PD ISO/IEC TR 29156:2015
Current
The latest, up-to-date edition.
Information technology. Guidance for specifying performance requirements to meet security and usability needs in applications using biometrics
Hardcopy , PDF
English
31-01-2016
Committee |
IST/44
|
DocumentType |
Standard
|
Pages |
50
|
PublisherName |
British Standards Institution
|
Status |
Current
|
This Technical Report provides guidance on specifying performance requirements for authentication using biometric recognition in order to achieve desired levels of security and usability for the authentication mechanism.
Guidance addresses issues such as the following:
-
the biometric performance metrics that impact security and usability;
-
comparing and quantifying the security and usability of biometrics and other authentication mechanisms, when used alone or in combination;
-
how to combine performance of individual authentication elements in order to meet an overall security and usability requirement;
-
the trade-off between security and usability in applications using biometric recognition;
-
considerations in maintaining security and usability in systems incorporating biometrics.
The guidance is targeted towards applications that
-
use biometrics for the authentication of individuals, and
-
are of small to medium size (in terms of the number of enrolled individuals).
The guidance does not address the following:
-
surveillance systems;
-
systems whose primary aim is to detect and prevent attempts by individuals to create multiple enrolments under different identities;
-
systems with a large and diverse population of enrolees, which can include people with special needs;
-
other systems with a complex mix of functional, security and usability requirements.
Such large-scale applications are typically the domain of large organizations, and it is assumed that the developers of such systems will have access to appropriate biometric expertise able to provide guidance beyond the scope of this Technical Report.
This Technical Report does not address biometric modality and technology specific issues, nor does it provide quantitative biometric performance requirements that would satisfy a particular application.
Standards | Relationship |
ISO/IEC TR 29156:2015 | Identical |
ISO 9241-171:2008 | Ergonomics of human-system interaction — Part 171: Guidance on software accessibility |
ISO 9241-210:2010 | Ergonomics of human-system interaction Part 210: Human-centred design for interactive systems |
ISO/IEC TR 29196:2015 | Guidance for biometric enrolment |
ISO/IEC 29115:2013 | Information technology — Security techniques — Entity authentication assurance framework |
ISO/TS 16071:2003 | Ergonomics of human-system interaction Guidance on accessibility for human-computer interfaces |
ISO/IEC 2382-37:2017 | Information technology Vocabulary Part 37: Biometrics |
ISO/IEC 30107-3:2017 | Information technology — Biometric presentation attack detection — Part 3: Testing and reporting |
ISO/IEC TR 24714-1:2008 | Information technology — Biometrics — Jurisdictional and societal considerations for commercial applications — Part 1: General guidance |
ISO/IEC 2382:2015 | Information technology — Vocabulary |
ISO 13407:1999 | Human-centred design processes for interactive systems |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.