ISO/IEC 19792:2009 specifies the subjects to be addressed during a security evaluation of a biometric system.
It covers the biometric-specific aspects and principles to be considered during the security evaluation of a biometric system. It does not address the non-biometric aspects which might form part of the overall security evaluation of a system using biometric technology (e.g. requirements on databases or communication channels).
ISO/IEC 19792:2009 does not aim to define any concrete methodology for the security evaluation of biometric systems but instead focuses on the principal requirements. As such, the requirements in ISO/IEC 19792:2009 are independent of any evaluation or certification scheme and will need to be incorporated into and adapted before being used in the context of a concrete scheme.
ISO/IEC 19792:2009 defines various areas that are important to be considered during a security evaluation of a biometric system.
ISO/IEC 19792:2009 is relevant to both evaluator and developer communities.
- It specifies requirements for evaluators and provides guidance on performing a security evaluation of a biometric system.
- It serves to inform developers of the requirements for biometric security evaluations to help them prepare for security evaluations.
Although ISO/IEC 19792:2009 is independent of any specific evaluation scheme it could serve as a framework for the development of concrete evaluation and testing methodologies to integrate the requirements for biometric evaluations into existing evaluation and certification schemes.
No revision information available
No corrigenda or amendments available