90.92 Standard to be revised May 3, 2024
ISO/IEC
ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection
International Standard
35.030 IT Security
For security evaluation of biometric recognition performance and presentation attack detection for biometric verification systems and biometric identification systemsthis document specifies:
— extended security functional components to SFR Classes in ISO/IEC 15408-2;
— supplementary activities to methodology specified in ISO/IEC 18045 for SAR Classes of ISO/IEC 15408-3.
This document introduces the general framework for the security evaluation of biometric systems, including extended security functional components, and supplementary activities to methodology, which is additional evaluation activities and guidance/recommendations for an evaluator to handle those activities. The supplementary evaluation activities are developed in this document while the detailed recommendations are developed in ISO/IEC 19989-2 (for biometric recognition aspects) and in ISO/IEC 19989-3 (for presentation attack detection aspects). This document is applicable only to TOEs for single biometric characteristic type. However, the selection of a characteristic from multiple characteristics in SFRs is allowed.
PUBLISHED
ISO/IEC 19989-1:2020
90.92
Standard to be revised
May 3, 2024
IN_DEVELOPMENT
ISO/IEC WD 19989-1