secure identity changes in a changing world s id tit ch i
play

Secure Identity Changes in a Changing World S Id tit Ch i Ch i - PowerPoint PPT Presentation

Jan 04, 2024 •614 likes •831 views

ISO/IEC JTC 1/SC 27/WG 5 Identity Management & Privacy Technologies Secure Identity Changes in a Changing World S Id tit Ch i Ch i W ld WG 5 Identity Management & Privacy Technologies Id tit M t & P i T h l i within

  1. ISO/IEC JTC 1/SC 27/WG 5 Identity Management & Privacy Technologies Secure Identity Changes in a Changing World S Id tit Ch i Ch i W ld WG 5 Identity Management & Privacy Technologies Id tit M t & P i T h l i within SC 27 – IT Security Techniques RSA Japan 2008-04-24, Tokyo, Japan Prof. Dr. Kai Rannenberg Convener WG 5 Goethe University Frankfurt Germany Goethe University Frankfurt, Germany www.m-chair.net 1

  2. WGs within ISO/IEC JTC 1/SC 27 – IT Security Techniques IT Security Techniques ISO/IEC JTC 1/SC 27/WG 5 Identity Management & Privacy Technologies Assessment WG 3 WG 3 WG 1 WG 1 Security Evaluation ISMS WG 4 WG 4 Guidelines Security Controls & Services WG 5 WG 2 Identity Management Cryptography & & Privacy Technologies Techniques Security Mechanisms Process Environment Product System 2

  3. WG 5 Identity Management & Privacy Technologies History y ISO/IEC JTC 1/SC 27/WG 5 Identity Management & Privacy Technologies October 2003 JTC 1 Plenary established � JTC 1 Study Group on Privacy Technologies (SGPT) JTC 1 St d G P i T h l i (SGPT) � for one year period of time (until October 2004) to identify standardization needs October 2004 JTC 1 Pl JTC 1 Plenary resolved to l d t � disband SGPT � assign to SC 27 further activities in the Privacy Technologies area such as � a further inventory � a report back to the November 2006 JTC 1 Plenary 3

  4. WG 5 Identity Management & Privacy Technologies History y ISO/IEC JTC 1/SC 27/WG 5 Identity Management & Privacy Technologies SC 27 SC 27 activities (in response to JTC 1‘s request ti iti (i t JTC 1‘ t from October 2004) � October 2004 � Study Period on Identity Management established � May 2005 � Study Period on Privacy established � Study Period on Privacy established � New Work Item Proposal: A framework for identity management (ISO/IEC 24760) � May 2006 M 2006 � New Working Group 5 on Identity Management and Privacy Technologies established � Two new Work Item Proposals T W k I P l � A privacy framework (ISO/IEC 29100) � A privacy reference architecture (ISO/IEC 29101) 4

  5. WG 5 Identity Management & Privacy Technologies Scope p ISO/IEC JTC 1/SC 27/WG 5 Identity Management & Privacy Technologies � Development and maintenance of D l t d i t f standards and guidelines addressing security aspects of � Identity management Identity management � Biometrics and � Privacy P i 5

  6. Identity Management (IdM) 2 sides of a medal with enormous economic potential p ISO/IEC JTC 1/SC 27/WG 5 Identity Management & Privacy Technologies � Organisations aim to sort out � People live their life � User Accounts in different IT � in different roles (professional, systems private, volunteer) � Authentication � using different identities (pseudonyms): email accounts, � Rights management g s a age e SIM SIM cards, eBay trade names, d B d � Access control chat names, 2ndLife names, …) � � Differentiated identities � Unified identities � Unified identities help to help to � protect � ease administration � privacy, especially anonymity � manage customer relations � personal security/safety p y y � enable reputation building at the same time � Identity management systems � Identity management Identity management � support users using role based � support users using role based systems identities � ease single-sign-on by unify � help to present the “right” identity accounts in the right context � solve the problems of multiple � solve the problems of multiple passwords 6

  7. Identity Management (IdM) 2 sides of a medal with enormous economic potential p ISO/IEC JTC 1/SC 27/WG 5 Identity Management & Privacy Technologies � People live their life � Organisations aim to sort out � in different roles (professional, � User Accounts in different IT private, volunteer) systems � using different identities � Authentication (pseudonyms): email � Rights management g s a age e accounts, SIM cards, eBay SIM d B � Access control trade names, chat names, � 2ndLife names, …) � Unified identities � Unified identities � Differentiated identities Diff ti t d id titi help to help to � ease administration � protect � manage customer relations � privacy, especially anonymity p y p y y y � personal security/safety � enable reputation building at the same time � Identity management � Identity management Identity management Identity management systems systems � support users using role based � ease single-sign-on by unify identities accounts � help to present the “right” � help to present the right � solve the problems of multiple � solve the problems of multiple identity in the right context passwords 7

  8. WG 5 Identity Management & Privacy Technologies Programme of Work ISO/IEC JTC 1/SC 27/WG 5 Identity Management & Privacy Technologies Frameworks & Architectures � A Framework for Identity Management (ISO/IEC 24760, WD) � A Privacy Framework (ISO/IEC 29100, WD) � A Privacy Reference Architecture (ISO/IEC 29101, WD) A P i R f A hit t (ISO/IEC 29101 WD) � A Framework for Access Management (ISO/IEC 29146, WD) Protection Concepts P t ti C t � Biometric template protection (ISO/IEC 24745, WD) � Access Control Mechanisms (Study Period) Guidance on Context and Assessment � Authentication Context for Biometrics (ISO/IEC 24761, FDIS) � Entity Authentication Assurance (ISO/IEC 29115, WD) Entity Authentication Assurance (ISO/IEC 29115 WD) � Privacy Capability Maturity Models (Study Period) 8

  9. WG 5 Identity Management & Privacy Technologies Roadmap p ISO/IEC JTC 1/SC 27/WG 5 Identity Management & Privacy Technologies 9

  10. WG 5 Identity Management & Privacy Technologies WD 24760 ISO/IEC JTC 1/SC 27/WG 5 Identity Management & Privacy Technologies Titl Title: A framework for identity management A f k f id tit t Co-editors: Christophe Stenuit (Belgium) Rosa Garcia Ontoso (Spain) Rosa Garcia Ontoso (Spain) Scope: p � This standard aims to provide a framework for the definition of identity and the secure, reliable, and private management of identity information private management of identity information. � This framework should be applicable to individuals as well as organizations of all types and sizes, in any environment and regardless of the nature of any environment and regardless of the nature of the activities they are involved in. 10

  11. WG 5 Identity Management & Privacy Technologies ISO/IEC 24760 A Framework for Identity Management y g ISO/IEC JTC 1/SC 27/WG 5 Identity Management & Privacy Technologies � Identity concepts � Identity concepts � Identity (Unification vs. Differentiation) � Identity References � Identity References � Identifiers � Identity management Id tit t � Identity Lifecycle � Provisioning vs. Choice of Identities � Identity management and IT � Identity management and information security � Related IT security concepts Related IT security concepts 11

  12. WG 5 Identity Management & Privacy Technologies FDIS 24761 ISO/IEC JTC 1/SC 27/WG 5 Identity Management & Privacy Technologies Title: Authentication context of biometrics Titl A th ti ti t t f bi t i Editor: Asahiko Yamada (Japan) Scope: � This document defines the structure and the data elements of Authentication Context for Biometrics (ACBio), by which the service provider (verifier) can judge whether the biometric verification j g result is acceptable or not. � The structure and the data elements are defined. 12

  13. WG 5 Identity Management & Privacy Technologies ISO/EC 24761 Authentication context of biometrics ISO/IEC JTC 1/SC 27/WG 5 Identity Management & Privacy Technologies The structure and the data elements are being defined based on e.g. the following assumptions: � The targeted biometric verification process shall Th d bi i ifi i h ll be executed by one or more BPUs (Biometric Process Units) Process Units) . � Each BPU shall assure a uniform security level within that BPU within that BPU. � A secure communication channel among all the subject interconnected such as BPUs , the service j , requester (claimant), and the service provider (verifier) shall not be assumed . 13

  14. WG 5 Identity Management & Privacy Technologies WD 29100 ISO/IEC JTC 1/SC 27/WG 5 Identity Management & Privacy Technologies Titl Title: A privacy framework A i f k Editor: Stefan Weiss (Germany) Scope: � Aims at providing a framework for defining privacy safeguarding requirements as they relate to PII safeguarding requirements as they relate to PII (personally identifiable information) processed by any information and communication system in any jurisdiction. � To be applicable on an international level and addresses system specific issues on a high level . � Puts organizational, technical, procedural and regulatory aspects in perspective . 14

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Changing Places/Changing Faces 1 Running Head: CHANGING PLACES/CHANGES FACES Changing

Changing Places/Changing Faces 1 Running Head: CHANGING PLACES/CHANGES FACES Changing

Changing Places/Changing Faces 1 Running Head: CHANGING PLACES/CHANGES FACES Changing Places/Changing Faces: Immigrant Youth and Identity Development Elham Bagheri & Jay M. Greenfeld, M.A. University of Iowa Changing Places/Changing

401 views • 11 slides
Computers Change the World Computing is Changing the World Activity 1.1.1 Computing Is Changing

Computers Change the World Computing is Changing the World Activity 1.1.1 Computing Is Changing

Computers Change the World Computing is Changing the World Activity 1.1.1 Computing Is Changing the World Students pick a grand challenge and consider how mobile computing, the Internet, Big Data, and simulation are contributing to solving

347 views • 22 slides
Information for a changing world Social inclusion in a changing world Walter Brown 29 June 2018

Information for a changing world Social inclusion in a changing world Walter Brown 29 June 2018

Information for a changing world Social inclusion in a changing world Walter Brown 29 June 2018 | walterbrown@afrihost.co.za| http://www.sakan.org.za/ Presentation Format: Addressing South Africas social challenges 1. 25 slides with critical

506 views • 26 slides
T T Tax Planning Tax Planning Pl Pl i i in a Changing World in a Changing World Changing

T T Tax Planning Tax Planning Pl Pl i i in a Changing World in a Changing World Changing

T T Tax Planning Tax Planning Pl Pl i i in a Changing World in a Changing World Changing World Changing World i i Eric Hormel Eric Hormel CPA, Shareholder CPA, Shareholder , , November 7, 2012 November 7, 2012 The Fiscal Cliff

468 views • 32 slides
UK REAL ESTATE MARKET JOHN SLADE 1 June 2017 Agenda A CHANGING WORLD LONDONS

UK REAL ESTATE MARKET JOHN SLADE 1 June 2017 Agenda A CHANGING WORLD LONDONS

UK REAL ESTATE MARKET JOHN SLADE 1 June 2017 Agenda A CHANGING WORLD LONDONS BOUNCEBACKABILITY MY CAREER TAKE ADVANTAGE OF CHANGE ECONOMIC CHALLENGES BNPPRE IS CHANGING 2 1. A Changing World 1. A Changing World do we still

320 views • 20 slides
CEF eI D Building Block European Com m ission DI GI T Frdric POELS STORK Secure idenTity

CEF eI D Building Block European Com m ission DI GI T Frdric POELS STORK Secure idenTity

CEF eI D Building Block European Com m ission DI GI T Frdric POELS STORK Secure idenTity acrOss boRders linKed I SA Interoperability Solutions for European Public Administrations eI DAS STORK 2 .0 Electronic Identification, Secure

793 views • 31 slides
my Identity TM 2 my Identity Learning objectives In this overview, you will learn about:

my Identity TM 2 my Identity Learning objectives In this overview, you will learn about:

my Identity TM 2 my Identity Learning objectives In this overview, you will learn about: The four components of my Identity TM How the product can benefit customers in real-world scenarios The benefits of the product for brokers 3

530 views • 19 slides
Secure Scuttlebutt: An Identity-Centric Protocol for Subjective and Decentralized Applications

Secure Scuttlebutt: An Identity-Centric Protocol for Subjective and Decentralized Applications

Secure Scuttlebutt: An Identity-Centric Protocol for Subjective and Decentralized Applications Dominic Tarr (SSB, New Zealand) Erick Lavoie (McGill University, Montreal) Aljoscha Meyer (TU Berlin, Germany) Christian Tschudin (U of

501 views • 18 slides
Changing needs in a changing world Research supported by TLRI Why change? FROM STATISTICAL

Changing needs in a changing world Research supported by TLRI Why change? FROM STATISTICAL

Statistics Road Tour 2012 Changing Needs in a Changing World: Part II: Maxine Pfannkuch Department of Statistics University of Auckland, New Zealand THE UNIVERSITY OF AUCKLAND DEPARTMENT OF STATISTICS Hans Rosling s TED talks, Documentary

225 views • 11 slides
UBITQUITY, LLC Changing The World One Block At A Time UBITQUITY, LLC

UBITQUITY, LLC Changing The World One Block At A Time UBITQUITY, LLC

UBITQUITY, LLC Changing The World One Block At A Time UBITQUITY, LLC Changing the World One Block at a Time Blockchain Technology for Land Registry Offices Brazil Real Estate Industry UBITQUITY, LLC Changing the

413 views • 16 slides
Ensuring a secure, reliable and efficient Power System in a Changing Environment Delivering a

Ensuring a secure, reliable and efficient Power System in a Changing Environment Delivering a

Ensuring a secure, reliable and efficient Power System in a Changing Environment Delivering a Secure Sustainable Power System 17 th August 2011 Outline Agenda Chair: Dick Lewis, Manager, Grid Operations Planning 10.00 a.m. Registration (Tea

833 views • 70 slides
BETTER BUSINESSES POWER FOR OUR A CHANGING PRIORITIES WORLD WHO WE ARE WE ARE A POWER

BETTER BUSINESSES POWER FOR OUR A CHANGING PRIORITIES WORLD WHO WE ARE WE ARE A POWER

WHO WE ARE OUR BETTER BUSINESSES POWER FOR OUR A CHANGING PRIORITIES WORLD WHO WE ARE WE ARE A POWER SYSTEMS AND SERVICES GROUP AIR SEA REVENUE PROFIT 14.6 bn 1.6 bn LAND ORDER BOOK 74 bn BETTER POWER FOR A CHANGING WORLD

512 views • 25 slides
changing labour regimes International Conference on Co-operatives in the Changing World of Work

changing labour regimes International Conference on Co-operatives in the Changing World of Work

Role of Cooperatives in changing labour regimes International Conference on Co-operatives in the Changing World of Work Indian Institute of Management, Kozhikode (Kerala, India) 29 Apr - 1 May 2018 Bharti Birla ILO DWT for South Asia and

452 views • 14 slides
Secure and Privacy Preserving Vehicular Communication Systems: Identity and Credential Management

Secure and Privacy Preserving Vehicular Communication Systems: Identity and Credential Management

KTH ROYAL INSTITUTE OF TECHNOLOGY Secure and Privacy Preserving Vehicular Communication Systems: Identity and Credential Management Infrastructure Mohammad Khodaei Networked Systems Security Group (NSS) November 1, 2016 July 2, 2018

1.03k views • 38 slides
FAST, SECURE .AND RECONCILED! How MasterCard is changing the way we think about commercial

FAST, SECURE .AND RECONCILED! How MasterCard is changing the way we think about commercial

FAST, SECURE .AND RECONCILED! How MasterCard is changing the way we think about commercial payments Gerald Sun Vice-President, Business Development, Trade & Industry, Asia Pacific MasterCard Worldwide Neil Johnson Head of Business

470 views • 13 slides
Right way to establish critical pro-active defences against emerging cyber threats Andrew J

Right way to establish critical pro-active defences against emerging cyber threats Andrew J

Right way to establish critical pro-active defences against emerging cyber threats Andrew J Clarke Director, One Identity A fast changing world Digital Transformation Internet of Things (IoT) 2 Andrew J Clarke - One Identity The new attack

498 views • 24 slides
Towards an Economic Valuation of Telco-based Valuation of Telco based Identity

Towards an Economic Valuation of Telco-based Valuation of Telco based Identity

Towards an Economic Valuation of Telco-based Valuation of Telco based Identity Management Enablers Enablers PrimeLife/IFIP Summer School 2010 Helsingborg, 2010-08-04 Kai Rannenberg, S ascha Koschinat, Andreas Albers, Gkhan

1.07k views • 60 slides
Rou ound nd 4 ( (FY FY 2018 & FY FY 2019) Noti tice In Invi viting ting Ap Applica

Rou ound nd 4 ( (FY FY 2018 & FY FY 2019) Noti tice In Invi viting ting Ap Applica

Rou ound nd 4 ( (FY FY 2018 & FY FY 2019) Noti tice In Invi viting ting Ap Applica plications: tions: Bi Bidder ers s Conf onfer eren ence ce Presented by: U.S. Departments of Education, Health and Human Services, Housing

806 views • 57 slides
Q1 Fiscal 2019 Results May 7, 2019 Cautionary statements regarding forward-looking information

Q1 Fiscal 2019 Results May 7, 2019 Cautionary statements regarding forward-looking information

Q1 Fiscal 2019 Results May 7, 2019 Cautionary statements regarding forward-looking information This presentation contains forward-looking statements within the meaning of the federal securities laws concerning, among other things, our

488 views • 19 slides
On the Analysis of the Simple Genetic Algorithm Pietro Oliveto 1 Carsten Witt 2 1 School of

On the Analysis of the Simple Genetic Algorithm Pietro Oliveto 1 Carsten Witt 2 1 School of

Introduction Proof Ideas End On the Analysis of the Simple Genetic Algorithm Pietro Oliveto 1 Carsten Witt 2 1 School of Computer Science, The University of Birmingham, UK 2 Technical University of Denmark, Kgs. Lyngby, Denmark ThRaSH 2012, 2nd

696 views • 34 slides
Patent Law Prof. Roger Ford March 16, 2016 Class 13 Nonobviousness: introduction; Graham and

Patent Law Prof. Roger Ford March 16, 2016 Class 13 Nonobviousness: introduction; Graham and

Patent Law Prof. Roger Ford March 16, 2016 Class 13 Nonobviousness: introduction; Graham and KSR Midterm Midterm Posted to website today at 3:00 pm Due back to Registrars Office by Wednesday, March 23, at 3:00 pm Good luck!

333 views • 21 slides
Dementia & Doing Guiding Principles

Dementia & Doing Guiding Principles

Dementia & Doing Guiding Principles STRATEGIES Caregiver Education Outcomes Dementia & Doing Guiding Principles STRATEGIES Caregiver

381 views • 15 slides
CS 343H: Honors Artificial Intelligence Lecture 1: Introduction 1/14/2014 Kristen Grauman UT

CS 343H: Honors Artificial Intelligence Lecture 1: Introduction 1/14/2014 Kristen Grauman UT

CS 343H: Honors Artificial Intelligence Lecture 1: Introduction 1/14/2014 Kristen Grauman UT Austin Slides courtesy of Dan Klein, UC-Berkeley unless otherwise noted. Teaching staff Prof. Kristen Grauman TA: Kim Houck Today What

760 views • 28 slides
Milling Milling is a basic machining process by which a surface is generated progressively by the

Milling Milling is a basic machining process by which a surface is generated progressively by the

Milling Milling is a basic machining process by which a surface is generated progressively by the removal of chips from a workpiece as it is fed to a rotating cutter in a direction perpendicular to the axis of the cutter. In some cases the work

843 views • 34 slides

More recommend