ISO/IEC 19989-1:2020 信息安全 生物识别系统安全评估的标准和方法 第1部分：框架

标准编号：ISO/IEC 19989-1:2020

中文名称：信息安全 生物识别系统安全评估的标准和方法 第1部分：框架

英文名称：Information security — Criteria and methodology for security evaluation of biometric systems — Part 1: Framework

发布日期：2020-09

标准范围

对于生物特征验证系统和生物特征识别系统的生物特征识别性能和呈现攻击检测的安全性评估，本文档规定:-将安全功能组件扩展到ISO/IEC 15408-2中的SFR类别；-ISO/IEC 18045中针对ISO/IEC 15408-3 SAR类别规定的方法的补充活动。本文件介绍了生物识别系统安全评估的一般框架，包括扩展的安全功能组件，以及方法的补充活动，即额外的评估活动和评估员处理这些活动的指导/建议。本文件中制定了补充评价活动，而ISO/IEC 19989-2（用于生物识别方面）和ISO/IEC 19989-3（用于呈现攻击检测方面）。本文件仅适用于单一生物特征类型的脚趾。然而，允许从SFR中的多个特征中选择一个特征。

For security evaluation of biometric recognition performance and presentation attack detection for biometric verification systems and biometric identification systemsthis document specifies:
- extended security functional components to SFR Classes in ISO/IEC 15408-2;
- supplementary activities to methodology specified in ISO/IEC 18045 for SAR Classes of ISO/IEC 15408-3.
This document introduces the general framework for the security evaluation of biometric systems, including extended security functional components, and supplementary activities to methodology, which is additional evaluation activities and guidance/recommendations for an evaluator to handle those activities. The supplementary evaluation activities are developed in this document while the detailed recommendations are developed in ISO/IEC 19989-2 (for biometric recognition aspects) and in ISO/IEC 19989-3 (for presentation attack detection aspects). This document is applicable only to TOEs for single biometric characteristic type. However, the selection of a characteristic from multiple characteristics in SFRs is allowed.

标准预览图