Telebiometric information security and safety management

摘要

Organizations that rely on human-oriented technologies such as telebiometrics should protect and manage the safety and security of their physical and information assets. Data that documents the safe and secure operation of telebiometric system devices should be collected and captured in an information security and safety event journal. Event journal data provides an audit trail that should be protected using digital signatures, encryption and other safeguards. A system heartbeat record should document and monitor the safety, performance, and availability of telebiometric system devices and alert system administrators to security and safety events and changes. Heartbeat data should provide metrics that inform the continuous improvement of a telebiometric information security and safety management program. A signcryption cryptographic message wrapper should protect event journal, biometric reference template, and other telebiometric information to promote user security and respect for user privacy rights.