Passa alle informazioni sul prodotto
1 su 12

PayPal, credit cards. Download editable-PDF and invoice in 1 second!

GB/T 38671-2020 English PDF (GBT38671-2020)

GB/T 38671-2020 English PDF (GBT38671-2020)

Prezzo di listino $395.00 USD
Prezzo di listino Prezzo scontato $395.00 USD
In offerta Esaurito
Spese di spedizione calcolate al check-out.
Delivery: 3 seconds. Download true-PDF + Invoice.
Get QUOTATION in 1-minute: Click GB/T 38671-2020
Historical versions: GB/T 38671-2020
Preview True-PDF (Reload/Scroll if blank)

GB/T 38671-2020: Information security technology -- Technical requirements for remote face recognition system
GB/T 38671-2020
GB
NATIONAL STANDARD OF THE
PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
Information Security Technology - Technical
Requirements for Remote Face Recognition System
ISSUED ON: APRIL 28, 2020
IMPLEMENTED ON: NOVEMBER 1, 2020
Issued by: State Administration for Market Regulation;
Standardization Administration of the People’s Republic of
China.
Table of Contents
Foreword ... 3 
1 Scope ... 4 
2 Normative References ... 4 
3 Terms, Definitions and Abbreviations ... 4 
4 Overview ... 7 
5 Security Classification ... 10 
6 Functional Requirements ... 10 
7 Performance Requirements ... 22 
8 Security Function Requirements ... 23 
9 Security Assurance Requirements ... 33 
Appendix A (informative) Correspondence between Basic Level and Enhanced
Level of Remote Face Recognition System ... 34 
Appendix B (informative) Security Description of Remote Face Recognition
System ... 36 
Bibliography ... 43 
Information Security Technology - Technical
Requirements for Remote Face Recognition System
1 Scope
This Standard stipulates the functions, performance, security requirements and
security assurance requirements of information system that adopts face recognition
technology for remote identity authentication on the server side.
This Standard is applicable to the research, development and testing of information
system that adopts face recognition technology for remote identity authentication on
the server side. The management of the system may take this as a reference.
2 Normative References
The following documents are indispensable to the application of this document. In
terms of references with a specified date, only versions with a specified date are
applicable to this document. In terms of references without a specified date, the latest
version (including all the modifications) is applicable to this document.
GB/T 18336.3-2015 Information Technology - Security Techniques - Evaluation Criteria
for IT Security - Part 3: Security Assurance Components
GB/T 20271-2006 Information Security Technology - Common Security Techniques
Requirement for Information System
GB/T 26238-2010 Information Technology - Terminology for Biometrics
GB/T 29268.1-2012 Information Technology - Biometric Performance Testing and
Reporting - Part 1: Principles and Framework
GB/T 36651-2018 Information Security Techniques - Biometric Authentication Protocol
Framework Based on Trusted Environment
3 Terms, Definitions and Abbreviations
3.1 Terms and Definitions
What is defined in GB/T 20271-2006, GB/T 26238-2010, GB/T 29268.1-2012 and GB/T
36651-2018, and the following terms and definitions are applicable to this document.
3.1.1 Biometrics; biometric recognition
Figure 1 -- System Reference Model
4.2 Description of Client Side
4.2.1 Environment detection
Detect the environmental conditions of face collection; determine whether the
environment, in which, the face characteristics are collected, satisfies the collection
requirements. Thus, determine whether face collection shall be initiated.
4.2.2 Face image collection
Analyze and process sample data, for example, the input pictures or videos. Extract
face images that satisfy the quality conditions for face characteristic extraction and
comparison.
4.2.3 Living body detection
Detect and judge whether the collected subject is a live face and whether it is attack
by a prosthetic face. When conditions allow, determine whether the face comparison
object is a real and valid human face on the client side. If the living body detection fails,
then, no further processing shall be performed.
4.2.4 Quality detection
Judge the quality of face images. This module is often combined with the face detection
and collection module to output face images of the best quality, for the subsequent
characteristic-based modeling and comparison. If the face quality detection fails, then,
no further processing shall be performed.
4.2.5 Security management
Conduct security management of sensitive data, such as: client-side passwords,
configuration parameters and user data, etc.
4.3 Description of Server Side
4.3.1 Living body judgment
Conduct secondary judgment of information collected during the live face detection
process on the client side. Combine the detection results of the client side to complete
the final living body judgment.
4.3.2 Quality judgment
Judge the quality of biometric information uploaded to the server side.
4.3.3 Face database
5 Security Classification
The functions, performance and security requirements of the remote face recognition
system are divided into basic level and enhanced level. The boldfaces are the newly
added requirements of the enhanced level in comparison with the basic level. The brief
correspondence between the basic level and the enhanced level is shown in Appendix
A; the system security description is shown in Appendix B. Relevant content of this
Standard that involves cryptographic algorithm shall be implemented in accordance
with the relevant national laws and regulations. Those involving the application of
cryptographic technology to solve the requirements of confidentiality, integrity,
authenticity and non-repudiation must comply with the national standards and industry
standards related to cryptography.
6 Functional Requirements
6.1 Basic-level Requirements
6.1.1 User identification
The function of user identification shall be designed and implemented through the
following aspects:
a) All users shall carry out user identification during the registration;
b) It shall have uniqueness;
c) User identification information shall be managed and maintained, so as to
ensure that it is not unauthorizedly accessed, modified or deleted.
6.1.2 Face image collection and processing
The face image collection and processing shall be equipped with the following
functions:
a) During the face data collection process, data, for example, personal
information shall be prevented from being leaked;
b) The integrity and consistency of the collected data should be verified;
c) The data collection process should be tracked and recorded; the traceability
of face collection data should be supported;
d) The authenticity of the collected data should be ensured;
e) After collection, residual information shall be eliminated.
6.1.5.1 Face data registration
The modes of registration include on-site registration and remote registration.
If the user uses the client-side device for registration, the registration process shall be
performed in a trusted environment.
6.1.5.2 Face data deregistration
Face data deregistration shall satisfy the following requirements:
a) The deregistration participant is the user who wishes to deregister.
b) Before the deregistration, verify the identity of the authorized de-registrant.
c) After the deregistration, the face data in the memory must be destroyed and
cannot be repeatedly used. It needs to be collected again for the next use.
6.1.5.3 Face data registration and loading
When loading face data in bulk during the face data registration process, this function
shall:
a) Establish security strategies, modes and access control mechanisms for the
loading of collected data among different data sources and different security
domains;
b) Ensure the correctness and consistency of data during the loading of face
data;
c) Ensure the security protection of data d...
Visualizza dettagli completi