ISO IEC 24745:2011 pdfダウンロード

ISO IEC 24745:2011 pdfダウンロード。Information technology — Security techniques — Biometric information protection
Scope
This lnternational Standard provides guidance for the protection of biometric information under variousrequirements for confidentiality, integrity and renewability/revocability during storage and transfer. Additionally,this International Standard provides requirements and guidelines for the secure and privacy-compliantmanagement and processing of biometric information.
This Intemational Standard specifies the following:
analysis of the threats to and countermeasures inherent in a biometric and biometric system applicationmodels;
security requirements for securely binding between a biometric reference and an identity reference;
biometric system application models with different scenarios for the storage and comparison of biometricreferences;and
guidance on the protection of an individual’s privacy during the processing of biometric information.
This international Standard does not include general management issues related to physical security,environmental security and key management for cryptographic techniques.
2 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
2.1
authentication
process of establishing an understood level of confidence that a specific entity or claimed identity is genuine
NOTE 1Authentication includes the process of ascertaining an understood level of confidence of the truth of a claimedidentity before the entity can be registered and recognized in a domain.
NOTE 2 Although this definition i generic, its use within this International Standard is limited to the biometricauthentication of human subjects.
[IS 19092:2008]
2,2
auxiliary data
AD
subject-dependent data that is part of a renewable biometric reference and may be required to reconstructpseudonymous identifiers during verification, or for verification in general
NOTE 1 if auxiliary data is part of a renewable biometric reference, t is not necessarily stored in the same place as thecorresponding pseudonymous identifiers.
NOTE 2 Auxiliary data may contain data elements for diversification (i.e. diversification data).
NOTE 3 Auxiliary data is not the element for comparison during biometric reference verification.
NOTE 4 Auxiliary data are generated by the biometric system during enrolment.
EXAMPLE Secret number encrypted by a key derived from a biometric sample using a helper data approach, fuzzy commitment scheme, or fuzzy vault. See Annex D, Table D.1 for concrete examples of PI and AD.
2.3
biometric characteristic
physiological or behavioural characteristic of an individual that can be detected and from which distinguishing, repeatable biometric features can be extracted for the purpose of automated recognition of individuals
[ISO/IEC JTC 1/SC 37 SD2 (v.11)]
2.4
biometric data
biometric sample, biometric feature, biometric model, biometric property, other description data for the original biometric characteristics, or aggregation of above data
[ISO/IEC JTC 1/SC 37 SD2 (v.11)]
2.5
biometric data subject
subject
individual whose biometric reference is within the biometric system
2.6
biometric feature
numbers or labels extracted from biometric samples and used for comparison