ISO IEC 19785-4 pdf download – Information technology — Common Biometric Exchange Formats Framework — Part 4: Security block format specifications

ISO IEC 19785-4 pdf download – Information technology — Common Biometric Exchange Formats Framework — Part 4: Security block format specifications
1 Scope
This part of ISOIEC 19785 specifies security block formats (see lSOIEC 19785-1) registered in accordancewith iSOIEC 19785-2 as formats defined by the CBEFF biometric organization ISonEc JTc 1/SC 37, andspecifies their registered security block format identifiers.
NOTE The security block format identifier is recorded in the standard biometic header (SBH) of a patron format (ordefined by that patron format as the only available security block format).
The general-purpose security block format provides for specification of whether the biometric data block(BDB) is encrypted or the SBH and BDB have integrity applied (or both), and can include ACBio instances(see ISOIEC 24761).This security block provides all necessary security parameters, including those used forencryption or integrity.
lt does not restrict the algorithms and parameters used for encryption or integrity,but provides for therecording of such algorithms and parameter values.
lt is a matter for profiling to determine, for a particular application area, what algorithms and parameter rangescan be used by the generator of a security block, and hence what algorithms and parameter ranges have tobe supported by the user of a security block.This is out of the scope of this part of ISOIIEC 19785.
The second security block is more limited, but simpler (and in particular cannot contain ACBio instances, anddoes not support encryption of the BDB).
2Normative references
The following referenced documents are indispensable for the application of this document.For datedreferences,only the edition cited applies. For undated references,the latest edition of the referenceddocument (including any amendments) applies.
ISO/IEC 8824 (all parts)| ITU-T Rec.X.680-683,Information technology— Abstract Syntax Notation One(ASN.1)
ISOIEC 8825(all parts)|ITU-TRec.X.690-693, Information technology—ASN.1 encoding rules
ISOIEC 9798-6, Information technology – Securitytechniques – EntityauthenticationPart 6: Mechanisms using manual data transfer
ISOIEC 19784-1,Information technology — Biometric application programming interface — Part 1: BioAPIspecification
ISOIEC 19785-1，Information technology – Common Biometric Exchange Formats Framework 一Part 1: Data element specification
ISO/IEC 24761, Information technology — Security techniques — Authentication context for biometrics
RFC 3852, Cryptographic Message Syntax (CMS), July 2004
RFC 5911, New ASN.1 Modules for Cryptographic Message Syntax (CMS) and S-MIME, June 2010
3 Terms and definitions
3.1 Terms defined in ISO/IEC 19785-1
For the purposes of this document, the following terms defined in ISO/IEC 19785-1 apply:
biometric, biometrics, biometric data block (BDB), biometric information record (BIR), CBEFF biometric
organization, security block (SB), security block format, security block format identifier, security block format
owner, standard biometric header (SBH).
3.2 Terms defined in ISO/IEC 19784-1
For the purposes of this document, the following term defined in ISO/IEC 19784-1 applies:
BioAPI Unit.
3.3 Terms defined in ISO/IEC 24761
For the purposes of this document, the following terms defined in ISO/IEC 24761 apply:
ACBio instance, authentication context for biometrics (ACBio), biometric processing unit (BPU).
3.4 Terms defined in ISO/IEC 9798-6
For the purposes of this document, the following term defined in ISO/IEC 9798-6 applies:
message authentication code.
4 Abbreviated terms
4.1 Abbreviated terms defined in ISO/IEC 19785-1
For the purposes of this document, the following abbreviated terms in ISO/IEC 19785-1 apply:
BDB, BIR, CBEFF, SB, SBH.
4.2 Abbreviated terms defined in ISO/IEC 24761
For the purposes of this document, the following abbreviated terms in ISO/IEC 24761 apply:
ACBio, BPU.
4.3 Abbreviated terms defined in ISO/IEC 9798-6
For the purposes of this document, the following abbreviated term in ISO/IEC 9798-6 applies:
MAC.