Active Standard

IEEE 2410-2021

IEEE Standard for Biometric Privacy

The Standard for Biometric Privacy (SBP) provides private identity assertion. SBP supersedes the prior IEEE Std 2410(TM)-2019 by including a formal specification for privacy and biometrics such that a conforming SBP system does not incur GDPR, CCPA, BIPA or HIPAA privacy obligations. Homomorphic encryption ensures the biometric payload is always one-way encrypted with no need for key management and provides full privacy by ensuring plaintext biometrics are never received by the SBP server. The SBP implementation includes software running on a client device and on the SPB server. Pluggable components are used to replace legacy functionality to allow rapid integration into existing operating environments. The SBP implementation allows the systems to meet security needs by using the application programming interface, whether the underlying system is a relational database management system or a search engine. The SBP implementation functionality offers a "point-and-cut" mechanism to add the appropriate security to the production systems as well as to the systems in development. The architecture is language neutral, allowing Representational State Transfer (REST ), JavaScript Object Notation (JSON), and Transport Layer Security (TLS) to provide the communication interface. This document describes the essential methodology to SBP.

Sponsor Committee
COM/EdgeCloud-SC - Edge, Fog, Cloud Communications with IOT and Big Data Standards Committee
Status
Active Standard
PAR Approval
2019-11-07
Superseding
2410-2019
Board Approval
2021-03-25
History
Published:
2021-05-24

Working Group Details

Society
IEEE Communications Society
Learn More About IEEE Communications Society
Sponsor Committee
COM/EdgeCloud-SC - Edge, Fog, Cloud Communications with IOT and Big Data Standards Committee
Working Group
BOP - Biometrics Open Protocol
IEEE Program Manager
Tom Thompson
Contact Tom Thompson
Working Group Chair
Scott Streit

Other Activities From This Working Group

Current projects that have been authorized by the IEEE SA Standards Board to develop a standard.


No Active Projects

Standards approved by the IEEE SA Standards Board that are within the 10-year lifecycle.


No Active Standards

These standards have been replaced with a revised version of the standard, or by a compilation of the original active standard and all its existing amendments, corrigenda, and errata.


No Superseded Standards

These standards have been removed from active status through a ballot where the standard is made inactive as a consensus decision of a balloting group.


No Inactive-Withdrawn Standards

These standards are removed from active status through an administrative process for standards that have not undergone a revision process within 10 years.


No Inactive-Reserved Standards
Subscribe to our Newsletter

Sign up for our monthly newsletter to learn about new developments, including resources, insights and more.