Go to file
mamingshuai d328f3949b
!156 回退 'Pull Request !154 : useriam部件化整改step1'
Merge pull request !156 from mamingshuai/revert-merge-154-master
2022-06-13 13:58:58 +00:00
common/inc update folder and optimize code 2022-05-14 23:23:48 +08:00
figures update readme 2022-05-09 17:26:24 +08:00
frameworks/face_auth aafwk目录切换ability_ability_runtime 2022-06-02 16:30:10 +08:00
interfaces/inner_api/face_auth update folder and optimize code 2022-05-14 23:23:48 +08:00
sa_profile fix bionic C uid 2022-04-22 17:34:31 +08:00
services 回退 'Pull Request !154 : useriam部件化整改step1' 2022-06-13 13:55:07 +00:00
test 回退 'Pull Request !154 : useriam部件化整改step1' 2022-06-13 13:55:07 +00:00
ui/Settings_FaceAuth update ui image 2022-06-09 15:44:06 +08:00
.gitattributes fix mock issue 2022-03-09 22:14:12 +08:00
.gitignore fix review issue 2022-03-22 09:45:04 +08:00
bundle.json 回退 'Pull Request !154 : useriam部件化整改step1' 2022-06-13 13:55:07 +00:00
LICENSE fix: UGO permission and copyright time liuwenkai@huawei.com 2022-03-12 17:03:17 +08:00
OAT.xml fix: code review liuwenkai@huawei.com 2022-03-24 17:46:51 +08:00
README_ZH.md update folder and optimize code 2022-05-14 23:23:48 +08:00
README.md update docs 2022-04-12 17:40:44 +08:00

Face Authentication

Introduction

Face authentication (faceauth) supports recording, deletion, and authentication of user faces.

faceauth is a biometric authentication executor supported by OpenHarmony. It registers face authentication resource information with the collaborative authentication framework based on the resource registration interface defined by collaborative authentication, and invokes camera functions according to the scheduling of the collaborative authentication framework to record, delete, and authenticate user faces.

Figure 1 Face authentication architecture

Facial data is important biometric information of users. The following security measures are taken to protect the facial data during the authentication process:

  • Permission management: High access permissions are defined for face recording and deletion APIs, which can be invoked only by setter applications.
  • Secure storage and comparison of facial data: The faceauth HDI defines the adaptation interfaces for device vendors. Device vendors can implement secure facial data comparison and storage in a trusted execution environment (TEE). Note 1

Note 1: The OpenHarmony open-source framework provides stub implementation of face authentication for developers to demo the face authentication function. The stub software implementation does not include secure storage and comparison of facial data in a TEE.

Directory Structure

//base/user_iam/face_auth
├── bundle.json              # Module description file
├── figures                  # Figures used in the README
├── sa_profile               # Service ability profile 
├── services                 # Service implementation
└── ui                       # User interface for face recording

Usage

  • To adapt to the face authentication function, device vendors must implement the APIs defined in the face_auth_ca.h file.
  • The extraction, comparison, storage, and recording of facial data must be implemented in a secure environment (TEE/secure chipset) to ensure the highest security level in the system.

Repositories Involved

useriam_auth_executor_mgr

useriam_user_idm

useriam_user_auth

useriam_pin_auth

useriam_faceauth