ImageVerifierCode 换一换
格式:PDF , 页数:24 ,大小:975.96KB ,
资源ID:589011      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-589011.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(BS PD ISO IEC TR 29144-2014 Information technology Biometrics The use of biometric technology in commercial Identity Management applications and processes《信息技术 生物统计学 生物统计技术在商业身份管理应.pdf)为本站会员(jobexamine331)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

BS PD ISO IEC TR 29144-2014 Information technology Biometrics The use of biometric technology in commercial Identity Management applications and processes《信息技术 生物统计学 生物统计技术在商业身份管理应.pdf

1、BSI Standards PublicationPD ISO/IEC TR 29144:2014Information technology Biometrics The useof biometric technologyin commercial IdentityManagement applications andprocessesPD ISO/IEC TR 29144:2014 PUBLISHED DOCUMENTNational forewordThis Published Document is the UK implementation of ISO/IEC TR29144:2

2、014.The UK participation in its preparation was entrusted to TechnicalCommittee IST/44, Biometrics.A list of organizations represented on this committee can beobtained on request to its secretary.This publication does not purport to include all the necessaryprovisions of a contract. Users are respon

3、sible for its correctapplication. The British Standards Institution 2014. Published by BSI StandardsLimited 2014ISBN 978 0 580 68453 1ICS 35.040Compliance with a British Standard cannot confer immunity fromlegal obligations.This Published Document was published under the authority of theStandards Po

4、licy and Strategy Committee on 31 July 2014.Amendments issued since publicationDate Text affectedPD ISO/IEC TR 29144:2014 ISO/IEC 2014Information technology Biometrics The use of biometric technology in commercial Identity Management applications and processesTechnologies de linformation Biomtrique

5、Utilisation de la technologie biomtrique dans les processus et les applications de gestion de lidentit dans le commerceTECHNICAL REPORTISO/IECTR29144First edition2014-07-01Reference numberISO/IEC TR 29144:2014(E)PD ISO/IEC TR 29144:2014ISO/IEC TR 29144:2014(E)ii ISO/IEC 2014 All rights reservedCOPYR

6、IGHT PROTECTED DOCUMENT ISO/IEC 2014All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written per

7、mission. Permission can be requested from either ISO at the address below or ISOs member body in the country of the requester.ISO copyright officeCase postale 56 CH-1211 Geneva 20Tel. + 41 22 749 01 11Fax + 41 22 749 09 47E-mail copyrightiso.orgWeb www.iso.orgPublished in SwitzerlandPD ISO/IEC TR 29

8、144:2014ISO/IEC TR 29144:2014(E) ISO/IEC 2014 All rights reserved iiiContents PageForeword ivIntroduction v1 Scope . 11.1 In scope 11.2 Exclusions 12 Normative references 13 Terms and definitions . 14 Symbols and abbreviated terms . 25 Biometrics and Identity Management Systems 25.1 General . 25.2 B

9、iometrics and identity . 25.3 Identity and biometric identification 25.4 Biometric identifiers 35.5 Human role in biometrics 45.6 Assuring the integrity of the database 46 Biometric considerations in Identity Management Systems 46.1 General . 46.2 Capturing and recording biometric characteristics 46

10、.3 Adhesion of biometric characteristics 56.4 Changes to name, alias and identification data . 76.5 Changes of condition 76.6 Biometric spoofing 76.7 Legitimate use of another identity . 76.8 Other exceptions 86.9 Other issues of importance 87 Implementation issues . 87.1 General . 87.2 Aggregation

11、of databases . 87.3 Strengthening of token and knowledge based identity systems 97.4 Restrictions to accessing data 97.5 Privacy 97.6 Mechanisms for preventing abuse of systems 117.7 Multinational commercial organizations 11Bibliography .12PD ISO/IEC TR 29144:2014ISO/IEC TR 29144:2014(E)ForewordISO

12、(the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committee

13、s established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work.

14、 In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.The procedures used to develop this document and those intended for its further maintenance are described in the ISO/IEC Directives, Part 1. In particular the different approval criteria

15、needed for the different types of document should be noted. This document was drafted in accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives). Attention is drawn to the possibility that some of the elements of this document may be the subject of patent r

16、ights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. Details of any patent rights identified during the development of the document will be in the Introduction and/or on the ISO list of patent declarations received (see www.iso.org/patents). Any trade name

17、used in this document is information given for the convenience of users and does not constitute an endorsement.For an explanation on the meaning of ISO specific terms and expressions related to conformity assessment, as well as information about ISOs adherence to the WTO principles in the Technical

18、Barriers to Trade (TBT) see the following URL: Foreword - Supplementary informationThe committee responsible for this document is ISO/IEC JTC 1, Information technology, Subcommittee SC 37, Biometrics.iv ISO/IEC 2014 All rights reservedPD ISO/IEC TR 29144:2014ISO/IEC TR 29144:2014(E)IntroductionThis

19、Technical Report provides support for the further development of ISO/IEC biometric standards in the context of cross-jurisdictional and societal applications of biometrics, including standardization of both existing and future technologies.The contents of this Technical Report are recommended practi

20、ces and guidelines and they are not mandatory. Legal requirements of the respective countries take precedence and biometric data should be obtained in accordance with local norms of behaviour. This Technical Report does not reduce any rights or obligations provided by applicable laws. Compliance wit

21、h any recommendations in the Technical Report does not, in itself, confer immunity from legal obligations.Examples of the benefits to be gained by following the recommendations and guidelines in this Technical Report are enhanced acceptance by subjects of systems using biometric technology, improved

22、 public perception and understanding of these systems, smoother introduction and operation of these systems, potential long-term cost reduction (whole life costs), adoption of commonly approved good privacy practice, interoperability both domestically and internationally, and implemented solutions h

23、aving a greater degree of vendor independence.The primary stakeholders are identified as users those who use the results of the biometric data, developers of technical standards, subjects those who provide the biometric sample, writers of system specifications, system architects, and IT designers, a

24、nd public policy makers. ISO/IEC 2014 All rights reserved vPD ISO/IEC TR 29144:2014PD ISO/IEC TR 29144:2014Information technology Biometrics The use of biometric technology in commercial Identity Management applications and processes1 Scope1.1 In scopeThis Technical Report will discuss concepts and

25、considerations for the use of biometrics in a commercial Identity Management Solutions, items that need to be considered when integrating biometrics into a commercial Identity Management Solutions, and implementation Issues when implementing biometrics into commercial Identity Management Solutions.1

26、.2 ExclusionsThis Technical Report will not define an architecture and framework for IDM, discuss any specification or assessment of government policy, discuss the business need for a biometric database or process, discuss the specific biometrics and which ones are to be used in particular systems,

27、consider the legality and acceptability in particular jurisdictions and cultures, analyse the general structure of identifiers and the global identification of objects (e.g. object identifiers), and discuss technical specifications in relation to the use of trusted biometric hardware and software.2

28、Normative referencesThe following documents, in whole or in part, are normatively referenced in this document and are indispensable for its application. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendmen

29、ts) applies.ISO/IEC 2382-37:2012, Information technology Vocabulary Part 37: Biometrics3 Terms and definitionsFor the purposes of this document, the terms and definitions given in ISO/IEC 2382-37:2012 apply.TECHNICAL REPORT ISO/IEC TR 29144:2014(E) ISO/IEC 2014 All rights reserved 1PD ISO/IEC TR 291

30、44:2014ISO/IEC TR 29144:2014(E)4 Symbols and abbreviated termsFor the purposes of this document, the following abbreviated terms apply.DoB Date of BirthIDM Identity ManagementIDMS Identity Management SystemPIN Personal Identification NumberTR Technical Report5 Biometrics and Identity Management Syst

31、ems5.1 GeneralThis Technical Report introduces concepts and considerations for the use of biometrics in a commercial IDMS.It is not the intention of this Technical Report to outline how an IDMS works but only to provide guidance for the use of biometrics. Multipart standard ISO/IEC 24760-1:2011 desc

32、ribes concepts in a suggested IDM framework and this Technical Report will complement the International Standard5.2 Biometrics and identityA biometric capture subject, such as a human being, can be described by many different attributes and different sets of these attributes can form different ident

33、ities.The identity of a human can be characterized uniquely in a biometric system. The term “identifier” is used to refer to one or more attributes in an identity that express uniqueness. This aspect of uniqueness is widely understood as the essence of identity. In the context of IDM, uniqueness is

34、just one of the many aspects to be considered.While an identity can be unique in one system, the individual can still have unique but different identity in one or more other biometric systems. The set of attributes used as an identifier should always be sufficient to distinguish the biometric captur

35、e subject from any other biometric capture subject within a particular system.ISO/IEC 24760 describes a range of identities that a biometric capture subject can have in various circumstances. These include biological identities such as biometrics. If a given biometric identifier is shared with multi

36、ple systems, it is possible to match data in different (or separate) biometric systems about the same identity.When a biometric is introduced into an IDMS, it can only confirm with a level of confidence whether the biometric capture subject is or is not the same person who enrolled the biometric pre

37、viously. In this sense, it is quite misleading to state that a biometric confirms an identity as it can only confirm that the biometric capture subject is the person previously associated with a set of data.5.3 Identity and biometric identificationBiometric identification is the process of comparing

38、 a biometric sample to an enrolled biometric database and returning a list of records from the database (typically ordered by the probability that the person who enrolled the record is the same person who has provided the sample). The matching probability 2 ISO/IEC 2014 All rights reservedPD ISO/IEC

39、 TR 29144:2014ISO/IEC TR 29144:2014(E)thresholds, comparison process and the business rules for the system will determine whether the sample is a match of an existing enrolled sample. This process will enable Identification of a biometric capture subject whose biometric(s) have already been register

40、ed in the biometric database (one-to-many or identification). This does not require any biographic information, Confirmation of an identity when an individual provides a claim of identity (e.g. a passport) is compared to a biometric reference sample (one-to-one or verification.), and Comparison of a

41、 biometric capture subject with a list of biometric reference samples selected using a list of identification references provided by the system where the biometric capture subject sample is compared with each reference sample in turn (watch list matching).Before implementing biometrics into an IDMS,

42、 it is essential to determine the required identification process along with the associated levels of identity assurance. Identity should be defined according to the identification requirements. Consideration should be given to the following which is not exhaustive:a) The identity reference that the

43、 biometric capture subject will use;b) Whether the reliance on evidence of identity is dependent upon the level of activity or access granted, and whether the evidence is based on recent or old activity;c) Identification documents and tokens can be appropriated by others or used with the owners perm

44、ission, for example a membership card or discount card;d) Naming information can change with marriage or in witness protection schemes;e) Biometric data of the biometric capture subject can change over time;f) Biometric capture subject cannot provide a particular biometric if the biometric is missin

45、g or damaged due to injury or disease;g) Behavioural biometric data can vary with each attempt.The risk management approach, in conjunction with appropriate policies and procedures, could provide an acceptable level of assurance when using a biometric identification system.5.4 Biometric identifiersA

46、 wide range of identifiers can be used in a biometric system. The suitability of an identifier has to be assessed to ensure that it will meet the needs of all the system users and deliver a workable solution.There are a number of key discriminators to consider when choosing a particular biometric mo

47、dality. These can include the following: Stability: A biometric should preserve enough features to ensure that any changes will have minimal impact on the systems ability to identify a candidate correctly; Usability: The convenience and ease of use of a biometric is a key driver in the adoption and

48、acceptance of a biometric system. Where possible, sensors should be situated so that all people can use them effectively. The system should respond in a timely fashion and should be easy to manage and maintain;NOTE Further guidance on usability/privacy is given in ISO/IEC TR 24714-1:2008. Privacy: W

49、ith increasing scrutiny and public awareness of biometric systems, the privacy of identities stored within a biometric system should be of the utmost importance. There should be limits to the collection of personal data and any such data should be obtained by lawful and fair means and, where appropriate, with the knowledge or consent of the biometric data subject;NOTE Further guidance is given in ISO/IEC TR 24714-1:2008 ISO/IEC 2014 All rights reserved 3PD ISO/IEC TR 29144:2014ISO/IEC TR 29144:2014(E)

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1