DOCUMENT #:GSC15-PLEN-26 FOR:Presentation SOURCE: ATIS AGENDA ITEM: PLEN 6.4 CONTACT(S): James...
-
Upload
eugene-taylor -
Category
Documents
-
view
214 -
download
1
Transcript of DOCUMENT #:GSC15-PLEN-26 FOR:Presentation SOURCE: ATIS AGENDA ITEM: PLEN 6.4 CONTACT(S): James...
![Page 1: DOCUMENT #:GSC15-PLEN-26 FOR:Presentation SOURCE: ATIS AGENDA ITEM: PLEN 6.4 CONTACT(S): James McEachern (jim.mceachern@genband.com) ATIS Identity Management.](https://reader036.fdocuments.in/reader036/viewer/2022082817/56649e4f5503460f94b45d71/html5/thumbnails/1.jpg)
DOCUMENT #: GSC15-PLEN-26
FOR: Presentation
SOURCE: ATIS
AGENDA ITEM: PLEN 6.4
CONTACT(S): James McEachern ([email protected])
ATIS Identity ManagementStandards Development
James McEachern,NA Standards Director, GENBAND
Global Standards Collaboration (GSC) GSC-15
![Page 2: DOCUMENT #:GSC15-PLEN-26 FOR:Presentation SOURCE: ATIS AGENDA ITEM: PLEN 6.4 CONTACT(S): James McEachern (jim.mceachern@genband.com) ATIS Identity Management.](https://reader036.fdocuments.in/reader036/viewer/2022082817/56649e4f5503460f94b45d71/html5/thumbnails/2.jpg)
2
Highlight of Current Activities (1)ATIS’ Packet Technologies and Systems Committee (PTSC) is actively developing the following IdM-related standards:
Identity Management (IdM) Use Cases for NGN• Deliverable: ATIS NGN IdM Use Cases Technical Report
Derives informative examples illustrating NGN IdM capabilities, functions and concepts. Use Cases will be used to derive and specify requirements.
Target Date: 4Q 2010
Identity Management (IdM) Requirements for NGN• Deliverable: ATIS NGN IdM Requirements Standard
Develops NGN IdM system requirements (based on the high-level trust model), security requirements, and interoperability requirements based on Use Cases (above).
Target Date: 4Q 2010
![Page 3: DOCUMENT #:GSC15-PLEN-26 FOR:Presentation SOURCE: ATIS AGENDA ITEM: PLEN 6.4 CONTACT(S): James McEachern (jim.mceachern@genband.com) ATIS Identity Management.](https://reader036.fdocuments.in/reader036/viewer/2022082817/56649e4f5503460f94b45d71/html5/thumbnails/3.jpg)
3
Identity Management (IdM) Use Cases and Requirements for Service Provider Identity (SPID)• Deliverable: ATIS IdM SPID Use Cases and Requirements
Standard Describes use cases to illustrate service scenarios where SPID is
utilized, including assumptions on security, authentication, and discovery. SPID requirements are derived from these Use Cases.
Existing mechanisms and encoding formats are being examined for applicability and gaps.
Target Date: 4Q 2010
Identity Management (IdM) Mechanisms for NGN• Deliverable: ATIS NGN IdM Mechanisms Standard
Describes a set of IdM mechanisms and suites of options that should be used to satisfy the ATIS IdM Requirements Standard.
Gaps in existing mechanisms are identified in order to meet the requirements.
Target Date: 4Q 2010
Highlight of Current Activities (2)
![Page 4: DOCUMENT #:GSC15-PLEN-26 FOR:Presentation SOURCE: ATIS AGENDA ITEM: PLEN 6.4 CONTACT(S): James McEachern (jim.mceachern@genband.com) ATIS Identity Management.](https://reader036.fdocuments.in/reader036/viewer/2022082817/56649e4f5503460f94b45d71/html5/thumbnails/4.jpg)
4
Highlight of Current Activities (3)PTSC recently completed:
Identity Management (IdM) Framework for NGN• Deliverable: ATIS NGN IdM Framework Standard
Describes the fundamental concepts associated with NGN IdM (including threats and risks), defines NGN IdM entities, their roles, and the interactions among them within the IdM trust model, and specifies relationships between the IdM trust model and NGN interfaces for interoperability.
Completed as ATIS-1000035.2009
![Page 5: DOCUMENT #:GSC15-PLEN-26 FOR:Presentation SOURCE: ATIS AGENDA ITEM: PLEN 6.4 CONTACT(S): James McEachern (jim.mceachern@genband.com) ATIS Identity Management.](https://reader036.fdocuments.in/reader036/viewer/2022082817/56649e4f5503460f94b45d71/html5/thumbnails/5.jpg)
5
Strategic Direction Define value added use cases that will derive requirements Continue to support government services (e.g., ETS, e-commerce) Leverage User-Centric solutions where possible, while identifying deltas
to meet the needs of NGN providers• NGN service providers need to address both real-time and near-real time
applications• Solution for real-time applications (e.g., exchange of IdM information for SIP
communication sessions) would be distinct Provide structured and standard means to discover and exchange
identity information across network domains/federations• Bridge different technology dependent systems including existing network
infrastructure systems (e.g., use of existing resources such as Line Information DataBase (LIDB) where appropriate)
• Address new and emerging applications and services (e.g., IPTV and convergence)
• IPTV Downloadable Security, including key management, certificate authority, and authorization
• Address unique security needs
![Page 6: DOCUMENT #:GSC15-PLEN-26 FOR:Presentation SOURCE: ATIS AGENDA ITEM: PLEN 6.4 CONTACT(S): James McEachern (jim.mceachern@genband.com) ATIS Identity Management.](https://reader036.fdocuments.in/reader036/viewer/2022082817/56649e4f5503460f94b45d71/html5/thumbnails/6.jpg)
6
Challenges Un-trusted identity information as a result of migration to
IP packet networks, emergence of new service providers (e.g., 3rd party providers) and other changes over the past decade (e.g., smart terminals, and an open internet environment)• Historically, trusted information was provided by closed and fixed network
environment operating under regulatory conditions• Changes to the trust model are resulting in operations, accounting,
settlements, security and infrastructure protection problems
Overcoming silo solutions• User-centric model focusing on web services and electronic commerce • Available standards focus mainly on web services (e.g., OASIS, WS*,
Liberty, SAML) and human identities• Vendor specific solutions/products (e.g., Microsoft Cardspace,
PayPal, iNames)• Impact of Kantara Initiative needs to be assessed
![Page 7: DOCUMENT #:GSC15-PLEN-26 FOR:Presentation SOURCE: ATIS AGENDA ITEM: PLEN 6.4 CONTACT(S): James McEachern (jim.mceachern@genband.com) ATIS Identity Management.](https://reader036.fdocuments.in/reader036/viewer/2022082817/56649e4f5503460f94b45d71/html5/thumbnails/7.jpg)
7
Next Steps/Actions Continue to leverage User-Centric IdM solutions
• Avoid duplication and redundancy Leverage, use, enhance and adapt existing work and technology
solutions where appropriate managed networks Enhance and customize existing IP/web services capabilities and
work of other industry groups (e.g., Liberty Alliance, Kantara, OASIS, 3GPP, ITU-T) as appropriate
• Allow for the use of existing (e.g., LIDB) and new (e.g., IPTV) resources and capabilities
Continue to solicit IdM Use Case/Requirements inputs from all ATIS committees
Contribute ATIS IdM requirements and mechanisms to the ITU-T to obtain global solutions
![Page 8: DOCUMENT #:GSC15-PLEN-26 FOR:Presentation SOURCE: ATIS AGENDA ITEM: PLEN 6.4 CONTACT(S): James McEachern (jim.mceachern@genband.com) ATIS Identity Management.](https://reader036.fdocuments.in/reader036/viewer/2022082817/56649e4f5503460f94b45d71/html5/thumbnails/8.jpg)
8
Proposed Resolution No changes proposed to existing Resolution
(GSC-14/4) at this time.
![Page 9: DOCUMENT #:GSC15-PLEN-26 FOR:Presentation SOURCE: ATIS AGENDA ITEM: PLEN 6.4 CONTACT(S): James McEachern (jim.mceachern@genband.com) ATIS Identity Management.](https://reader036.fdocuments.in/reader036/viewer/2022082817/56649e4f5503460f94b45d71/html5/thumbnails/9.jpg)
9
Supplemental Slides
![Page 10: DOCUMENT #:GSC15-PLEN-26 FOR:Presentation SOURCE: ATIS AGENDA ITEM: PLEN 6.4 CONTACT(S): James McEachern (jim.mceachern@genband.com) ATIS Identity Management.](https://reader036.fdocuments.in/reader036/viewer/2022082817/56649e4f5503460f94b45d71/html5/thumbnails/10.jpg)
10
Identity Management (IdM)
Identity Management (IdM) involves secure management of the identity life cycle and the exchange of identity information (e.g., identifiers, attributes and assertions) based on applicable policy of entities such as:
Users/groups Organizations/federations/enterprise/service providers Devices/network elements/systems Objects (Application Process, Content, Data)
![Page 11: DOCUMENT #:GSC15-PLEN-26 FOR:Presentation SOURCE: ATIS AGENDA ITEM: PLEN 6.4 CONTACT(S): James McEachern (jim.mceachern@genband.com) ATIS Identity Management.](https://reader036.fdocuments.in/reader036/viewer/2022082817/56649e4f5503460f94b45d71/html5/thumbnails/11.jpg)
11
Value Added for NGN Provider Dynamic/automatic IdM means between multiple partners (e.g., end
users, visited and home networks) reduce costs (compared to pair-wise arrangements) compared to pair-wise arrangements to• Establish service arrangements• Exchange identity information• Exchange policy information and enforce policy
Enabler of new applications and services (e.g., IPTV and convergence) including identity services
Leverage existing and expanding customer base Common IdM infrastructure enables support of multiple applications
and services Enables
• standard API and data schema for application design• multi-vendor/platforms solutions• inter-network/federations interoperability• Security protection of application services, network infrastructure and
resources
![Page 12: DOCUMENT #:GSC15-PLEN-26 FOR:Presentation SOURCE: ATIS AGENDA ITEM: PLEN 6.4 CONTACT(S): James McEachern (jim.mceachern@genband.com) ATIS Identity Management.](https://reader036.fdocuments.in/reader036/viewer/2022082817/56649e4f5503460f94b45d71/html5/thumbnails/12.jpg)
12
Value Added for the User
Privacy/user control• Protection of Personal Identifiable Information [PPII]• Ability to control who is allowed access (i.e., providing consent) to
personal information and how it is used
Ease of use and single sign-on / sign-off (multiple application/services across multiple service providers/federations)
Enabler of Social Networking Security (e.g., confidence of transactions, and Identity (ID)
Theft protection)
![Page 13: DOCUMENT #:GSC15-PLEN-26 FOR:Presentation SOURCE: ATIS AGENDA ITEM: PLEN 6.4 CONTACT(S): James McEachern (jim.mceachern@genband.com) ATIS Identity Management.](https://reader036.fdocuments.in/reader036/viewer/2022082817/56649e4f5503460f94b45d71/html5/thumbnails/13.jpg)
13
Government Motivations
Infrastructure Protection (i.e., against cyber threats) Protection of Global Interests (e.g., business and commerce) Provide assurance capabilities (e.g., trusted assertions about digital
identities [credentials, identifiers, attributes and reputations]) to enable
National Security/Emergency Preparedness (NS/EP) Early Warning Services Electronic Government (eGovernment) Services (e.g., web-based
transactions) Public Safety Services (e.g., Emergency 911 services) Law Enforcement Services (e.g., Lawful Interceptions) National/Homeland Security Intelligence Services
![Page 14: DOCUMENT #:GSC15-PLEN-26 FOR:Presentation SOURCE: ATIS AGENDA ITEM: PLEN 6.4 CONTACT(S): James McEachern (jim.mceachern@genband.com) ATIS Identity Management.](https://reader036.fdocuments.in/reader036/viewer/2022082817/56649e4f5503460f94b45d71/html5/thumbnails/14.jpg)
14
Document Scope Issue Description Target Date
ATIS NGN IdM Framework Standard[PTSC Issue S0058]
Framework for NGN Identity Management
Framework for handling identities in a secured and authenticated manner in a multi-network, multiple service provider environment
Published as ATIS-1000035.2009
ATIS IdM Use Cases Technical Report[PTSC Issue S0059]
Identity Management Use Case examples for NGN
Develop Use Cases illustrating IdM applications in a multi-network, multiple service provider environment defined by the ATIS NGN architecture
4Q 2010
ATIS IdM Requirements Standard[PTSC Issue S0051]
NGN Identity Management Requirements
Requirements for handling identities in a secured and authenticated manner in a multi-network, multiple service provider environment
Harmonized approach to address IdM issues in the ATIS NGN architecture
4Q 2010
ATIS IdM Mechanisms Standard[PTSC Issue S0060]
NGN Identity Management Mechanisms and Procedures
Develop IdM mechanisms (e.g., registration, authorization, authentication, attribute sharing, discovery) to be used in a harmonized approach for the ATIS NGN architecture
4Q 2010
ATIS Service Provider Identity (SPID) [PTSC Issue S0067]
Define ATIS Use Cases and Requirements for SPID
Develop an ATIS NGN SPID standard that derives requirements from Use Cases applicable to managed NGN deployments. These requirements will be used to define industry solutions.
4Q 2010
Note: parallel documents exist in ITU-T SG13, Q15
ATIS PTSC IdM Documents