ISO/IEC 19989-1:2020
Information security - Criteria and methodology for security evaluation of biometric systems - Part 1: Framework
Abstract
For security evaluation of biometric recognition performance and presentation attack detection for biometric verification systems and biometric identification systemsthis document specifies:
- extended security functional components to SFR Classes in ISO/IEC 15408-2;
- supplementary activities to methodology specified in ISO/IEC 18045 for SAR Classes of ISO/IEC 15408-3.
This document introduces the general framework for the security evaluation of biometric systems, including extended security functional components, and supplementary activities to methodology, which is additional evaluation activities and guidance/recommendations for an evaluator to handle those activities. The supplementary evaluation activities are developed in this document while the detailed recommendations are developed in ISO/IEC 19989-2 (for biometric recognition aspects) and in ISO/IEC 19989-3 (for presentation attack detection aspects). This document is applicable only to TOEs for single biometric characteristic type. However, the selection of a characteristic from multiple characteristics in SFRs is allowed.
- extended security functional components to SFR Classes in ISO/IEC 15408-2;
- supplementary activities to methodology specified in ISO/IEC 18045 for SAR Classes of ISO/IEC 15408-3.
This document introduces the general framework for the security evaluation of biometric systems, including extended security functional components, and supplementary activities to methodology, which is additional evaluation activities and guidance/recommendations for an evaluator to handle those activities. The supplementary evaluation activities are developed in this document while the detailed recommendations are developed in ISO/IEC 19989-2 (for biometric recognition aspects) and in ISO/IEC 19989-3 (for presentation attack detection aspects). This document is applicable only to TOEs for single biometric characteristic type. However, the selection of a characteristic from multiple characteristics in SFRs is allowed.
Additional information
| Publication type | International Standard |
|---|---|
| Publication date | 2020-09-29 |
| Edition | 1.0 |
| Available language(s) | English |
| TC/SC | ISO/IEC JTC 1/SC 27 - Information security, cybersecurity and privacy protectionrss |
| ICS | 35.030 - IT Security |
| Pages | 62 |
| File size | 3033 KB |
The following test report forms are related:
Share your publications
Learn how to share your publications with your colleagues, using networking options.
Payment information
Our prices are in Swiss francs (CHF). We accept all major credit cards (American Express, Mastercard and Visa, JCB and CUP), PayPal and bank transfers as form of payment.
Keep in touch
Keep up to date with new publication releases and announcements with our free IEC Just Published email newsletter.
Contact customer services
Please send your enquiry by email or call us on +41 22 919 02 11 between 09:00 – 16:00 CET Monday to Friday.