ISO/IEC 19785-4:2010 pdf free download. Information technology — Common Biometric Exchange Formats Framework — Part 4: Security block format specifications.
ISO/IEC 19785-4:2010 specifies security block formats (see ISO/IEC 19785-1) registered in accordance with ISO/IEC 19785-2 as formats defined by the CBEFF biometric organization ISO/IEC JTC 1/SC 37, and specifies their registered security block format identifiers. [The security block format identifier is recorded in the standard biometric header (SBH) of a patron format (or defined by that patron format as the only available security block format).]
Biometric verification and identification are important techniques for the authentication and/or identification of an individual Biometric data used in biometric verification and identification has to be from a trusted source with no interference in transmission(integrity)。 It might or might not be necessary for it to be kept secret (encryption )depending on security policy. This part of ISO/EC 19785 provides for both integrity and ncryption of the biometric data.
To ensure interoperability, the Common Biometric Exchange Formats Framework (CBEFF) was specified in ISO/E 19785-1 to associate meta-data with one or more Biometric Data Blocks(BDBS) In ISO/EC 19785-1 the options for integrity and encryption, and the concept of a security block($B)to contain security information related to these options are defined, but the format and detailed content of security blocks(SB formats)are not specified.
There are several steps in the chain, starting from a CBEFF patron format.
First, the patron format can determine that the abstract value of the CBEFF data element CBEFF BDB encryption options is fixed as NO ENCRYPTION and that the CBEFF data element CBEFF BIR integrity options is fixed as NO INTEGRIT Y In this case, there is no need for a security block to be required in that patron format.
If the patron format requires the inclusion of a security block in some circumstances, it can fix it as one of the security blocks defined in this part of SO/EC 19785(or as some other security block)， or can include the CBEFF data elements CBEFF SB format owner and CBEFF SB format type to identify one of these or some other security block format.
Besides the security block formats defined in this part of ISO/EC 19785, there will be many possible CBEFF security block formats meeting different needs. For example, a security block format is specified for the ILO seafarers profile in ISO/IEC 24713-3. The security block format specified in Clause 5 is designed to be as general as possible. The security block format specified in Clause 6 is designed to provide a basic security provision and supports integrity only.
This part of ISO/EC 19785 specifies two security block formats.
The first security block specifies a general-purpose security block format with optional elements for encryption, and for integrity, using RF 3852 Cryptographic Message Syntax(CMS)， with certain modifications to EnvelopedData, EncryptedData, signedData, and AuthenticateaData, to meet the needs and requirements in expressing the security of biometric information in conformance with CBEFF. The second is named signature-only security block format, which is also defined using RFC 3852.