geneva, switzerland, 15-16 september 2014 itu-t sg 17 identity management (idm) progress report...
TRANSCRIPT
Geneva, Switzerland, 15-16 September 2014
ITU-T SG 17 Identity management (IdM)
Progress Report
Abbie Barbir Ph.D.,ITU-T Study Group 17Q10/17 (Identity Management) [email protected]
ITU Workshop on “ICT Security Standardizationfor Developing Countries”
(Geneva, Switzerland, 15-16 September 2014)
2
Q10/17 Identity management (IdM)Motivation
Question is dedicated to vision setting and the coordination and organization of entire range of IdM activities within ITU-T Focus on global trust and interoperabilityFocus on leveraging and building on existing solutionsCoordination with all key players in IdM (JCA-IdM)
Some examples of current focus include:Developing of Identity Roadmap Work with OASIS
Enhancing Trust and step up authenticationWork on Identity Based Attestation and Open Exchange ProtocolDeveloping identity in cloud uses cases and security requirements from a Telecom prospective (Auth as a Service)
Mechanisms for the discovery of identifiers in large distributed systemsExposing of network level Authentication to Higher level ApplicationsIdM taxonomy and OntologySCIM for telecom use cases
3
Coordination and Collaboration
IdM Current StateCurrent Situation
1. Diverse mix of applications, operating systems, databases, platforms, and other technology
2. Explosion of Roles and hard problems for meeting compliance (SoD, least privileges access)
3. Privileged access (hard to ensure proper governance)4. Explosion of identities across diverse systems5. Problems made harder through tactical solutions 6. Access review is hard
Drivers for change1. Migration to Cloud2. Cost Reduction3. DDoS and other attacks4. Reduced budgets5. Mobility (BYOD, Smart devices etc)
Drivers for Future DirectionDesired Future State
1.Risk reduction• Risk and behavioral driven, business centric
2.User experience• Clear business language for informed decision making• SSO with enhancements to the user login flow and session management•
3.Operational efficiency• Standardized and integrated operations
4.Governance and business enablement• Clear and consistent standards• End-to-end governance structure with effective metrics and controls• Consistent authentication operating model that provides a one-stop
security service solution
Towards Strong Identity and Enhanced Trust
Business and Privacy Guidelines
Technology Standards and Guidelines
Assurance
An Ecosystem of Interoperable Products & Services
Identity Assurance
Framework & Assessors
Need for Better Identity Assurance and Need for Better Identity Assurance and Trust FrameworksTrust Frameworks
Future focus
Passwords are DeadIndustry is taking noticeFIDO specifications maturingStep up authentication is gaining steamMobility is a driverMobile SSO need to matureMobile AssS need to matureMobile payments.Q10 will work with key industry leaders in this area
Geneva, Switzerland, 15-16 September 2014 7