Information security, cybersecurity and privacy protection — Security techniques — Security properti...
This document introduces security properties and provides best practices on the test and evaluation of white box cryptography (WBC). WBC is a cryptographic algorithm specialized for a key or secret, but where the said key cannot be extracted.
The WBC implementation can consist of plain source code for the cryptographic algorithm and/or of a device implementing the algorithm. In both cases,…
Information security, cybersecurity and privacy protection - Security techniques - Security properti...
This document introduces security properties and provides best practices on the test and evaluation of white box cryptography (WBC). WBC is a cryptographic algorithm specialized for a key or secret, but where the said key cannot be extracted.
The WBC implementation can consist of plain source code for the cryptographic algorithm and/or of a device implementing the algorithm. In both cases,…
Information technology — Biometric data interchange formats — Part 14: DNA data
This document specifies a data interchange format for the exchange of deoxyribonucleic acid (DNA) data for person identification or verification technologies that utilize human DNA. Consideration of laboratory procedures is out of scope of this document.
This document provides the ability for DNA profile data to be exchanged and used for comparison (subject to privacy regulations) with DNA…
Information technology - Biometric data interchange formats - Part 14: DNA data
This document specifies a data interchange format for the exchange of deoxyribonucleic acid (DNA) data for person identification or verification technologies that utilize human DNA. Consideration of laboratory procedures is out of scope of this document.
This document provides the ability for DNA profile data to be exchanged and used for comparison (subject to privacy regulations) with DNA…
Information security, cybersecurity and privacy protection — Guidance on the integrated implementati...
1 Scope
This document gives guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 for organizations intending to:
a) implement ISO/IEC 27001 when ISO/IEC 20000-1 is already implemented, or vice versa;
b) implement both ISO/IEC 27001 and ISO/IEC 20000-1 together; or
c) integrate existing management systems based on ISO/IEC 27001 and ISO/IEC 20000-1.
This document…
Privacy – Part 1: Qualification and Proficiency of Access-to-Information, Privacy, and Data Protecti...
This Standard specifies minimum requirements for qualification and proficiency of privacy and access
control professionals.
This Standard defines a framework for individuals seeking to demonstrate their competencies and
qualifications as access-to-information, privacy, and data protection professionals, as well as
organizations seeking to offer training and certification programs.
This…
Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — P...
This document provides packages of security assurance and security functional requirements that have been identified as useful in support of common usage by stakeholders.
EXAMPLE Examples of provided packages include the evaluation assurance levels (EAL) and the composed assurance packages (CAPs).
This document presents:
— evaluation assurance level (EAL) family of packages that specify…
Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — P...
This document provides a standardized framework for specifying objective, repeatable and reproducible evaluation methods and evaluation activities.
This document does not specify how to evaluate, adopt, or maintain evaluation methods and evaluation activities. These aspects are a matter for those originating the evaluation methods and evaluation activities in their particular area of interest.