ITU-T Y.2721 PDF

This Recommendation provides Identity Management (IdM) objectives, requirements, guidelines and example use cases for the Next Generation Network (NGN) and its interfaces. IdM functions and capabilities are used to increase confidence in identity information and support and enhance business and security applications including identity-based services.

The scope of this Recommendation includes objectives, requirements, guidelines and example uses cases addressing:

• Increasing confidence in the identity information of an NGN entity (e.g., user, group, user device, service provider, enterprise, federation, network element and object).

• Secure management of the lifecycle (e.g., registration, validation, revocation) of identity information subject to user's specific and informed consent.

• IdM as an enabler of business (e.g., single sign-on and sign-off for multiple application services) and security applications (e.g., access controls) including identity-based services (e.g., authentication, assertions and federated identity).

• Secure discovery and exchange of information associated with an NGN entity's identity or identities subject to user's specific and informed consent. This includes information that may be located within an NGN and across different administrative domains or federations.

• Interworking/interoperability among the IdM systems and capabilities within a NGN provider domain (i.e., intra-network).

• Interworking/interoperability of the IdM systems and capabilities among different provider domains or federations subject to user's specific and informed consent where user information is concern (e.g., among NGN providers, web services providers and content providers).

• Enforcement of applicable policy (e.g., protection of personally identifiable information) associated with an entity's identity or identity information.

• Security of IdM systems, functions, capabilities, data and communications.

The objectives and requirements provided in this Recommendation are intended for NGN (i.e., managed packet networks) as defined in [ITU-T Y.2001], General overview of NGN.

The objectives and requirements in this Recommendation are based on the IdM framework provided in Recommendation [ITU-T Y.2720] and an analysis of use case examples documented in the Appendices of this Recommendation.

The objectives and requirements in this Recommendation are based on the IdM framework provided in [ITU-T Y.2720] and an analysis of use case examples documented in the appendices.

NOTE 1 – In this Recommendation, the use of the term 'Identity' relating to IdM does not indicate its absolute meaning. In particular, it does not constitute any positive validation of a person.

NOTE 2 – In this Recommendation, a user can be a person, groups, companies, juridical entities, or any other entities which make use of NGN services.

NOTE 3 – In this Recommendation, the term "NGN/identity service provider (NGN/IdSP)" is used to indicate that it could be an NGN provider or a third party that provides IdM services.