UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

ISO/IEC 19989-1

Information security — Criteria and methodology for security evaluation of biometric systems — Part 1: Framework

active, Most Current
Buy Now
Organization: ISO
Publication Date: 1 September 2020
Status: active
Page Count: 72
ICS Code (IT Security): 35.030
scope:

For security evaluation of biometric recognition performance and presentation attack detection for biometric verification systems and biometric identification systemsthis document specifies:

- extended security functional components to SFR Classes in ISO/IEC 15408-2;

- supplementary activities to methodology specified in ISO/IEC 18045 for SAR Classes of ISO/IEC 15408-3.

This document introduces the general framework for the security evaluation of biometric systems, including extended security functional components, and supplementary activities to methodology, which is additional evaluation activities and guidance/recommendations for an evaluator to handle those activities. The supplementary evaluation activities are developed in this document while the detailed recommendations are developed in ISO/IEC 19989-2 (for biometric recognition aspects) and in ISO/IEC 19989-3 (for presentation attack detection aspects). This document is applicable only to TOEs for single biometric characteristic type. However, the selection of a characteristic from multiple characteristics in SFRs is allowed.

Document History

ISO/IEC 19989-1
September 1, 2020
Information security — Criteria and methodology for security evaluation of biometric systems — Part 1: Framework
For security evaluation of biometric recognition performance and presentation attack detection for biometric verification systems and biometric identification systemsthis document specifies: —...

References

This document references:
ISO/IEC 15408-1 - Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 1: Introduction and general model
Published by ISO on August 1, 2022
This document establishes the general concepts and principles of IT security evaluation and specifies the general model of evaluation given by various parts of the standard which in its entirety is...
This document references:
ISO/IEC 15408-2 - Information technology - Security techniques - Evaluation criteria for IT security - Part 2: Security functional components
Published by ISO on August 15, 2008
This part of ISO/IEC 15408 defines the required structure and content of security functional components for the purpose of security evaluation. It includes a catalogue of functional components that...
This document references:
ISO/IEC 15408-3 - Information technology - Security techniques - Evaluation criteria for IT security - Part 3: Security assurance components
Published by ISO on August 15, 2008
This part of ISO/IEC 15408 defines the assurance requirements of ISO/IEC 15408. It includes the evaluation assurance levels (EALs) that define a scale for measuring assurance for component TOEs, the...
This document references:
ISO/IEC 18045 - Information technology - Security techniques - Methodology for IT security evaluation
Published by ISO on August 15, 2008
A description is not available for this item.
This document references:
ISO/IEC 19792 - Information technology - Security techniques - Security evaluation of biometrics
Published by ISO on August 1, 2009
This International Standard specifies the subjects to be addressed during a security evaluation of a biometric system. It covers the biometric-specific aspects and principles to be considered during...
This document is referenced by:
ISO/IEC 19989-2 - Information security — Criteria and methodology for security evaluation of biometric systems — Part 2: Biometric recognition performance
Published by ISO on October 1, 2020
For security evaluation of biometric verification systems and biometric identification systems, this document is dedicated to the security evaluation of biometric recognition performance applying the...
This document is referenced by:
BS ISO/IEC 19989-3 - Information security — Criteria and methodology for security evaluation of biometric systems Part 3: Presentation attack detection
Published by BSI on September 30, 2020
A description is not available for this item.
This document is referenced by:
ITU-T X.1279 - Framework of enhanced authentication using telebiometrics with anti-spoofing detection mechanisms
Published by ITU-T on September 1, 2020
This Recommendation provides an architectural framework of enhanced authentication using telebiometrics with the capabilities of anti-spoofing detection. This Recommendation analyses threats to...
This document is referenced by:
BS PD CEN/TS 17261 - Biometric authentication for critical infrastructure access control - Requirements and Evaluation
Published by BSI on December 31, 2018
A description is not available for this item.
This document is referenced by:
BS ISO/IEC 19989-2 - Information security - Criteria and methodology for security evaluation of biometric systems Part 2: Biometric recognition performance
Published by BSI on October 31, 2020
A description is not available for this item.
View Less
View All
Advertisement