1
/
of
12
www.ChineseStandard.us -- Field Test Asia Pte. Ltd.
GB/T 38671-2020 English PDF (GB/T38671-2020)
GB/T 38671-2020 English PDF (GB/T38671-2020)
Regular price
$395.00
Regular price
Sale price
$395.00
Unit price
/
per
Shipping calculated at checkout.
Couldn't load pickup availability
GB/T 38671-2020: Information Security Technology - Technical Requirements for Remote Face Recognition System
Delivery: 9 seconds. Download (& Email) true-PDF + Invoice.
Get Quotation: Click GB/T 38671-2020 (Self-service in 1-minute)
Historical versions (Master-website): GB/T 38671-2020
Preview True-PDF (Reload/Scroll-down if blank)
GB/T 38671-2020
GB
NATIONAL STANDARD OF THE
PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
Information Security Technology - Technical
Requirements for Remote Face Recognition System
ISSUED ON: APRIL 28, 2020
IMPLEMENTED ON: NOVEMBER 1, 2020
Issued by: State Administration for Market Regulation;
Standardization Administration of the People’s Republic of
China.
Table of Contents
Foreword ... 3
1 Scope ... 4
2 Normative References ... 4
3 Terms, Definitions and Abbreviations ... 4
4 Overview ... 7
5 Security Classification ... 10
6 Functional Requirements ... 10
7 Performance Requirements ... 22
8 Security Function Requirements ... 23
9 Security Assurance Requirements ... 33
Appendix A (informative) Correspondence between Basic Level and Enhanced
Level of Remote Face Recognition System ... 34
Appendix B (informative) Security Description of Remote Face Recognition
System ... 36
Bibliography ... 43
Information Security Technology - Technical
Requirements for Remote Face Recognition System
1 Scope
This Standard stipulates the functions, performance, security requirements and
security assurance requirements of information system that adopts face recognition
technology for remote identity authentication on the server side.
This Standard is applicable to the research, development and testing of information
system that adopts face recognition technology for remote identity authentication on
the server side. The management of the system may take this as a reference.
2 Normative References
The following documents are indispensable to the application of this document. In
terms of references with a specified date, only versions with a specified date are
applicable to this document. In terms of references without a specified date, the latest
version (including all the modifications) is applicable to this document.
GB/T 18336.3-2015 Information Technology - Security Techniques - Evaluation Criteria
for IT Security - Part 3: Security Assurance Components
GB/T 20271-2006 Information Security Technology - Common Security Techniques
Requirement for Information System
GB/T 26238-2010 Information Technology - Terminology for Biometrics
GB/T 29268.1-2012 Information Technology - Biometric Performance Testing and
Reporting - Part 1: Principles and Framework
GB/T 36651-2018 Information Security Techniques - Biometric Authentication Protocol
Framework Based on Trusted Environment
3 Terms, Definitions and Abbreviations
3.1 Terms and Definitions
What is defined in GB/T 20271-2006, GB/T 26238-2010, GB/T 29268.1-2012 and GB/T
36651-2018, and the following terms and definitions are applicable to this document.
3.1.1 Biometrics; biometric recognition
Figure 1 -- System Reference Model
4.2 Description of Client Side
4.2.1 Environment detection
Detect the environmental conditions of face collection; determine whether the
environment, in which, the face characteristics are collected, satisfies the collection
requirements. Thus, determine whether face collection shall be initiated.
4.2.2 Face image collection
Analyze and process sample data, for example, the input pictures or videos. Extract
face images that satisfy the quality conditions for face characteristic extraction and
comparison.
4.2.3 Living body detection
Detect and judge whether the collected subject is a live face and whether it is attack
by a prosthetic face. When conditions allow, determine whether the face comparison
object is a real and valid human face on the client side. If the living body detection fails,
then, no further processing shall be performed.
4.2.4 Quality detection
Judge the quality of face images. This module is often combined with the face detection
and collection module to output face images of the best quality, for the subsequent
characteristic-based modeling and comparison. If the face quality detection fails, then,
no further processing shall be performed.
4.2.5 Security management
Conduct security management of sensitive data, such as: client-side passwords,
configuration parameters and user data, etc.
4.3 Description of Server Side
4.3.1 Living body judgment
Conduct secondary judgment of information collected during the live face detection
process on the client side. Combine the detection results of the client side to complete
the final living body judgment.
4.3.2 Quality judgment
Judge the quality of biometric information uploaded to the server side.
4.3.3 Face database
5 Security Classification
The functions, performance and security requirements of the remote face recognition
system are divided into basic level and enhanced level. The boldfaces are the newly
added requirements of the enhanced level in comparison with the basic level. The brief
correspondence between the basic level and the enhanced level is shown in Appendix
A; the system security description is shown in Appendix B. Relevant content of this
Standard that involves cryptographic algorithm shall be implemented in accordance
with the relevant national laws and regulations. Those involving the application of
cryptographic technology to solve the requirements of confidentiality, integrity,
authenticity and non-repudiation must comply with the national standards and industry
standards related to cryptography.
6 Functional Requirements
6.1 Basic-level Requirements
6.1.1 User identification
The function of user identification shall be designed and implemented through the
following aspects:
a) All users shall carry out user identification during the registration;
b) It shall have uniqueness;
c) User identification information shall be managed and maintained, so as to
ensure that it is not unauthorizedly accessed, modified or deleted.
6.1.2 Face image collection and processing
The face image collection and processing shall be equipped with the following
functions:
a) During the face data collection process, data, for example, personal
information shall be prevented from being leaked;
b) The integrity and consistency of the collected data should be verified;
c) The data collection process should be tracked and recorded; the traceability
of face collection data should be supported;
d) The authenticity of the collected data should be ensured;
e) After collection, residual information shall be eliminated.
6.1.5.1 Face data registration
The modes of registration include on-site registration and remote registration.
If the user uses the client-side device for registration, the registration process shall be
performed in a trusted environment.
6.1.5.2 Face data deregistration
Face data deregistration shall satisfy the following requirements:
a) The deregistration participant is the user who wishes to deregister.
b) Before the deregistration, verify the identity of the authorized de-registrant.
c) After the deregistration, the face data in the memory must be destroyed and
cannot be repeatedly used. It needs to be collected again for the next use.
6.1.5.3 Face data registration and loading
When loading face data in bulk during the face data registration process, this function
shall:
a) Establish security strategies, modes and access control mechanisms for the
loading of collected data among different data sources and different security
domains;
b) Ensure the correctness and consistency of data during the loading of face
data;
c) Ensure the security protection of data during the loading of face data;
d) Record and store the processing of personal information data, for example,
human face, during the loading of face data.
6.1.6 User authentication
6.1.6.1 Authentication timing
Before the actions required by the security function of the face recognition system are
executed, firstly, the user who is required to execute the actions shall be authenticated.
Those who fail the authentication will not execute the actions.
6.1.6.2 Face verification
If the function of face verification is provided, then, the following functions shall be
possessed:
a) During face verification, UID shall be provided;
d) When the above attacks or unauthorized operation events occur, the service
shall be cancelled, and an alarm shall be triggered.
6.1.6.6 Decision-making feedback protection
The face recognition decision-making feedback protection shall satisfy the following
requirements:
a) In accordance with the face recognition decision-making strategy, return the
face recognition comparison results; protect the integrity of the feedback
results;
b) During the recognition process, the feedback information provided to the user
shall be prevented from disclosing the user’s face characteristic information
data;
c) It shall only return whether or not it passes, and cannot feedback the
recognition score, so as to prevent mountain-climbing attack.
6.1.6.7 Specification of secrets
A mechanism shall be provided to verify whether the extracted face characteristic
template satisfies the corresponding quality measurement.
When secret information, for example, face characteristic template used for identity
authentication is generated by the face recognition system, the system shall be able
to generate secret information that meets the quality requirements for secret
information. The quality of secret information includes the template size. The
requirements for the quality measurement of the secret information shall be formulated
by the security administrator.
6.1.6.8 Authentication failure
6.1.6.8.1 Basic requirements
By pre-defining the value of unsuccessful authentication attempts (including the
threshold of the number and the time of attempts), and explicitly specifying the
measures that shall be taken when this value is reached, the processing of
authentication failure is implemented.
6.1.6.8.2 Failure determination
During the recognition process, when the following situations occur, the system
determines that the recognition fails:
a) Device failure: the face collector is malfunctioning and cannot successfully
capture images;
c) After the deregistration, the face data in the memory must be destroyed and
cannot be repeatedly used. It needs to be collected again for the next use.
6.2.5.3 Face data registration and loading
When loading face data during the face data registration process, this function shall:
a) Establish security strategies, modes and access control mechanisms for the
loading of collected data among different data sources and different security
domains;
b) Ensure the correctness and consistency of data during the loading of face
data;
c) Ensure the security protection of data during the loading of face data;
d) Record and store the processing of personal information data, for example,
human face, during the loading of face data;
e) The failure recovery method and mechanism for data loading shall be
established; it shall be equipped with the capability of handling loading
data consistency detection and problem control shall be equipped.
6.2.6 User authentication
6.2.6.1 Authentication timing
Before the actions required by the security function of the face recognition system are
executed, firstly, the user who is required to execute the actions shall be successfully
authenticated.
6.2.6.2 Face verification
If the function of face verification is provided, then, the following functions shall be
possessed:
a) During face verification, UID shall be provided;
b) In accordance with the user’s identity information, retrieve the user’s face
template;
c) Execute the data packet verification function to check the integrity of the
user’s face template;
d) Execute the data packet verification function to check the integrity of
the user’s collection sample;
e) Compare the face sample characteristics collected and generated in real time
c) Forgery of paper masks: it shall be able to detect or prevent the counterfeiting
of using most paper masks on human faces;
d) Anti-video forgery: it shall be able to detect or prevent the use of splicing,
replacement and video remaking for forgery;
e) Anti-face CG synthesis forgery: it shall be able to detect or prevent the
use of CG technology to synthesize single or multiple face images into
face videos or 3D face models for forgery;
f) Anti-prosthetic mask forgery: it shall be able to detect or prevent
counterfeiting of using most human face 3D prosthetic masks (resin
masks and silicone masks);
g) When the above attacks or unauthorized operation events occur, the service
shall be cancelled, and an alarm shall be triggered.
6.2.6.7 Decision-making feedback protection
The face recognition decision-making feedback protection shall satisfy the following
requirements:
a) In accordance with the face recognition decision-making strategy, return the
face recognition comparison results; protect the integrity of the feedback
results;
b) During the recognition process, the feedback information provided to the user
shall be prevented from disclosing the user’s face characteristic information
data.
6.2.6.8 Specification of secrets
A mechanism shall be provided to verify whether the extracted face characteristic
template satisfies the corresponding quality measurement.
When secret information, for example, face characteristic template used for identity
authentication is generated by the face recognition system, the system shall be able
to generate secret information that meets the quality requirements for secret
information. The quality of secret information includes the template size. The
requirements for the quality measurement of the secret information shall be formulated
by the security administrator.
6.2.6.9 Authentication failure
6.2.6.9.1 Basic requirements
By pre-defining the value of unsuccessful authentication attempts (including the
or, there is no user candidate in the stored face template during face
recognition, then, warning message shall be provided;
b) When forged recognition images,...
Delivery: 9 seconds. Download (& Email) true-PDF + Invoice.
Get Quotation: Click GB/T 38671-2020 (Self-service in 1-minute)
Historical versions (Master-website): GB/T 38671-2020
Preview True-PDF (Reload/Scroll-down if blank)
GB/T 38671-2020
GB
NATIONAL STANDARD OF THE
PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
Information Security Technology - Technical
Requirements for Remote Face Recognition System
ISSUED ON: APRIL 28, 2020
IMPLEMENTED ON: NOVEMBER 1, 2020
Issued by: State Administration for Market Regulation;
Standardization Administration of the People’s Republic of
China.
Table of Contents
Foreword ... 3
1 Scope ... 4
2 Normative References ... 4
3 Terms, Definitions and Abbreviations ... 4
4 Overview ... 7
5 Security Classification ... 10
6 Functional Requirements ... 10
7 Performance Requirements ... 22
8 Security Function Requirements ... 23
9 Security Assurance Requirements ... 33
Appendix A (informative) Correspondence between Basic Level and Enhanced
Level of Remote Face Recognition System ... 34
Appendix B (informative) Security Description of Remote Face Recognition
System ... 36
Bibliography ... 43
Information Security Technology - Technical
Requirements for Remote Face Recognition System
1 Scope
This Standard stipulates the functions, performance, security requirements and
security assurance requirements of information system that adopts face recognition
technology for remote identity authentication on the server side.
This Standard is applicable to the research, development and testing of information
system that adopts face recognition technology for remote identity authentication on
the server side. The management of the system may take this as a reference.
2 Normative References
The following documents are indispensable to the application of this document. In
terms of references with a specified date, only versions with a specified date are
applicable to this document. In terms of references without a specified date, the latest
version (including all the modifications) is applicable to this document.
GB/T 18336.3-2015 Information Technology - Security Techniques - Evaluation Criteria
for IT Security - Part 3: Security Assurance Components
GB/T 20271-2006 Information Security Technology - Common Security Techniques
Requirement for Information System
GB/T 26238-2010 Information Technology - Terminology for Biometrics
GB/T 29268.1-2012 Information Technology - Biometric Performance Testing and
Reporting - Part 1: Principles and Framework
GB/T 36651-2018 Information Security Techniques - Biometric Authentication Protocol
Framework Based on Trusted Environment
3 Terms, Definitions and Abbreviations
3.1 Terms and Definitions
What is defined in GB/T 20271-2006, GB/T 26238-2010, GB/T 29268.1-2012 and GB/T
36651-2018, and the following terms and definitions are applicable to this document.
3.1.1 Biometrics; biometric recognition
Figure 1 -- System Reference Model
4.2 Description of Client Side
4.2.1 Environment detection
Detect the environmental conditions of face collection; determine whether the
environment, in which, the face characteristics are collected, satisfies the collection
requirements. Thus, determine whether face collection shall be initiated.
4.2.2 Face image collection
Analyze and process sample data, for example, the input pictures or videos. Extract
face images that satisfy the quality conditions for face characteristic extraction and
comparison.
4.2.3 Living body detection
Detect and judge whether the collected subject is a live face and whether it is attack
by a prosthetic face. When conditions allow, determine whether the face comparison
object is a real and valid human face on the client side. If the living body detection fails,
then, no further processing shall be performed.
4.2.4 Quality detection
Judge the quality of face images. This module is often combined with the face detection
and collection module to output face images of the best quality, for the subsequent
characteristic-based modeling and comparison. If the face quality detection fails, then,
no further processing shall be performed.
4.2.5 Security management
Conduct security management of sensitive data, such as: client-side passwords,
configuration parameters and user data, etc.
4.3 Description of Server Side
4.3.1 Living body judgment
Conduct secondary judgment of information collected during the live face detection
process on the client side. Combine the detection results of the client side to complete
the final living body judgment.
4.3.2 Quality judgment
Judge the quality of biometric information uploaded to the server side.
4.3.3 Face database
5 Security Classification
The functions, performance and security requirements of the remote face recognition
system are divided into basic level and enhanced level. The boldfaces are the newly
added requirements of the enhanced level in comparison with the basic level. The brief
correspondence between the basic level and the enhanced level is shown in Appendix
A; the system security description is shown in Appendix B. Relevant content of this
Standard that involves cryptographic algorithm shall be implemented in accordance
with the relevant national laws and regulations. Those involving the application of
cryptographic technology to solve the requirements of confidentiality, integrity,
authenticity and non-repudiation must comply with the national standards and industry
standards related to cryptography.
6 Functional Requirements
6.1 Basic-level Requirements
6.1.1 User identification
The function of user identification shall be designed and implemented through the
following aspects:
a) All users shall carry out user identification during the registration;
b) It shall have uniqueness;
c) User identification information shall be managed and maintained, so as to
ensure that it is not unauthorizedly accessed, modified or deleted.
6.1.2 Face image collection and processing
The face image collection and processing shall be equipped with the following
functions:
a) During the face data collection process, data, for example, personal
information shall be prevented from being leaked;
b) The integrity and consistency of the collected data should be verified;
c) The data collection process should be tracked and recorded; the traceability
of face collection data should be supported;
d) The authenticity of the collected data should be ensured;
e) After collection, residual information shall be eliminated.
6.1.5.1 Face data registration
The modes of registration include on-site registration and remote registration.
If the user uses the client-side device for registration, the registration process shall be
performed in a trusted environment.
6.1.5.2 Face data deregistration
Face data deregistration shall satisfy the following requirements:
a) The deregistration participant is the user who wishes to deregister.
b) Before the deregistration, verify the identity of the authorized de-registrant.
c) After the deregistration, the face data in the memory must be destroyed and
cannot be repeatedly used. It needs to be collected again for the next use.
6.1.5.3 Face data registration and loading
When loading face data in bulk during the face data registration process, this function
shall:
a) Establish security strategies, modes and access control mechanisms for the
loading of collected data among different data sources and different security
domains;
b) Ensure the correctness and consistency of data during the loading of face
data;
c) Ensure the security protection of data during the loading of face data;
d) Record and store the processing of personal information data, for example,
human face, during the loading of face data.
6.1.6 User authentication
6.1.6.1 Authentication timing
Before the actions required by the security function of the face recognition system are
executed, firstly, the user who is required to execute the actions shall be authenticated.
Those who fail the authentication will not execute the actions.
6.1.6.2 Face verification
If the function of face verification is provided, then, the following functions shall be
possessed:
a) During face verification, UID shall be provided;
d) When the above attacks or unauthorized operation events occur, the service
shall be cancelled, and an alarm shall be triggered.
6.1.6.6 Decision-making feedback protection
The face recognition decision-making feedback protection shall satisfy the following
requirements:
a) In accordance with the face recognition decision-making strategy, return the
face recognition comparison results; protect the integrity of the feedback
results;
b) During the recognition process, the feedback information provided to the user
shall be prevented from disclosing the user’s face characteristic information
data;
c) It shall only return whether or not it passes, and cannot feedback the
recognition score, so as to prevent mountain-climbing attack.
6.1.6.7 Specification of secrets
A mechanism shall be provided to verify whether the extracted face characteristic
template satisfies the corresponding quality measurement.
When secret information, for example, face characteristic template used for identity
authentication is generated by the face recognition system, the system shall be able
to generate secret information that meets the quality requirements for secret
information. The quality of secret information includes the template size. The
requirements for the quality measurement of the secret information shall be formulated
by the security administrator.
6.1.6.8 Authentication failure
6.1.6.8.1 Basic requirements
By pre-defining the value of unsuccessful authentication attempts (including the
threshold of the number and the time of attempts), and explicitly specifying the
measures that shall be taken when this value is reached, the processing of
authentication failure is implemented.
6.1.6.8.2 Failure determination
During the recognition process, when the following situations occur, the system
determines that the recognition fails:
a) Device failure: the face collector is malfunctioning and cannot successfully
capture images;
c) After the deregistration, the face data in the memory must be destroyed and
cannot be repeatedly used. It needs to be collected again for the next use.
6.2.5.3 Face data registration and loading
When loading face data during the face data registration process, this function shall:
a) Establish security strategies, modes and access control mechanisms for the
loading of collected data among different data sources and different security
domains;
b) Ensure the correctness and consistency of data during the loading of face
data;
c) Ensure the security protection of data during the loading of face data;
d) Record and store the processing of personal information data, for example,
human face, during the loading of face data;
e) The failure recovery method and mechanism for data loading shall be
established; it shall be equipped with the capability of handling loading
data consistency detection and problem control shall be equipped.
6.2.6 User authentication
6.2.6.1 Authentication timing
Before the actions required by the security function of the face recognition system are
executed, firstly, the user who is required to execute the actions shall be successfully
authenticated.
6.2.6.2 Face verification
If the function of face verification is provided, then, the following functions shall be
possessed:
a) During face verification, UID shall be provided;
b) In accordance with the user’s identity information, retrieve the user’s face
template;
c) Execute the data packet verification function to check the integrity of the
user’s face template;
d) Execute the data packet verification function to check the integrity of
the user’s collection sample;
e) Compare the face sample characteristics collected and generated in real time
c) Forgery of paper masks: it shall be able to detect or prevent the counterfeiting
of using most paper masks on human faces;
d) Anti-video forgery: it shall be able to detect or prevent the use of splicing,
replacement and video remaking for forgery;
e) Anti-face CG synthesis forgery: it shall be able to detect or prevent the
use of CG technology to synthesize single or multiple face images into
face videos or 3D face models for forgery;
f) Anti-prosthetic mask forgery: it shall be able to detect or prevent
counterfeiting of using most human face 3D prosthetic masks (resin
masks and silicone masks);
g) When the above attacks or unauthorized operation events occur, the service
shall be cancelled, and an alarm shall be triggered.
6.2.6.7 Decision-making feedback protection
The face recognition decision-making feedback protection shall satisfy the following
requirements:
a) In accordance with the face recognition decision-making strategy, return the
face recognition comparison results; protect the integrity of the feedback
results;
b) During the recognition process, the feedback information provided to the user
shall be prevented from disclosing the user’s face characteristic information
data.
6.2.6.8 Specification of secrets
A mechanism shall be provided to verify whether the extracted face characteristic
template satisfies the corresponding quality measurement.
When secret information, for example, face characteristic template used for identity
authentication is generated by the face recognition system, the system shall be able
to generate secret information that meets the quality requirements for secret
information. The quality of secret information includes the template size. The
requirements for the quality measurement of the secret information shall be formulated
by the security administrator.
6.2.6.9 Authentication failure
6.2.6.9.1 Basic requirements
By pre-defining the value of unsuccessful authentication attempts (including the
or, there is no user candidate in the stored face template during face
recognition, then, warning message shall be provided;
b) When forged recognition images,...
Share
