1、BSI Standards Publication BS ISO/IEC 29120-1:2015 Information technology Machine readable test data for biometric testing and reporting Part 1: Test reportsBS ISO/IEC 29120-1:2015 BRITISH STANDARD National foreword This British Standard is the UK implementation of ISO/IEC 29120-1:2015. The UK partic
2、ipation in its preparation was entrusted to Technical Committee IST/44, Biometrics. A list of organizations represented on this committee can be obtained on request to its secretary. This publication does not purport to include all the necessary provisions of a contract. Users are responsible for it
3、s correct application. The British Standards Institution 2015. Published by BSI Standards Limited 2015 ISBN 978 0 580 68460 9 ICS 35.040 Compliance with a British Standard cannot confer immunity from legal obligations. This British Standard was published under the authority of the Standards Policy a
4、nd Strategy Committee on 30 April 2015. Amendments/corrigenda issued since publication Date T e x t a f f e c t e dInformation technology Machine readable test data for biometric testing and reporting Part 1: Te s t r e p o r t s Technologies de linformation Donnes dessai lisibles par machine pour l
5、es rapports et les essais biomtriques Partie 1: Rapports dessai INTERNATIONAL STANDARD ISO/IEC 29120-1 Reference number ISO/IEC 29120-1:2015(E) First edition 2015-05-01 ISO/IEC 2015 BS ISO/IEC 29120-1:2015ii ISO/IEC 2015 All rights reserved COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2015 All rights reserv
6、ed. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written permission. Permission can be requested from either ISO
7、at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org Published in Switzerland ISO/IEC 29120-1:2015(E)BS ISO/IEC 29120-1:2015ISO/IEC 29120-1
8、:2015(E)Foreword iv Introduction v 1 Scope . 1 2 Conformance . 1 3 Normative references 1 4 T erms and definitions . 2 5 Symbols and abbreviated terms . 2 6 ASN.1 format . 2 6.1 Encoding rules . 2 6.2 ASN.1 object identifier for test report . 2 6.3 BiometricTestReport type . 2 6.4 Data types for tec
9、hnology tests 3 6.4.1 Overview . 3 6.4.2 Product information . 3 6.4.3 Information about test report 5 6.4.4 Test report under a specific condition 7 6.5 Data types for scenario tests 12 6.5.1 Overview 12 6.5.2 Test report under a specific condition .12 6.6 Data types for signed test reports .13 Ann
10、ex A (normative) ASN.1 module for machine readable biometric test reports 15 Annex B (informative) Common elements.22 Annex C (informative) Test reports .29 Bibliography .37 ISO/IEC 2015 All rights reserved iii Contents PageBS ISO/IEC 29120-1:2015ISO/IEC 29120-1:2015(E) Foreword ISO (the Internation
11、al Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by
12、 the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of
13、 information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. The procedures used to develop this document and those intended for its further maintenance are described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
14、different types of document should be noted. This document was drafted in accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives). Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and
15、IEC shall not be held responsible for identifying any or all such patent rights. Details of any patent rights identified during the development of the document will be in the Introduction and/or on the ISO list of patent declarations received (see www.iso.org/patents). Any trade name used in this do
16、cument is information given for the convenience of users and does not constitute an endorsement. For an explanation on the meaning of ISO specific terms and expressions related to conformity assessment, as well as information about ISOs adherence to the WTO principles in the Technical Barriers to Tr
17、ade (TBT), see the following URL: Foreword Supplementary information. The committee responsible for this document is ISO/IEC JTC 1, Information technology, SC 37, Biometrics. ISO/IEC 29120 consists of the following parts, under the general title Information technology Machine readable test data for
18、biometric testing and reporting: Part 1: Test reportsiv ISO/IEC 2015 All rights reservedBS ISO/IEC 29120-1:2015ISO/IEC 29120-1:2015(E) Introduction This International Standard will enhance the usability of biometric test data by providing them in a common and machine readable form. This Internationa
19、l Standard is intended to provide documentary evidence that a product has been tested, a statement of authenticity of the test report, an ability to maintain of registry of products, a clear mechanism for maintaining product availability and certification status, and an ability for a relying system
20、to depend on a biometric product used in a remote authentication context. This International Standard is not intended to replace traditional biometric test reports. Indeed, because such texts are essential to the complete documentation of a test, they are viewed as parents of the machine readable co
21、ntent defined in ISO/IEC 29120 and are explicitly referenced in these reports. Accordingly, the parts of this International Standard establish requirements for, and define formats for, signed test reports and biometric datasets as follows. This part of ISO/IEC 29120 establishes machine readable reco
22、rds for documenting the output of a biometric test. This supports the documentary reporting requirements of some parts of ISO/IEC 19795. This part of ISO/IEC 29120 is primarily intended to support scenario and technology tests. Additionally, interoperability tests can be documented by a collection o
23、f ISO/IEC 29120-1 test reports (one for each tested combination of components). The International Standard also includes mechanism to protect the integrity of the test report. This assures a receiving system that the test information (date, laboratory, accreditation body, manner of testing, conforma
24、nce, test size, accuracy) can be relied upon and used appropriately. As the parts of ISO/IEC 19795 have been developed and testing standards have been published, there is an increasing reliance on the correct conduct of tests and their documented outputs. Although the ISO/IEC 19795 standards include
25、 extensive disclosure and reporting requirements, they do not establish definitive data formats for those pieces of information. Other data concerning the commissioning, accreditation, and conduct of the test can also be valuable to consumers of the test reports. In addition, this International Stan
26、dard will benefit users of biometric tests via improved conformance to testing standards, reliability (via automation of relevant activities), and comparability of test results. ISO/IEC 2015 All rights reserved vBS ISO/IEC 29120-1:2015 ISO/IEC 29120-1:2015(E)BS ISO/IEC 29120-1:2015Information techno
27、logy Machine readable test data for biometric testing and reporting Part 1: Test reports 1 Scope This part of ISO/IEC 29120 establishes machine readable records for documenting the output of a biometric test, formats for data that ISO/IEC 19795 tests are required to report, and an ASN.1 syntax for t
28、est reports. This standard specifically does not require, prohibit, or otherwise specify, the format of biometric samples or templates used in a test, require, prohibit or otherwise specify, the encapsulation of biometric samples or templates used in a test, or regulate metrics for tests. NOTE ISO/I
29、EC 19795-1 establishes the reportable metrics. 2 Conformance A test report shall be conformant to this part of ISO/IEC 29120 if it meets all normative requirements of this part of ISO/IEC 29120. 3 Normative references The following documents, in whole or in part, are normatively referenced in this d
30、ocument and are indispensable for its application. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. ISO 8601:2004, Data elements and interchange formats Information interchange Representati
31、on of dates and times ISO/IEC 8825-1:2008, Information technology ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER) Part 1 ISO/IEC 8825-4:2008, Information technology ASN.1 encoding rules: XML Encoding Rules (XER)
32、 Part 4 ISO/IEC 9594-2, Information technology Open Systems Interconnection The Directory Part 2: Models ISO/IEC 19785-3:2007, Information technology Common Biometric Exchange Formats Framework Part 3: Patron format specifications ISO/IEC 19795-1, Information technology Biometric performance testing
33、 and reporting Part 1: Principles and framework INTERNATIONAL ST ANDARD ISO/IEC 29120-1:2015(E) ISO/IEC ISO pub-date year All rights reserved 1BS ISO/IEC 29120-1:2015ISO/IEC 29120-1:2015(E) RFC 3852, Cryptographic Message Syntax (CMS) RFC 5911, New ASN.1 Modules for Cryptographic Message Syntax (CMS
34、) and S/MIME 4 T erms a nd definiti ons For the purposes of this document, the terms and definitions given in ISO/IEC 19795-1 apply. 5 Symbols and abbreviated terms For the purposes of this part of ISO/IEC 29120, the following abbreviations apply. ASN Abstract Syntax Notation BDB Biometric Data Bloc
35、k CDF Cumulative Distribution Function CMC Cumulative match characteristic DET Detection error tradeoff FAR False accept rate FTA Failure to acquire rate FTE Failure to enrol rate FMR False match rate FNIR False-negative identification error rate FNMR False non-match rate FPIR False-positive identif
36、ication error rate FRR False reject rate ROC Receiver operating characteristic IUT Implementation under test 6 ASN.1 format 6.1 Encoding rules The test reports specified in this part of the International Standard shall be encoded using the XML Encoding Rules (XER) ISO/IEC 8825-4:2008 or the Basic En
37、coding Rules (BER) ISO/IEC 8825-1:2008 of ASN.1. 6.2 A SN .1 object ident ifier for t est r eport MachineReadableBiometricTestingAndReportingTestReport iso(1) standard(0) MRTDBTR(29120) testReport(1) module(1) rev(0) 6.3 BiometricTestReport type BiometricTestReport := SEQUENCE contentType CONTENT-TY
38、PE. id- estReportTechnology, id-testReportScenario, and id-signedTestReport. This is done by the following definition of ContentTypeBiometricTestReport and those of testReportTechnology, testReportScenario, and signedDataBTR. ContentTypeBiometricTestReport CONTENT-TYPE := testReportTechnology | test
39、ReportScenario | signedTestReport testReportTechnology CONTENT-TYPE := TestReportTechnology IDENTIFIED BY id-testReportTechnology testReportScenario CONTENT-TYPE := TestReportScenario IDENTIFIED BY id-testReportScenario signedTestReport CONTENT-TYPE := SignedTestReport IDENTIFIED BY id-signedTestRep
40、ort Each of these content types corresponds to report of technology test, scenario test, and signed test report. The object identifiers are defined as follows: id-testReportTechnology OBJECT IDENTIFIER := iso(1) standard(0) MRTDBTR(29120) testReport(1) contentType(2) testReportTechnology(1) id-testR
41、eportScenario OBJECT IDENTIFIER := iso(1) standard(0) MRTDBTR(29120) testReport(1) contentType(2) testReportScenario(2) id-signedTestReport OBJECT IDENTIFIER := iso(1) standard(0) MRTDBTR(29120) testReport(1) contentType(2) signedTestReport(3) 6.4 Data types for technology tests 6.4.1 Overview Type
42、TestReportTechnology is a type to express results of technology test. The first field version is the version of this test report format of type MRTDBTRVersion. The second field targetInfo is of type ProductInformation and gives information of the evaluated product. The third field testReportInfo giv
43、es the information about the test report of type TestReportInformation. The fourth part is a sequence testReports of type TestReportTechnologyForOneCondition. Each element of this sequence corresponds to a test result under a specific condition. TestReportTechnology := SEQUENCE version MRTDBTRVersio
44、n DEFAULT v0, targetInfo ProductInformation, testReportInfo TestReportInformation, testReports SEQUENCE OF TestReportTechnologyForOneCondition MRTDBTRVersion := INTEGER v0(0) ( v0, . ) 6.4.2 Product information Type ProductInformation has six fields and gives information about the tested product. Pr
45、oductInformation := SEQUENCE provider Provider, ISO/IEC 2015 All rights reserved 3BS ISO/IEC 29120-1:2015ISO/IEC 29120-1:2015(E)nameProduct NameProduct, description VisibleString OPTIONAL, functionProduct SEQUENCE OF Function, outputProduct DataType OPTIONAL, modalityProduct Modality 6.4.2.1 Provide
46、r information The first field provider is of type Provider and gives information about the provider of the tested biometric product. Provider := SEQUENCE nameProvider Name, typeProvider TypeProvider, roleProvider RoleProvider, contactInformation VisibleString OPTIONAL The first field nameProvider id
47、entifies the name of the provider. The type Name for this field is specified in ISO/IEC 9592-2:2005. The second field typeProvider shows t he t y pe of t he prov ider, and shall t ake a value chosen f rom t he values of type TypeProvider: non-profit, university, corporation, individual, government .
48、 TypeProvider := ENUMERATED non-profit(1), university(2), corporation(3), individual(4), government(5) The third field roleProvider shows the role of the provider, and shall take a value chosen from the values of type RoleProvider: manufacturer, reseller, integrator, other. manufacturer is for the r
49、ole of the entity responsible for the design or creation of the component. reseller is for the role of the entity which packages or resells the component. integrator is for the role of the entity which may combine components into a single atomic component. RoleProvider := ENUMERATED manufacturer(1), reseller(2), integrator(3), other(4) The fourth field contactInformati