improvements could be found by considering the fusion of results from different standard approaches to the single-mode speaker verification engine instead of fusing just one standard approach.

Source: WP 4 Hybrid Voice Biometrics

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

 

 

 

This report is a supporting document for the final deployment of spoofing countermeasures.  It reports on integration activities including supporting experiments from research partners. As the software delivered is an evolution of the components delivered in D16 this report also discusses the new feature and the API changes made to support the requirements for the final pilot. The Deliverable is completed in annex with some release notes, an integration guide to assist with the testing activities of Task 7.3, the description of the wsdl for the gSOAP API and a simple client example written in Python to demonstrate how to call the API to perform spoofing detection.

Source: WP 6 Speaker Verification Platform

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

This report aims to provide a description of an application allowing airport operators for physical access in a restricted, sensitive, area, through the authentication service offered by the OCTAVE solution, technically known as TBAS (Trusted Biometric Authentication Service). The technical performances of the application are being built according to the Client’s (SEA) operational requirements. We focus on the physical access, by means of the OCTAVE TBAS authentication, starting from a vocal interaction with a selected device, and ending with access granting or denial by the TBAS.

The description starts with a quick description of our operative scenario. It is followed by the functional specifications of the interactions needed to characterize the different use cases. Enrolment, update, cancellation and authentication are defined, in order to provide accurate details on the field implementation for physical users. The deliverable then focuses on the expected user experience in terms of interaction with the device. Messages exchanged in the dialogue with the end-user/operator and the execution times of the access will be reported, as well as the alternative choices to be adopted in case of recognition failure. The last section describes how the TBAS interacts with the Id Management Software and with the selected u-Touch device, depending on the different functional use cases.

Source: WP 8 Selected Applications

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

 

This report aims to describe the implementation of an application that authenticates on-line users, in a financial services environment, by resorting to the OCTAVE Trusted Biometric Authentication Service (TBAS). The implementation has been developed under Advalia and Findomestic specifications and assumes operational-like conditions for the validation of technical performance requirements.

The document builds upon the output of project Deliverable D14 “Business Requirements Report” and on the output of project Deliverable D15 “Technology Baseline”, and specifically focuses on online user access, via a voice telephony channel, whereby the caller is vocally authenticated by means of the OCTAVE TBAS. This corresponds to the Findomestic trial. The description starts with a functional characterization of the different use cases that are implemented in the Findomestic trial, to provide details about how the on-field implementation has been designed and carried out. The implementation covers registration, update, cancellation and authentication of an online user. After that functional overview, the deliverable focuses on the main characteristics of the implementation from a user experience point of view, pointing out how customer interactions are expected to take place regarding terminals to be adopted, prerequisites for service subscription, and messages that are prompted to the user. Service provider requirement profiles with regards to the OCTAVE TBAS service are also duly covered. Thereafter, a more technical section follows, describing how the TBAS web services are called from the Findomestic CISCO IVR (Interactive Voice Response) platform, for each of the different use cases explored in the overview.

The deliverable also provides a description of the procedures that are foreseen in the case that, for any reason, the authentication process cannot be successfully completed within a time margin compatible with the need to safeguard quality and convenience of the user experience. Some of the technical choices and user interface elements described in this deliverable, along with technical procedures to be adopted and with levels of system reliability related to acceptable margins of error, are subject to consolidation and fine-tuning after the OCTAVE pilot platform roll-out (the subject of forthcoming Deliverable D37 “Pilot platform ready for testing”) and after pertaining testing activities (the subject of forthcoming Deliverable D40 “Trial results for online access authentication application”).

Source: WP 8 Selected Applications

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

 

The purpose of this document is to provide a record of the monitoring activities that take place in the context of the OCTAVE developments, for aspects that relate to collection, storage and processing of personal data. In order to carry out this monitoring in a structured way, this document starts with an overview of the overall TBAS architecture and its provisions for the protection of personal data: this first chapter already introduces the concept that the splitting of user sensitive data among the application provider, the identity management provider and the authentication provider, along with pseudonymisation of those data at different stages, follows the Privacy by Design guidelines and provides adequate measures for guaranteeing the privacy of the stored personal data. Thereafter, the deliverable reports the list of privacy issues related to personal data that have been collected during the first seventeen months of the project: for every item of this list, the document describes the way the issue has been handled and addressed by the OCTAVE TBAS platform, together with a pertinent reference. Issues are numbered in increasing order, with no implication to their relative importance. A brief overview of the design issues related to the protection of personal data, for both SEA and Findomestic trials, follows; this additional bird’s eye view supports the conclusion that not only the way the OCTAVE TBAS platform is structured, but also the way this platform interacts with application providers is compliant with legal and technical requirements documented by deliverables D6 and D24 and consequently provides adequate measures for guaranteeing the privacy of the stored personal data. The consistency and full compliancy of the overall service with the principles that relate to collection, storage and processing of personal data will be a key element to determine the successful exploitation and the spread adoption of the OCTAVE TBAS solution.

Source: WP 5 Standards and Procedures for Personal Data Protection

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

This deliverable combines much of the work within OCTAVE which has implemented hybrid solutions to automatic speaker verification and also innovative new countermeasure solutions to detect and prevent spoofing attacks of increasing sophistication and diversity. Key to the complementarity of the work reported here to that elsewhere within the OCTAVE work programme is the combination of automatic speaker verification with fully integrated spoofing countermeasures. While increasing security, they also have the potential to impact on the usability of OCTAVE systems; there is an inherent trade-off between the requirements for convenience and security. The analysis of the relationship between these two essentially competing requirements is the objective of the work reported herein. The empirical analysis involves the use of three different, standard corpora. Their use with four scenarios involving different text constraints encapsulates the two OCTAVE use cases, namely those of telephony banking, a logical access scenario, and a physical access scenario involving the protection of sensitive airport infrastructure. Each experimental condition includes a study of multiple automatic speaker verification frontends and multiple spoofing countermeasures. The study involving combined text constraints constitutes the hybrid condition. Furthermore, two different approaches to automatic speaker verification and spoofing countermeasure integration are considered: cascaded and parallel. The study is the broadest and deepest analysis of the convenience-security trade-off performed to date. The analysis of the convenience-security trade-off relates to the balance between false rejections and false acceptances. Spoofing attacks aim to provoke false acceptances; countermeasures aim to reduce them. However, any solution to deliver lower false acceptance in the form of spoofing countermeasures generally results in higher false rejection rates. Convenience, in contrast, demands low false rejection rates whereas this cannot be achieved without increasing the false acceptance rate, hence the need to properly understand the relationship between convenience and security in the OCTAVE project. Results reported in this deliverable show that the cascaded integration of speaker verification and spoofing countermeasures is a suitable approach, which preserves user convenience while greatly improving system reliability and security.

Source: WP 4 Hybrid Voice Biometrics

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

 

 

 

This report provides the relevant information and documentation, typically attached to any software delivery. The specific delivery consists in the release of the voice biometrics platform, including identity management, which constitutes the pilot adopted for the demonstrators and for the user trials. The report consolidates and advances the overall architecture and technology that was documented in Deliverable D15 ‘Technology Baseline’ reporting about definition and implementation of the API between a core speaker authentication system, adopted as input to the Project, and a number of project-originated components and external third party service providers.

The updated system that is described in this Deliverable D37 has brought in a new set of components related to the system security underlying mechanism and based on an existing open-source solution, to manage the authentication and authorization of the services functionalities, and to enforce Security, Privacy and Trust (SPT) requirements. From an input-output viewpoint, this report gives details on the final set of APIs to access the TBAS services. The delivered software artefact constitutes the TBAS implementation, to be accessed by End-User Applications during the User Trial phase of the Project. The system is open to updates, refinements and enhancements that experience and feedback from the Technology Trials and User Trials will suggest. The final shape of the TBAS will be described in the forthcoming Deliverable D43 ‘Post pilot final Platform’.

This Deliverable has been issued by the OCTAVE WP6, which is responsible to provide the architecture and software, making up a so-called Trusted Biometric Authentication System (TBAS), by leveraging on existing solutions related to voice biometrics verification, by introducing major enhancements in the voice biometric verification technology itself and by configuring voice biometrics as a cloud service to be offered to third-party businesses.

Source: WP 6 Speaker Verification Platform

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

The OCTAVE Trusted Biometric Authentication Service (TBAS) has been designed and set-up during the entire project duration, with the aim of building a distributed platform providing user authentication based on biometric data related to the speaker voice, and offering this solution as an access control service.

After completing the platform development, the project has come to the stage in which the access authentication service has to be tested in real-life conditions.

The main target of task T7.4, governing the activities reported in this deliverable, is to test and validate the usability of OCTAVE TBAS in two authentication contexts: logical one and physical one, in real environmental conditions.

Deliverable D38 focuses on all the activities that have been carried out, to setup and execute the field experiments of the SEA in-field trial, namely the authentication of physical users, in accessing a restricted area inside Linate airport, in real-like life conditions and in an open environment.

The deliverable also focuses on the usability issues raised by the Operators and the Security Officers, both during the enrolment phase and the authentication phase, and ensures that the entire process is consistent and tailored to the Airport’s real daily habits. Process results are extracted from the trial log files, automatically created by the access device, the uTouch, selected by the Project to control the entrance to the restricted area. The log files keep track of every interaction initiated by the Operators or by the Security Officers. Other files keep track of individual interviews both to the Operators and to the Security Officers.

Source: WP 7 Test and Verification

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

 

OCTAVE has delivered an access control platform through a trusted biometric authentication service (TBAS) for use in data-sensitive and mission-critical applications in real business/commercial environments. While simultaneously relieving end-users from the inconvenience of dealing with textual passwords, the OCTAVE platform will reduce the economic and practical burden of service providers related to password loss and recovery. Through the use of biometrics, OCTAVE delivers operational, interoperable technology, installed and tested in a broad-band network, managing secure access to diverse and trustworthy smart services. Exploitation task paves the way for bringing research and innovation project outcomes to real market and explores the best routes for exploiting commercial opportunities that may appear after project life. In this regard, this deliverable is the first of two deliverables devoted to task 2.5 Exploitation Analysis and Business Models, that belongs to WP2 Dissemination and Exploitation and its main purpose is to summarize exploitation activities carried out during project life. These activities have been initiated and executed according to the project Description of Work and concretely to the objectives of T2.5, this is, analysing market possibilities and potential viability for OCTAVE project’s outcomes; and defining an exploitation strategy that maximise the potential impact of OCTAVE outcomes in the real market and in the research and innovation area.

This document exposes:

  • The description and categorization of OCTAVE outcomes (exploitable results and knowledge),
  • an exhaustive market analysis in the context of Cybersecurity and Biometrics, including a SWOT analysis and the identification of target market, the description of OCTAVE value proposition against competitors’ solutions, IP allocation and exploitation claims of partners over OCTAVE results,
  • and finally, the analysis and definition of the potential business model for the OCTAVE platform, including financial estimates.

Source: WP 2 Dissemination and Exploitation

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

 

The OCTAVE T-BAS Service has been designed and setup during the entire project duration, with the aim:

  • to build a distributed platform that will provide user authentication based on biometric data related to the speaker voice
  • to offer this solution as a service.

After many months of activities, the project has come to the stage in which the service has to be tested in real-life conditions.

Deliverable D40 focuses on all the activities that have been carried out, that is in order to setup and execute the field experiments of the Findomestic in-field trial, therefore the authentication of online users, in accessing remote Banking services in operational real-like life conditions.

The deliverable focuses on the usability issues raised by the end users, both during the enrolment phase and the authentication one, and ensures that the entire process is consistent; the deliverable also focuses and on the result that came out of the trial, both the end users subjective evaluations and from the log files, automatically created by the Findomestic CISCO IVR on every interaction started by the end user.

Source: WP 7 Test and Verification

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

 

This deliverable is a consolidated application report with data analysis, comparisons and lessons learned from using the TBAS platform during the physical and logical access pilots. We report on how data logged during the pilot by the end users and the platform have been used to carry out some offline analysis and to shed some light on the performance of the system. The analysis is aimed at finding several improvements on the core speech processing technology, by addressing any unforeseen issues or conditions that were not observed during the experiment and testing phases. These proposed improvements are part of a list of lessons learnt which also include items about the organization of the pilots.

Source: WP 8 Selected Applications

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

 

This document reports on the developments of the Trusted Biometric Authentication Service (TBAS) and also provides feedback that pertains to the manipulation of personal data. By its very conception and subsequent design and implementation TBAS makes heavy use of voice biometric data for providing its authentication service. The careful manipulation of these data is of utmost importance to the successful uptake of the platform. Specifically, the document reports on the extent to which

  • existing legislation concerning the protection of personal data (e.g., General Data Protection Regulation (GDPR))
  • established standards and procedures related to the manipulation of personal data, e.g., Privacy by Design (PbD)

have been taken into account for the development of the TBAS.

Moreover, the document takes an extended view and covers the cases of the two applications that have been defined and developed in the project for validating the TBAS. In these applications both biometric and biographic data are manipulated, therefore the design decisions made and corresponding implementations related to the manipulation of these data are also reported in this document.

Source: WP 5 Standards and Procedures for Personal Data Protection

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

This Deliverable has been issued by the OCTAVE WP6, which is responsible to provide the architecture and software, making up a so-called Trusted Biometric Authentication System (TBAS), by leveraging on existing solutions related to voice biometrics verification, by introducing major enhancements in the voice biometric verification technology itself and by configuring voice biometrics as a cloud service to be offered to third-party businesses.

The report provides a summary of the final architecture consolidating the design of the overall architecture and technologies that was documented in Deliverable D37 ‘Platform for pilot’. This document report an integration activities and provides the integration references as an integration guide oriented to the application providers, developer of client applications who could interact with the TBAS to integrate their client applications that improve part of their business activities providing a new system to their end-user and customers offering new functionalities related to the security and authentication of the end-users.

The delivered software artefact constitutes the final TBAS implementation, which is an evolution of the platform delivered in D37 that was accessed by End-User Applications during the User Trial phase of the Project confirming the viability of the platform for user voice biometric authentication. This is the final shape of the TBAS designed, tested and experimented, accessible by third parties, application developers and service providers to build new applications that need to authenticate users by voice biometric technology.

Source: WP 6 Speaker Verification Platform

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

The main objective and motivation of this deliverable are to conduct a usability test of the final developed trusted biometric authentication service (TBAS) platform in the OCTAVE project on selected applications and document end-user experience with the use of the voice biometric security access control system. The deliverable contains a statistical analysis of the test setups and results. The statistical analysis is based on user data, user-feedback, user questionnaires, user interviews and speaker verification performance on the different aspects of real-world scenarios, which can cause mismatch between training and testing, e.g. handset, noise, population group, gender and vulnerability to replay attacks.

This analysis manifests the usability of the OCTAVE TBAS under different conditions and the knowledge gained from the analysis can help guide further improvements of the TBAS design to be more considerate of its users.

WP 7 Test and Verification

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

 

This deliverable deals with the main standards relevant to our work in OCTAVE during project life and outlines the areas where we are using the standards, contributing to the standards, or fostering adoption of the standards. D45 is a result of task D2.3 “Contribution to standards” and part of WP2 “Dissemination and Exploitation”. Our standardisation efforts contribute to dissemination and exploitation in several ways. On one hand, by engaging with standardisation bodies and contributing to the standards they are developing, we bring their attention to the work being done in OCTAVE, which necessarily results in wider dissemination of our work. Also, by explaining to others the kind of solutions that OCTAVE is developing and how we plan to contribute to standardisation, we have an opportunity to communicate to others the kind of problems OCTAVE is dealing with, the challenges involved, and the workable solutions we have envisioned to address those problems. On the other hand, contributing to standards currently under development or even promoting or spurring a new standard help defining a model of exploitation. Regardless of whether the standard relates to a component of our solution or to the system as a whole, a standard specification can contribute to further adoption and exploitation.

Source: WP 2 Dissemination and Exploitation

Dissemination level: Public

The Deliverable will be made available for download, once the Commission has approved it.

 

This deliverable provides an overview of all dissemination activities that have been carried out during the duration of the OCTAVE project, mainly those carried out during its second period (June 2016-July 2017).

The objective was two-fold: to create awareness of OCTAVE achievements and contributions to innovation in the area of biometrics for access control, and to attract potential and relevant users of the results of the project, in the industrial and academic communities, as well as among business and institutional stakeholders interested to improve security and authentication procedures.

The actions and tools adopted for communication and dissemination include the project website, two workshops organized by the project, the participation to two third-party conferences with a project booth and with a project-dedicated session, the participation to several conferences with papers originated, at least partially, by work within the project, and our presence in the social networks.

OCTAVE has also impacted to international evaluation campaigns, related to advanced automated speaker verification, both providing new datasets and outstanding results of experiments with new techniques, particularly in the field of spoofing countermeasures.

Most actions, far from being limited within project duration, are deemed to have an impact beyond the scope of the project, for instance bringing OCTAVE outcomes and innovation to new projects for further opportunities in research activities, industry standards and business operations.

Source: WP 2 Dissemination and Exploitation

Dissemination level: Public

The Deliverable will be made available for download, once the Commission has approved it.

 

This document presents the OCTAVE Individual Partners’ Exploitation Plans, as a follow-up of Deliverable D39, where an Exploitation analysis was carried out at project consortium level and yielded a list of Exploitable results, qualifying the position of each Partner with respect to each result.

The focus of this Deliverable D47 is to provide evidence of plans, within each Partner, to concretely value the results of the OCTAVE project beyond the end of EU funding. Results can be valued by making use of them in the business processes, or by introducing them in the commercial offer of each Partner, compatibly with IPRs (Intellectual Property Rights) mutually recognised by all Partners and with due compensation fees, in fair and reasonable terms, to the Parties specifically owning those results, according to charging models that have been defined in D39.

After summarizing a methodology for exploitation analysis introduced in D39, this document exposes the Individual Partners’ plans, by using a common taxonomy: overview of the Partner mission and activity sector (industry, services to citizens and customers, consultancy, research and development); background and foreground results; exploitation opportunities derived from OCTAVE.

Source: WP 2 Dissemination and Exploitation

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

 

This deliverable provides an evaluation of the potential commercial impact of “authentication as a service” provided by the OCTAVE TBAS (Trusted Biometric Authentication Service), leveraging not only on processes and solutions specified in the deliverables issued during the entire project life-cycle, but also on the results from on-field trials carried out for two business processes: (1) authentication of logical access to remote banking services, and (2) authentication of physical access to restricted sensitive areas. Indeed, the two trials have provided some feedback on Key Performance Indicators (KPIs), which – although derived from a restricted population of clients involved in what we can consider a business simulation phase – allow forecasting potential results on a larger population, in the medium term.

Source: WP 8 Selected Applications

Dissemination level: Confidential

To know more about the document, you may place a request in the ‘Contact’ section of this site. We reserve the right to decide how much we can disclose.

 

This deliverable is twofold: a report on the design of the OCTAVE website and the initial website itself (home page and some basic pages, as of delivery month, i.e. July 2015). The website is of course a living product, as it will be constantly informing the target audiences about the existence of the OCTAVE project and the potential benefits for companies and experts operating in the applicable fields. The website will make available social-network targeted information on the themes of access control and biometric data. The website contents will address the general public (by presenting the advantages of voice biometrics for easy access to information services and critical infrastructures) and all stakeholders (e.g., enterprises requiring access control, smart service developers, educators, researchers, etc.) by providing them with outputs that are publishable according to OCTAVE classification policies. This document contains:

  • the requirements that were taken into account, when designing the site;
  • the structure of the site;
  • the structure of the pages created as of July 2015;
  • a description of the content management system, associated with the site, and the workflows for posting contents on the site at different authorization levels;
  • highlights on contents to appear within the first six months of the Project life.

Source: WP 2 Dissemination and Exploitation

Dissemination level: Public

Please login or register to download document.

This report provides an overview of speaker verification and its potential vulnerabilities, particularly with reference to the objectives within OCTAVE. The scope of the study covers the two individual modes of text-dependent and text-independent, which are considered in the formation of a complete voice biometric system for operating under unsupervised conditions. The report details the fundamental approaches involved, and the most recent developments in the field, including the state-of-the-art methods for speaker modelling and classification. Based on the outcomes of relevant experimental studies reported in the literature, the characteristics and performance of speaker verification in the aforementioned modes of operation are appropriately defined and analysed. Another important aspect of the study is that related to the vulnerability of speaker verification to spoofing. This is a rapidly growing challenge in the field, posing potentially serious threats to the reliability and hence usability of the technology in real applications. Various categories of spoofing, ranging from replay attacks to voice conversion, are analysed, and the level of vulnerability in each case is discussed. Whilst the study involves reference to the standard speaker verification approaches, a core facet of the report is that concerned with a commercial-grade speaker verification system developed by ValidSoft (a main industrial partner in OCTAVE). The study examines the efficiency and operational potential of ValidSoft’s speaker verification system for the realisation of the unsupervised access control required in the considered onsite and online scenarios. The detailed system analysis applied in this case is shown to be appropriately aligned with the requirements in the adopted application areas. This together with the analysis of vulnerability to spoofing are expected to facilitate the introduction of effective approaches for achieving appropriately high levels of reliability and robustness in unsupervised operating conditions.

Source: WP 3 Robustness in Speaker Verification

Dissemination level: Public

Please login or register to download document.

 

This deliverable details the key considerations and requirements for the effective realisation and deployment of voice biometrics in the application scenarios within OCTAVE. As a main facet of the report, the effects of extrinsic and intrinsic nuisance factors (other than spoofing) on the speaker recognition performance are reviewed. These include variations in the acoustic environments and channel characteristics, and also the particular effects of text-related parameters (e.g. duration). Another aspect of the study is the analysis of the application modes of speaker verification, with particular reference to the recognition accuracy, convenience for clients and robustness against spoofing. Based on the review of a set of use cases defined by the end-user partners within OCTAVE (i.e. Findomestic/Advalia and SEA), the operational characteristics and specifications in different access control scenarios are reviewed. In order to further facilitate progress towards the effective deployment of voice biometrics in practice, the report also provides discussions on various operational requirements and challenges expected in the applications areas considered in OCTAVE.

Source: WP 4 Hybrid Voice Biometrics

Dissemination level: Public

Please login or register to download document..

This Deliverable opens the phase of the Project dedicated to the provision of the speech and audio data required for completion of laboratory tests aiming to assess the voice biometrics and enhancing modules of the TBAS, the Trusted Biometric Authentication Platform envisaged by OCTAVE. The subsequent Deliverables, namely “Corpora collection” and “Spoofing corpora”, will close that phase. The Deliverable is organised as described below.

The first chapter introduces the “spoken corpora” as a linguistic resource, and outlines the main characteristics we have to look for, when considering the use of a corpus in voice biometric assessment. An explanation of the importance and the function of the present report in the project, concludes the chapter.

In the second chapter, after framing the role of speech corpora in research and development of speaker verification technologies, provides a history and review of activities, organisations, and projects, devoted to the topic of voice corpora, or in general on “linguistic resources”. The chapter also discusses and justifies the main characteristics that a speech corpus must have.

The third chapter is dedicated to the description of linguistic resources available in OCTAVE and useful to its objectives. The strategies implemented to collect this info, and the resulting material are then illustrated in detail, first on the basis of the selected language for the speech material and then focusing on noise corpora. Thereafter, spoofing corpora are introduced and reviewed, as a forward reference to a subsequent Deliverable.

The fourth chapter is of crucial value: here we exploit the concept of “corpus of corpora” already announced in the OCTAVE Technical Plan, as one of relevant role for the Project. Moreover, the necessary standards and formats required for the “corpus of corpora” are defined, as well as possible software tools for its management. A forecast of the corpora that might be used to assess the various test conditions defined in the defined plan, is also provided. A preview of the activities planned for the next stages of work, and particularly for the forthcoming “corpora collection” report, concludes chapter 4.

A conclusion section summarizes key points, advantages, risks and mitigation measures of the proposed approach to vocal corpora for the objectives of OCTAVE.

Source: WP 7 Test and Verification

Dissemination level: Public

Please login or register to download document.

 

This deliverable provides a cumulative overview of the Project’s dissemination activities that have been undertaken and carried out during the First Year. These activities have been executed as main consequence of the Dissemination Plan implementation (for further information about the Dissemination Plan, please check the deliverable D20 (Dissemination and communication plan). Firstly, information about OCTAVE project is provided in order to highlight main project objectives, research activities to be conducted and the S/T methodology behind the envisaged work to be performed. Secondly, a description of dissemination target groups identified by OCTAVE project is provided. In chapter 3, captions of the main dissemination tools such as project website and project leaflet are included. Information about publications and events is also summarized, being possible to find the whole abstract of produced publications at the end of the document (see Annex I). Information and statistics about social media accounts is also provided. Finally, a table summarizes all the aforementioned activities, providing information about the main Beneficiaries involved, the target audience and the countries addressed by such a dissemination activity.

Source: WP 2 Dissemination and Exploitation

Dissemination level: Public

Please login or register to download document.

The main purpose of this document is to provide a useful description of the safety and security standards, procedures and technologies for the collection, transmission, storage and processing of personal data, that are adopted or taken into account by the OCTAVE project in developing its platform, in designing its connections to the End-User Applications, and in dealing with sensitive data and privacy of the ‘data subjects’ i.e. all persons that will be involved in laboratory tests or in on-field trials.This document provides:

  • a brief introduction concerning the benefits and dangers implied in the use of the biometric data for authentication (uniqueness);
  • a recap of the “Data Management Requirements” (D8.2);
  • a brief discussion on the importance of embedding the seven principles of Privacy by Design in the Architecture (background, theory);
  • a brief description of ISO/IEC 27001 standard – Information security management;
  • a brief description of the roles of Controller and Processor, and an explanation of how and why the definition have been applied to each of the Partners;
  • a recap of the rules concerning the processing of biometric data laid down by the General Data Protection Regulation (GDPR), with a focus on the security actions to be considered “appropriate to the risk” – (in particular pseudonymisation and encryption of personal data);
  • a deep, complete description of the technical framework including, among others the PET (Privacy Enhancing Technologies) and the OpenID Connect standard;
  • and, an overview of a selection of PETs that may be applied for SEA and Findomestic use Cases, namely anonymisation/revocability, multiple identity and linkability restriction.

Source: WP 5 Standards and Procedures for Personal Data Protection

Dissemination level: Public

Please login or register to download document.

Information systems and critical infrastructures often need to securely identify their users. It has long been recognised that alternatives are needed to textual passwords for access control. While tokens can still be stolen, or transferred to other persons, biometrics technology can provide reliable, cost-effective and user-friendly solutions, particularly for unsupervised authentication at a distance. By ‘unsupervised’ we mean that no security staff is physically nearby to supervise the process and challenge obvious or suspected intruders. By ‘at a distance’ we mean that the authentication process relies on informatic means that are located remotely (“in the cloud”), due to complexity of the algorithms involved, or just to limited trust on the physical access device made available to legitimate users. Being natural, non-intrusive and readily compatible with smart and mobile devices, automatic speaker verification (ASV) is an appealing solution. The OCTAVE project is mostly devoted to advancing today’s state-of-the-art of ASV systems, so as to maximise robustness to environmental variability and resilience to spoofing. However, ASV-based user access control may be unpractical to be supplied by every single Service Provider. On the other side, users may not like to have to register again and again their own voiceprints (i.e., to enrol) with any new service or critical infrastructure they want to access. Therefore, the OCTAVE platform, named Trusted Biometric Authentication Service (TBAS) assumes delegation of user authentication on behalf of the Service Providers, in addition to providing biometric voice verification. Under this scenario, a trust chain must be established between the user, the application provider and the authentication provider. The purpose of this deliverable is two-fold: (a) to demonstrate how OCTAVE biometric data are protected in the TBAS, via several best practices following secure communications and safe use of databases and the Privacy By Design paradigm; (b) to explore the benefits of federation for authentication according to principles and protocols laid down in standards such as OAuth2.0, SAML and OIDC (OpenID Connect), and (c) to establish the OCTAVE roadmap for an OIDCconformant implementation of the TBAS. The document aims at being as self-contained as possible, thus including a lot of tutorial and background information that probably the readers would not find all in one place. While doing so, OCTAVE-related solutions, already implemented in the first year of the project, brought about in the second year or left for technical exploitation beyond project’s lifetime, are progressively presented and explained. The document, beyond referring to the two trial applications targeted by the Project, also provides other utilisation scenarios for solutions based both on the OCTAVE TBAS and OpenID Connect.

Source: WP 6 Speaker Verification Platform

Dissemination level: Public

Please login or register to download document.