ETSI Specification Group on Identity and Access Management
ETSI Creates New Industry Specification Group on Identity and Access Management
Newly-created ETSI Industry Specification Group Works to Develop a Common View on Identity and Access Management for the Future Internet
ETSI Headquarters, Sophia Antipolis, France. 23-September-2009.
ETSI (European Telecommunications Standards Institute) is pleased to announce the creation of a new Industry Specification Group to develop a common industry view on Identity Management protocols and architectures, relating mainly to networks and services for the Internet of the future.
In the vision of the Future Internet, the notion of the network will move towards the "Internet of Things" — an extremely complex world of numerous interconnected devices and services. Users already encounter a bewildering array of connections, usernames and passwords as they access a wide variety of services. In addition, because users assume different roles and identities at different times (e.g., parent, doctor, sports fan), they require access to different groups of services according to their current role.
As the interactions multiply, this complexity will also continue to grow, so the Future Internet will require solutions that will simplify the user experience whilst enabling the effective and reliable identification of users. Optimally, these solutions will be based on a unified and commonly agreed (i.e., standardized) approach. The major ambition is to allow the user simply to log in to one place and have the communications network automatically manage all the user's credentials, passwords etc.
Up to now, standardization of Identity Management (IdM) has focused mainly on the web and application domains, with some activity also addressing Next Generation Networks. However, little has been done to address architectures and protocols that are the key to new networks and services and thus to business opportunities — the new ETSI Industry Specification Group will focus on these aspects by capturing the results of IdM research and development (R&D) activity and formulating an industry consensus.
Much of the input to the group will be derived from European Union 7th Framework Project (FP7) R&D activities on Identity Management with a specific focus on networks and services, languages for access control and privacy policies. The Industry Specification Group (ISG) plans to create a series of commonly-agreed Europe-wide specifications, which can further developed by standardization groups such as ETSI and 3GPP as formally adopted standards for European or global use.
The group is known as the ETSI Industry Specification Group for "Identity and access management for Networks and Services", or ISG INS, and held its first meeting in Aveiro, Portugal, on 16-September-2009. At this meeting, the group unanimously elected Amardeo Sarma (NEC) as Chairman and Ricardo Pereira (Portugal Telecom) and Peter Scholta (Deutsche Telecom) as vice-Chairmen. Membership of the group currently consists of two network operators (Deutsche Telekom and Portugal Telecom), two manufacturers (NEC and Nokia Siemens Networks), and two technical institutes (Fraunhofer Institute and Waterford Institute of Technology). This membership is expected to grow rapidly, as participation is open to all ETSI members, as well as to non-members of ETSI subject to signature of a participation agreement.
The ISG INS meeting also approved its initial activities which include development of specifications for:
mechanisms, interfaces and protocols allowing service providers to perform authentication and retrieval of identity attributes through the network operator
requirements on the use and application of distributed policy management such that, for example, authentication of the user by the communications network can enable their authentication for the various services they wish to access
distributed user profile management where the network operator acts as an identity broker (taking responsibility for managing the user's identity)
mechanisms, protocols and procedures allowing user access to their selected services based on dynamic service level agreement (SLA) negotiations
Publication of these specifications is foreseen for March and October 2010.
The group's newly elected Chairman, Amardeo Sarma of NEC Europe, said: "This new group is a great opportunity to quickly agree on common specifications that will accelerate making business out of Identity and Access management, in particular for operators and services providers."
The next meeting of the Industry Specification Group is scheduled for 26 - 27 November 2009 in Heidelberg, Germany.
ETSI produces globally-applicable standards for Information and Communications Technologies (ICT), including fixed, mobile, radio, converged, aeronautical, broadcast and internet technologies and is officially recognized by the European Union as a European Standards Organization. ETSI is an independent, not-for-profit association whose 766 member companies and organizations, drawn from 63 countries across 5 continents worldwide, participate directly in its work.
ETSI produces globally-applicable ICT standards, including fixed, mobile, radio, converged, aeronautical, broadcast and IP technologies. An independent, not-for-profit association, ETSI's 766 member companies come from 63 countries worldwide.
Prepared by Robin Cover for The XML Cover Pages archive.