标准摘要
[中文适用范围]: 本部分规定了在说明、表征和评估呈现攻击检测方法时有用的一些条款和定义。在本标准之外,不考虑以下内容:——具体呈现攻击检测方法的标准化;——关于防御措施(即反欺骗技术)、算法或传感器的详细信息;以及——整体系统级安全或漏洞评估。在ISO/IEC 30107中需要考虑的攻击是那些在生物特征采集过程中发生在传感器上的攻击。任何其他类型的攻击都被认为是在ISO/IEC 30107范围之外的。 [外文原描述]: Abstract: In recent years, there has been an increase in the availability and interest in using biometric sensors for authenticating users, but the potential for attacks on a system through the biometric sensor has limited the use of biometrics in applications which are unsupervised by an agent of the system owner, such as remote authentication over untrusted networks. Biometric data can be easily obtained directly from a person, online, or through existing databases and then used to create spoofs (or fakes) to mount an attack. The presentation of a biometric spoof (e.g. a facial image or video of a person on a tablet or a fake silicone or gelatin fingerprint) to a biometric sensor can be detected by methods broadly referred to as presentation attack detection, PAD. The purpose of ISO/IEC 30107-1 is to provide a foundation for PAD through defining terms and establishing a framework through which presentation attack events can be specified and detected so that they can be categorized, detailed and communicated for subsequent decision making and performance assessment activities. This foundation is intended to not only introduce and frame the topics of presentation attacks and PAD but also to benefit other standards projects. This standard does not advocate a specific standard PAD method. The scope is limited to describing attacks that take place at the sensor during the presentation and collection of biometric characteristics. There are two other parts of ISO/IEC 30107, under the general title Information Technology - Biometric presentation attack detection: - Part 2:Data Formats - Part 3: Testing and reporting. Keywords: Liveness, liveness detection, biometric liveness detection, spoof detection, biometric spoof, biometric spoof detection, fake, fake biometric, fake biometrics, arefact, artefact detection. .
英文名称Information technology - Biometric presentation attack detection - Part 1: Framework