ISO

Scope of the SC : Standardization of graphic character sets and their characteristics, including string ordering, associated control functions, their coded representation for information interchange and code extension techniques. Excluded: audio and picture coding.

SC 2 experts have been working hard to develop Universal Coded Character Set , ISO/IEC 10646, and related standards which are the fundamental basis of Information systems and being referred from every standards involving character based information exchange and/or processing.

The first version of ISO/IEC 10646 standardized 32,884 characters and published in 1993. Edition 5 of it, the latest version currently under development, will cover over 130,000 characters.

SC2 will keep quality and speed of its work to develop standards for character. And close cooperation between SC2 and other all committees to develop standards involving character codes is important.

The development of standards for the protection of information and ICT. This includes generic methods, techniques and guidelines to address both security and privacy aspects, such as:

• Security requirements capture methodology;
• Management of information and ICT security; in particular information security management systems (ISMS), security processes, security controls and services;
• Cryptographic and other security mechanisms, including but not limited to mechanisms for protecting the accountability, availability, integrity and confidentiality of information;
• Security management support documentation including terminology, guidelines as well as procedures for the registration of security components;
• Security aspects of identity management, biometrics and privacy;
• Conformance assessment, accreditation and auditing requirements in the area of information security;
• Security evaluation criteria and methodology.

SC 27 engages in active liaison and collaboration with appropriate bodies to ensure the proper development and application of SC 27 standards and technical reports in relevant areas.

1. Serve as the focus of and proponent for JTC 1's Smart Cities standardization program.
2. Develop foundational standards for the use of ICT in Smart Cities - including the Smart City ICT Reference Framework and an Upper Level Ontology for Smart Cities - for guiding Smart Cities efforts throughout JTC 1 upon which other standards can be developed.
3. Develop a set of ICT related indicators for Smart Cities in collaboration with ISO/TC 268.
4. Develop additional Smart Cities’ standards and other deliverables that build on these foundational standards.
5. Identify JTC 1 (and other organization) subgroups that are developing standards and related material that contribute to Smart Cities, and where appropriate, investigate ongoing and potential new work that contributes to Smart Cities.
6. Develop and maintain liaisons with all relevant JTC 1 subgroups.
7. Engage with the community outside of JTC 1 to grow the awareness of, and encourage engagement in, JTC 1 Smart Cities standardization efforts within JTC 1, forming liaisons as is needed.
8. Ensure a strong relationship with Smart Cities activities in ISO and IEC

ISO/IEC TR 30117:2014 summarizes how the international standards, recommendations and technical reports dealing with identification cards, biometrics and/or information security relate to each other with regard to the joint use of biometrics and integrated circuit cards. It also provides further recommendations and policies needed by developers to integrate applications related to on-card biometric comparison.

ISO/IEC 19286:2018 aims to normalize privacy-enhancing protocols and services by

- using the mechanisms from parts of ISO/IEC 7816 and parts of ISO/IEC 18328 that contribute to security and privacy,
- providing discoverability means of privacy-enabling attributes,
- defining requirements for attribute-based credential handling, and
- identifying data objects and commands for ICCs.

Existing privacy-enhancing protocols available in a generic context are adopted for distributed systems including ICCs. Additionally, existing authentication protocols between an ICC and an external device used for establishing a secure channel are enhanced with privacy protection. Secure communication between an ICC and an on-card device is also considered.

All the protocols and services described in this document contribute to privacy. Annex B describes an example of privacy impact assessments of respective systems.

This document provides a set of instructions for evaluation of MRPs which may incorporate contactless integrated circuits.
This evaluation is an instrument to establish the ability in principle of a specific type of document to fulfil the requirements of use. It supplies a structured approach to evaluate MRPs by:

— defining reproducible stress methods to submit the document(s) under evaluation to specific stress or environmental conditions;
— defining reproducible evaluation methods to measure numerical values for specific document properties;
— defining test sequences that specify the order in which stress methods and evaluation methods are to be performed;
— defining test plans to link specific user requirements to test sequences and related parameters.

It specifies the minimum criteria to be achieved in order to meet ICAO's expectations for durability of fully personalized MRPs.

This document establishes guidelines for the design format and data content of an ISO-compliant driving licence (IDL) in regard to both visual human-readable features and ISO machine-readable technologies. It creates a common basis for international use and mutual recognition of the IDL without impeding individual national/community/regional motor vehicle authorities in taking care of their specific needs.

ISO/IEC 12905:2011 specifies a set of data elements to be personalized into an integrated circuit card, encoding cardholder preferences. These data elements are to be retrieved from the card and to be used to indicate to the terminal that the user has special needs regarding the user interface. It is not intended to standardize the actual application programming interface or other terminal-specific software allowing the functionality, nor does it cover the actual alignment of the card to the card-reader slot.

This standard was last reviewed and confirmed in 2016. Therefore this version remains current.

This document establishes

• architectures of biometric comparison using an ICC,
• on-card biometric comparison, both in sensor-off-card systems and as part of biometric system-on-card,
• work-sharing on-card biometric comparison, and
• security policies for on-card biometric comparison.

This document does not establish

• requirements for off-card biometric comparison,
• requirements for biometric system-on-card (as defined in ISO/IEC 17839), or
• modality-specific requirements for storage and comparison.

ISO/IEC TR 24722:2015 contains descriptions of and analyses of current practices on multimodal and other multibiometric fusion, including (as appropriate) references to more detailed descriptions. ISO/IEC TR 24722:2015 contains descriptions and explanations of high-level multibiometric concepts to aid in the explanation of multibiometric fusion approaches including multi-characteristic-type, multiinstance, multisensorial, multialgorithmic, decision-level and score-level logic.

This International Standard specifies a set of check character systems capable of protecting strings against errors which occur when people copy or type data. This International Standard specifies conformance requirements for products described as generating check characters or checking strings using the systems given in this International Standard.

This document defines key establishment mechanisms based on weak secrets, i.e. secrets that can be readily memorized by a human, and hence, secrets that will be chosen from a relatively small set of possibilities. It specifies cryptographic techniques specifically designed to establish one or more secret keys based on a weak secret derived from a memorized password, while preventing offline brute-force attacks associated with the weak secret.

Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:11770:-4:ed-2:v1:en