iTeh Standards logo
EURUSD
Your shopping cart is empty.
SIST

SIST-TS CEN/TS 17261:2019

(Main)

Biometric authentication for critical infrastructure access control - Requirements and Evaluation

Biometric authentication for critical infrastructure access control - Requirements and Evaluation

This document addresses biometric recognition systems that are used as part of an automated access control system to provide a second and independent authentication factor of the individual using the AACS to access secured areas of critical infrastructure.
This document:
-   specifies requirements for biometric recognition systems to be used as part of an AACS for critical infrastructure,
-   describes a methodology for the evaluation of biometric authentication for AACSs against the specified requirements.
The requirements and test methods address biometric authentication for AACS that: (i) operate in an internal environment constituting part of a larger site, access to which is restricted and controlled by a separate access control system; and (ii) use biometrics as a second authentication factor to a token or proximity card.
This document does not consider access by the general public, e.g. passengers in an airport, or visitors to a hospital.
Products that meet the requirements of this document will comprise (i) a biometric sensor(s) external to the secured area, which reads the biometric characteristics of the user at the point of access; and (ii) a biometric server system performing biometric enrolment, signal processing, storage of biometric references and biometric comparison within a secured area.
This document does not address AACS or AACS portals (turnstiles) but is only concerned with the biometric components which integrate with the AACS. Other standards address requirements and testing of the non-biometric parts of the AACS.

Biometrische Authentifikation für die Zugangskontrolle zu kritischen Infrastrukturen - Anforderungen und Evaluierung

Authentification biométrique pour le contrôle d'accès aux infrastructures critiques - Exigences et évaluation

Biometrična avtentikacija za nadzor kritične infrastrukture - Zahteve in ovrednotenje

Tehnična specifikacija
i) določa zahteve glede zasnove, zmogljivosti in odpornosti proti napadu za biometrične sisteme, ki se uporabljajo kot del avtomatiziranega sistema za nadzor dostopa, ki varuje dostop do kritične infrastrukture (opredeljeno v direktivi Sveta 114/2008/ES),
ii) opisuje metodologije za ocenjevanje izdelkov z biometričnim nadzorom dostopa v povezavi s temi zahtevami.

General Information

Status
Published
Publication Date
08-Jan-2019
ICS
35.240.15 - Identification cards. Chip cards. Biometrics
Technical Committee
ITC - Information technology
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
03-Jan-2019
Due Date
10-Mar-2019
Completion Date
09-Jan-2019
Ref Project
CEN/TS 17261:2018 - Biometric authentication for critical infrastructure access control - Requirements and Evaluation
SIST-TS CEN/TS 17261:2019SIST-TS CEN/TS 17261:2019
PreviousNext
Technical specification
SIST-TS CEN/TS 17261:2019
English language
18 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)


SLOVENSKI STANDARD
01-februar-2019
%LRPHWULþQDDYWHQWLNDFLMD]DQDG]RUNULWLþQHLQIUDVWUXNWXUH=DKWHYHLQ
RYUHGQRWHQMH
Biometric authentication for critical infrastructure access control - Requirements and
Evaluation
Biometrische Authentifikation für die Zugangskontrolle zu kritischen Infrastrukturen -
Anforderungen und Evaluierung
Authentification biométrique pour le contrôle d'accès aux infrastructures critiques -
Exigences et évaluation
Ta slovenski standard je istoveten z: CEN/TS 17261:2018
ICS:
35.240.15 ,GHQWLILNDFLMVNHNDUWLFHýLSQH Identification cards. Chip
NDUWLFH%LRPHWULMD cards. Biometrics
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

CEN/TS 17261
TECHNICAL SPECIFICATION
SPÉCIFICATION TECHNIQUE
December 2018
TECHNISCHE SPEZIFIKATION
ICS 35.240.15
English Version
Biometric authentication for critical infrastructure access
control - Requirements and Evaluation
Authentification biométrique pour le contrôle d'accès Biometrische Authentifikation für die
aux infrastructures critiques - Exigences et évaluation Zugangskontrolle zu kritischen Infrastrukturen -
Anforderungen und Evaluierung
This Technical Specification (CEN/TS) was approved by CEN on 10 September 2018 for provisional application.

The period of validity of this CEN/TS is limited initially to three years. After two years the members of CEN will be requested to
submit their comments, particularly on the question whether the CEN/TS can be converted into a European Standard.

CEN members are required to announce the existence of this CEN/TS in the same way as for an EN and to make the CEN/TS
available promptly at national level in an appropriate form. It is permissible to keep conflicting national standards in force (in
parallel to the CEN/TS) until the final decision about the possible conversion of the CEN/TS into an EN is reached.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania,
Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Turkey and United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2018 CEN All rights of exploitation in any form and by any means reserved Ref. No. CEN/TS 17261:2018 E
worldwide for CEN national Members.

Contents Page
European foreword . 3
Introduction . 4
1 Scope . 5
2 Normative references . 5
3 Terms and definitions . 6
4 Symbols and abbreviations . 8
5 Conformance . 8
6 Typical use-case . 8
7 Requirements and recommendations . 9
7.1 General . 9
7.2 Design . 9
7.2.1 General . 9
7.2.2 Protection of access to biometric server, biometric data and functions of the
biometric subsystem . 9
7.2.3 Operator/Administrator control and authentication . 9
7.2.4 Door unit . 10
7.2.5 Biometric enrolment, re-enrolment and deletion . 10
7.2.6 Biometric recognition . 10
7.3 Operation . 10
7.3.1 General . 10
7.3.2 Identity assurance for enrolment . 10
7.3.3 Enrolment process . 10
7.3.4 Fallback authentication . 11
7.4 Technical performance . 11
7.4.1 General . 11
7.4.2 Failure to enrol rate . 11
7.4.3 Enrolment transaction duration. 11
7.4.4 False accept rate . 11
7.4.5 False reject rate . 12
7.4.6 Verification transaction duration . 12
7.5 Attack resistance . 12
7.5.1 General . 12
7.5.2 Resistance to tamper . 12
7.5.3 Resistance to presentation attack . 13
7.6 Performance and attack resistance requirements . 13
8 Testing and reporting . 14
8.1 System information and documentation . 14
8.2 Configuration of system for testing . 14
8.2.1 Scenario AACS . 14
8.2.2 Configuration of biometric systems under test . 15
8.3 Outline of test processes . 15
8.3.1 Pretesting . 15
8.3.2 Scenario performance evaluation . 15
8.3.3 Attack resistance evaluation . 17
Bibliography . 18
European foreword
This document (CEN/TS 17261:2018) has been prepared by Technical Committee CEN/TC 224 “Personal
identification and related personal devices with secure element, systems, operations and privacy in a
multi sectorial environment”, the secretariat of which is held by AFNOR.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN shall not be held responsible for identifying any or all such patent rights.
According to the CEN-CENELEC Internal Regulations, the national standards organisations of the
following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria, Croatia,
Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France,
Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands,
Norway, Poland, Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and
the United Kingdom.
Introduction
This document is concerned with the performance-based testing of biometric authentication for
automated access control systems (AACS), in particular for physical access control to controlled areas of
Critical Infrastructure as defined by the European Council Directive 2008/114/EC [7].
It is assumed that biometric recognition constitutes a second authentication factor alongside token-based
authentication and that the AACS requires the results of the biometric and token-based authentication of
the same individual before authorizing access. The biometric+token combination emulates a biometric
verification system. The token presentation constitutes the biometric claim that the capture subject is the
bodily source of the biometric reference associated with the token ID. Accordingly, technical performance
of the biometric authentication is assessed in terms of verification metrics, i.e. False Accept Rate, False
Reject Rate, Failure-to-Enrol Rate and throughput rates. Technical performance requirements and
evaluation methods should be identical irrespective of the biometric technology.
Biometric subsystems should also be evaluated in terms of their vulnerability to defeat. This is to be
assessed through measuring a system’s capacity to resist a direct attack on it or detect an intrusion
attempt by a knowledgeable attacker intent on defeating the biometric authentication. Since method of
attack is dependent on the biometric technology, vulnerability to defeat is assessed in a technology-
specific manner.
The results of an evaluation performed using this document relate to the system’s performance in that
the evaluation should not be used as a guarantee of the performance that would be expected on any other
site.
1 Scope
This document addresses biometric recognition systems that are used as part of an automated access
control system to provide a second and independent authentication factor of the individual using the
AACS to access secured areas of critical infrastructure.
This document:
— specifies requirements for biometric recognition systems to be used as part of an AACS for critical
infrastructure,
— describes a methodology for the evaluation of biometric authentication for AACSs against the
specified requirements.
The requirements and test methods address biometric authentication for AACS that: (i) operate in an
internal environment constituting part of a larger site, access to which is restricted and controlled by a
separate access control system; and (ii) use biometrics as a second authentication factor to a token or
proximity card.
This document does not consider access by the general public, e.g. passengers in an airport, or visitors to
a hospital.
Products that meet the requirements of this document will comprise (i) a biometric sensor(s) external to
the secured area, which reads the biometric characteristics of the user at the point of access; and (ii) a
biometric server system performing biometric enrolment, signal processing, storage of biometric
references and biometric comparison within a secured area.
This document does not address AACS or AACS portals (turnstiles) but is only concerned with the
biometric components which integrate with the AACS. Other standards address requirements and testing
of the non-biometric parts of the AACS.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO/IEC 2382-37, Information technology — Vocabulary — Part 37: Biometrics
ISO/IEC 30107-3:2017, Information technology — Biometric presentation attack detection — Part 3:
Testing and reporting
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC 2382-37:2017 and the
following apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— IEC Electropedia: available at http://www.electropedia.org/
— ISO Online browsing platform: available at https://www.iso.org/obp
3.1
attack potential
measure of the effort to be expended in attacking a target of evaluation (TOE), expressed in terms of an
attacker's expertise, resources and motivation
[Source: ISO/IEC 15408-1:2009]
3.2
critical infrastructure
asset, system or a part thereof that is essential for the maintenance of vital societal functions, health,
safety, security, economic or social well-being of people and the disruption or destruction of which would
have a significant impact as a result of the failure to maintain those functions
3.3
enrolment transaction duration
measurement of the duration of an enrolment transaction, starting when the enroller begins a interaction
with the biometric enrolment system to conduct the enrolment (e.g., authenticating as a valid enroller on
the system) and ending when the enrolee's biometric reference is stored in the system, or when a failure-
to-enrol is declared
3.4
evaluation laboratory
organisation that carries out the evaluation
3.5
false accept rate
FAR
proportion of non-mated verification transactions erroneously confirmed
[SOURCE: ISO/IEC 19795-1:2006, modified to harmonise with the vocabulary of ISO/IEC 2382-37]
3.6
false reject rate
FRR
proportion of mated verification transactions erroneously rejected
[SOURCE: ISO/IEC 19795-1:2006, modified to harmonise with the vocabulary of ISO/IEC 2382-37]
Note 1 to entry: Rejections due to failure-to-acquire errors or to false alarms in spoof detection are included in
the false reject rate.
3.7
generalized false reject rate
GFRR
generalization of the false reject rate that includes the effect of enrolment failures: the test participants
who the system failed to enrol are considered to have made verification transactions equivalent to those
of enrolled test subjects, and these verification transactions are considered to have failed
3.8
habituated capture subject
biometric subject familiar with using the biometric device
Note 1 to entry: Transaction times and success rates for habituated test subjects will be consistent with those
experienced in their regular use of the system.
3.9
impostor attack presentation match rate
IAPMR
proportion of impostor attack presentations, using the same attack method, in which the target reference
is matched
[SOURCE: ISO/IEC 30107-3:2017 (“PAI species” changed to “attack method”)]
3.10
mated verification transaction
verification transaction in which the accompanying token (i.e., biometric claim) corresponds to the
capture subject
Note 1 to entry: Mated verification transactions have historically been called genuine transactions.
3.11
non-mated verification transaction
verification transaction in which the accompanying token (i.e., biometric claim) does not correspond to
the capture subject
Note 1 to entry: Non-mated verification transactions have historically been called (zero-effort) “impostor”
transactions.
3.12
presentation attack
presentation to the biometric capture subsystem with the goal of interfering with the correct operation
of the biometric system
Note 1 to entry: In the context of this document, the goal of a presentation attack is impersonation of another
enrolled individual. A presentation attack can be implemented through a variety of methods, e.g. artefact, mutilation,
replay, etc.
3.13
verification transaction duration
measurement of the duration of a verification transaction, starting when the subject begins interaction
with the biometric capture device and ending when the biometric system renders a final transaction
decision
3.14
secured area
area or facility to which access is restricted to authorised roles under the security policy
EXAMPLE Data centres, communication rooms, command and control facilities.
Note 1 to entry: In this document, secured areas do not include areas accessible to the general public, e.g.
passengers in an airport, or visitors to a hospital.
3.15
supplier
organisation or person that provides the product under evaluation and provides support during the
evaluation term
4 Symbols and abbreviations
For the purposes of this document, the following abbreviations apply.
AACS Automated Access Control System
FAR False Accept Rate
FRR False Reject Rate
FTER Failure to Enrol Rate
GFRR Generalized False Reject Rate
IAPMR Impostor Attack Presentation Match Rate
IAPMR_ Maximum value of IAPMR over all tested attack methods at attack potential
BASIC
BASIC or below
5 Conformance
A biometric subsystem integrated into an AACS conforms to the specifications of this document if:
a) it meets all requirements contained in 7.2,
b) the performance and attack resistance metrics specified in Table 1 have been tested and reported in
accordance with the requirements of 7.4, 7.5 and Clause 8 and
c) the performance and attack resistance meets the baseline performance levels specified in 7.6,
Table 1.
6 Typical use-case
This document addresses Automated Access Control Systems operating in an internal environment
constituting part of a larger site, where biometric authentication is used as a second authentication factor
working independently of authentication by token or proximity card.
Authorized individuals are issued with tokens for use by the AACS and are also enrolled into the biometric
system.
The biometric enrolment records the biometric characteristics of an individual and generates a biometric
reference against which future comparisons can be made. This reference is stored together with the
system identifier for that individual. The organization's Security Policy will specify the credentials that
an individual needs to provide to show eligibility for biometric enrolment. The Security Policy may also
allow for re-enrolment to update an individual's biometric reference when required.
Access control tokens/cards together with biometric recognition will be required to allow entrance to
(or exit from) the secured area(s).
7 Requirements and recommendations
7.1 General
Requirements and recommendations for the biometric authentication subsystem are divided into
requirements and recommendations regarding:
— the design,
— the operation,
— the performance and
— the attack resistance.
7.2 Design
7.2.1 General
The biometric system shall provide functionality to support the design requirements given in 7.2.2 to
7.2.6.
7.2.2 Protection of access to biometric server, biometric data and functions of the biometric
subsystem
The biometric server shall be located within a secured area. To avoid the need to evaluate against the
possibility of cyberattack, the server shall have no data connections outside the secured area other than
to biometric door units, (e.g. Wi-Fi connection between components or cloud storage of biometric
references and transactions logs are prohibited).
To maintain independence between token and biometric authentication, the biometric reference shall
not be stored on the token.
7.2.3 Operator/Administrator control and authentication
Operator/administration functions shall take place on the biometric server system and shall not be
available on the biometric door units external to the secured area.
The system shall be configured to verify the identity and the authority of staff operating the system (e.g.
system administrator, enroller) immediately prior to:
— biometric enrolment or re-enrolment,
— the deletion of biometric references,
— backup and restoration of the biometric database,
— configuration of system parameters (e.g. comparison score thresholds, presentation attack detection
settings, etc.) for the biometric component and
— the inspection of results logged by the system.
Operator authentication may be handled by the operating system of the computer on which the biometric
server is installed, but a standalone system will need
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

Loading comments...

This May Also Interest You

SIST
SIST-TS CEN/TS 17489-5:2025(Main)
Personal identification - Secure and interoperable European breeder documents - Part 5: Trust establishment and management processes
CEN/TS 17489-5:2025

1.1   Objective
This document is intended for the use of breeder document issuing authorities both policymakers and technical, for having uniform formats that conform to printed as well as digital requirements of CEN member and associated states (including EU member states).
The objectives are:
a)   provision of a common set of formats of breeder documents – printed and digital to be implemented by CEN member and associated states (including EU member states), with the extended objective of their acceptance internationally;
b)   the focus is on having common recognizable formats as well as prevention of identity fraud, particularly related to the use of breeder documents to obtain national and international ID documents, such as passports, and residence permits.
1.2   Human dimension of identity management
Each country’s identity management system also provides a framework for observing and protecting many of the human rights embodied in international declarations and conventions. Depending on the provisions in place, the system can ensure that citizens can exercise a wide range of rights, such as rights to property, privacy, freedom of movement and free choice of place of residence, as well as access to social services such as education, healthcare and social security. In states with more advanced technological infrastructure, population registration provides the basis for the establishment of a number of citizen-oriented computerized services, also known as e-services and e-government. Identity management is also central to prevention of discrimination in exercising guaranteed rights.
The identity management infrastructure provides the backbone for a functioning and viable state by securing civil, population and tax registers, as well other systems such as healthcare benefits, voter lists and the issuance of travel and identity documents based on verifiable identities. Such flaws may become visible during elections, where shortcomings in voter lists can affect confidence in the election process. In essence, a secure identity management system can be seen as the foundation, a root level, that is able to then feed into and help numerous other branches of key state services function effectively and accurately (OSCE, 2017, p.13) [27].
1.3   Security dimension of identity management
One of the key elements of a secure environment for cross-border travel is that the travel documents used by visitors meet international standards in terms of security of the document itself and security in that the document reflects the genuine identity of its holder. Similarly, the systems for issuing travel documents need to be linked to identity management systems to streamline decision-making processes, preferably through modernized systems that reflect developments in document security technology. As entries in registers or officially issued identification documents provide access to specific services, criminal networks are constantly looking for possible gaps in identity management systems to obtain genuine documents under fabricated or stolen identities. Documents obtained as result of gaps in identity management have enabled criminals to target business entities and cause significant financial losses through the use of genuine documents issued to non-existent identities (OSCE, 2017, p.14) [27].
Both legal and illegal immigration breeder docs are regularly used to determine an identity if no MRTD or eMRTD is presented. An identity which will be printed on an eRP, Foreigners ppt, Refugees travel doc etc. unless other supportive evidence of identity is provided.
Organized crime has not overlooked this and fraudulently obtained or falsified travel documents are regularly presented to hide the true identity.
Since a significant portion of the world’s population cannot reliably prove their identity, they rely on verbally presented identities and/or supportive breeder documents when registering in another country.
Asylum applicants who...

  • Technical specification
    69 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TS CEN/TS 18139:2025(Main)
Personal identification - European guide for biometric recognition applications based on ID documents (ERG)
CEN/TS 18139:2025

This document defines requirements and provides guidance on:
•   capturing of facial images to be used for verification or identification purposes in applications based on reference images in identity or similar documents and traveller or visa databases;
•   capturing of fingerprint images to be used for verification or identification purposes in applications based on reference images in identity or similar documents and traveller or visa databases;
•   data quality maintenance for biometric data captured by/for verification or identification applications;
•   data authenticity maintenance for biometric data captured by/for verification or identification ap-plications.
This document addresses the following aspects which are specific for biometric data capturing:
•   biometric data quality and interoperability assurance;
•   data authenticity assurance;
•   morphing and other presentation attacks and biometric data injection attacks;
•   accessibility and usability;
•   recognition algorithms and their evaluation;
•   privacy and data protection;
•   optimal process design.
The following aspects are out of scope:
•   other aspects of IT security;
•   data capturing for ID document enrolment purposes, e.g. passport or ID card enrolment.

  • Technical specification
    30 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TS CEN/TS 17489-2:2025(Main)
Secure and interoperable European Breeder Documents — Part 2: Data model
CEN/TS 17489-2:2024

This document specifies the abstract data model for breeder document data and the specific encodings of this abstract data model used in the CEN breeder document framework.
The abstract data model is a semantic description of the birth, marriage / partnership, and death certificate data, independently from their specific encoding. This abstract data model is extensible for further standardized and proprietary data of birth, marriage / partnership, and death certificates as well as for other types of breeder documents.
This abstract data model is technology agnostic, i.e. it is applicable for paper-based, server-based, and hardware-based breeder documents as well as further breeder document designs and technologies.
The specific encodings of this abstract data model comprise the encodings to be used for the machine readable technologies specified in part 3 of the framework as well as the encoding of human readable breeder document data. These encodings are used in the birth, marriage / partnership, and death certificate profiles specified in part 4 of the framework.

  • Technical specification
    25 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TS CEN/TS 18099:2025(Main)
Biometric data injection attack detection
CEN/TS 18099:2024

This document provides an overview on:
-   Definitions on Biometric Data Injection Attack,
-   Biometric Data Injection Attack use case on main biometric system hardware for enrolment and verification,
-   Injection Attack Instruments on systems using one or several biometric modalities.
This document provides guidance on:
-   System for the detection of Injection Attack Instruments (defined in 3.12),
-   Appropriate mitigation risk of Injection Attack Instruments,
-   Creation of test plan for the evaluation of Injection Attack Detection system (defined in 3.9).
If presentation attacks testing is out of scope of this document, note that these two characteristics are in the scope of this document:
-   Presentation Attack Detection systems which can be used as injection attack instrument defence mechanism and/or injection attack method defence mechanism. Yet, no presentation attack testing will be performed by the laboratory to be compliant with this document (out of scope).
-   Bona Fide Presentation testing in order to test the ability of the Target Of Evaluation to correctly classify legitimate users.
The following aspects are out of scope:
-   Presentation Attack testing (as they are covered in ISO/IEC 30107 standards),
-   Biometric attacks which are not classified as Type 2 attacks (see Figure 1),
-   Evaluation of implementation of cryptographic mechanisms like secure elements,
-   Injection Attack Instruments rejected due to quality issues.

  • Technical specification
    37 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TP CEN/TR 18108:2025(Main)
Personal identification - Usage of biometrics in breeder documents
CEN/TR 18108:2024

This document provides guidance on usage of biometrics in breeder documents, in particular regarding
-   encoding of biometric reference data;
-   data quality maintenance for biometric reference data;
-   data authenticity maintenance for biometric reference data; and
-   privacy preservation of biometric reference data.
This document addresses advantages and disadvantages of biometric modes, in particular regarding
-   verification performance;
-   privacy impact;
-   feasibility of biometric acquisition considering the age of the capture subjects;
-   limits of validity and need for updating biometric reference data.
The following aspects are out of scope:
-   format and structure of breeder documents;
-   general security aspects, which are covered in CEN/TS 17489-1 [1].

  • Technical report
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO 21549-7:2024(Main)
Health informatics - Patient healthcard data - Part 7: Medication data (ISO 21549-7:2024)
EN ISO 21549-7:2024

This document applies to situations in which such data is recorded on or transported by patient healthcards compliant with the physical dimensions of ID-1 cards defined by ISO/IEC 7810.
This document specifies the basic structure of the data contained within the medication data object, but does not specify or mandate particular data sets for storage on devices.
The purpose of this document is for cards to provide information to other health professionals and to the patient or its non-professional caregiver.
It can also be used to carry a new prescription from the prescriber to the dispenser/pharmacy in the design of its sets.
Medication data include the following four components:
—     medication notes: additional information related to medication and the safe use of medicines by the patient such as medication history, sensitivities and allergies;
—     medication prescriptions: to carry a new prescription from the prescriber to the dispenser/pharmacy;
—     medication dispensed: the records of medications dispensed for the patient;
—     medication references: pointers to other systems that contain information that makes up medication prescription and the authority to dispense.
The following topics are beyond the scope of this document:
—     physical or logical solutions for the practical functioning of particular types of data cards;
—     how the message is processed further “downstream” of the interface between two systems;
—     the form which the data takes for use outside the data card, or the way in which such data is visibly represented on the data card or elsewhere.
NOTE            Not only does the definition of “medicinal products” differ from country to country, but also the same name can relate to entirely different products in some countries. Therefore, it is important to consider the safety of the patient when the card is used across borders.
This document describes and defines the Medication data objects used within or referenced by patient-held health data cards using UML, plain text and Abstract Syntax Notation (ASN.1).
This document does not describe nor define the common objects defined within ISO 21549-2.

  • Standard
    51 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TP CEN/TR 18030:2024(Main)
Personal identification - Biometrics - Overview of biometric verification systems implemented across Europe
CEN/TR 18030:2023

This Technical Report provides an overview of the current deployment of biometric systems within Europe. It addresses the challenges that are being faced, in order to detect the current needs for improving the specifications for the implementation and deployment of biometric systems. This Technical Report considers all kind of deployments, from border control to ad-hoc services. As most of the deployed systems are based on the use of fingerprints or face recognition, this Technical Report will focus on these two biometric modalities, from the system integrator and interoperability points of view.
Identity documents, in terms of production, structure, interoperability, etc., are out of the scope of this TR. The TR is focused on the performance at system level.
The current European legislative initiatives around this topic (e.g., Entry/Exit System, framework for interoperability between EU information systems, etc.) need a robust framework study about the availability of standard technologies to improve interoperability in biometric products around the European Union.
By showing these needs, a set of recommendations for future standardization works is provided.
From a methodological perspective, the report gathers information of different entities with this classification:
- Capture/enrolment of biometrics including the quality assurance and the generation of feature or biometric models from the images.
- Best practices and guidelines to use biometrics in Europe.
- Data Quality environment using biometrics in European networks.

  • Technical report
    33 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO 21549-5:2024(Main)
Health informatics - Patient healthcard data - Part 5: Identification data (ISO 21549-5:2023)
EN ISO 21549-5:2023

This document describes and defines the basic structure of the identification data objects held on healthcare data cards, but it does not specify particular data sets for storage on devices.
This document does not apply to the detailed functions and mechanisms of the following services (although its structures can accommodate suitable data objects elsewhere specified):
—    security functions and related services that are likely to be specified by users for data cards depending on their specific application, e.g. confidentiality protection, data integrity protection and authentication of persons and devices related to these functions;
—    access control services;
—    the initialization and issuing process (which begins the operating lifetime of an individual data card, and by which the data card is prepared for the data to be subsequently communicated to it according to this document).
Therefore, this document does not cover:
—    physical or logical solutions for the practical functioning of particular types of data card;
—    the forms that data take for use outside the data card, or the way in which such data are visibly represented on the data card or elsewhere.

  • Standard
    17 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO/IEC 2382-37:2024(Main)
Information technology - Vocabulary - Part 37: Biometrics (ISO/IEC 2382-37:2022)
EN ISO/IEC 2382-37:2023

This document establishes a systematic description of the concepts in the field of biometrics pertaining to recognition of human beings. This document also reconciles variant terms in use in pre-existing International Standards on biometrics against the preferred terms, thereby clarifying the use of terms in this field.
This document does not cover concepts (represented by terms) from information technology, pattern recognition, biology, mathematics, etc. Biometrics uses such fields of knowledge as a basis.
In principle, mode-specific terms are outside of scope of this document.

  • Standard
    42 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TP CEN/TR 17982:2024(Main)
European Digital Identity Wallets standards Gap Analysis
CEN/TR 17982:2023

This document identifies relevant existing standards and standards work in progress around European Digital Identity Wallets. It also identifies missing work items and overlaps in standards and is supposed to work as a roadmap for future standardization projects in the area.

  • Technical report
    39 pages
    English language
    sale 10% off
    e-Library read for
    1 day