GB/T 28826.4-2022 English PDFUS$719.00 ยท In stock
Delivery: <= 5 days. True-PDF full-copy in English will be manually translated and delivered via email. GB/T 28826.4-2022: Information technology - Common biometric exchange formats framework - Part 4: Security block format specifications Status: Valid
Basic dataStandard ID: GB/T 28826.4-2022 (GB/T28826.4-2022)Description (Translated English): Information technology - Common biometric exchange formats framework - Part 4: Security block format specifications Sector / Industry: National Standard (Recommended) Classification of Chinese Standard: L70 Classification of International Standard: 35.240.15 Word Count Estimation: 34,362 Date of Issue: 2022-10-12 Date of Implementation: 2023-05-01 Issuing agency(ies): State Administration for Market Regulation, China National Standardization Administration GB/T 28826.4-2022: Information technology - Common biometric exchange formats framework - Part 4: Security block format specifications---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order. Information technology - Common biometric exchange formats framework - Part 4.Security block format specifications ICS 35.240.15 CCSL70 National Standards of People's Republic of China information Technology Common Biometric Interchange Format Framework Part 4.Security block format specification (ISO /IEC 19785-4.2010, MOD) Released on 2022-10-12 2023-05-01 implementation State Administration for Market Regulation Released by the National Standardization Management Committee table of contentsPreface III Introduction V 1 Scope 1 2 Normative references 1 3 Terms and Definitions 2 4 Abbreviations4 5 Common security block format 4 6 Security block format containing only signatures 12 7 General Security Block Format of Domestic Commercial Ciphers 14 APPENDIX A (NORMATIVE) ASN.1 CODES FOR GENERAL SECURITY BLOCK FORMAT 20 Appendix B (Normative) ASN.1 Code of Common Security Block Format for Domestic Commercial Ciphers 24 Reference 26forewordThis document is in accordance with the provisions of GB/T 1.1-2020 "Guidelines for Standardization Work Part 1.Structure and Drafting Rules for Standardization Documents" drafting. This document is part 4 of GB/T 28826 "Framework for Public Biometric Identification Interchange Formats for Information Technology". GB/T 28826 The following parts have been released. --- Part 1.Data element specification; --- Part 2.Operating procedures for biometric identification registration agencies; --- Part 4.Security block format specification. This document is modified to adopt ISO /IEC 19785-4.2010 "Information Technology Public Biometric Identification Interchange Format Framework Part 4 Sub. Security Block Format Specification". Compared with ISO /IEC 19785-4.2010, this document has made the following structural adjustments. a) 5.8.2.1 corresponds to the suspension section of 5.8.2 of ISO /IEC 19785-4.2010, and 5.8.2.2~5.8.2.3 corresponds to ISO /IEC 19785- 4.5.8.2.1~5.8.2.2 of.2010; b) 5.8.3.1 corresponds to the suspension section of 5.8.3 of ISO /IEC 19785-4.2010, and 5.8.3.2~5.8.3.3 corresponds to ISO /IEC 19785- 4.5.8.3.1~5.8.3.2 of.2010. The technical differences between this document and ISO /IEC 19785-4.2010 and their reasons are as follows. a) The general security block format of domestic commercial ciphers (see Chapter 1) has been added in "Scope" to facilitate the understanding and application of this document; b) In "Terms and Definitions" specifically listed "biometric identification (of), biometric identification (of), biometric identification, biometric number Data block, biometric information record, CBEFF biometric organization, security block, security block format, security block format identification character, security block format owner, standard biometric data header, BioAPI unit, ACBio instance, biometric authentication Context, biometric processing unit, and message authentication code" are definitions of 15 terms (see Chapter 3), so as to facilitate the definition of this document Understanding and application; "Biometric Organization Identifier" (3.6) and "Object Identifier" (3.15) have been added to facilitate the identification of 2 differentiated understanding and application of terminology; c) The "Abbreviations" specifically reflect the eight abbreviations "ACBio, BDB, BPU, CBEFF, CRL, MAC, SB, SBH" The full name and Chinese interpretation are used to facilitate the understanding and application of this document (see Chapter 4), so ISO /IEC is no longer cited 19785-1, ISO /IEC 24761, ISO /IEC 9798-6 and REC3852; d) Added 6 abbreviations "ASN.1, BER, BioAPI, DER, PER, XER" in "Abbreviations" (see Chapter 4), so that for the understanding and application of this document; e) Replaced ISO /IEC 8824-1 (see 5.8.1.1, 7.8.1.1) with the normatively quoted GB/T 16262.1 to adapt to my country's technical standards technical conditions; f) Replaced ISO /IEC 8825-1 (see 5.4, 6.4, 6.8, 7.4) with the normatively quoted GB/T 16263.1 to adapt to my country's Technical conditions; g) Replaced ISO /IEC 8825-2 (see 5.4, 6.4, 7.4) with the normatively quoted GB/T 16263.2 to adapt to my country's technology condition; h) Replaced ISO /IEC 8825-3 (see 5.4, 6.4, 7.4) with the normatively referenced GB/T 16263.4 to modify The quotation of ISO /IEC 19785-4.2010 is wrong, and adapt to the technical conditions of our country; i) Replaced ISO /IEC 19785-1 (see 5.8.1.3) with the normative referenced GB/T 28826.1 to adapt to my country's technology condition; j) The normative reference document GB/T 28826.2-2020 (see 7.2, 7.4) is added to standardize the general security block of domestic commercial ciphers format for registration requirements; k) The normative reference document GB/T 32918.2 (see 7.8.3.1) has been added to standardize the registration of the general security block format of domestic commercial ciphers. record requirements; l) The normative reference document GB/T 33560-2017 (see 7.8.3.2.1, 7.8.3.2.2) is added to standardize domestic commercial encryption Registration requirements in secure block format; m) The normative reference document GB/T 35275-2017 (see 7.8.3.2.1, 7.8.3.2.2) is added to standardize domestic commercial encryption Registration requirements in secure block format; n) The normative reference document GB/T 38635.2 (see 7.8.3.1) has been added to standardize the registration of the general security block format of domestic commercial ciphers. record requirements; o) Modify ISO /IEC 19785-2 from an informative reference to a normative reference, because the registration operation specified in ISO /IEC 19785-2 Operating procedures are normative requirements; p) Added support for domestic commercial encryption algorithms, in order to apply the national encryption system (see Chapter 7); q) Added "ASN.1 code of general security block format for domestic commercial ciphers" (see Appendix B), to illustrate that ASN.1 domestic commercial ciphers The specific content of the code security block format. The following editorial changes have been made to this document. a) The ISO /IEC 19785-4.2010/CORR1.2013 "Information Technology Public Biometric Identification Interchange Format Framework No. 4 Part. Technical Corrigendum 1 of "Security Block Format Specification" is incorporated into the corresponding clauses, and the outer margin of the modified clauses The position is marked with a vertical double line (||), and the original Appendix B is deleted according to the technical corrigendum; b) Deleted the reference to ISO /IEC 19785-2 "Information technology public biometric identification exchange format framework - Part 2.Biometrics Informative references to the Operating Procedures for Sign Identification and Registration Agencies. Please note that some contents of this document may refer to patents. The issuing agency of this document assumes no responsibility for identifying patents. This document is proposed and managed by the National Information Technology Standardization Technical Committee (SAC/TC28). This document was drafted by. Beijing Shuguang Yitong Technology Co., Ltd., Jiangsu Saixi Technology Development Co., Ltd., Beijing Digital Certification Co., Ltd. Co., Ltd., China UnionPay Co., Ltd., China Institute of Electronic Technology Standardization, Information Center of the Ministry of Human Resources and Social Security, Beijing Eye God Intelligent Technology Co., Ltd., Beijing Deyi Yintong Technology Co., Ltd., Guangzhou Radio and Television Express Financial Electronics Co., Ltd., Beijing China Kehongba Technology Co., Ltd., Lenovo Zhongtian Technology Co., Ltd., Shanghai SenseTime Intelligent Technology Co., Ltd., Shengdian Century Technology Co., Ltd. Division, Shanghai Yitu Network Technology Co., Ltd., Fujian Haijing Technology Development Co., Ltd. The main drafters of this document. Zhang Dapeng, Liu Qianying, Wang Wenfeng, Liu Xuhua, Yu Xueping, Song Jiwei, Zhan Banghua, Qi Wenbin, Zhang Yahao, Zhong Chen, Wang Sixiang, Han Feng, Wang Zhifei, Song Fangfang, Zheng Fang, Zhang Wei, Xiao Lihu, Tranquility, Jiang Hui, Hu Wenmao, Liu Yiheng, Huang Laiqing, Xia Bingbing, Fei Zhijun, Yang Bo, Yu Huan, Zhang Chenyu, Xie Dekun.IntroductionBiometric-based authentication systems and applications are expected to support multiple biometric devices from different vendors. male The Biometric Exchange Format Framework (CBEFF) facilitates biometric data exchange developed by different vendors by simplifying the exchange of biometric data. Interoperability of signature recognition applications and systems. GB/T 28826 "Information Technology Public Biometric Identification Interchange Format Framework" is proposed to be composed of 4 parts. --- Part 1.Data element specification. The aim is to define a standardized project enabling the exchange of biometric data. --- Part 2.Operating procedures for biometric registration agencies. The purpose is to stipulate the biometric identification registration mark used in the country Requirements for identifiers, registration agencies, registration procedures, registration applications, and registration maintenance. --- Part 3.Maintainer format specification. The purpose is to CBEFF biometric identification organization ISO /IEC JTC1/SC37 Defined and described according to the three maintainer format specifications registered in ISO /IEC 19785-2. --- Part 4.Security block format specification. The purpose is to CBEFF biometric identification organization ISO /IEC JTC1/SC37 Two security block formats defined and registered according to ISO /IEC 19785-2, and the National Information Technology Standardization Committee biological A type defined by the Feature Recognition Subcommittee (SAC/TC28/SC37) and registered according to GB/T 28826.2-2020 The security block format specification is described. This document, as part 4 of CBEFF, specifies the integrity and encryption of biometric data. for biometric authentication and The identified biometric data comes from a trusted source and is transmitted without interference and integrity. According to different security policies Determines whether to encrypt biometric data. In order to ensure interoperability, the Common Biometric Exchange Format Framework (CBEFF) is specified in GB/T 28826.1, which is used to convert metadata The data is associated with one or more Biometric Data Blocks (BDBs). Integrity and encryption options are defined in GB/T 28826.1, and The concept of a security block (SB) that contains security information related to these options, but does not specify the format and details of the security block. Starting with a CBEFF maintainer format, there are the following points. First, if the maintainer format determines the CBEFF data element CBEFF_BDB_encryption_options(biometric data block encryption option) is specified as NOENCRYPTION (no encryption), and the CBEFF data element CBEFF_BIR_integ- If rity_options (biometric information record integrity options) is specified as NOINTEGRITY (incomplete), the format of the maintainer does not need Ask for a safe block. Second, if the maintainer format needs to include security blocks in some cases, the maintainer format can specify it as a One of the defined secure block formats or other secure block formats, or may contain the CBEFF data element CBEFF_SB_ format_owner (secure block format owner) and CBEFF_SB_format_type (secure block format type), to identify the use of this Some secure block format defined by the file, or some other secure block format. Finally, in addition to the security block formats specified in this document, there may be many CBEFF security block formats that meet different needs. E.g, Security block format defined in ISO /IEC 24713-3 for the ILO Seafarer Profile. Completion of the security block format for international registrations For a complete list of block formats, see the website http.//sc37.cesinet.com/biometrics/regProduct. This document gives three commonly used security block formats. general security block format, security block format containing only signature and domestic commercial cipher Generic security block format. The first security block format is the general security block format, which is designed to be as general as possible. The format adopts RFC3852 encrypted message syntax (CMS), contains optional elements for encryption and integrity, and supports EnvelopedData, EncryptedData, RFC3852 Require. The Common Security Block format can also optionally include authentication on the biometric (ACBio) instance specified in ISO /IEC 24761 below. ACBio also uses the RFC3852 encrypted message syntax scheme. By including an ACBio instance, it can be determined to generate an authentication bio The security level of the characteristic system. Optional use of ACBio instances is an important component in providing a telebiometric authentication infrastructure (TAI) part. The second secure block format is the signature-only secure block format, also defined using RFC3852. The third security block format is the general security block format of domestic commercial ciphers defined by the domestic commercial cipher message syntax, including Optional elements for encryption and integrity, not supported for ACBio instances. information Technology Common Biometric Interchange Format Framework Part 4.Security block format specification1 ScopeThis document gives the biometric identification organization ISO /IEC JTC1/SC37 defined by CBEFF, according to ISO /IEC 19785-2 Two registered security block formats, and the registered security block format identifier is given. NOTE. The security block format identifier is recorded in the SBH of the maintainer format (or is defined by that maintainer format as the only available security block format). The general security block format provides the specification of whether the BDB is encrypted and whether the SBH and BDB need integrity verification. The format adopts The international RFC series of cryptographic message syntaxes can also contain instances of ACBio according to ISO /IEC 24761.The security block contains the encryption and/or or all necessary security parameters including integrity. It does not restrict the algorithms and parameters used for encryption or integrity, but provides a way how to document the values of such algorithms and parameters. For a specific application field, how to determine which algorithms and parameter ranges can be used by the security block generator, so as to determine the security block usage The range of algorithms and parameters to be supported by the author is a matter of analysis and beyond the scope of this document. The signature-only security block format is similar to the general security block format, although more restrictive, but simpler, in particular it cannot contain ACBio instances, also do not support BDB encryption. This document also gives a security block format defined by SAC/TC28/SC37 and registered according to GB/T 28826.2-2020. Common security block format for domestic commercial ciphers.2 Normative referencesThe contents of the following documents constitute the essential provisions of this document through normative references in the text. Among them, dated references For documents, only the version corresponding to the date is applicable to this document; for undated reference documents, the latest version (including all amendments) is applicable to this document. GB/T 16262.1 Information Technology Abstract Syntax Notation 1 (ASN.1) Part 1.Basic notation specification (GB/T 16262.1- 2006, ISO /IEC 8824-1.2002, IDT) GB/T 16263.1 Information Technology ASN.1 Encoding Rules Part 1.Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Atypical Encoding Rules (DER) specification (GB/T 16263.1-2006, ISO /IEC 8825-1.2002, IDT) GB/T 16263.2 Information Technology ASN.1 Encoding Rules Part 2.Compressed Encoding Rules (PER) Specifications (GB/T 16263.2- 2006, ISO /IEC 8825-2.2002, IDT) GB/T 16263.4 Information Technology ASN.1 Encoding Rules Part 4.XML Encoding Rules (XER) (GB/T 16263.4- 2015, ISO /IEC 8825-4.2008, IDT) GB/T 28826.1 Information technology common biometric identification exchange format framework - Part 1.Data element specification (GB/T 28826.1-2012, ISO /IEC 19785-1.2006, MOD) Note. There is no technical difference between the referenced content of GB/T 28826.1-2012 and the referenced content of ISO /IEC 19785-1.2006. GB/T 28826.2-2020 Information technology public biometric identification exchange format framework - Part 2.Notes on biometric identification operating procedures GB/T 32918.2 Information Security Technology SM2 Elliptic Curve Public Key Cryptography Algorithm Part 2.Digital Signature Algorithm ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 28826.4-2022_English be delivered?Answer: Upon your order, we will start to translate GB/T 28826.4-2022_English as soon as possible, and keep you informed of the progress. The lead time is typically 3 ~ 5 working days. The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GB/T 28826.4-2022_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 28826.4-2022_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. |
