Jeju, 13 – 16 May 2013Standards for Shared ICT Andrew White Principal Consultant Nokia Siemens Networks ATIS Identity Management (IdM) Standards Development.

Slides:



Advertisements
Similar presentations
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Wayne Zeuch, ATIS ATIS Cybersecurity Standards Document No: GSC16-GTSC9-10 Source: ATIS Contact:
Advertisements

Cloud computing security related works in ITU-T SG17
Identity Federation Rules and Process Linda Elliott President, PingID Network Electronic Authentication Partnership Washington, DC February 12, 2004.
Improving Cybersecurity Through Research & Innovation Dr. Steve Purser Head of Technical Competence Department European Network and Information Security.
Digital Identities for Networks and Convergence Joao Girao, Amardeo Sarma.
1 Trust Framework Portable Identity Schemes Trust Framework Portable Identity Schemes NIH iTrust Forum December 10, 2009 Chris Louden.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All ITU-T Identity Management Update Bilel Jamoussi, Chief, SGD/TSB ITU Abbie Barbir, Q10/17 Rapporteur.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Geneva, Switzerland, 4 December 2014 ITU-T Study Group 17 activities in the context of digital financial services and inclusion: Security and Identity.
Halifax, 31 Oct – 3 Nov 2011 Brian K. Daly, Director, Core Standards AT&T ATIS Identity Management (IdM) Standards Development Document No: GSC16-PLEN-93.
The Business of Identity Management Barry R. Ribbeck Director Systems Architecture & Infrastructure Rice University
Standards for Shared ICT Jeju, 13 – 16 May 2013 Gale Lightfoot Senior Staff Program Manager, Office of the CTO, SPB Cisco ATIS Cybersecurity Standards.
Jeju, 13 – 16 May 2013Standards for Shared ICT HIS – Smart Grid Karen Bartleson, President, IEEE Standards Association Document No: GSC17-PLEN-72 Source:
DOCUMENT #:GSC15-PLEN-46 FOR:Presentation SOURCE:ATIS AGENDA ITEM:PLEN 6.9 CONTACT(S):Michael J. Fargano, Qwest,
DOCUMENT #: GSC15-GTSC8-02 FOR: Presentation SOURCE: ATIS AGENDA ITEM: GTSC8; 4.1 CONTACT(S): Wayne Zeuch ATIS:
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All High Intelligent Network (Smart Pipe) Yuqing CHEN CCSA Document No: GSC16-PLEN-75 Source: CCSA Contact:
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
DOCUMENT #:GSC15-PLEN-48 FOR:Presentation SOURCE: ATIS AGENDA ITEM: PLEN 6.10 CONTACT(S): James McEachern
BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
Jeju, 13 – 16 May 2013Standards for Shared ICT CYBERSECURITY-RELATED STANDARDS ACTIVITY IN THE TELECOMMUNICATIONS INDUSTRY ASSOCIATION Eric Barnhart, Fellow.
DOCUMENT #:GSC15-PLEN-26 FOR:Presentation SOURCE: ATIS AGENDA ITEM: PLEN 6.4 CONTACT(S): James McEachern ATIS Identity Management.
DOCUMENT #: GSC15-GTSC8-06 FOR: Presentation SOURCE: ATIS AGENDA ITEM: GTSC8; 4.2 CONTACT(S): Art Reilly ATIS Cybersecurity.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All SMART GRID ICT: SECURITY, INTEROPERABILITY & NEXT STEPS John O’Neill, Senior Project Manager CSA.
E-Authentication: Simplifying Access to E-Government Presented at the PESC 3 rd Annual Conference on Technology and Standards May 1, 2006.
Shibboleth: An Introduction
DOCUMENT #:GSC15-PLEN-62 FOR:Presentation SOURCE:ISACC AGENDA ITEM:Opening Plenary (6.14) CONTACT(S):Jim MacFie Cloud Computing Jim MacFie Chairman, ISACC.
Identity Management Working Group 2006 Member Meeting Tempe, AZ Barry Ribbeck Rice University.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
DOCUMENT #: GSC15-GTSC8-06 FOR: Presentation SOURCE: ATIS AGENDA ITEM: GTSC8; 4.2 CONTACT(S): Art Reilly ATIS Cybersecurity.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Security activities in ETSI Presenter: Mike Sharpe, ETSI VP ESP (ETSI Standardization Projects) Document.
International Telecommunication Union Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department.
DOCUMENT #:GSC15-PLEN-82r2 FOR:Presentation SOURCE:ATIS AGENDA ITEM: PLEN 6.14 CONTACT(S): Andrew White ATIS’
ATIS’ Service Oriented Networks (SON) Activity Andrew White, Nokia Siemens Networks DOCUMENT #:GSC15-PLEN-81r1 FOR:Presentation SOURCE:ATIS AGENDA ITEM:PLEN.
Fostering worldwide interoperabilityGeneva, July 2009 IdM and Identification Systems Arkadiy Kremer ITU-T SG 17 Chairman Global Standards Collaboration.
Fostering worldwide interoperabilityGeneva, July 2009 The Home Network: Where Convergence Takes Hold Tim Jeffries, VP Technology and Business Development,
Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
GSC-17, Jeju / Korea Standards for Shared ICT Standardization Activities on Cloud Computing in TTA, KOREA Eui-Nam Huh, TTA PG420 Chair Document No: GSC17-PLEN-17.
Attribute Delivery - Level of Assurance Jack Suess, VP of IT
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All ATIS: Advancing the Next Generation Network Wayne Zeuch, ATIS Document No: GSC16-GTSC9-09 Source:
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Update on ETSI Security work Charles Brookson OCG Security Chairman DOCUMENT #:GSC13-PLEN-57 FOR:Information SOURCE:Charles Brookson AGENDA ITEM:6.3
ATIS Identity Management Standards Development DOCUMENT #:GSC13-PLEN-37 FOR:Presentation SOURCE:ATIS AGENDA ITEM:Plenary; IdM and Identification Systems;
Jeju Island, Korea, 13 – 16 May 2013Identity Management and Identification Systems GSC17-PLEN-43 ITU-T IDENTITY MANAGEMENT UPDATE Bilel Jamoussi, Chief,
IdM: Platform for Ubiquitous Chae Sub LEE DOCUMENT #:GSC13-PLEN-12 FOR:Presentation SOURCE:ITU-T AGENDA ITEM:Plenary 6.4
Fostering worldwide interoperabilityGeneva, July 2009 ATIS Identity Management Standards Development James McEachern, Manager – Application Enabler.
Jeju, 13 – 16 May 2013Standards for Shared ICT Andrew White Principal Consultant Nokia Siemens Networks ATIS’ Cloud Services Activity Document No: GSC17-PLEN-64.
DOCUMENT #:GSC15-PLEN-27 FOR:Presentation SOURCE:ETSI AGENDA ITEM:PLEN 6.4 CONTACT(S): Amardeo Sarma, ISG INS Chair Identity & Access Management activities.
Jeju, 13 – 16 May 2013Standards for Shared ICT Thomas Goode General Counsel ATIS Alliance for Telecommunications Industry Solutions (ATIS) Update Document.
Jeju, 13 – 16 May 2013Standards for Shared ICT HIS-Home Networking Karen Bartleson, President, IEEE Standards Association Document No: GSC17-PLEN-70 Source:
Jeju, 13 – 16 May 2013Standards for Shared ICT TTA M2M Activities & Proposal of revised resolution Peter J. Kim, Principal Specialist, TTA Document No:
Jeju, 13 – 16 May 2013Standards for Shared ICT Dr. Farrokh Khatibi Director of Engineering Qualcomm ATIS and the Smart Grid Document No: GSC17-PLEN-63.
DOCUMENT #:GSC15-PLEN-82 FOR:Presentation SOURCE:ATIS AGENDA ITEM: PLEN 6.14 CONTACT(S): Andrew White ATIS’
The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.
International Telecommunication Union ICT Security Role in National Trusted Identities Initiatives Abbie Barbir, PhD ITU-T Study Group 17 Identity Management.
Smart Grid Standard activities in Korea
ATIS Interoperability
Data and Applications Security Developments and Directions
Global Standards Collaboration (GSC) 14
ATIS Cybersecurity DOCUMENT #: GSC13-GTSC6-12 FOR: Presentation
Global Standards Collaboration (GSC) GSC-15
ATIS Interoperability
Global Standards Collaboration (GSC) 14 Security and Lawful Intercept
ATIS Identity Management (IdM) Standards Development
ATIS Interoperability
ATIS’ Service Oriented Networks (SON) Activity
ATIS’ Cloud Activity Andrew White Nokia Siemens Networks
Reinhard Scholl, GTSC-7 Chairman
Presenter: Richard Brennan, Vice-Chair TC TISPSAN
Alliance for Telecommunications Industry Solutions (ATIS) Update
Advancing the Next Generation Network
Presentation transcript:

Jeju, 13 – 16 May 2013Standards for Shared ICT Andrew White Principal Consultant Nokia Siemens Networks ATIS Identity Management (IdM) Standards Development Document No: GSC17-PLEN-59 Source: ATIS Contact: Andrew White, GSC Session: PLEN Agenda Item: 6.4

GSC17-PLEN-59 Standards for Shared ICT GSC-17, Jeju / Korea Highlight of ATIS IdM Standards ATIS : Identity Management (IdM) Framework –Provides an IdM framework for Next Generation Network (NGN) –Describes the fundamental concepts, functional components and capabilities of IdM that can be used to organize and guide structured solutions and facilitate interoperability in an heterogeneous environment 2 ATIS’ Packet Technologies and Systems Committee (PTSC) completed the following IdM-related standards:

GSC17-PLEN-59 Standards for Shared ICT GSC-17, Jeju / Korea ATIS : Identity Management (IdM) Requirements and Use Cases Standard Provides IdM example use cases and requirements for the NGN and its interfaces. IdM functions and capabilities are used to increase confidence in identity information and support and enhance business and security applications including identity-based services. The requirements provided in this standard are intended for NGN (i.e., managed packet networks) as defined in ATIS , NGN Architecture, and ITU-T Recommendation Y Highlight of ATIS IdM Standards

GSC17-PLEN-59 Standards for Shared ICT GSC-17, Jeju / Korea ATIS : Identity Management (IdM) Mechanisms and Procedures Standard Describes the specific IdM mechanisms and suites of options that should be used to meet the requirements in the IdM Requirement standard (ATIS ). In addition, it provides best practices, guidelines to support interoperability and other needs. 4 Highlight of ATIS IdM Standards

GSC17-PLEN-59 Standards for Shared ICT GSC-17, Jeju / Korea Strategic Direction Support the National Strategy for Trusted Identities in Cyberspace which addresses two central problems impeding economic growth online: –Passwords are inconvenient and insecure –Individuals are unable to prove their true identity online for significant transactions Leverage User-Centric solutions where possible, while identifying deltas to meet the needs of NGN providers –NGN service providers need to address both real-time and near-real time applications –Solution for real-time applications (e.g., exchange of IdM information for SIP communication sessions) would be distinct Provide structured and standard means to discover and exchange identity information across network domains/federations –Bridge different technology dependent systems including existing network infrastructure systems –Address new and emerging applications and services –Address unique security needs 5

GSC17-PLEN-59 Standards for Shared ICT GSC-17, Jeju / Korea Challenges Identify theft, phishing scams, etc., are becoming more sophisticated, increasing the need for IdM education Un-trusted identity information as a result of migration to IP packet networks, emergence of new service providers (e.g., 3 rd party providers) and other changes (e.g., smart terminals, and an open internet environment) –Historically, trusted information was provided by closed and fixed network environment operating under regulatory conditions –Changes to the trust model are resulting in operations, accounting, settlements, security and infrastructure protection problems Overcoming “silo” solutions –User-centric model focusing on web services and electronic commerce –Available standards focus mainly on web services (e.g., OASIS, WS*, Liberty, SAML) and human identities –Vendor specific solutions/products (e.g., PayPal, iNames) –Impact of Kantara Initiative needs to be assessed 6

GSC17-PLEN-59 Standards for Shared ICT GSC-17, Jeju / Korea Next Steps/Actions Continue to leverage User-Centric IdM solutions (e.g., OpenID and Oauth) –Avoid duplication and redundancy Leverage, use, enhance and adapt existing work and technology solutions where appropriate managed networks Enhance and customize existing IP/web services capabilities and work of other industry groups (e.g., Liberty Alliance, Kantara, OASIS, 3GPP, ITU-T) as appropriate –Allow for the use of existing (e.g., LIDB) and new resources and capabilities Collaborate with the White House initiative on National Strategy for Trusted Identities in Cyberspace (NSTIC) to improve the privacy, security, and convenience of sensitive online transactions 7

GSC17-PLEN-59 Standards for Shared ICT GSC-17, Jeju / Korea Supplemental Slides 8

GSC17-PLEN-59 Standards for Shared ICT GSC-17, Jeju / Korea Identity Management (IdM) Identity Management (IdM) involves secure management of the identity life cycle and the exchange of identity information (e.g., identifiers, attributes and assertions) based on applicable policy of entities such as: Users/groups Organizations/federations/enterprise/service providers Devices/network elements/systems Objects (Application Process, Content, Data) 9

GSC17-PLEN-59 Standards for Shared ICT GSC-17, Jeju / Korea ID Theft and Online Fraud: By the Numbers Identity theft is costly, inconvenient and all-too common –In 2010, 8.1 million U.S. adults were the victims of identity theft or fraud, with total costs of $37 billion. –The average out-of-pocket loss of identity theft in 2008 was $631 per incident. –Consumers reported spending an average of 59 hours recovering from a “new account” instance of ID theft. Phishing continues to rise, with attacks becoming more sophisticated –In 2008 and 2009, specific brands or entities were targeted by more than 286,000 phishing attacks, all attempting to replicate their site and harvest user credentials. –A 2009 report from Trusteer found that 45% of targets divulge their personal information when redirected to a phishing site, and that financial institutions are subjected to an average of 16 phishing attacks per week, costing them between $2.4 and $9.4 million in losses each year. Managing multiple passwords is expensive –A small business of 500 employees spends approximately $110,000 per year on password management. That’s $220 per user per year. Passwords are failing –In December 2009, the Rockyou password breach revealed the vulnerability of passwords. Nearly 50% of users’ passwords included names, slang words, dictionary words or were extremely weak, with passwords like “123456”. Maintenance of multiple accounts is increasing as more services move online –One federal agency with 44,000 users discovered over 700,000 user accounts, with the average user having individual accounts. Improving identity practices makes a difference –Implementation of strong credentials across the Department of Defense resulted in a 46% reduction in intrusions. –Use of single sign-on technologies can reduce annual sign-in time by 50 hours/user/year. 10

GSC17-PLEN-59 Standards for Shared ICT GSC-17, Jeju / Korea Value Added for NGN Provider Dynamic/automatic IdM means between multiple partners (e.g., end users, visited and home networks) reduce costs (compared to pair-wise arrangements) compared to pair-wise arrangements to –Establish service arrangements –Exchange identity information –Exchange policy information and enforce policy Enabler of new applications and services (e.g., IPTV and convergence) including identity services Leverage existing and expanding customer base Common IdM infrastructure enables support of multiple applications and services Enables –standard API and data schema for application design –multi-vendor/platforms solutions –inter-network/federations interoperability –Security protection of application services, network infrastructure and resources 11

GSC17-PLEN-59 Standards for Shared ICT GSC-17, Jeju / Korea Value Added for the User Privacy/user control –Protection of Personal Identifiable Information [PPII] –Ability to control who is allowed access (i.e., providing consent) to personal information and how it is used Ease of use and single sign-on / sign-off (multiple application/services across multiple service providers/federations) Enabler of Social Networking Security (e.g., confidence of transactions, and Identity (ID) Theft protection) 12

GSC17-PLEN-59 Standards for Shared ICT GSC-17, Jeju / Korea Government Motivations Infrastructure Protection (i.e., against cyber threats) Protection of Global Interests (e.g., business and commerce) Provide assurance capabilities (e.g., trusted assertions about digital identities [credentials, identifiers, attributes and reputations]) to enable National Security/Emergency Preparedness (NS/EP) Early Warning Services Electronic Government (eGovernment) Services (e.g., web-based transactions) Public Safety Services (e.g., Emergency 911 services) Law Enforcement Services (e.g., Lawful Interceptions) National/Homeland Security Intelligence Services 13

ATIS PTSC IdM Documents DocumentScopeIssue DescriptionTarget Date ATIS NGN IdM Framework Standard [PTSC Issue S0058] Framework for NGN IdM  Framework for handling identities in a secured and authenticated manner in a multi-network, multiple service provider environment Published as ATIS ATIS IdM Requirements and Use Cases [PTSC Issue S0059] IdM Use Case examples for NGN  Develop Use Cases illustrating IdM applications in a multi-network, multiple service provider environment defined by the ATIS NGN architecture  Requirements for handling identities in a secured and authenticated manner in a multi-network, multiple service provider environment  Harmonized approach to address IdM issues in the ATIS NGN architecture Published as ATIS ATIS IdM Mechanisms Standard [PTSC Issue S0060] NGN IdM Mechanisms and Procedures  Develop IdM mechanisms (e.g., registration, authorization, authentication, attribute sharing, discovery) to be used in a harmonized approach for the ATIS NGN architecture Published as ATIS Note: parallel documents exist in ITU-T SG13, Q15 Standards for Shared ICT GSC-17, Jeju/Korea