Jeju Island, Korea, 13 – 16 May 2013Identity Management and Identification Systems GSC17-PLEN-43 ITU-T IDENTITY MANAGEMENT UPDATE Bilel Jamoussi, Chief,

Slides:

Advertisements

Similar presentations

GSC: Standardization Advancing Global Communications ITU-T Status Report on standardization of Networked RFID P.A. Probst/Chairman of ITU-T SG16 SOURCE:ITU-T.

Advertisements

ITU-T activity in ICT security

Trust Elevation through Contextual Authentication Regional Arab Forum on Cybersecurity Giza (Smart Village)-Egypt, December 2011 Abbie Barbir,

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Wayne Zeuch, ATIS ATIS Cybersecurity Standards Document No: GSC16-GTSC9-10 Source: ATIS Contact:

Cloud computing security related works in ITU-T SG17

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Recent Standardization Activities on Cloud Computing Kishik Park, Kangchan Lee, Seungyun Lee TTA.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All The Internet of Things (IoT) aka Machine 2 Machine (M2M) Bilel Jamoussi Chief, Study Groups Department.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All ETSI Standardization Activities on M2M communications Joachim Koss, ETSI Board Member Document No:

The 6th CJK IT Standards Meeting April 10 ~ 12, 2006, Hangzhou, China CJK IT Standards Meeting (Collaboration of Security Activity between CJK On NGN and.

International Telecommunication Union An Emerging Global Convergence on Identity Management Tony Rutkowski mailto: Vice President,

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All ITU-T Identity Management Update Bilel Jamoussi, Chief, SGD/TSB ITU Abbie Barbir, Q10/17 Rapporteur.

Geneva, Switzerland, 4 December 2014 ITU-T Study Group 17 activities in the context of digital financial services and inclusion: Security and Identity.

Halifax, 31 Oct – 3 Nov 2011 Brian K. Daly, Director, Core Standards AT&T ATIS Identity Management (IdM) Standards Development Document No: GSC16-PLEN-93.

Standards for Shared ICT Jeju, 13 – 16 May 2013 Gale Lightfoot Senior Staff Program Manager, Office of the CTO, SPB Cisco ATIS Cybersecurity Standards.

DOCUMENT #:GSC15-PLEN-64 FOR:Presentation or Information SOURCE:TTA AGENDA ITEM:Plenary 6.14 CONTACT(S):{kipark, chan, Kishik Park, Kangchan.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All IEEE-SA Smart Grid Steve Mills, President, IEEE Standards Association Document No: GSC16-PLEN-47.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All High Intelligent Network (Smart Pipe) Yuqing CHEN CCSA Document No: GSC16-PLEN-75 Source: CCSA Contact:

Introduction to Object Identifiers (OIDs) France Telecom Orange Olivier Dubuisson 15 June 2009.

DOCUMENT #:GSC15-GTSC-05 FOR:Presentation SOURCE:ITU-T AGENDA ITEM:4.1 NGN, Testing specification and Beyond Chaesub.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All ITU-T Focus Group on Cloud Computing Olivier Colas, ITU-T FGCC Vice-Chairman Document No: GSC16-PLEN-45.

SCC Activities C. Tilton. Standards Are applied to SOMETHING Within some CONTEXT Something = ID Ecosystem Context = Use Cases 2.

DOCUMENT #:GSC15-PLEN-29 FOR:Presentation or Information SOURCE:ITU-T AGENDA ITEM:6.4 Identity Management Jianyong.

DOCUMENT #:GSC15-PLEN-29 FOR:Presentation or Information SOURCE:ITU-T AGENDA ITEM:6.4 Identity Management Jianyong.

The need for further standards and technical developments Brian Moore ITU-T Study Group 13 Chairman Lucent Technologies.

DOCUMENT #:GSC15-PLEN-26 FOR:Presentation SOURCE: ATIS AGENDA ITEM: PLEN 6.4 CONTACT(S): James McEachern ATIS Identity Management.

SAML Right Here, Right Now Hal Lockhart September 25, 2012.

DOCUMENT #:GSC15-PLEN-63 FOR:Presentation SOURCE:ITU-T AGENDA ITEM:Plenary 6.14 CONTACT(S):Reinhard Scholl Activities of Focus Group on Cloud Computing.

ITU-T Study Groups’ Security Achievements and Security Activities

DOCUMENT #: GSC15-GTSC8-06 FOR: Presentation SOURCE: ATIS AGENDA ITEM: GTSC8; 4.2 CONTACT(S): Art Reilly ATIS Cybersecurity.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All SMART GRID ICT: SECURITY, INTEROPERABILITY & NEXT STEPS John O’Neill, Senior Project Manager CSA.

International Telecommunication Union Eighth Global Standards Collaboration (GSC) Meeting - Ottawa, Canada, 27 April-1 May 2003 Security Standardization.

DOCUMENT #:GSC15-PLEN-51 FOR:Presentation SOURCE:ITU AGENDA ITEM:Plenary 6.10 Conformance and Interoperability Testing.

International Telecommunication Union Geneva, 9(pm)-10 February 2009 Identity Management Anthony M. Rutkowski V-P, Regulatory Affairs and Standards VeriSign,

ITU Overview Empowering global ICT development Malcolm Johnson DOCUMENT #:GSC13-XXXX-nn FOR:Presentation SOURCE:ITU AGENDA ITEM:Opening Plenary, 4.6 CONTACT(S):Malcolm.

Progress on Identity Management: A Canadian Perspective on GSC Resolution 14/4 Colman Ho ISACC DOCUMENT #:GSC15-PLEN-28 FOR:Presentation SOURCE:ISACC AGENDA.

Jeju, 13 – 16 May 2013Standards for Shared ICT TIA TR-50 M2M-Smart Device Communications Dr. Jeffery Smith Chief Innovation and Technology Officer/EVP.

ITU-T SG16 and JCA-IoT activities

DOCUMENT #:GSC15-PLEN-82r2 FOR:Presentation SOURCE:ATIS AGENDA ITEM: PLEN 6.14 CONTACT(S): Andrew White ATIS’

Geneva, Switzerland, September 2014 ITU-T SG 17 Identity management (IdM) Progress Report Abbie Barbir Ph.D., ITU-T Study Group 17 Q10/17 (Identity.

ATIS’ Service Oriented Networks (SON) Activity Andrew White, Nokia Siemens Networks DOCUMENT #:GSC15-PLEN-81r1 FOR:Presentation SOURCE:ATIS AGENDA ITEM:PLEN.

Fostering worldwide interoperabilityGeneva, July 2009 IdM and Identification Systems Arkadiy Kremer ITU-T SG 17 Chairman Global Standards Collaboration.

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential.

Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.

GSC-17, Jeju / Korea Standards for Shared ICT Standardization Activities on Cloud Computing in TTA, KOREA Eui-Nam Huh, TTA PG420 Chair Document No: GSC17-PLEN-17.

The 6th CJK IT Standards Meeting April 10 ~ 12, 2006, Hangzhou, China CJK IT Standards Meeting (Collaboration of Security Activity between CJK On NGN and.

ATIS Identity Management Standards Development DOCUMENT #:GSC13-PLEN-37 FOR:Presentation SOURCE:ATIS AGENDA ITEM:Plenary; IdM and Identification Systems;

Fostering worldwide interoperabilityGeneva, July 2009 ITU-T Telecom Security Update Arkadiy Kremer ITU-T SG 17 Chairman Global Standards Collaboration.

ITU - Empowering global ICT development Malcolm Johnson DOCUMENT #:GSC13-PLEN-44 FOR:Presentation SOURCE:ITU AGENDA ITEM:Opening Plenary, 4.6 CONTACT(S):Malcolm.

Security and Privacy for the Smart Grid James Bryce Clark, OASIS Robert Griffin, RSA Hal Lockhart, Oracle.

IdM: Platform for Ubiquitous Chae Sub LEE DOCUMENT #:GSC13-PLEN-12 FOR:Presentation SOURCE:ITU-T AGENDA ITEM:Plenary 6.4

Fostering worldwide interoperabilityGeneva, July 2009 ATIS Identity Management Standards Development James McEachern, Manager – Application Enabler.

Jeju, 13 – 16 May 2013Standards for Shared ICT Andrew White Principal Consultant Nokia Siemens Networks ATIS’ Cloud Services Activity Document No: GSC17-PLEN-64.

DOCUMENT #:GSC15-PLEN-27 FOR:Presentation SOURCE:ETSI AGENDA ITEM:PLEN 6.4 CONTACT(S): Amardeo Sarma, ISG INS Chair Identity & Access Management activities.

Jeju, 13 – 16 May 2013Standards for Shared ICT Andrew White Principal Consultant Nokia Siemens Networks ATIS Identity Management (IdM) Standards Development.

Jeju, 13 – 16 May 2013Standards for Shared ICT TTA activities since GSC-16 Keun Hyeob Lee, President of TTA Document No: GSC17-PLEN-39 Source: TTA Contact:

ITU-T SG17 Q.3 Telecommunication information security management An overview Miho Naganuma Q.3/17 Rapporteur 17 March 2016.

International Telecommunication Union ICT Security Role in National Trusted Identities Initiatives Abbie Barbir, PhD ITU-T Study Group 17 Identity Management.

Yong-Woon KIM HyoungJun KIM TTA

High Intelligent Network (Smart Pipe)

HIS Smart Grid – Summary (1)

The ITU-T SG 17 Q10/17 IdM standardization activity

ETSI role in Identity Management and Identification Systems

ATIS Identity Management (IdM) Standards Development

ITU Update since GSC-15 Bilel Jamoussi

ITU-T SG17 Q.3 Telecommunication information security management

ITU-T Study Group 17 Security

Martin Euchner, Advisor, ITU-T Study Group 17

Recent Standardization Activities on NID

ITU-T activity in ICT security

Recent Standardization Activities on Cloud Computing

Presentation transcript:

Jeju Island, Korea, 13 – 16 May 2013Identity Management and Identification Systems GSC17-PLEN-43 ITU-T IDENTITY MANAGEMENT UPDATE Bilel Jamoussi, Chief, SGD/TSB ITU Abbie Barbir, Q10/17 Rapporteur Document No: GSC17-PLEN-43 Source: ITU Contact: Bilel Jamoussi GSC Session: PLENARY Agenda Item: 6.4

Jeju Island, Korea, 13 – 16 May 2013Identity Management and Identification Systems GSC17-PLEN-43 2 ITU-T Joint Coordination for IdM (JCA IdM) is under SG17 umbrella. JCA IdM has developed an inventory of major national, regional and international Identity Management initiatives ITU-T works collaboratively with other key bodies including: OASIS, ETSI; Kantara Initiative, OMA, NIST,ISO/IEC JTC 1/SC 27, ISO/IEC JTC 1/SC 38, etc.. ITU-T’s IdM focus work is on enhancing identity identification and enrolment through the development of better authentication assurance frameworks. Enhanced trust through open trust Frameworks, Identity in the Cloud, identity based services for mobile and finances and interoperability of diverse IdM capabilities in telecommunications. The JCA-IdM analyzes IdM standardization items and coordinate an associated roadmap Highlight of IdM Current Activities

Jeju Island, Korea, 13 – 16 May 2013Identity Management and Identification Systems GSC17-PLEN-43 3 ITU-T Joint coordination activity in IdM JCA-IdM Coordination and collaboration NSTIC

Jeju Island, Korea, 13 – 16 May 2013Identity Management and Identification Systems GSC17-PLEN-43 4 Published ITU-T Recommendations X.1154, General framework of combined authentication on multiple identity service provider environments X.1254, Entity authentication assurance framework Y.3031, Identification framework in future networks Published ITU-T Supplements Y.Suppl.18, ITU-T Y.2700-series - Supplement on next generation network certificate management. Recommendations in Advanced Stages X.discovery (X.1255), Framework for discovery of identity management information. Highlights of IdM Current Activities

Jeju Island, Korea, 13 – 16 May 2013Identity Management and Identification Systems GSC17-PLEN-43 5 Draft Recommendations in progress F.5xx, Directory Service - Support of Tag-based Identification Services Q.IdM.SIG, Signaling requirements and architecture of the IC-T interface between transport stratum functional entity (T-FE) and Id management control functional entity (IdMC-FE) X.1141 Amd.1, Security Assertion Markup Language (SAML) 2.0 – Amendment 1: Errata X.1142 Amd.1, eXtensible Access Control Markup Language (XACML 2.0) – Amendment 1: Errata X.atag, Attribute aggregation framework X.authi, Authentication integration in identity management X.discovery (X.1255), Framework for discovery of identity management information X.giim, Generic identity management interoperability mechanisms X.iamt, Identity and access management taxonomy X.idmcc,Requirement of IdM in cloud computing X.mob-id, Baseline capabilities and mechanisms of identity management for mobile applications and environment X.xacmlv3 eXtensible Access Control Markup Language (XACML 3.0))Errata Highlights of IdM Current Activities

Jeju Island, Korea, 13 – 16 May 2013Identity Management and Identification Systems GSC17-PLEN-43 6 Draft Recommendations in progress X.oitf, Open identity trust framework X.pki-em, Information Technology - Public-Key Infrastructure: Establishment and maintenance X.pki-prof, Information Technology - Public-Key Infrastructure: Profile X.sap-8, Efficient multi-factor authentication mechanisms using mobile devices X.scim-use, Application of system for cross identity management (SCIM) in telecommunication environments X.xacml3, eXtensible Access Control Markup Language (XACML) 3.0 Y.2723 (Y.NGN-OAuth), Support for OAuth in NGN Y.2724 (Y.NGN-OOF), Framework for NGN support and use of OpenID and OAuth Y.FNID-config, Configurations of node identifiers and their mapping with locators in future networks Y.NGN-OpenID, Support for OpenID in NGN Y.NGNspid, NGN Requirements and Use Cases for Trusted Service Provider Identity Y.NGN IdM Use-cases (Technical Report), Supplement on NGN identity management use cases Highlights of IdM Current Activities

Jeju Island, Korea, 13 – 16 May 2013Identity Management and Identification Systems GSC17-PLEN-43 Current Q10/17 IdM Focus Interoperability of identity management –X.giim, Generic IdM interoperability mechanisms –X.idm-ifa, Framework architecture for interoperable identity management systems –X.idmcc, identity in the cloud Trust of identity management –X.authi, Authentication integration in IDM –X.1254, Entity authentication assurance framework –X.oitf, Open identity trust framework Discovery of of identity management information –X.discovery (X.1255), Framework for discovery of identity management information Protection of personally identifiable information –X.1275, Guidelines on protection of personally identifiable information in the application of RFID technology 7

Jeju Island, Korea, 13 – 16 May 2013Identity Management and Identification Systems GSC17-PLEN-43 8 Trend is towards the support of strong authentication in online transaction. A major challenge is how to enable the use of strong authentication techniques and best practices in an interoperable and secure fashion. Identity Federations based on standardized trust model and global interoperability of diverse identity management schemas are major inhibitors to wide scale deployment of IdM capabilities Development of just in time secure cloud standards for identity provisioning, de-provisioning and the control of fine grain authorizations. Enhance online trust, reducing fraud and identity theft while protecting PII. Challenges for IdM

Jeju Island, Korea, 13 – 16 May 2013Identity Management and Identification Systems GSC17-PLEN-43 9 Conclusions Identity based services is a key technology for cloud based SaaS Online transaction requires means for identification of all parties involved in a transaction There need for open interoperable trust frameworks for IdM Identity Management continue to be a key security enabler for mobile and wireless interactions Protection of Personally Identifiable Identifiers (PII) is a required capability for IdM systems

Jeju Island, Korea, 13 – 16 May 2013Identity Management and Identification Systems GSC17-PLEN Q&A Discussion

Jeju Island, Korea, 13 – 16 May 2013Identity Management and Identification Systems GSC17-PLEN Backup

Jeju Island, Korea, 13 – 16 May 2013Identity Management and Identification Systems GSC17-PLEN Object Identifiers (OIDs) One of many identification schemes Basically very simple: A tree Arcs are numbered and may have an associated alphanumeric identifier (beginning with a lowercase) Infinitely many arcs from each node (except at the root) Objects are identified by the path (OID) from the root to a node A Registration Authority (RA) allocates arcs beneath its node to subordinate RAs, and so on, to an infinite depth The OID tree is a hierarchical structure of RAs Standardized in the ITU-T X.660 | ISO/IEC 9834 series (ITU-T SG 17 and ISO/IEC JTC 1/SC 6) Originated in 1985, still in use!