Biometric authentication for critical infrastructure access control – Requirements and Evaluation
|Publication Date:||18 December 2018|
|ICS Code (Identification cards. Chip cards. Biometrics):||35.240.15|
This document addresses biometric recognition systems that are used as part of an automated access control system to provide a second and independent authentication factor of the individual using the AACS to access secured areas of critical infrastructure. This document: - specifies requirements for biometric recognition systems to be used as part of an AACS for critical infrastructure, - describes a methodology for the evaluation of biometric authentication for AACSs against the specified requirements. The requirements and test methods address biometric authentication for AACS that: (i) operate in an internal environment constituting part of a larger site, access to which is restricted and controlled by a separate access control system; and (ii) use biometrics as a second authentication factor to a token or proximity card. This document does not consider access by the general public, e.g. passengers in an airport, or visitors to a hospital. Products that meet the requirements of this document will comprise (i) a biometric sensor(s) external to the secured area, which reads the biometric characteristics of the user at the point of access; and (ii) a biometric server system performing biometric enrolment, signal processing, storage of biometric references and biometric comparison within a secured area. This document does not address AACS or AACS portals (turnstiles) but is only concerned with the biometric components which integrate with the AACS. Other standards address requirements and testing of the non-biometric parts of the AACS.