The identity management (IdM) ecosystem: minding the gaps
|
|
- Earl Flowers
- 8 years ago
- Views:
Transcription
1 The identity management (IdM) ecosystem: minding the gaps Tony Rutkowski Georges Sebek Telecommunication Standardization Sector (ITU-T) International Telecommunication Union International Telecommunication Union
2 Summary Identity Management (IdM) is treated quite differently among the many different "stovepiped" communities of network operators, service providers, and users Initiatives underway in the ITU-T and critical infrastructure venues are aimed at implementing trusted means to bridge the gaps among these different platforms (the framework) by encouraging collaboration and a common global framework of capabilities especially discovery and trusted interoperability This global framework is increasingly essential for an array of government, industry, and consumers needs Initial success is being achieved with an Identity Provider oriented model and open identity protocols 2
3 Expansive ecosystem Discovery Centric Broad IdM Centric Mobile Operator Centric Project Centric CNRI handles Yaddis XDI.ORG OASIS XRI ITU-T FG IdM ISO SC27WG5 ITU-T SG17 Network Operator Centric 3GPP GBA 3GPP IMS OMA RD-IMF Daidalos FIDIS MAGNET Modinis ITU/IETF E.164ENUM IETF IRIS CNRI DOI W3C/IETR URI UID Attribute Centric ITU X.500 ITU-IETF LDAP ITU-T JCA-NID EPC ONS ITU E.115v2 Object-Identifier Centric OSGi OID/OHN OASIS SPML NetMesh LID IETF OSCP ZKP ANSI Z39.50 ITU-T SG2 ETSI TISPAN NIST FIPS201 ANSI IDSP OASIS SAML ITU-T SG4 ETSI UCI Authentication Centric ANSI HSSP ITU-T SG13 ETSI IdM STF ITU-T SG11 ETSI LI-RDH ITU-T SG16 Parlay PAM WS Federation SXIP VIP/PIP OASIS xacml App Service Provider Centric OpenGroup IMF Liberty WSF Eclipse IBM Higgins Shibboleth CoSign Identy MetaSystem Liberty I* Oracle IGF User Centric Source ID Passel OpenID Msoft Cardspace Pub cookie TCG 3
4 Seek capabilities to allow user control of personal identifiers, roles and privacy attributes Diverse ecosystem Seek capabilities that maximize and protect network assets Seek capabilities that maximize and protect application assets 4
5 Id(entity)M begins with entities Capabilities by which an entity is described, recognized or known Real Persons Entities Objects - Devices Legal Persons Especially public Network Operators, and Service Providers including Identity Providers Includes terminals, network elements, cards, intellectual property, agents, RFIDs, sensors, control devices (are emerging as dominant network end-users) 5
6 Physical: passport Network: digital cert IdM basic capabilities Physical: passport # Network: address Credentials Identifiers Physical: passport stamps Network: web search, logs, blacklists Entities Physical: name, place/ date of birth, visas... Network: contact info, location, permissions.. Identity patterns and reputation Identifier information attributes and bindings 6
7 A common global IdM framework Not a new need was realized and undertaken 25 years ago in the Open Systems Interconnection initiatives It is where digital certificates, and open network management code emerged The current framework is newly driven by a growing realization by critical infrastructure protection communities of the vulnerabilities of today s ubiquitous nomadic use of public IP-Enabled network infrastructures an array of other significant government, consumer, and industry needs The objective A trusted ability to manage ICT credentials, assigned identifiers, attribute information and reputation/patterns Ability to exchange trust level information Accommodation of platform diversity, autonomy, and constant evolution 7
8 Current requirements for IdM Critical Infrastructure protection; ETS, DTR, EW + Public network infrastructure protection + Incident Response + Priority access during emergencies + Services restoration after emergencies Public Safety + Citizen emergency calls/messages + Authority emergency alert messages Assistance to lawful authority + Lawful Interception + Retained Data + Cybercrime forensics + Anonymity Identifier resource management + Identifier/numbering allocation + Administrative requirements + Number portability; unbundling Digital rights management Legal liability; discovery; evidence Consumer needs + Universal service; social good funding + Preventing unwanted intrusions + DoNotCall + CallerID + Prevention of spam + Anti-CyberStalking + Anti-CyberPredators + Customer records protection and privacy + Transparency + Use controls + Notice + Anonymity + Prevention of identity theft; repudiation + Disability assistance Business needs + Network interoperability + Roaming + Fraud, identity theft, and distribution management + Intercarrier compensation 8
9 Privacy enhancement Trusted identity management platforms significantly enhance privacy and customer records (personal and use information) protection by Enabling authentication of parties that possess and access user information Enabling audits A significant identified gap is notice and transparency to users; solutions lay in enabling Users to receive standard, understandable personal information management notices Users to specify how their personal information may be used 9
10 Initial results: an identity provider model and open protocols Initiating Entity Relying Party Entity (Provider) Identity Provider(s) Auditing Identity Assertion Query(ies) to Identity Resources Timestamped record Access or Service Platformindependent queryresponse options depending on level of desired trust Trust and privacy protection enhanced through auditing 10
11 ITU-T Focus Group on Identity Management Established December 2006 by ITU-T SG 17 Objectives of the FG IdM perform requirements analysis based on uses case scenarios identify generic IdM framework components complete a standards gap analysis identify new standards work and who should perform the work FG IdM met in February, April, May, July,, next and last (?) meeting in September 2007 FG IdM structure Ecosystem and Lexicon Working Group Use Cases Working Group Requirements Working Group Framework Working Group 11
12 FG IdM Timing ITU-T SG 13 Q.15 Rec. Y.IdMsec ITU-T SG 17 Q.6 Recs. X.Idmr,f,s ITU-T Focus Group Identity Management Geneva Apr Cambridge Aug Established Geneva Feb Mountain View May Tokyo Jul Geneva Sept ISO/IEC JTC 1/SC 27 12
13 FG IdM deliverables 13
14 Going forward Continued outreach, and consensus building on needed IdM global framework capabilities and gaps Watch and participate in ITU-T FG IdM see informal Wiki: formal FG IdM wb page: T/studygroups/com17/fgidm/ Deliverables to be forwarded to ITU-T SG 17 in September 2007, possible continuance of the FG Specifications developed in standards bodies Recs. X.idmr,f,s in ITU-T Q.6/17 (Cyber security) Y.IdMsec in ITU-T Q.15/13 (NGN Security) Report ISO/IEC JTC 1/SC 27 (Security Techniques) Many others 14
15 Going forward Implementation and evolution by industry of capabilities Recognition and closing of IdM regulatory gaps through any necessary requirements at national and international levels, especially Discovery and trust/accuracy are essential National critical infrastructure protection, (ETS, DTR, EW), and cybersecurity requirements Implementation of new treaty instruments like Cybercrime Convention and ITU Plenipotentiary resolutions 15
16 International Telecommunication Union Helping the World Communicate 16
Workshop on Identity Management Trondheim, Norway, 8-9 May 2007. Tony Rutkowski VP Regulatory-Standards, VeriSign
V. 1.3 Workshop on Identity Management Trondheim, Norway, 8-9 May 2007 The Identity Management Ecosystem: minding the gaps Tony Rutkowski VP Regulatory-Standards, VeriSign mailto:trutkowski@verisign.com
More informationToward global Interoperable Identity Management
ITU-T Joint Meeting on the IdM Focus Group Reports Toward global Interoperable Identity Management Anthony-Michael Rutkowski Vice-President, VeriSign Chair, ITU-T IdM FG Requirements WG Geneva, 10-11 September
More informationINTERNATIONAL TELECOMMUNICATION UNION
INTERNATIONAL TELECOMMUNICATION UNION TELECOMMUNICATION STANDARDIZATION SECTOR STUDY PERIOD 2009-2012 English only Original: English Question(s): 4/17 Geneva, 11-20 February 2009 Ref. : TD 0244 Rev.2 Source:
More informationImplementation of Universal Global Trusted Service Provider Identity (Trusted SPID)
V1.0 Implementation of Universal Global Trusted Service Provider Identity (Trusted SPID) Tony Rutkowski mailto:trutkowski@verisign.com Co-editor, ITU-T Rec X.idmreq ITU HLEG member International Telecommunication
More informationMaintaining Herd Communication - Standards Used In IT And Cyber Security. Laura Kuiper
Maintaining Herd Communication - Standards Used In IT And Cyber Security Laura Kuiper So what is Cyber Security? According to ITU-T X.1205 Cybersecurity is the collection of tools, policies, security concepts,
More informationCan We Reconstruct How Identity is Managed on the Internet?
Can We Reconstruct How Identity is Managed on the Internet? Merritt Maxim February 29, 2012 Session ID: STAR 202 Session Classification: Intermediate Session abstract Session Learning Objectives: Understand
More informationStandards for Identity & Authentication. Catherine J. Tilton 17 September 2014
Standards for Identity & Authentication Catherine J. Tilton 17 September 2014 Purpose of these standards Wide deployment of authentication technologies that may be used in a global context is heavily dependent
More informationITU WORK ON INTERNET OF THINGS
ITU WORK ON INTERNET OF THINGS Presentation at ICTP workshop 26 March 2015 Cosmas Zavazava Chief, Projects and Knowledge Management Department International Telecommunication Union ITU HEADQUARTERS, GENEVA
More informationITU-T Security Standard Activities
ITU-T Security Standard Activities Koji NAKAO Information Security Fellow, KDDI Corporation Rapporteur, Security Management, Q7/SG 17, ITU-T Chair of ISO/IEC JTC 1/SC 27/WG 4, Japan, & Co-Chair of RAISS
More informationPart 2: ICT security standards and guidance documents
Part 2: ICT security standards and guidance documents Version 3.0 April, 2007 Introduction The purpose of this part of the Security Standards Roadmap is to provide a summary of existing, approved ICT security
More informationSERIES Y: GLOBAL INFORMATION INFRASTRUCTURE, INTERNET PROTOCOL ASPECTS AND NEXT-GENERATION NETWORKS Next Generation Networks Security
International Telecommunication Union ITU-T Y.2723 TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (11/2013) SERIES Y: GLOBAL INFORMATION INFRASTRUCTURE, INTERNET PROTOCOL ASPECTS AND NEXT-GENERATION NETWORKS
More informationSERIES X: DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY Secure applications and services Security protocols
International Telecommunication Union ITU-T X.1154 TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (04/2013) SERIES X: DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY Secure applications and services
More informationIdentity Management Initiatives in identity management and emerging standards Presented to Fondazione Ugo Bordoni Rome, Italy
Identity Management Initiatives in identity management and emerging standards Presented to Fondazione Ugo Bordoni Rome, Italy November 18, 2008 Teresa Schwarzhoff Computer Security Division Information
More informationEnhancing Security for Next Generation Networks and Cloud Computing
V1.0 Enhancing Security for Next Generation Networks and Cloud Computing Tony Rutkowski Yaana Technologies Georgia Tech ITU-T Q.4/17 Rapporteur ETSI Workshop 19-20 January 2011 Sophia Antipolis, France
More informationICT Security Cybersecurity CYBEX Overview of activities in ITU-T with focus on Study Group 17
ICT Security Cybersecurity CYBEX Overview of activities in ITU-T with focus on Study Group 17 TSB Briefing to the Regional Offices, 28 Feb 2011 Martin Euchner Advisor of ITU-T Study Group 17 Martin.Euchner@itu.int
More informationStatus Report on Storage Security Initiatives
Status Report on Storage Security Initiatives Eric A. Hibbard, CISSP, CISA Sr. Director, Data Networking Technology Hitachi Data Systems Abstract This presentation will review the storage security initiatives
More informationCloud Computing Standards: Overview and ITU-T positioning
ITU Workshop on Cloud Computing (Tunis, Tunisia, 18-19 June 2012) Cloud Computing Standards: Overview and ITU-T positioning Dr France Telecom, Orange Labs Networks & Carriers / R&D Chairman ITU-T Working
More informationIdentity Management. Critical Systems Laboratory
Identity Management Critical Systems What is Identity Management? Identity: a set of attributes and values, which might or might not be unique Storing and manipulating identities Binding virtual identities
More informationInformation Security, PII and Big Data
ITU Workshop on ICT Security Standardization for Developing Countries (Geneva, Switzerland, 15-16 September 2014) Information Security, PII and Big Data Edward (Ted) Humphreys ISO/IEC JTC 1/SC 27 (WG1
More informationTEMPORARY DOCUMENT. Draft Recommendation X.1252 (X.idmdef) Final version for Approval
INTERNATIONAL TELECOMMUNICATION UNION STUDY GROUP 17 TELECOMMUNICATION STANDARDIZATION SECTOR STUDY PERIOD 2009-2012 English only Original: English Question(s): 10/17 Geneva, 7-16 April 2010 Source: Title:
More informationIdentity Management: Key Technologies
Identity Management: Key Technologies Michael Huth imperial.ac.uk/quads Page 1 Key Concepts Subjects: agents that can request access to resources, e.g. you or Microsoft Word Subjects get access by claiming
More informationCloud Security Alliance and Standards. Jim Reavis Executive Director March 2012
Cloud Security Alliance and Standards Jim Reavis Executive Director March 2012 About the CSA Global, not for profit, 501(c)6 organization Over 32,000 individual members, 120 corporate members, 60 chapters
More informationCybersecurity for ALL
Cybersecurity for ALL An Overview of ITU s Cybersecurity Activities UNECE International Conference on Technological Readiness for Innovationbased Competitiveness 30 in Geneva, Switzerland Christine Sund
More informationVeriSign Australia s. Australian Communications Authority s
VeriSign Australia s comments on the Australian Communications Authority s Discussion Paper dated October 2004 titled Regulatory Issues Associated with Provision of Voice Services Using Internet Protocol
More informationAttacking the roadblocks preventing aggressive adoption of Cloud Standards:
Attacking the roadblocks preventing aggressive adoption of Cloud Standards: How SNIA and other standards orgs are developing standards that benefit high priority use cases. John Eastman, CTO, Presented
More informationDigital Identity and Identity Management Technologies.
I. Agudo, Digital Identity and Identity Management Technologies, UPGRADE - The European Journal of the Informatics Professional, vol. 2010, pp. 6-12, 2010. NICS Lab. Publications: https://www.nics.uma.es/publications
More informationUser-centric Mobile Identity Management Services 1
User-centric Mobile Identity Management Services 1 Tewfiq El Maliki and Jean-Marc Seigneur Abstract. Digital identity is the ground necessary to guarantee that the Internet infrastructure is strong enough
More informationThe standards landscape in cloud
The standards landscape in cloud PRESENTATION computing TITLE GOES HERE Vincent Franceschini CTO Distributed Architectures, Hitachi Data System Chairman Emeritus, SNIA Governing Board Member, SNIA Cloud
More informationHow the World Conference on International Telecommunications (WCIT) Impacts VoIP
How the World Conference on International Telecommunications (WCIT) Impacts VoIP Dan York Internet Society A Quick Note I am not part of the Internet Society Public Policy team and so my comments are not
More informationThe Geneva Protocol on Cybersecurity and Cybercrime
The Geneva Protocol on Cybersecurity and Cybercrime Proposal for a Memorandum of Understanding (MoU) by Stein Schjolberg 1 Chief Judge I. Introduction Cyberspace is one of the great legal frontiers of
More informationCloud Standards - A Telco Perspective
Cloud Standards - A Telco Perspective Abdellatif Benjelloun Touimi abdellatif.benjelloun@huawei.com Corporate Standards Department www.huawei.com TEN YEARS OF CONNECTING EUROPE HUAWEI TECHNOLOGIES CO.,
More informationStandardising the Internet of Things Is Today s System Adequate?
Standardising the Internet of Things Is Today s System Adequate? Kai Jakobs A Bit of Motivation The IoT represents another paradigm shift in communication initially, communication occurred between humans,
More informationIoT Prospects of Worldwide Development and Current Global Circumstances
IoT Prospects of Worldwide Development and Current Global Circumstances Dr. Bilel Jamoussi Chief Study Groups Department Telecommunication Standardization Bureau, ITU www.itu.int/itu-t/go/iot 1 IoT in
More informationPROPOSAL 20. Resolution 130 of Marrakesh on the role of ITU in information and communication network security
PROPOSAL 20 Resolution 130 of Marrakesh on the role of ITU in information and network security Submitted by the following Member States: Germany (Federal Republic of), Austria, Belarus (Republic of), Bulgaria
More informationRich Furr Head, Global Regulatory Affairs and Chief Compliance Officer, SAFE-BioPharma Association. SAFE-BioPharma Association
Navigating the Identity Landscape Rich Furr Head, Global Regulatory Affairs and Chief Compliance Officer, SAFE-BioPharma Association SAFE-BioPharma Association Overview An overview of US and EU government
More informationWhy Identity Management. Identity Management. What We Cover. Role of Digital Identity. Digital Identity. Digital Identity (or network identity)
Why Identity Management Identity Management Claudiu Duma Identity crisis Privacy concerns Identity theft Terrorist threat Department of Computer and Information Science cladu@ida.liu.se What We Cover Digital
More informationNGN Migration Strategies and Access Modernization. 26 May 2011 Dhaka
Overview of ITU Cybersecurity Activities NGN Migration Strategies and Access Modernization 26 May 2011 Dhaka Sameer Sharma Senior Advisor ITU Regional Office for Asia and the Pacific 1 Agenda Why Cybersecurity?
More informationThe OMA Perspective On SOA in Telecoms
The OMA Perspective On SOA in Telecoms Adopting SOA for Telecom Workshop, Open Standards Forum 2008 Ditton Manor, 30 September 3 October 2008 Musa Unmehopa» Chairman OMA Architecture Working Group» Distinguished
More informationEnabling Digital Identity. David Recordon Innovator for Advanced Products & Research
Enabling Digital Identity David Recordon Innovator for Advanced Products & Research DC PHP Conference 2006 Overview + Web 2.0 + Identity so what? + Identity 2.0 + Competitive Overview + Digging into OpenID
More informationSERIES Y: GLOBAL INFORMATION INFRASTRUCTURE, INTERNET PROTOCOL ASPECTS AND NEXT-GENERATION NETWORKS Next Generation Networks Security
International Telecommunication Union ITU-T Y.2740 TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (01/2011) SERIES Y: GLOBAL INFORMATION INFRASTRUCTURE, INTERNET PROTOCOL ASPECTS AND NEXT-GENERATION NETWORKS
More informationCredential-based access control extensions to XACML
Gregory Neven, IBM Research Zurich W3C Workshop on Access Control Scenarios, Nov. 18 th, 2009, Luxembourg Jan Camenisch, Sebastian Mödersheim, Gregory Neven, Franz-Stefan Preiss, Dieter Sommer Credential-based
More informationSERIES X: DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY Cyberspace security Identity management
International Telecommunication Union ITU-T X.1252 TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (04/2010) SERIES X: DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY Cyberspace security Identity
More informationThe Role of Federation in Identity Management
The Role of Federation in Identity Management August 19, 2008 Andrew Latham Solutions Architect Identity Management 1 The Role of Federation in Identity Management Agenda Federation Backgrounder Federation
More informationKey Enablers for the Cloud Service Broker: Identity, Privacy, and Security
Key Enablers for the Cloud Service Broker: Identity, Privacy, and Security OMG Telecom Cloud Workshop Dec 6, 2010 David F. Chen Lead Principal-Technical Architect Ecosystem & Innovation, AT&T, Inc. Footer
More informationIdentity management [TSA]
[TSA] INDEX 1. Introduction.3 2. Terminologies.3 3. Overview of Identity Management...4 4. Identity Management Models.....6 5. Identity management framework.8 6. Authentication Methods 12 7. Identity Management
More informationCloud up to business processes
Chris Francis IBM Technical Relations and Regulatory Affairs Cloud up to business processes Chris Francis Existing state of play Conventional solutions Software as a Service Platform as a Service Infrastructure
More informationLes technologies de gestion de l identité
Commission Identité Numérique Groupe de travail Gestion des identités Les technologies de gestion de l identité ATELIER 1 Paul TREVITHICK, CEO de Parity Responsable projet Higgins Président Fondation Infocard
More informationAuthor. Ginés Dólera Tormo. Advisors Dr. Félix Gómez Mármol (NEC Laboratories Europe) Prof. Dr. Gregorio Martínez Pérez (University of Murcia)
Systems with Faculty of Computer Science ENHANCING USER CENTRIC IDENTITY MANAGEMENT SYSTEMS WITH REPUTATION MODELS IN DISTRIBUTED ENVIRONMENTS Author Advisors Dr. Félix Gómez Mármol (NEC Laboratories Europe)
More informationLatest in Cloud Computing Standards. Eric A. Hibbard, CISSP, ISSAP, ISSEP, ISSMP, CISA CTO Security & Privacy Hitachi Data systems
Latest in Cloud Computing Standards Eric A. Hibbard, CISSP, ISSAP, ISSEP, ISSMP, CISA CTO Security & Privacy Hitachi Data systems 1 Short Introduction CTO Security & Privacy, Hitachi Data Systems Involved
More informationIoT/M2M standardization activities in ITU T. Yoshinori Goto, NTT (goto.yoshinori@lab.ntt.co.jp)
IoT/M2M standardization activities in ITU T Yoshinori Goto, NTT (goto.yoshinori@lab.ntt.co.jp) Background ITU T has a long history of IoT discussion over many years. JCA NID played the coordination role
More informationCyber security Country Experience: Establishment of Information Security Projects.
Cyber security Country Experience: Establishment of Information Security Projects. Mr. Vincent Museminali vincent.museminali@rura.rw Internet and New media regulations Rwanda Utilities Regulatory Authority
More informationAchievements and ongoing work in the ITU-T standardization of the Internet of Things
ITU Workshop on Standardization on IMT, M2M, IoT, Cloud Computing and SDN (Algiers, Algeria, 8 September 2013) Achievements and ongoing work in the ITU-T standardization of the Internet of Things Marco
More informationPilvipalveluiden tietoturvan standardisointi
Pilvipalveluiden tietoturvan standardisointi Juha Röning Juha.Roning@oulu.fi Sisältö Standardien kirjo Pilvipalveluiden standardit Seurattavat standardit Standardit ja CSA Cloud Controls Matriisi Cloud
More informationStandards for Cyber Security
Best Practices in Computer Network Defense: Incident Detection and Response M.E. Hathaway (Ed.) IOS Press, 2014 2014 The authors and IOS Press. All rights reserved. doi:10.3233/978-1-61499-372-8-97 97
More informationM2M & Cybersecurity Workshop TIA 2013 M2M Standards and Security. Mihai Voicu CIO/CSO ILS Technology LLC
M2M & Cybersecurity Workshop TIA 2013 M2M Standards and Security Mihai Voicu CIO/CSO ILS Technology LLC Topics 1 What is the role of standardization in security for M2M solutions? 2 How are TIA and other
More informationA Shibboleth View of Federated Identity. Steven Carmody Brown Univ./Internet2 March 6, 2007 Giornata AA - GARR
A Shibboleth View of Federated Identity Steven Carmody Brown Univ./Internet2 March 6, 2007 Giornata AA - GARR Short Section Title Agenda Assumptions and Trends Identity Management and Shibboleth Shibboleth
More informationOverview of ITU Cybersecurity Activities
Overview of ITU Cybersecurity Activities Workshop on NGN Regulation & Migration Strategies 13 & 15 October 2010 New Delhi, India Sameer Sharma Senior Advisor ITU Regional Office for Asia and the Pacific
More informationITU-T Y.2001. General overview of NGN
INTERNATIONAL TELECOMMUNICATION UNION ITU-T Y.2001 TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (12/2004) SERIES Y: GLOBAL INFORMATION INFRASTRUCTURE, INTERNET PROTOCOL ASPECTS AND NEXT-GENERATION NETWORKS
More informationOVERVIEW. In all, this report makes recommendations in 14 areas, such as. Page iii
The Office of the Auditor General has conducted a procedural review of the State Data Center (Data Center), a part of the Arizona Strategic Enterprise Technology (ASET) Division within the Arizona Department
More informationCloud Standards. Arlindo Dias IT Architect IBM Global Technology Services CLOSER 2102
Cloud Standards Arlindo Dias IT Architect IBM Global Technology Services CLOSER 2102 2011 IBM Corporation Agenda Overview on Cloud Standards Identity and Access Management Discussion 2 Overview on Cloud
More informationQuestion(s): 4/17 Geneva, 16-25 September 2009 TEMPORARY DOCUMENT
INTERNATIONAL TELECOMMUNICATION UNION STUDY GROUP 17 TELECOMMUNICATION STANDARDIZATION SECTOR STUDY PERIOD 2009-2012 English only Original: English Question(s): 4/17 Geneva, 16-25 September 2009 Source:
More informationWHITE PAPER Usher Mobile Identity Platform
WHITE PAPER Usher Mobile Identity Platform Security Architecture For more information, visit Usher.com info@usher.com Toll Free (US ONLY): 1 888.656.4464 Direct Dial: 703.848.8710 Table of contents Introduction
More informationNIST s Guide to Secure Web Services
NIST s Guide to Secure Web Services Presented by Gaspar Modelo-Howard and Ratsameetip Wita Secure and Dependable Web Services National Institute of Standards and Technology. Special Publication 800-95:
More informationCybersecurity informa1on security exchange framework (CYBEX): importance and current developments
ISOG- J Seminar Tokyo 13 Oct 2010 V1.1 Cybersecurity informa1on security exchange framework (CYBEX): importance current developments Tony Rutkowski, tony@yaanatech.com Rapporteur for Cybersecurity Group,
More information(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework
(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework (U//FOUO) The United States lacks a comprehensive strategic international policy framework and coordinated engagement
More informationEnabling SAML for Dynamic Identity Federation Management
Enabling SAML for Dynamic Identity Federation Management Patricia Arias, Florina Almenárez, Andrés Marín and Daniel Díaz-Sánchez University Carlos III of Madrid http://pervasive.gast.it.uc3m.es/ WMNC 2009
More informationManaging Trust in e-health with Federated Identity Management
ehealth Workshop Konolfingen (CH) Dec 4--5, 2007 Managing Trust in e-health with Federated Identity Management Dr. rer. nat. Hellmuth Broda Distinguished Director and CTO, Global Government Strategy, Sun
More informationRESOLUTION 102 (REV. BUSAN, 2014)
RESOLUTION 102 (REV. BUSAN, 2014) ITU's role with regard to international public policy issues pertaining to the Internet and the management of Internet resources, including domain names and addresses
More information! Context: IoT, CPS and M2M! Challenges in M2M! Evolutionary M2M the FiDM way! Focus on: ! Conclusion 2
UMR 5205 On the Integration of Federated Identity Management in M2M middleware Youakim Badr!! LIRIS Lab, SOC team! INSA-Lyon! The 3 rd Franco American Workshop On CyberSecurity, Lyon, December 9-11, 2014
More informationStrengths and Weaknesses of Cybersecurity Standards
Strengths and Weaknesses of Cybersecurity Standards Bart Preneel COSIC KU Leuven and iminds, Belgium firstname.lastname@esat.kuleuven.be April 7, 2014 Bart Preneel 1 What is cybersecurity? Liddell and
More informationAttribute-Based Access Control Solutions: Federating Authoritative User Data to Support Relying Party Authorization Decisions and Requirements
Joint White Paper: Attribute-Based Access Control Solutions: Federating Authoritative User Data to Support Relying Party Authorization Decisions and Requirements Submitted Date: April 10, 2013 Submitted
More informationALL ALL. rsecurity. Cybersec. for ITU s Work for a Safer World. International Telecommunication Union
ALL ALL Cybersec rsecurity for ITU s Work for a Safer World International Telecommunication Union ITU as a Forum for International Cooperation in Cybersecurity ITU Secretary-General has identified Cybersecurity
More informationNational Cybersecurity Challenges and NIST. Donna F. Dodson Chief Cybersecurity Advisor ITL Associate Director for Cybersecurity
National Cybersecurity Challenges and NIST Donna F. Dodson Chief Cybersecurity Advisor ITL Associate Director for Cybersecurity Though no-one knows for sure, corporate America is believed to lose anything
More informationCOMMISSION OF THE EUROPEAN COMMUNITIES
EN EN EN COMMISSION OF THE EUROPEAN COMMUNITIES Brussels, 11/XII/2006 C (2006) 6364 final COMMISSION DECISION of 11/XII/2006 List of standards and/or specifications for electronic communications networks,
More informationWHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK
WHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK DATE OF RELEASE: 27 th July 2012 Table of Contents 1. Introduction... 2 2. Need for securing Telecom Networks... 3 3. Security Assessment Techniques...
More informationRegional Seminar on Cyber Preparedness ITU s work in Cybersecurity and Global Cybersecurity Index (GCI)
Regional Seminar on Cyber Preparedness Organised by World Bank Group, Financial Sector Advisory Center (FINSec) ITU s work in Cybersecurity and Global Cybersecurity Index (GCI) Vijay Mauree Programme Coordinator,
More informationCloud Security & Standardization. Markku Siltanen Tietoturvakonsultti CISA, CGEIT, CRISC
0 Copyright 2011 FUJITSU Cloud Security & Standardization Markku Siltanen Tietoturvakonsultti CISA, CGEIT, CRISC Cloud computing 1 Copyright 2011 FUJITSU Characteristics of cloud 2 Copyright 2011 FUJITSU
More informationGuiding principles for security in a networked society
ericsson White paper Uen 307 23-3230 February 2014 Guiding principles for security in a networked society The technological evolution that makes the Networked Society possible brings positive change in
More informationITU Global Cybersecurity Agenda (GCA)
International Telecommunication Union ITU Global Cybersecurity Agenda (GCA) Framework for International Cooperation in Cybersecurity ITU 2007 All rights reserved. No part of this publication may be reproduced,
More informationExtending DigiD to the Private Sector (DigiD-2)
TECHNISCHE UNIVERSITEIT EINDHOVEN Department of Mathematics and Computer Science MASTER S THESIS Extending DigiD to the Private Sector (DigiD-2) By Giorgi Moniava Supervisors: Eric Verheul (RU, PwC) L.A.M.
More informationDr. rer. nat. Hellmuth Broda
International Telecommunication Union Privacy, Security, and Trust with Federated Identity Management Dr. rer. nat. Hellmuth Broda Distinguished Director and CTO, Global Government Strategy, Sun Microsystems
More informationLiberty Alliance Project Setting the Standard for Federated Network Identity
Liberty Alliance Project Setting the Standard for Network Identity Privacy, Identity Management and Services using Liberty technologies in Mobile Environment. Identity Management Rise of electronic networks:
More informationNationwide and Regional Health Information Networks and Federated Identity for Authentication and HIPAA Compliance
Nationwide and Regional Health Information Networks and Federated Identity for Authentication and HIPAA Compliance Christina Stephan, MD Co-Chair Liberty Alliance ehealth SIG National Library of Medicine
More informationCyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown
Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available
More informationCONNECTING WITH CONFIDENCE: OPTIMISING AUSTRALIA S DIGITAL FUTURE. AIIA Response
CONNECTING WITH CONFIDENCE: OPTIMISING AUSTRALIA S DIGITAL FUTURE AIIA Response 14 November 2011 INTRODUCTION The Australian Information Industry Association (AIIA) is the peak national body representing
More informationISO/IEC JTC 1/SC 27 N15445
ISO/IEC JTC 1/SC 27 N15445 REPLACES: N14360 ISO/IEC JTC 1/SC 27 Information technology -- Security techniques Secretariat: DIN, Germany DOC TYPE: Business Plan TITLE: SC 27 Business Plan October 2015 September
More informationPrivacy Management Standards: What They Are and Why They Are Needed Now
ITU-T Q10/17 Identity Summit Geneva December 10, 2010 Privacy Management Standards: What They Are and Why They Are Needed Now John Sabo Director Global Government Relations Chair, OASIS IDtrust Member
More informationFederated Identity in the Enterprise
www.css-security.com 425.216.0720 WHITE PAPER The proliferation of user accounts can lead to a lowering of the enterprise security posture as users record their account information in order to remember
More informationFederated Identity Management Technologies and Systems
Federated Identity Management Technologies and Systems David Chadwick 15 June 2011 2010-11 TrueTrust Ltd 1 Some Early FIM Systems Microsoft s Passport UK Athens Some More Recent FIM Systems Shibboleth
More informationSecurity and Privacy Challenges of Biometric Authentication for Online Transactions
Security and Privacy Challenges of Biometric Authentication for Online Transactions Elaine Newton, PhD NIST Information Technology Laboratory, Computer Security Division elaine.newton@nist.gov 1-301-975-2532
More informationComparing Identity Management Frameworks in a Business Context
Comparing Identity Management Frameworks in a Business Context Jaap-Henk Hoepman, Rieks Joosten, and Johanneke Siljee jaap-henk.hoepman@tno.nl, rieks.joosten@tno.nl, johanneke.siljee@tno.nl TNO, the Netherlands
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name: Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert authoritative and
More informationFederation Proxy for Cross Domain Identity Federation
Proxy for Cross Domain Identity Makoto Hatakeyama NEC Corporation, Common Platform Software Res. Lab. 1753, Shimonumabe, Nakahara-Ku, Kawasaki, Kanagawa 211-8666, Japan +81-44-431-7663 m-hatake@ax.jp.nec.com
More informationISO/IEC JTC 1/WG 10 Working Group on Internet of Things. Sangkeun YOO, Convenor
ISO/IEC JTC 1/WG 10 Working Group on Internet of Things Sangkeun YOO, Convenor History ISO/IEC JTC 1/SWG 5 (2013 ~ ) In JTC 1 Plenary 2014, Special Working on IoT (SWG 5) proposed to establish a subcommittee
More informationLIST OF STANDARDS DEVELOPMENT ORGANIZATIONS. Telecommunications networks employ technical standards to ensure that:
LIST OF STANDARDS DEVELOPMENT ORGANIZATIONS Telecommunications networks employ technical standards to ensure that: - The network equipment from different manufacturers can inter-operate; - Different networks
More informationISO/IEC Information & ICT Security and Governance Standards in practice. Charles Provencher, Nurun Inc; Chair CAC-SC27 & CAC-CGIT
ISO/IEC Information & ICT Security and Governance Standards in practice Charles Provencher, Nurun Inc; Chair CAC-SC27 & CAC-CGIT June 4, 2009 ISO and IEC ISO (the International Organization for Standardization)
More informationCompliance & Data Protection in the Big Data Age - MongoDB Security Architecture
Compliance & Data Protection in the Big Data Age - MongoDB Security Architecture Mat Keep MongoDB Product Management & Marketing mat.keep@mongodb.com @matkeep Agenda Data Security Landscape and Challenges
More informationSAML, The Liberty Alliance, and Federation* Eve Maler eve.maler@sun.com http://www.xmlgrrl.com/blog
SAML, The Liberty Alliance, and Federation* Eve Maler eve.maler@sun.com http://www.xmlgrrl.com/blog IIWb, Mountain View, CA, 4 December 2006 1 When you distribute identity tasks and information in the
More informationCenters of Academic Excellence in Cyber Security (CAE-C) Knowledge Units Review
Centers of Academic Excellence in Cyber Security (CAE-C) Knowledge Units Review Review Process The Knowledge Unit (KU) Review Calendar divides the entire CAE-C KU list into 12 months for the purposes of
More information