Information technology - Guidance for biometric enrolment
This document consolidates information relating to successful, secure and usable implementation of biometric enrolment processes, while indicating risk factors that organisations proposing to use biometric technologies will should address during procurement, design, deployment and operation. Much of the information is generic to many types of application, e.g. from national scale commercial and…
Information technology — Performance testing of biometric template protection schemes
ISO/IEC 30136:2018 supports evaluation of the accuracy, secrecy, and privacy of biometric template protection schemes. It establishes definitions, terminology, and metrics for stating the performance of such schemes. Particularly, this document establishes requirements for the measurement and reporting of:
- theoretical and empirical accuracy of biometric template protection schemes,
-…
Information technology - Performance testing of biometric template protection schemes
ISO/IEC 30136:2018 supports evaluation of the accuracy, secrecy, and privacy of biometric template protection schemes. It establishes definitions, terminology, and metrics for stating the performance of such schemes. Particularly, this document establishes requirements for the measurement and reporting of:
- theoretical and empirical accuracy of biometric template protection schemes,
-…
ISO/IEC 19286:2018 aims to normalize privacy-enhancing protocols and services by
- using the mechanisms from parts of ISO/IEC 7816 and parts of ISO/IEC 18328 that contribute to security and privacy,
- providing discoverability means of privacy-enabling attributes,
- defining requirements for attribute-based credential handling, and
- identifying data objects and commands for ICCs…
ISO/IEC 19286:2018 aims to normalize privacy-enhancing protocols and services by
- using the mechanisms from parts of ISO/IEC 7816 and parts of ISO/IEC 18328 that contribute to security and privacy,
- providing discoverability means of privacy-enabling attributes,
- defining requirements for attribute-based credential handling, and
- identifying data objects and commands for ICCs…
Information technology — Home network resource management — Part 1: Requirements
This part of ISO/IEC 30100 specifies the minimum requirements of a home network resource
management architecture to deliver applications in a safe and future-proof way without being
prescriptive. The purpose of this standard is to collect all available home network information
from different types of home network elements and protocols, and to provide the interrelationships
among the elements of…
Financial services — Personal Identification Number (PIN) management and security — Part 1: Basic pr...
ISO 9564-1:2017 specifies the basic principles and techniques which provide the minimum security measures required for effective international PIN management. These measures are applicable to those institutions responsible for implementing techniques for the management and protection of PINs during their creation, issuance, usage and deactivation.
ISO 9564-1:2017 is applicable to the management…
Information technology — Security techniques — Guidelines for privacy impact assessment
This document gives guidelines for
— a process on privacy impact assessments, and
— a structure and content of a PIA report.
It is applicable to all types and sizes of organizations, including public companies, private companies, government entities and not-for-profit organizations.
This document is relevant to those involved in designing or implementing projects, including the parties…
Information technology - Security techniques - Guidelines for privacy impact assessment
This document gives guidelines for
— a process on privacy impact assessments, and
— a structure and content of a PIA report.
It is applicable to all types and sizes of organizations, including public companies, private companies, government entities and not-for-profit organizations.
This document is relevant to those involved in designing or implementing projects, including the parties…
Health informatics — Guidance on health information privacy education in healthcare organizations
ISO/TR 18638:2017 specifies the essential educational components recommended to establish and deliver a privacy education program to support information privacy protection in healthcare organizations. The primary users of this document are those responsible for planning, establishing and delivering healthcare information privacy education to a healthcare organization.
ISO/TR 18638:2017 provides…