Information technology -- Security techniques -- Security evaluation of biometrics
(Only available in English)
This standard was last reviewed and confirmed* in 2015.
ISO/IEC 19792:2009 specifies the subjects to be addressed during a security evaluation of a biometric system.
It covers the biometric-specific aspects and principles to be considered during the security evaluation of a biometric system. It does not address the non-biometric aspects which might form part of the overall security evaluation of a system using biometric technology (e.g. requirements on databases or communication channels).
ISO/IEC 19792:2009 does not aim to define any concrete methodology for the security evaluation of biometric systems but instead focuses on the principal requirements. As such, the requirements in ISO/IEC 19792:2009 are independent of any evaluation or certification scheme and will need to be incorporated into and adapted before being used in the context of a concrete scheme.
ISO/IEC 19792:2009 defines various areas that are important to be considered during a security evaluation of a biometric system.
ISO/IEC 19792:2009 is relevant to both evaluator and developer communities.
- It specifies requirements for evaluators and provides guidance on performing a security evaluation of a biometric system.
- It serves to inform developers of the requirements for biometric security evaluations to help them prepare for security evaluations.
Although ISO/IEC 19792:2009 is independent of any specific evaluation scheme it could serve as a framework for the development of concrete evaluation and testing methodologies to integrate the requirements for biometric evaluations into existing evaluation and certification schemes.
Document published on: 2009-08-01 Edition: 1 (Monolingual) ICS: 35.040 Status: Published Stage: 90.93 (2015-08-27) TC/SC: ISO/IEC JTC 1/SC 27 Number of Pages: 37
This standard has not been revised
No corrigenda or amendments available