ImageVerifierCode 换一换
格式:PDF , 页数:24 ,大小:1,022KB ,
资源ID:398691      下载积分:5000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-398691.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(BS PD ISO IEC TR 29144-2014 Information technology Biometrics The use of biometric technology in commercial Identity Management applications and processes《信息技术 生物统计学 生物统计技术在商业身份管理应用程序和过程中的使.pdf)为本站会员(刘芸)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

BS PD ISO IEC TR 29144-2014 Information technology Biometrics The use of biometric technology in commercial Identity Management applications and processes《信息技术 生物统计学 生物统计技术在商业身份管理应用程序和过程中的使.pdf

1、BSI Standards Publication PD ISO/IEC TR 29144:2014 Information technology Biometrics The use of biometric technology in commercial Identity Management applications and processesPD ISO/IEC TR 29144:2014 PUBLISHED DOCUMENT National foreword This Published Document is the UK implementation of ISO/IEC T

2、R 29144:2014. The UK participation in its preparation was entrusted to Technical Committee IST/44, Biometrics. A list of organizations represented on this committee can be obtained on request to its secretary. This publication does not purport to include all the necessary provisions of a contract. U

3、sers are responsible for its correct application. The British Standards Institution 2014. Published by BSI Standards Limited 2014 ISBN 978 0 580 68453 1 ICS 35.040 Compliance with a British Standard cannot confer immunity from legal obligations. This Published Document was published under the author

4、ity of the Standards Policy and Strategy Committee on 31 July 2014. Amendments issued since publication Date Text affectedPD ISO/IEC TR 29144:2014 ISO/IEC 2014 Information technology Biometrics The use of biometric technology in commercial Identity Management applications and processes Technologies

5、de linformation Biomtrique Utilisation de la technologie biomtrique dans les processus et les applications de gestion de lidentit dans le commerce TECHNICAL REPORT ISO/IEC TR 29144 First edition 2014-07-01 Reference number ISO/IEC TR 29144:2014(E)PD ISO/IEC TR 29144:2014ISO/IEC TR 29144:2014(E)ii IS

6、O/IEC 2014 All rights reserved COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2014 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on the internet or a

7、n intranet, without prior written permission. Permission can be requested from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.

8、org Published in SwitzerlandPD ISO/IEC TR 29144:2014ISO/IEC TR 29144:2014(E) ISO/IEC 2014 All rights reserved iii Contents Page Foreword iv Introduction v 1 Scope . 1 1.1 In scope 1 1.2 Exclusions 1 2 Normative references 1 3 T erms and definitions . 1 4 Symbols and abbreviated terms . 2 5 Biometric

9、s and Identity Management Systems 2 5.1 General . 2 5.2 Biometrics and identity . 2 5.3 Identity and biometric identification 2 5.4 Biometric identifiers 3 5.5 Human role in biometrics 4 5.6 Assuring the integrity of the database 4 6 Biometric considerations in Identity Management Systems 4 6.1 Gene

10、ral . 4 6.2 Capturing and recording biometric characteristics 4 6.3 Adhesion of biometric characteristics 5 6.4 Changes to name, alias and identification data . 7 6.5 Changes of condition 7 6.6 Biometric spoofing 7 6.7 Legitimate use of another identity . 7 6.8 Other exceptions 8 6.9 Other issues of

11、 importance 8 7 Implementation issues . 8 7.1 General . 8 7.2 Aggregation of databases . 8 7.3 Strengthening of token and knowledge based identity systems 9 7.4 Restrictions to accessing data 9 7.5 Privacy 9 7.6 Mechanisms for preventing abuse of systems 11 7.7 Multinational commercial organizations

12、 11 Bibliography .12PD ISO/IEC TR 29144:2014ISO/IEC TR 29144:2014(E) Foreword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC par

13、ticipate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmen

14、tal and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. The procedures used to develop this document and those intended for its further maintenance are describe

15、d in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the different types of document should be noted. This document was drafted in accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives). Attention is drawn to the po

16、ssibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. Details of any patent rights identified during the development of the document will be in the Introduction and/or on the

17、ISO list of patent declarations received (see www.iso.org/patents). Any trade name used in this document is information given for the convenience of users and does not constitute an endorsement. For an explanation on the meaning of ISO specific terms and expressions related to conformity assessment,

18、 as well as information about ISOs adherence to the WTO principles in the Technical Barriers to Trade (TBT) see the following URL: Foreword - Supplementary information The committee responsible for this document is ISO/IEC JTC 1, Information technology, Subcommittee SC 37, Biometrics.iv ISO/IEC 2014

19、 All rights reservedPD ISO/IEC TR 29144:2014ISO/IEC TR 29144:2014(E) Introduction This Technical Report provides support for the further development of ISO/IEC biometric standards in the context of cross-jurisdictional and societal applications of biometrics, including standardization of both existi

20、ng and future technologies. The contents of this Technical Report are recommended practices and guidelines and they are not mandatory. Legal requirements of the respective countries take precedence and biometric data should be obtained in accordance with local norms of behaviour. This Technical Repo

21、rt does not reduce any rights or obligations provided by applicable laws. Compliance with any recommendations in the Technical Report does not, in itself, confer immunity from legal obligations. Examples of the benefits to be gained by following the recommendations and guidelines in this Technical R

22、eport are enhanced acceptance by subjects of systems using biometric technology, improved public perception and understanding of these systems, smoother introduction and operation of these systems, potential long-term cost reduction (whole life costs), adoption of commonly approved good privacy prac

23、tice, interoperability both domestically and internationally, and implemented solutions having a greater degree of vendor independence. The primary stakeholders are identified as users those who use the results of the biometric data, developers of technical standards, subjects those who provide the

24、biometric sample, writers of system specifications, system architects, and IT designers, and public policy makers. ISO/IEC 2014 All rights reserved vPD ISO/IEC TR 29144:2014PD ISO/IEC TR 29144:2014Information technology Biometrics The use of biometric technology in commercial Identity Management app

25、lications and processes 1 Scope 1.1 In scope This Technical Report will discuss concepts and considerations for the use of biometrics in a commercial Identity Management Solutions, items that need to be considered when integrating biometrics into a commercial Identity Management Solutions, and imple

26、mentation Issues when implementing biometrics into commercial Identity Management Solutions. 1.2 Exclusions This Technical Report will not define an architecture and framework for IDM, discuss any specification or assessment of government policy, discuss the business need for a biometric database or

27、 process, discuss the specific biometrics and which ones are to be used in particular systems, consider the legality and acceptability in particular jurisdictions and cultures, analyse the general structure of identifiers and the global identification of objects (e.g. object identifiers), and discus

28、s technical specifications in relation to the use of trusted biometric hardware and software. 2 Normative references The following documents, in whole or in part, are normatively referenced in this document and are indispensable for its application. For dated references, only the edition cited appli

29、es. For undated references, the latest edition of the referenced document (including any amendments) applies. ISO/IEC 2382-37:2012, Information technology Vocabulary Part 37: Biometrics 3 T erms a nd definiti ons For the purposes of this document, the terms and definitions given in ISO/IEC 2382-37:2

30、012 apply. TECHNICAL REPORT ISO/IEC TR 29144:2014(E) ISO/IEC 2014 All rights reserved 1PD ISO/IEC TR 29144:2014ISO/IEC TR 29144:2014(E) 4 Symbols and abbreviated terms For the purposes of this document, the following abbreviated terms apply. DoB Date of Birth IDM Identity Management IDMS Identity Ma

31、nagement System PIN Personal Identification Number TR Technical Report 5 Biometrics and Identity Management Systems 5.1 General This Technical Report introduces concepts and considerations for the use of biometrics in a commercial IDMS. It is not the intention of this Technical Report to outline how

32、 an IDMS works but only to provide guidance for the use of biometrics. Multipart standard ISO/IEC 24760-1:2011 describes concepts in a suggested IDM framework and this Technical Report will complement the International Standard 5.2 Biometrics and identity A biometric capture subject, such as a human

33、 being, can be described by many different attributes and different sets of these attributes can form different identities. The identity of a human can be characterized uniquely in a biometric system. The term “identifier” is used to refer to one or more attributes in an identity that express unique

34、ness. This aspect of uniqueness is widely understood as the essence of identity. In the context of IDM, uniqueness is just one of the many aspects to be considered. While an identity can be unique in one system, the individual can still have unique but different identity in one or more other biometr

35、ic systems. The set of attributes used as an identifier should always be sufficient to distinguish the biometric capture subject from any other biometric capture subject within a particular system. ISO/IEC 24760 describes a range of identities that a biometric capture subject can have in various cir

36、cumstances. These include biological identities such as biometrics. If a given biometric identifier is shared with multiple systems, it is possible to match data in different (or separate) biometric systems about the same identity. When a biometric is introduced into an IDMS, it can only confirm wit

37、h a level of confidence whether the biometric capture subject is or is not the same person who enrolled the biometric previously. In this sense, it is quite misleading to state that a biometric confirms an identity as it can only confirm that the biometric capture subject is the person previously as

38、sociated with a set of data. 5.3 Identity and biome tric identification Biometric identification is the process of comparing a biometric sample to an enrolled biometric database and returning a list of records from the database (typically ordered by the probability that the person who enrolled the r

39、ecord is the same person who has provided the sample). The matching probability 2 ISO/IEC 2014 All rights reservedPD ISO/IEC TR 29144:2014ISO/IEC TR 29144:2014(E) thresholds, comparison process and the business rules for the system will determine whether the sample is a match of an existing enrolled

40、 sample. This process will enable Identification of a biometric capture subject whose biometric(s) have already been registered in the biometric database (one-to-many or identification). This does not require any biographic information, Confirmation of an identity when an individual provides a claim

41、 of identity (e.g. a passport) is compared to a biometric reference sample (one-to-one or verification.), and Comparison of a biometric capture subject with a list of biometric reference samples selected using a list of identification references provided by the system where the biometric capture sub

42、ject sample is compared with each reference sample in turn (watch list matching). Before implementing biometrics into an IDMS, it is essential to determine the required identification process along with the associated levels of identity assurance. Identity should be defined according to the identifi

43、cation requirements. Consideration should be given to the following which is not exhaustive: a) The identity reference that the biometric capture subject will use; b) Whether the reliance on evidence of identity is dependent upon the level of activity or access granted, and whether the evidence is b

44、ased on recent or old activity; c) Identification documents and tokens can be appropriated by others or used with the owners permission, for example a membership card or discount card; d) Naming information can change with marriage or in witness protection schemes; e) Biometric data of the biometric

45、 capture subject can change over time; f) Biometric capture subject cannot provide a particular biometric if the biometric is missing or damaged due to injury or disease; g) Behavioural biometric data can vary with each attempt. The risk management approach, in conjunction with appropriate policies

46、and procedures, could provide an acceptable level of assurance when using a biometric identification system. 5.4 Biometric identifie rs A wide range of identifiers can be used in a biometric system. The suitability of an identifier has to be assessed to ensure that it will meet the needs of all the

47、system users and deliver a workable solution. There are a number of key discriminators to consider when choosing a particular biometric modality. These can include the following: Stability: A biometric should preserve enough features to ensure that any changes will have minimal impact on the systems

48、 ability to identify a candidate correctly; Usability: The convenience and ease of use of a biometric is a key driver in the adoption and acceptance of a biometric system. Where possible, sensors should be situated so that all people can use them effectively. The system should respond in a timely fa

49、shion and should be easy to manage and maintain; NOTE Further guidance on usability/privacy is given in ISO/IEC TR 24714-1:2008. Privacy: With increasing scrutiny and public awareness of biometric systems, the privacy of identities stored within a biometric system should be of the utmost importance. There should be limits to the collection of personal data and any such data should be obtained by lawful and fair means and, where appropriate, with the knowledge or consent o

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1