Presentation is loading. Please wait.

Presentation is loading. Please wait.

International Telecommunication Union Geneva, 9(pm)-10 February 2009 Trend in User-Centric Identity Management Technology and its Standards Sangrae

Published byCameron Bennett Modified over 10 years ago

Similar presentations

Presentation on theme: "International Telecommunication Union Geneva, 9(pm)-10 February 2009 Trend in User-Centric Identity Management Technology and its Standards Sangrae"— Presentation transcript:

1 International Telecommunication Union Geneva, 9(pm)-10 February 2009 Trend in User-Centric Identity Management Technology and its Standards Sangrae Cho(sangrae@etri.re.kr)sangrae@etri.re.kr Digital ID Security Research Team ETRI ITU-T Workshop on New challenges for Telecommunication Security Standardizations" Geneva, 9(pm)-10 February 2009

2 International Telecommunication Union Geneva, 9(pm)-10 February 2009 2 ContentsContents 2. User-Centric IdM Technology 1. Introduction 3. Digital Identity Wallet 4. Conclusion

3 International Telecommunication Union Geneva, 9(pm)-10 February 2009 3 Introduction

4 International Telecommunication Union Geneva, 9(pm)-10 February 2009 4 Identity DefinitionIdentity The attributes by which an entity is described, recognized or known (ITU-T) The fundamental concept of uniquely identifying an object (person, computer, etc.) within a context. (OpenGroup) A set of claims made by one party about another party. Claims are typically conveyed in Signed Security Tokens (Microsoft) The essence of an entity. One's identity is often described by one's characteristics, among which may be any number of identifiers [Liberty & OASIS] Source: ITU-T Report on the Definition of the Term Identity 2008

5 International Telecommunication Union Geneva, 9(pm)-10 February 2009 5 Identity Management Accounts & Policies Registration/ Creation Propagation Maintenance/ Management Termination Source : Burton Group 2006 Architecture Template for IDM Infrastructure that supports for authentication, authorization, audit and identity lifecycle including creation, update and termination of identity

6 International Telecommunication Union Purpose of IdM Geneva, 9(pm)-10 February 2009 6 Increase in personal identity as web services are increased : Improve usability 27 websites join, 7.5 account on average in Korea [Digital News, 05.2.23] IdM requirement in inter-domain organization as business relationship has been diversified : Increase in efficiency and productivity Increase of demand in SSO & EAM&IAM, Intranet -> Internet [DigitalIDWorld Newsletter,05.3.31] Increase in personalized service requirements : Create new IT service & increase in personal privacy Need privacy protection when new service is provided in web 2.0[ZDNet, 06.12]

7 International Telecommunication Union Geneva, 9(pm)-10 February 2009 7 User-Centric IdM Technology

8 International Telecommunication Union Evolution of IdM Geneva, 9(pm)-10 February 2009 8 User-centric Identity Interchange Subject for IdM Domain-centric Bidirectional Unidirectional Silo Centralized Federated User-Centric System Human.com.net.org.com.net.org.com.net.org 08 Present User-Centric : The user is in the middle of a data transaction and the data always flows through the users identity agent. This gives user control of his identity

9 International Telecommunication Union User-Centric Identity Concept Geneva, 9(pm)-10 February 2009 9 User consent User always can allow or deny whether information about them is released or not (reactive consent management) User control User-centered Source : OASIS, The Core Concept of Identity 2.0 User has ability to policy-control all exchanges of identity information (proactive consent management) User delegates decisions to identity agents controlled through policy Core subset of the previous two as People in the protocol User is actively involved in information disclosure policy decisions at run time

10 International Telecommunication Union Main User-Centric IdM Technology Geneva, 9(pm)-10 February 2009 10 LibertyAllianceLibertyAlliance OpenIDOpenID Card Space Permission-based attribute exchange URL based user identifier & Select users IdP Select Users IdP using Identity Selector User-Centric Characteristics in each technology

11 International Telecommunication Union Trend in Standardization Geneva, 9(pm)-10 February 2009 11 Current View of IdM Landscape Source : Report on Identity Management Use Cases and Gap Analysis, ITU-T FG IdM

12 International Telecommunication Union Ongoing Standard Projects in ITU-T SG17 X.1250(X.idmreq): Capabilities for global identity management trust and interoperability Requirement for global interoperability among IdM systems Currently in TAP after re-determined in September 2008 X.1251(X.idif): A Framework for User Control of Digital Identity User control enhanced digital identity interchange framework Currently in TAP after determined in September 2008 X.idm-dm: Common Identity Data Model Develop common identity data model to express identity information between IdM systems Geneva, 9(pm)-10 February 2009 12

13 International Telecommunication Union X.1251(X.idif) - Framework Geneva, 9(pm)-10 February 2009 13

14 International Telecommunication Union Ongoing Standard Projects in ITU-T NGN Identity Management SG13 Q15 NGN Security is responsible Developing standards based on the result of IdM Focus Group Y.ngnIdMuse: NGN identity management use cases Study use cases when IdM is applied in NGN environment Y.ngnIdMreq: NGN identity management requirements IdM Requirements in NGN Y.idmFramework: NGN identity management framework Global interoperability framework among IdM systems in NGN Geneva, 9(pm)-10 February 2009 14

15 International Telecommunication Union Ongoing Standard Projects in ISO Geneva, 9(pm)-10 February 2009 15 Identity Management & Privacy Standard in ISO/IEC JTC1 SC27 WG5 ISO ITU-T / ISO Joint Workshop on identity management, Lucerne Sept. 2007 WGs within ISO/IEC JTC1/SC27 – IT Security Technologies A Framework for Identity Management (ISO/IEC 24760, WD) A Privacy Framework (ISO/IEC 29100, CD) A Privacy Reference Architecture (ISO/IEC 29101, WD) Entity Authentication Assurance ( ISO/IEC 29115, WD) A Framework for Access Management (ISO/IEC 29146, WD)

16 International Telecommunication Union The Identity Landscape Geneva, 9(pm)-10 February 2009 16 The Identity Landscape 2006 Reconstruct Johannes Ernst, CEO of NetMesh Digital ID Security Research Team, ETRI Increase in the interest of User-Centric IdM technology and collaborations between technologies URL-based (OpenID) Invisible (SAML/Liberty) Card-based (WS-Trust) Digital Identity MS, announce to support for OpenID. CardSpace supports for Open ID, Plan to support for interoperability with CardSpace in Open ID(07.02) User-Centric Convenience + Trust ETRI, Research collaboration with MS for digital ID Wallet(07.05) Convenience + Trust + Privacy Protection + Identity Interchange Convenience + Trust + Privacy Protection + Identity Interchange

17 International Telecommunication Union Geneva, 9(pm)-10 February 2009 17 Digital Identity Wallet

18 International Telecommunication Union User Requirements Cumbersome every time personal information is typed in to join a website. Especially, worrying to enter national resident number Inconvenient when logging in to use web service, harder when mobile web is used in mobile phone Not secure to enter ID/PWD in public places Secure way to identify the phishing sites Hard to remember which websites I have joined Not easy to update personal information when it is changed Hard to move my information from A site to B site for better services Geneva, 9(pm)-10 February 2009 18

19 International Telecommunication Union Overview Geneva, 9(pm)-10 February 2009 19 What is Digital Identity Wallet? A digital wallet that helps users to use easily and keep securely their personal identity and authentication information distributed in the cyber space; Digital Identity Wallet is just like a real wallet we use in our daily life to keep ID cards and cash System where users can have control over disclosure of their personal information by deciding whether he or she would provide data or not; unwanted disclosure or misuse of personal data can be prevented Main functions of Digital Identity Wallet Site registration and authentication Identity share and synchronization User privacy protection Mobile Digital Identity Wallet Internet Shopping mall Website A Identity verification organization Payment organization Link data Payment history Personal data Authenticatio n information Digital Identity Wallet Issue authentication information Issue identity verification data Issue payment information Website C Website D Input personal data Registration & login Purchase & payment Data share Website B Issue link data Identity verification data Website registration information Privacy protection server Backup, roaming, consistency Secure Internet usage with Digital Identity Wallet

20 International Telecommunication Union Services Geneva, 9(pm)-10 February 2009 20 Site registration service Identity authentication & verification service Share and synchronization service Phishing site avoidance One-click site registration Registered site management Replacement of national resident no. for ID verification Support of various authentication methods One-click! Mobile authentication Secure identity sharing between sites Automatic synchronization of updated personal data Personalized mash-up service Other applications Credit card and point card utilization and reference Connection with cyber world Authentication on a web interoperating with home device

21 International Telecommunication Union Supports for various authentication Geneva, 9(pm)-10 February 2009 21

22 International Telecommunication Union Use Case for Identity Interchange Geneva, 9(pm)-10 February 2009 22 Digital Identity Wallet Financial info Bank Stock Real Estate Financial Management savings, loans info Stock info Estate info Personal Finance Management Service

23 International Telecommunication Union Conclusion User-Centric is essential technology Convenience Privacy aware security for user Convergence between IdM technologies Full User Control Provide user with full power to control his identity Enhance privacy Efficient Identity Interchange Scalability Independency Seamless Geneva, 9(pm)-10 February 2009 23

24 International Telecommunication Union Geneva, 9(pm)-10 February 2009 24 Thank You !!! Q & A

Download ppt "International Telecommunication Union Geneva, 9(pm)-10 February 2009 Trend in User-Centric Identity Management Technology and its Standards Sangrae"

Similar presentations

1. XP 2 * The Web is a collection of files that reside on computers, called Web servers. * Web servers are connected to each other through the Internet.

1. XP 2 * The Web is a collection of files that reside on computers, called Web servers. * Web servers are connected to each other through the Internet.
1 IDX. 2 What you will learn: What IDX is Why its important How to use it Tips and tricks Introduction Q & A.

1 IDX. 2 What you will learn: What IDX is Why its important How to use it Tips and tricks Introduction Q & A.
Chapter 8 Payment Systems: Getting the Money

Chapter 8 Payment Systems: Getting the Money
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Using PHINMS and Web-Services for Interoperability The findings and conclusions in this presentation are those of the author and do not necessarily represent.

Using PHINMS and Web-Services for Interoperability The findings and conclusions in this presentation are those of the author and do not necessarily represent.
Institute for Cyber Security

Institute for Cyber Security
Four ways to give electronically 1. Making it easy for givers to give! 2.

Four ways to give electronically 1. Making it easy for givers to give! 2.
1 Copyright © 2013 Elsevier Inc. All rights reserved. Appendix 01.

1 Copyright © 2013 Elsevier Inc. All rights reserved. Appendix 01.
Future Internet Standardization: SC6

Future Internet Standardization: SC6
Lousy Introduction into SWITCHaai

Lousy Introduction into SWITCHaai
National Infrastructure – Citizen’s Account

National Infrastructure – Citizen’s Account
Click to edit Master title style HEALTH INFORMATION 1 Identity & Access Management Presenter: Mike Davis (760) 632-0294 January 09, 2007.

Click to edit Master title style HEALTH INFORMATION 1 Identity & Access Management Presenter: Mike Davis (760) January 09, 2007.
1 SensorWebs and Security Experiences Dan Mandl Presented at WGISS Meeting in Toulouse, France May 11, 2009.

1 SensorWebs and Security Experiences Dan Mandl Presented at WGISS Meeting in Toulouse, France May 11, 2009.
Business Transaction Management Software for Application Coordination 1 www.choreology.com Business Processes and Coordination.

Business Transaction Management Software for Application Coordination 1 Business Processes and Coordination.
International Financial Reporting Standards The views expressed in this presentation are those of the presenter, not necessarily those of the IASC Foundation.

International Financial Reporting Standards The views expressed in this presentation are those of the presenter, not necessarily those of the IASC Foundation.
1 FPEG Identity theft & payment fraud point 2.2 19 December 2007.

1 FPEG Identity theft & payment fraud point December 2007.
Geneva, Switzerland, 17 October 2011 ITU Workshop on Service Delivery Platforms (SDP) for Telecommunication Ecosystems: from todays realities to requirements.

Geneva, Switzerland, 17 October 2011 ITU Workshop on Service Delivery Platforms (SDP) for Telecommunication Ecosystems: from todays realities to requirements.
1 The standardization challenge of E-Government After data... what? David Petraitis 5 June 2003 Workshop on challenges, perspectives and standardization.

1 The standardization challenge of E-Government After data... what? David Petraitis 5 June 2003 Workshop on challenges, perspectives and standardization.
© 1998-2003 ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Building Confidence in E-government Services ITU-T Workshop on.

© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Building Confidence in E-government Services ITU-T Workshop on.
Network Virtualization and Service Awareness Properties of FNs

Network Virtualization and Service Awareness Properties of FNs

Similar presentations

Ads by Google