标准摘要
[中文适用范围]: 本文件涵盖生物识别信息在以下方面的保护要求:——分析与生物特征及生物特征应用模型固有威胁及其对策;——基于生物参考(BR)和身份参考(IR)之间安全可靠绑定的安全性要求;——不同存储和比较场景下生物特征系统应用模型;——在处理生物识别信息时保护个人隐私的指导。本文件不包括与物理安全、环境安全和密钥管理一般管理问题相关的通用加密技术。 [外文原描述]: This document covers the protection of biometric information under various requirements for confidentiality, integrity and renewability/revocability during storage and transfer. It also provides requirements and recommendations for the secure and privacy-compliant management and processing of biometric information. This document specifies the following: — analysis of the threats to and countermeasures inherent to biometrics and biometric system application models; — security requirements for securely binding between a biometric reference (BR) and an identity reference (IR); — biometric system application models with different scenarios for the storage and comparison of BRs; — guidance on the protection of an individual's privacy during the processing of biometric information. This document does not include general management issues related to physical security, environmental security and key management for cryptographic techniques.
英文名称Information security, cybersecurity and privacy protection - Biometric information protection