ISO/IEC JTC 1 - Information technology

This document establishes a framework for age assurance systems and describes their core characteristics, including privacy and security, for enabling age-related eligibility decisions.

This document gives guidance relating to successful, secure and usable implementation of biometric enrolment processes, while indicating risk factors that organizations which use biometric technologies can address during procurement, design, deployment and operation. Much of this document is generic to many types of applications, e.g. from national scale commercial and government applications, to closed systems for in-house operations, and to consumer applications. However, the intended application and its purpose often have influence on the necessary enrolment data quality and are taken into account when specifying an enrolment system and process. This document specifies the differences in operation relating to specific types of application, e.g. where self-enrolment is more appropriate than attended enrolment. This document focuses on mandatory, attended enrolment at fixed locations. It ultimately consolidates information relating to better practices for the implementation of biometric enrolment capability in various business contexts including considerations of process, function (system), and technology, as well as legal/privacy and policy aspects. This document provides guidance on collection and storage of biometric enrolment data and the impact on dependent processes of verification and identification. This document does not include material specific to forensic and law enforcement applications.

This document provides a mapping between the ISO/IEC 11179-34 metamodel for computable data registration and the IEEE 2791 standard for bioinformatics analyses generated by high-throughput sequencing (HTS), to facilitate the production of IEEE 2791 objects from instances of ISO/IEC 11179-34 metamodel and the registration of IEEE 2791 objects as computable data within an MDR conforming to ISO/IEC 11179-34. This document is applicable to those who are submitting data to organizations that require metadata submissions in IEEE 2791 compliant format, as well as those aiming to register IEEE 2791 objects into an MDR that conforms to ISO/IEC 11179-34.

This document specifies a common, interoperable set of extensible properties for the description of resource content, functionality, user needs and preferences, to enable network-supported individualization of resources, services and environments to match the unique needs and preferences of the individual. This document includes all relevant mechanisms for the publication of terminology for such descriptions, including publicly available registries of properties and related metadata resources such as application profiles. This document takes an inclusive approach to individualization, since any user can experience a mismatch of their individual needs and preferences and the content or services delivered; it is not restricted to descriptions related to stereotypical notions of disability. It provides properties for describing access attributes of resources. It does not ascribe medical conditions to such properties (e.g. ‘non-visual’ as a property value does not infer visual disability, as when the user’s eyes are busy watching the road). This document defines a set of core Access for All (AfA) properties that can be used in a digital resource description (DRD), an AfA record, and equally in a stored personal needs and preferences profile, also an AfA record. It also includes how to extend or add a property or its value using an application profile as defined by ISO/IEC 19788-1.

This document specifies test methods for testing conformity of a mobile driving licence (mDL) or an mDL reader to ISO/IEC 18013-5. This document specifies test methods for: — mDL on its interface to an mDL reader; — mDL reader on its interface to an mDL; — mDL reader on its (optional) interface to an issuing authority infrastructure. Test cases for an issuing authority infrastructure on its interface to an mDL reader are not included in this document. Test cases for the use of OpenID Connect (OIDC) by an mDL reader on its interface to an issuing authority infrastructure are not included in this document. This document only provides test cases for the use of WebAPI on this interface. This document only addresses the functional behaviour of an implementation under test (IUT) on its interface(s) in scope. It does not address: — the internal implementation of an IUT, such as a secure area in an mDL; — any functional requirements to an IUT not specified in ISO/IEC 18013-5, for example, requirements of a particular issuing authority; — non-functional aspects of the IUT, nor IUT interfaces not listed above, such as the interface from an issuing authority infrastructure to an mDL, used to provision mDL data.

This document specifies a method for measuring first print out time (FPOT) of digital printing devices. The document is applicable to digital printing devices and multifunctional devices, including black and white (B&W) and colour devices of any underlying marking technology. The document includes instructions for test charts, test setup procedure, test procedure and the reporting requirements for the digital printing measurements.

Within the general scope described in ISO/IEC 9995-1, this document specifies symbols and methods to distinguish graphic characters which share the same glyph or are represented by similar glyphs on keyboards (including virtual keyboards) and in documentation. Each of these symbols is intended to be considered as universal and non-language related equivalent of names for the function they represent.

This document provides reference software for Rec. ITU-T H.266 | ISO/IEC 23090-3. The reference software includes both encoder and decoder functionality. Reference software is useful in aiding users of a video coding standard to establish and test conformance and interoperability, and to educate users and demonstrate the capabilities of the standard. For these purposes, the accompanying software is provided as an aid for the study and implementation of Rec. ITU-T H.266 | ISO/IEC 23090-3.

This document is limited to the evaluation of toner cartridge page yield for toner containing cartridges (i.e. all-in-one toner cartridges and toner cartridges without a photoconductor) for monochrome electrophotographic print systems. This document can also be applied to the printer component of any multifunctional device that has a digital input-printing path, including multi-function devices that contain printer components. This document is only intended for the measurement of toner cartridge yield. No other claims may be made from this testing regarding quality, reliability, etc. This document is not for use with printers whose minimum printable size is equal to or greater than A3 or for photo-only printers. Application of this document for yield measurement of toner replenishment systems (i.e. toner cartridge- and bottle-type systems where the toner reservoir is internal to the printing system and not user-replaceable) implies some procedural modifications specifically noted herein. This document is intended for equipment used in the office space and does not apply to production volume or large format printing machines where the major cost of ownership is not caused by the consumable yield measured in this document. NOTE 1 An all-in-one toner cartridge is a cartridge that includes at least a toner containment part, a photoreceptor part and a developer part (see ISO/IEC 29142-1). NOTE 2 This document can be used for the measurement of one of the contributions to cost per page (CPP). This document does not directly measure CPP, only the yield of the toner cartridges. In most cases, these are not the only contributors to the CPP. It is beyond the scope of this document to provide a methodology for calculation of CPP.

This document is limited to the evaluation of toner cartridge page yield for toner-containing cartridges (i.e. all-in-one toner cartridges and toner cartridges without a photoconductor) for colour electrophotographic print systems. This document can also be applied to the printer component of any multifunctional device that has a digital input printing path, including multi-function devices that contain electrophotographic printer components. This document is only intended for the measurement of toner cartridge page yield when printing on plain paper using cyan, magenta, yellow and black toner cartridges. No other claims can be made from this testing regarding quality, reliability, etc. This document is not for use with printers whose minimum printable size is equal to or greater than A3 or for photo-only printers. Application of this document for yield measurement of toner replenishment systems (i.e. toner cartridge and bottle type systems where the toner reservoir is internal to the printing system and not user-replaceable) implies some procedural modifications specifically noted herein. This document is intended for equipment used in the office space and does not apply to production volume or large format printing machines where the major cost of ownership is not caused by the consumable yield measured in this document. NOTE 1 An all-in-one toner cartridge is a cartridge that includes at least: a toner containment part, a photoreceptor part and a developer part (see ISO/IEC 29142-1). NOTE 2 This document will be used for the measurement of one of the contributions to cost per page (CPP). This document does not directly measure CPP, only the yield of the magenta, cyan, yellow and black toner cartridges. In most cases, these are not the only contributors to the CPP. It is beyond the scope of this document to provide a methodology for calculation of CPP.

This document describes the architecture of systems for the internet of media things. It also includes a comprehensive set of use cases that can be deployed on such an architecture.

This document specifies the requirements for the bar code symbology known as EAN/UPC. This document specifies EAN/UPC symbology characteristics, data character encodation, dimensions, tolerances, decoding algorithms and parameters to be defined by applications. It specifies the symbology identifier prefix strings for EAN/UPC symbols. Data content and the rules governing the use of this symbology are outside the scope of this document; they are defined in GS1 General Specifications.

This document establishes an organized set of concepts and relationships to understand the competency requirements for information security conformance-testing and evaluation specialists, thereby establishing a basis for shared understanding of the concepts and principles central to the ISO/IEC 19896 series across its user communities.

Within the general scope described in ISO/IEC 9995-1, this document specifies the numeric section of a keyboard and the division of that section into zones. It specifies the arrangement, the number and the location of the keys in the numeric zone ZN0 and in the function zone ZN1 of the numeric section, as well as the allocation of functions to the keys. The numeric zone ZN0 is to be used in keyboards for applications such as text and data processing, general office environment, banking, point of sales (POS), telematic services, telephony apparatus, home electronic systems, numerical control of machinery and equipment, input of personal identification number (PIN), etc. The function zone ZN1 is to be used in keyboards for applications such as data entry, text and data processing, general office environment, etc. NOTE Certain of these applications are under the responsibility of the ITU-T.

This document provides the specialized requirements for individuals to demonstrate competence in performing IT product security evaluations and reviews according to the ISO/IEC 15408 series and ISO/IEC 18045. NOTE It is possible that evaluators and testers belong to bodies operating under ISO/IEC 17025 and reviewers belong to bodies operating under ISO/IEC 17065.

This document specifies test methods for determining the conformance of radio frequency identification (RFID) devices (tags and interrogators) for item management with the specifications given in ISO/IEC 18000-61, ISO/IEC 18000-62 and ISO/IEC 18000-64. However, this document does not apply to the testing of conformance with regulatory or similar requirements. The test methods require only that the mandatory functions, and any optional functions which are implemented, are verified. This can, in appropriate circumstances, be supplemented by further, application-specific functionality criteria that are not available in the general case. The interrogator and tag conformance parameters in this document are the following: — type-specific conformance parameters including nominal values and tolerances; — parameters that apply directly affecting system functionality and inter-operability. Parameters that are already included in regulatory test requirements are not included in this document. Unless otherwise specified, the tests in this document are intended to be applied exclusively to RFID tags and interrogators defined in ISO/IEC 18000-61, ISO/IEC 18000-62 and ISO/IEC 18000-64.

This document provides management guidelines to the organizational profile specified in ISO/IEC 29110-4-2 through organizational management, product portfolio management, resource management and process management processes. This document applies to VSEs that develop software or works thru operating processes. This document is intended to be used with any processes, techniques and methods that enhance the VSEs’ customer satisfaction and productivity.

This document specifies a taxonomy of information elements to assist AI stakeholders with identifying and addressing the needs for transparency of AI systems. The document describes the semantics of the information elements and their relevance to the various objectives of different stakeholders. This document is applicable to any kind of organization and application involving an AI system.

This document establishes: — functional architecture of a Biometric System-on-Card (BSoC); — definition of Type ID-1 BSoC (ISO/IEC 7810 conformant) and Type ID-T BSoC (see ISO/IEC 18328-2:2021, Annex A) implementation of a BSoC; — sensor types in a BSoC; — requirements to a BSoC with respect to: — discriminative power (i.e. biometric accuracy criteria); — interfaces; — power supply options. — The following aspects are out of scope of this document (see ISO/IEC 24787-1): — off-card biometric comparison, storage-on-card; — on-card biometric comparison (sensor-off-card); — work-sharing implementations; — detailed specification and configuration of individual components. This document provides a functional architectural description of a BSoC and describes how the interfaces are mapped using existing commands and data structures from other International Standards.

This document specifies extensions to existing scene description formats in order to support MPEG media, in particular immersive media. MPEG media includes but is not limited to media encoded with MPEG codecs, media stored in MPEG containers, MPEG media and application formats as well as media provided through MPEG delivery mechanisms. Extensions include scene description format syntax and semantics and the processing model when using these extensions by a Presentation Engine. It also defines a media access function (MAF) API for communication between the Presentation Engine and the media access function for these extensions. While the extensions defined in this document can be applicable to other scene description formats, they are provided for ISO/IEC 12113.

This document provides requirements and recommendations for developing education and training systems using virtual, augmented and mixed reality (VR/AR/MR) technology. It specifies how to organize the information and data necessary for the development of VR/AR/MR integrated systems for education and training. It includes procedures for the development of VR/AR/MR integrated systems. This document includes several topics for consideration when developing VR/AR/MR based education and training systems, as follows. First, it defines concepts of VR/AR/MR based education and training. Second, it defines an information modelling architecture for the systems. Third, standards based functional components for the systems are specified. Fourth, framework components for implementing the systems are specified. And, finally, use cases for the systems based on the information modelling architecture are included. Device hardware technology for education and training systems is excluded from this document.

The document specifies a set of tests and procedures designed to indicate whether encoders or decoders meet the requirements specified in ISO/IEC 23090-31.

This document contains simulation software for the MPEG-Immersive Audio standard as defined in ISO/IEC 23090-4.

This document provides requirements and guidance on the application of the ISO/IEC/IEEE 29119 series to the testing of AI systems. This document follows a risk-based approach and uses risks associated with AI systems, and their development and maintenance, to identify suitable test practices, approaches and techniques applicable to AI systems and their components. When the test practices, approaches and techniques are already specified in the ISO/IEC/IEEE 29119 series, this document provides additional detail and describes their application in the context of AI systems.

This document specifies technology that supports the real-time interactive rendering of an immersive virtual or augmented reality audio presentation while permitting the user to have 6DoF movement in the audio scene. It defines metadata to support this rendering and a bitstream syntax that enables efficient storage and streaming of immersive audio content.

The set of AT Attachment standards consists of this document and the ATA implementation standards described in AT Attachment - 8 ATA/ATAPI Architecture Model (ATA8-AAM). This document specifies the command set that host systems use to access storage devices that implement the Host Aware Zones feature set (see 4.3), the Host Managed Zones feature set (see 4.4), the Zone Domains feature set (see 4.5), and the Zone Realms feature set (see 4.6). This document provides a common command set for systems manufacturers, system integrators, software suppliers, and suppliers of storage devices that provide one or more of the zones feature sets. Figure 1 shows the relationship of This document to other ATA standards as well as related device and host standards and specifications (e.g., SCSI standards and SATA-I0 specifications). This document maintains compatibility with the ACS-5 standard, INCITS 558-202x, while providing additional functions.

This document describes a JavaScript Object Notation (JSON) data model format and a Representational State Transfer (RESTful) Web Service Application Programming Interface (API) for communication between Activities experienced by an individual, group, or other entity and a Learning Record Store (LRS). The LRS is a system that exposes the xAPI RESTful Web Service API for the purpose of tracking and accessing experiential data, especially in learning and human performance.

This document specifies the air interface for radio frequency identification (RFID) devices operating in the 860 MHz to 930 MHz Industrial, Scientific, and Medical (ISM) band used in item management applications. This document is intended to allow for compatibility and to encourage inter-operability of products for the growing RFID market in the international marketplace. This document defines the forward and return link parameters for technical attributes including, but not limited to, operating frequency, operating channel accuracy, occupied channel bandwidth, maximum effective isotropic radiated power (EIRP), spurious emissions, modulation, duty cycle, data coding, bit rate, bit rate accuracy, bit transmission order, and, where appropriate, operating channels, frequency hop rate, hop sequence, spreading sequence and chip rate. It further defines the communications protocol used in the air interface. This document specifies the physical and logical requirements for a passive-backscatter, Interrogator-Talks-First (ITF) or tag-only-talks-after-listening (TOTAL) RFID system. This document, together with ISO/IEC 18000-61, ISO/IEC 18000-62, ISO/IEC 18000-63 and ISO/IEC 18000-64 specifies the following for the 860 MHz to 930 MHz range: — physical interactions (the signalling layer of the communication link) between interrogators and tags; — interrogator and tag operating procedures and commands; — the collision-arbitration scheme used to identify a specific tag in a multiple-tag environment.

This document defines a standardized accuracy and precision evaluation process for modelling from 3D scanned data. The set of processes, activities and tasks described in this document provides a common framework for evaluating quality factors such as accuracy and precision for modelling from 3D scanned data. This document is not intended to evaluate the 3D printed product itself.

This document contains simulation software for the MPEG-H 3D audio standard as defined in ISO/IEC 23008-3.

This document defines a process assessment model for safety processes, conforming to the requirements of ISO/IEC 33004, for use in performing a process assessment in accordance with the requirements of ISO/IEC 33002. This document supports the use of the process assessment models for system and software life cycle processes (ISO/IEC TS 33060 and ISO/IEC TS 33061) when applied to assessment of processes in the development of (functional or non-functional) safety related systems in order to make consistent judgment regarding either process quality or improvement priorities, or both.

This document specifies mechanism for use of certification on trustworthiness of secure area that is defined in ISO/IEC 23220-1. This document aims at enabling secure area providers to describe capabilities and confidence level of secure area for verification by eID issuers or mobile eID Attestation service providers, or both. This document specifies: — list of elements describing capabilities and confidence level of a secure area; — structure and management for use of a certificate, affixed or not to the secure area, containing that list of elements. This document refers to existing standards and applicable industry specifications which partly address the trustworthiness related issue (e.g. DLOA specified in GlobalPlatform specification GPC_SPE_095[ REF Reference_ref_3 \r \h 1 08D0C9EA79F9BACE118C8200AA004BA90B0200000008000000100000005200650066006500720065006E00630065005F007200650066005F0033000000 ], MDS specified in FIDO Alliance specification[ REF Reference_ref_4 \r \h 2 08D0C9EA79F9BACE118C8200AA004BA90B0200000008000000100000005200650066006500720065006E00630065005F007200650066005F0034000000 ], and SAAO specified in ISO/IEC TS 23220-3), and aims to minimize the differences between them.

This document defines a cybersecurity labelling framework for the development and implementation of cybersecurity labelling programmes for consumer Internet of things (IoT) products. It provides requirements and guidance on the following topics: — risks and threats associated with consumer IoT products; — stakeholders, roles and responsibilities; — relevant standards and guidance documents; — conformity assessment; — labelling issuance and maintenance; — mutual recognition. This document is limited to consumer IoT products, such as: — IoT gateways, base stations and hubs to which multiple devices connect; smart cameras, televisions, and speakers; — wearable devices; — connected smoke detectors, door locks and window sensors; — connected home automation and alarm systems; — connected appliances, such as washing machines and fridges; — smart home assistants; and — connected children’s toys and baby monitors. Products that are not intended for consumer use are excluded from this document. Examples of excluded devices are those that are primarily intended for manufacturing, healthcare and other industrial purposes. This document is applicable to consumers, developers, issuing bodies of cybersecurity labels and conformity assessment bodies.

This document specifies an interface within the software system infrastructure (SSI) that provides radio frequency identification (RFID) system control components with low-level access to RFID interrogators for the purpose of optimizing RFID data access and control operations. This interface is designed to be modular with the ability to support multiple RFID air protocols. However, in this document, the only RFID air protocol supported is ISO/IEC 18000-63:2021.

This document provides use cases and common considerations for use cases analysis for data use in smart cities. In particular, this document includes: a) methods for collecting use cases; b) methods of analysing the collected use cases about data use in smart cities; c) common considerations about data use in smart cities based on the analysis of collected use cases.

This document contains the reference software of the ISO/IEC 21122 series. It acts as guidance for implementation of the ISO/IEC 21122 series and as a reference for conformance testing.

This document specifies requirements for establishing, implementing, maintaining and continually improving a privacy information management system (PIMS). Guidance is also provided to assist in the implementation of the requirements in this document. This document is intended for personally identifiable information (PII) controllers and PII processors holding responsibility and accountability for PII processing. This document is applicable to all types and sizes of organizations, including public and private companies, government entities and not-for-profit organizations.

This document specifies requirements and provides guidance for bodies providing audit and certification of a privacy information management system (PIMS) according to ISO/IEC 27701, in addition to the requirements contained within ISO/IEC 17021-1. The requirements contained in this document are demonstrated in terms of competence and reliability by bodies providing PIMS certification. The guidance contained in this document provides additional interpretation of these requirements for bodies providing PIMS certification. NOTE This document can be used as a criteria document for accreditation, peer assessment or other audit processes.

This document establishes modelling of limits for mixed-mode transmission parameters within and between two pairs of balanced cabling. This document consists of a detailed description of matrix modelling and gives explanations on how to convert matrices, by using the S to T and T to S matrix conversion. Further it consists of terms and definitions used, how specific parameters are modelled, alternative calculation and signal-to-noise ratio (SNR) modelling. Chain parameters and alternative approaches and formulas are described for combining component cable and connector transmission parameters into cabling link and channel transmission parameters. S-parameter limit matrix formulas are covered, which can be transformed into T-parameter limit matrices for use in chain parameter link and channel limit formulas. The formulas are applicable to all transmission parameters for forming complete differential-mode, mixed-mode, and common-mode link and channel models. Terms and definitions used for modelling are discussed, together with how modelling is done for specific transmission parameters. Alternative calculation models are explained, and the SNR modelling introduced. This second edition cancels and replaces the first edition published in 2021. This edition constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition: a) the expansion of the list of specified parameters to include mixed-mode mode-conversion and related unbalance attenuation parameters; b) the addition of an informative annex covering the topic of signal-to-noise ratio and its relation to the S-parameter matrix channel model.

This document specifies minimum recommendations for zero-copy data integration and includes guidance for building modular capabilities within a controlled data management environment which can be applied either as stand-alone experiences or combined into advanced solutions. This document provides a blueprint for IT and other leaders who rely on organizational data integrity to perform their functions to support the build of new digital solutions with granular and universally enforced data controls. This document applies to all sectors, including public and private companies, government entities, and not-for-profit organizations. This document is not intended for non-data intensive operational roles and does not specify interfaces with other systems or components. NOTE 1: This document does not define the specific people or groups who represent the rightful owner of given data – this is to be worked out by individual organizations. NOTE 2 to entry: This document does not force organizations into converging on a single data ontology, rather, it is intended to support a diversity of data models using the same physical data. NOTE 3: This document does not cover data exchanges or the management of data usage, including potential applications involving artificial intelligence. Guidance for data usage can be found in the following: ISO/IEC 5207 and ISO/IEC 5212.

This document specifies the terms and definitions commonly used in the field of brain–computer interface (BCI), including basic concepts and classifications of BCI, hardware, experiment setups and protocols used in BCI, related neuroscience concepts of BCI (e.g. coding and decoding, feedback and stimulation), and its applications.

This document specifies Schematron, a schema language for XML. This document establishes requirements for Schematron schemas and specifies when an XML document matches the patterns specified by a Schematron schema. Schematron uses query languages such as XPath for writing assertions.

This document provides a framework of voice user interfaces (VUI) for personal mobility services (PMS). The users of PMS ride personal mobility devices (PMD), which are empowered by electricity or a human, and interact with the PMS through the VUI (see Annex A) attached to the PMD. This document describes the functional requirements, the performance requirements and the procedure of the VUI. This document is applicable to a VUI attached to a PMD, which can be used for interaction between users and the PMD.

This document defines the crypto suite for PRESENT-80 for the ISO/IEC 18000 series of air interfaces standards for radio frequency identification (RFID) devices. This document provides a common crypto suite for security for RFID devices for air interface standards and application standards. The crypto suite is defined in alignment with existing air interfaces. This document specifies basic security services that are use the lightweight block cipher PRESENT-80. The variant of PRESENT that takes 128-bit keys is also considered in this document. This document defines various methods of use for the cipher.