Report of Focus Group on Identity Management (FG IdM)
Review of how ETSI’s contribution and extension fits
Scott CadzowAbbie Barbir
World Class Standards
FG IdM Terms of ReferenceScope: IdM for telecomm/ICT in general; and specifically to facilitate and advance the development of a generic IdM framework and means of discovery of autonomous distributed identities and identity federations and implementationsObjectives
Prepare deliverables that include:• a living list of standards bodies, etc., dealing with IdM, including
information on their activities, documents re: an IdM framework,• a global analysis on IdM requirements and capabilities,• a set of IdM telecommunications/ICT use cases that can be used to derive
requirementsIn carrying out above, FG IdM may analyze other aspects related to the objectives (e.g., frameworks)
2
World Class Standards
Focus Group OutputCollaborative working methods:
Official ITU web and a wiki (www.ituwiki.com ) for unofficial collaboration
Reference materialsEcosystemLexiconExisting legal & regulatory compendium, including privacy
Use cases, platforms, gapsRequirements structure and provisions, including privacy relateddeliverablesDraft frameworks for interoperability
3
World Class Standards
Focus group timeline
4
World Class Standards
Evolving Definition of IdM
Enterprise
Edge devices
InfrastructureInternalGateway
Application Environments
HostedServices
Partner/SuppliersNetworks
Other hubs
Burton 2003• Identity management is the set of business processes, and supporting infrastructure, for
the creation, maintenance, and use of digital identities in online spaces
Burton 2007• Enterprise IdM is the set of business processes, and a supporting infrastructure, that
provides• Identity-based access control to systems and resources • In accordance with established policies
ETSI 2007• An identity is used within the NGN to distinguish one NGN entity from another. The
NGN entity may be an end-point (e.g. a telephone) or it may be service delivery agent (e.g. a service provider).
• The purpose of Identity Management in the NGN is to control the life of an NGN identifier from its creation through assignment and, if necessary, reassignment, to its destruction at the end of its useful life. Identity Management may also include the maintenance of the integrity of an identifier.
What is IdM from a carrier, provider,
Telecom Perspective?
What is the ITU role?
What is NGN IdM?
5
World Class Standards
ETSI Definition - IdentifierIdentifier
A lexical token that names an entity.A series of digits, characters and symbols used to identify uniquely subscriber, user, network element, function or network entity providing services/applications (TS 184 002)
World Class Standards
ETSI Definition - IdentityIdentity
A property of objects that allows those objects to be distinguished from each otherIdentifier allocated to a particular entity, e.g. a particular end-user, provides an Identity for that entity (TS 184 002)
World Class Standards
ETSI Definition – Identity crimeIdentity Crime
a generic term for Identity Theft, creating a False Identity or committing Identity Fraud
World Class Standards
ETSI Definition – Identity fraudIdentity Fraud
The use of a False Identity or legitimate identity to support unlawful activity.Falsely claiming to be a victim of Identity Fraud to avoid obligation or liability.
World Class Standards
ETSI Definition – Identity theftIdentity Theft
an event that occurs when sufficient information about an identity is obtained to facilitate Identity Fraud.
World Class Standards
Presence(Inference from video cameras,
RFID sensors, etc.)Evolution of Identity Management
SSO
InfocardsProximity
(Badge, Key,2nd Device)
Attribute Mgmt
Transparent
ExplicitBiometrics
(Fingerprint)
ImplicitBiometrics
(Key strokes, voice, face)
Username/Password
Federated Id
Identity as a set of attributes
Sharing of service-centric ids
Single user-centric id paired with many service-centric ids
User-centric and service-centric identities match
Fine-grained and gradual release of
attributes
Complete separation of user-centric and service-
centric ids
Microsoft Cardspace Higgins
OpenID
11
World Class Standards
Mobile operator centricDiscovery centricProject centricNetwork operator centricAuthentication centricAttribute centricBroad IdM centricUser centricApplication service provider centricObject identifier centric
IdM Ecosystem: Expansive
12
Broad IdM CentricBroad IdM CentricBroad IdM Centric
ISOSC27WG5 ITU-T
SG17
Mobile Operator Centric
Mobile Operator Mobile Operator CentricCentric
3GPPIMS
3GPPGBA
OMARD-IMF
Project Centric Project Centric Project Centric
FIDIS Daidalos
ModinisMAGNET
Discovery CentricDiscovery CentricDiscovery Centric
Yaddis
CNRIhandles XDI.ORG
OASISXRI
Object-Identifier CentricObjectObject--Identifier CentricIdentifier Centric
ITU-TJCA-NID
OID/OHN
EPCONS
CNRIDOI
UID
W3C/IETRURI
Attribute CentricAttribute CentricAttribute Centric
OSGiITU/IETF
E.164ENUM
OASISSPML
IETFIRIS
ITU-IETFLDAP
ITUX.500
ITUE.115v2NetMesh
LID
ETSILI-RDH
ETSITISPAN
ITU-TSG13
ITU-TSG4
ParlayPAM
ETSIIdM STF
ETSIUCI
ITU-TSG2
ITU-TSG11
ITU-TSG16
Network Operator CentricNetwork Operator CentricNetwork Operator Centric
OASISSAML
NISTFIPS201 IETF
OSCPANSIIDSP
ANSIHSSP
ZKP
ANSIZ39.50
Authentication CentricAuthentication CentricAuthentication Centric
OpenID
MsoftCardspace
IdentyMetaSystem
SourceID
Pubcookie
Passel
TCG
User CentricUser CentricUser Centric
OpenGroupIMF
App Service Provider CentricApp Service Provider CentricApp Service Provider Centric
IBMHiggins
LibertyWSF
OracleIGF
OASISxACML
WSFederation
SXIPVIP/PIP
CoSignEclipse
Shibboleth
LibertyI*
World Class Standards
Managing NGN Identities
13
LegacyTerminals
Note: Gateway (GW) may exist in either Transport Stratum or End-User Functions.
*
LegacyTerminals
Transport Stratum
Service Stratum
End-UserFunctions
Application Functions
Core transport Functions
NGNTerminals
CustomerNetworks
Other N
etworks
Application Support Functions and Service Support Functions
Core TransportFunctions
Other N
etworks
EdgeFunctions
Access Transport Functions
Access Transport Functions
ServiceControl
Functions
Network Access
Attachment Functions
Network Attachment Control Functions
(NACF)
Access NetworkFunctions
Resource and AdmissionControl Functions
(RACF)
UserProfile
Functions
T. UserProfileFunctions
UserProfile
Functions
T. UserProfileFunctions
GWGWGWGW
Other NGN ServiceComponents
PSTN / ISDN EmulationService Component
IP Multimedia Component&PSTN/ISDN Simulation
IP MultimediaService Component
S. UserProfile
Functions
GWGWGWGW
Applications
Identities in common components for applicationsUser Identity
Data
Identities in IMS and PES
Identities in common components for applications and service support
Identity Interoperability
Identities in NACF
Identities in RACF
User and terminal identities
World Class Standards
The Seven Pillars for Global Interoperable IdM
PeoplePeopleOrganizationsOrganizations Objects,
Sensorsand
Control Systems
Objects, Sensors
and Control Systems
14
World Class Standards
Interoperable FrameworkRelying Party
Identity Agent
Credential Store
Requesting/Asserting Entity
Identity Proofing
Enrollment
Credential Issuance
Self-Care Service
Identity Provider
Identity Attr. Service
User-Centric, Application Centric, Network Centric and Federation Protocols
Reputation
Validation
Token Service
Authentication Service
Personal Identifiable Information/Consent
Discovery, Transformation, Relationship and Bridging Services
Audit & Monitoring Service
Credential Mgmt Service
15
World Class Standards
FG Next StepsInitial work of the FG was completed and delivered to ITU-T Study Group 17 at its Plenary meeting, 28 Sept 2007FG itself has been replaced by the following IdM forumsJoint Coordination Activity for Identity Management (JCA-IdM)Global Standards Initiative for Identity Management (IdM-GSI), and the Joint Rapporteur Groups on Identity Management (JRG-IdM)
16
World Class Standards
FG IdM evolution to IdM GSI
17
World Class Standards
Overview and analysis
IDENTITY IN THE NGN
World Class Standards
Identity vs. IdentifierNGN entities have …
restricted behavioura single identifier
The NGN is defined by its behaviourA composition of the behaviour of its entitiesMany compositions possible so many NGN definitions are possible
World Class Standards
CRAVED analysis of identity
Criteria Criteria clarification ApplicabilityConcealable The target can easily be concealed by the
thief or, at least, is not easily identifiable as not belonging to the thief
Yes.
Removable The target is not physically fixed or otherwise secured
Yes
Available The target is both visible and accessible to the thief
Yes.
Valuable The target has either intrinsic monetary value or personal value to the thief
Yes.
Enjoyable Possession of the target provides pleasure to the holder either through monetary or personal gain
Yes.
Disposable The target can be sold by the thief for monetary or other gain
Yes.
World Class Standards
NGN and identityIdentity classes in NGN:1. Those generated automatically by network elements (e.g. call
identifiers). For these, no human intervention is required (or possible).
2. Those that may be allocated by operators without reference to external bodies (e.g. customer account number).
3. Those for which operators must go to external bodies to receive allocations (e.g. E.164 numbers, public IP addresses).
Identity fraud possible for classes 2 and 3
World Class Standards
Forms of identity – class 3E164 numbers
AuthoritativeStructured
SIP-urls, Tel-urlsAuthoritativeStructured
World Class Standards
Identity problems in NGNProliferation of non-authoritative id
Self asserted SIP-urlsIdentifier uncertainty
Equivalence of “IP address + port” to identifierContext “pull”
Identifiers used out of contextE.g. NASS identifier used in IMS
World Class Standards
Assurance of Identity
Counter to identity fraudAchieving assurance
Rigorous requirements designDesign process from ETSI EG 202 387 (applying common criteria to standards development)Standards as protection profiles from ETSI ES 202 382
World Class Standards
Summary findings, next stage of work
SECURITY ANALYSIS
World Class Standards
Unwanted incidentsMasquerade
Self revealingNon-self revealing
Unsolicited communicationIdentity correlationTraffic analysis
World Class Standards
Security considerationsIdentity attacks seen as masquerade
Single source of dataMultiple sources of data
RiskWhat happens when it all goes wrong?Likelihood of masqueradeImpact of masquerade
World Class Standards
NGN objectives for IdentifiersThe NGN should create its identitiesThe NGN should be the only entity able to destroy its identitiesThe NGN should comply with the OECD guidelines for processing of personal dataThe identity provider should be retrievable from analysis of theidentityThe NGN should support the transfer of identifier/identity between CSPs
World Class Standards
Risk analysis - masqueradeIMPACT
Mostly lowExploits affect one entity at a time
LIKELIHOODMostly highStructure is known, identity not often protected (given away)
World Class Standards
Risk analysis – unsolicited communicationIMPACT
Generally lowExists in PSTN and NGN offers more channels to exploitExacerbated by identity belonging to platform not service
LIKELIHOODHigh
World Class Standards
Risk analysis – identity correlationIMPACT
Low to mediumData already exists and services provided (directory services)
LIKELIHOODMedium to high
World Class Standards
Risk analysis – traffic analysisIMPACT
Medium to highDetermines end-user behaviour
LIKELIHOODLow to mediumAttack requires long term access to network, skill in analysis, some advanced tools
World Class Standards
Risk analysis - findingsIdentifiers open to simple masquerade
Countered in NGN by strong authenticationTraffic analysis difficult
Countered in NGN by strong authentication and allocation of session identity
World Class Standards
Platform and barrier
NGN CONTRIBUTION TO IDENTITY FRAUD
World Class Standards
PlatformNGN identifiers
Follow the identifier=identity modelHave publicly known structuresCan be emulated, guessed, copiedRelease is not contained
World Class Standards
BarrierAuthentication of identifier
Counters simple masqueradeIdentity theft for masquerade is self revealing (billed service)
Confidentiality of signallingCounters traffic analysis
Non-repudiationConsequence from compliance to regulation
World Class Standards
Audience participation
THANKS AND QUESTIONS
World Class Standards
Contact details and acknowledgementsContacts
Scott CADZOW• [email protected]; [email protected]
Abbie Barbir• [email protected]
AcknowledgementsMembers of ITU-T FG IdM
• Tony Rutkowski and Ray Singh for (modified) slides from ITU-T September IdM Tutorial Presentations
Members of the TISPAN NGN development team• Tony Holmes and WG4• WG8 for the SuM modelling• WG7 and STF330 for the Id and IdM security modelling
Top Related