ISO/IEC 19792:2009
Current
The latest, up-to-date edition.
Information technology Security techniques Security evaluation of biometrics
Hardcopy , PDF , PDF 3 Users , PDF 5 Users , PDF 9 Users
English
30-07-2009
ISO/IEC 19792:2009 specifies the subjects to be addressed during a security evaluation of a biometric system.
It covers the biometric-specific aspects and principles to be considered during the security evaluation of a biometric system. It does not address the non-biometric aspects which might form part of the overall security evaluation of a system using biometric technology (e.g. requirements on databases or communication channels).
ISO/IEC 19792:2009 does not aim to define any concrete methodology for the security evaluation of biometric systems but instead focuses on the principal requirements. As such, the requirements in ISO/IEC 19792:2009 are independent of any evaluation or certification scheme and will need to be incorporated into and adapted before being used in the context of a concrete scheme.
ISO/IEC 19792:2009 defines various areas that are important to be considered during a security evaluation of a biometric system.
ISO/IEC 19792:2009 is relevant to both evaluator and developer communities.
- It specifies requirements for evaluators and provides guidance on performing a security evaluation of a biometric system.
- It serves to inform developers of the requirements for biometric security evaluations to help them prepare for security evaluations.
Although ISO/IEC 19792:2009 is independent of any specific evaluation scheme it could serve as a framework for the development of concrete evaluation and testing methodologies to integrate the requirements for biometric evaluations into existing evaluation and certification schemes.
DocumentType |
Standard
|
Pages |
37
|
PublisherName |
International Organization for Standardization
|
Status |
Current
|
Standards | Relationship |
IS/ISO/IEC 19792 : 2009 | Identical |
INCITS/ISO/IEC 19792 : 2012 | Identical |
NEN ISO/IEC 19792 : 2009 | Identical |
BS ISO/IEC 19792:2009 | Identical |
INCITS/ISO/IEC 19792:2009(R2022) | Identical |
18/30361485 DC : 0 | BS ISO/IEC 19896-3 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - COMPETENCE REQUIREMENTS FOR INFORMATION SECURITY TESTERS AND EVALUATORS - PART 3: KNOWLEDGE, SKILLS AND EFFECTIVENESS REQUIREMENTS FOR ISO/IEC 15408 EVALUATORS |
BS ISO/IEC 30107-3:2017 | Information technology. Biometric presentation attack detection Testing and reporting |
BS ISO/IEC 17922:2017 | Information technology. Security techniques. Telebiometric authentication framework using biometric hardware security module |
17/30331331 DC : DRAFT MAY 2017 | BS ISO/IEC 30136 - INFORMATION TECHNOLOGY - PERFORMANCE TESTING OF BIOMETRIC TEMPLATE PROTECTION SCHEMES |
INCITS/ISO/IEC 29115 : 2014 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ENTITY AUTHENTICATION ASSURANCE FRAMEWORK |
ISO/IEC 30107-3:2017 | Information technology — Biometric presentation attack detection — Part 3: Testing and reporting |
BS ISO/IEC 24761:2009 | Information technology. Security techniques. Authentication context for biometrics |
BS ISO/IEC 29115:2013 | Information technology. Security techniques. Entity authentication assurance framework |
BS ISO/IEC 24745:2011 | Information technology. Security techniques. Biometric information protection |
16/30266969 DC : 0 | BS ISO/IEC 17922 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - TELEBIOMETRIC AUTHENTICATION FRAMEWORK USING BIOMETRIC HARDWARE SECURITY MODULE |
BS ISO/IEC 30136:2018 | Information technology. Performance testing of biometric template protection schemes |
10/30136309 DC : 0 | BS ISO/IEC 24745 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - BIOMETRIC INFORMATION PROTECTION |
15/30255471 DC : 0 | BS ISO/IEC 30107-1 - INFORMATION TECHNOLOGY - BIOMETRICS PRESENTATION ATTACK - PART 1: FRAMEWORK |
12/30168696 DC : 0 | BS ISO/IEC 29115 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ENTITY AUTHENTICATION ASSURANCE FRAMEWORK |
ISO/IEC 30136:2018 | Information technology — Performance testing of biometric template protection schemes |
ISO/IEC 24761:2009 | Information technology Security techniques Authentication context for biometrics |
07/30143287 DC : 0 | BS ISO/IEC 24761 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - AUTHENTICATION CONTEXT FOR BIOMETRICS |
INCITS/ISO/IEC 24761 : 2009(R2014) | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - AUTHENTICATION CONTEXT FOR BIOMETRICS |
ISO/IEC 29115:2013 | Information technology — Security techniques — Entity authentication assurance framework |
16/30329605 DC : 0 | BS ISO/IEC 30107-3 - INFORMATION TECHNOLOGY - BIOMETRIC PRESENTATION ATTACK DETECTION - PART 3: TESTING AND REPORTING |
INCITS/ISO/IEC 24745 : 2012(R2017) | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - BIOMETRIC INFORMATION PROTECTION |
ISO/IEC 17922:2017 | Information technology — Security techniques — Telebiometric authentication framework using biometric hardware security module |
ISO/IEC TR 30117:2014 | Information technology Guide to on-card biometric comparison standards and applications |
ISO/IEC 24745:2011 | Information technology Security techniques Biometric information protection |
ISO/IEC 24713-1:2008 | Information technology Biometric profiles for interoperability and data interchange Part 1: Overview of biometric systems and biometric profiles |
ISO/IEC 15408-2:2008 | Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components |
ISO/IEC 15408-3:2008 | Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components |
ISO/IEC 19795-1:2006 | Information technology Biometric performance testing and reporting Part 1: Principles and framework |
ISO/IEC 15408-1:2009 | Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general model |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.