ImageVerifierCode 换一换
格式:PDF , 页数:102 ,大小:1,018.87KB ,
资源ID:433534      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-433534.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ANSI ATIS 1000044-2011 ATIS Identity Management Requirements and Use Cases Standard.pdf)为本站会员(towelfact221)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ANSI ATIS 1000044-2011 ATIS Identity Management Requirements and Use Cases Standard.pdf

1、 AMERICAN NATIONAL STANDARD FOR TELECOMMUNICATIONS ATIS-1000044.2011 ATIS IDENTITY MANAGEMENT: REQUIREMENTS AND USE CASES STANDARD ATIS is the leading technical planning and standards development organization committed to the rapid development of global, market-driven standards for the information,

2、entertainment and communications industry. More than 200 companies actively formulate standards in ATIS Committees, covering issues including: IPTV, Cloud Services, Energy Efficiency, IP-Based and Wireless Technologies, Quality of Service, Billing and Operational Support, Emergency Services, Archite

3、ctural Platforms and Emerging Networks. In addition, numerous Incubators, Focus and Exploratory Groups address evolving industry priorities including Smart Grid, Machine-to-Machine, Networked Car, IP Downloadable Security, Policy Management and Network Optimization. ATIS is the North American Organi

4、zational Partner for the 3rd Generation Partnership Project (3GPP), a member and major U.S. contributor to the International Telecommunication Union (ITU) Radio and Telecommunications Sectors, and a member of the Inter-American Telecommunication Commission (CITEL). ATIS is accredited by the American

5、 National Standards Institute (ANSI). For more information, please visit . AMERICAN NATIONAL STANDARD Approval of an American National Standard requires review by ANSI that the requirements for due process, consensus, and other criteria for approval have been met by the standards developer. Consensu

6、s is established when, in the judgment of the ANSI Board of Standards Review, substantial agreement has been reached by directly and materially affected interests. Substantial agreement means much more than a simple majority, but not necessarily unanimity. Consensus requires that all views and objec

7、tions be considered, and that a concerted effort be made towards their resolution. The use of American National Standards is completely voluntary; their existence does not in any respect preclude anyone, whether he has approved the standards or not, from manufacturing, marketing, purchasing, or usin

8、g products, processes, or procedures not conforming to the standards. The American National Standards Institute does not develop standards and will in no circumstances give an interpretation of any American National Standard. Moreover, no person shall have the right or authority to issue an interpre

9、tation of an American National Standard in the name of the American National Standards Institute. Requests for interpretations should be addressed to the secretariat or sponsor whose name appears on the title page of this standard. CAUTION NOTICE: This American National Standard may be revised or wi

10、thdrawn at any time. The procedures of the American National Standards Institute require that action be taken periodically to reaffirm, revise, or withdraw this standard. Purchasers of American National Standards may receive current information on all standards by calling or writing the American Nat

11、ional Standards Institute. Notice of Disclaimer Assurance of the identity of an entity (e.g., users/subscribers, groups, user devices, organizations, network and service providers, network elements and objects, and virtual objects); and Enabling business and security applications. 3.1.26 next genera

12、tion network ITU-T Y.2001: A packet-based network able to provide telecommunication services and able to make use of multiple broadband, QoS-enabled transport technologies and in which service-related functions are independent from underlying transport related technologies. It enables unfettered acc

13、ess for users to networks and to competing service providers and/or services of their choice. It supports generalized mobility, which will allow consistent and ubiquitous provision of services to users. 3.1.27 personally identifiable information ITU-T X.1252: Any information (a) that identifies or c

14、an be used to identify, contact, or locate the person to whom such information pertains, (b) from which identification or contact information of an individual person can be derived, or (c) that is or can be linked to a natural person directly or indirectly 3.1.28 presence ATIS-1000035 and ITU-T Y.27

15、20: A set of attributes that characterizes an entity relating to current status. 3.1.29 principal ITU-T X.811: An entity whose identity can be authenticated. ATIS-1000044.2011 6 3.1.30 privacy ITU-T X.1252: The right of individuals to control or influence what personal information related to them ma

16、y be collected, managed, retained, accessed, and used or distributed. 3.1.31 relying party ITU-T X.1252: An entity that relies on an identity representation or claim by a requesting/asserting entity within some request context. 3.1.32 user ITU-T X.1252: Any entity that makes use of a resource - e.g.

17、, system, equipment, terminal, process, application, or corporate network. NOTE - In the context of NGN, according to Y.2091, it includes end user, person, subscriber, system, equipment, terminal (e.g., Fax, PC), (functional) entity, process, application, provider, or corporate network. 3.1.33 trust

18、 ITU-T X.1252: The firm belief in the reliability and truth of information or in the ability and disposition of an entity to act appropriately, within a specified context. 3.1.34 security domain ITU-T X.1252: A set of elements, a security policy, a security authority, and a set of security-relevant

19、activities in which the elements are managed in accordance with the security policy. 3.1.35 verifier ITU-T X.1252: An entity that verifies and validates identity information. 3.2 Terms defined in this Standard None. 4 Abbreviations and acronyms 3G 3rdGeneration AKA Authentication and Key Agreement A

20、NI Application-to-Network Interface API Application Programmers Interface BSS Business Support System CSP Communications Service Provider DDoS Distributed Denial of Service DeviceID Device Identity DoS Denial of Service EAG External Application Gateway EDS Enterprise Directory Service ET Emergency T

21、elecommunications ETS Emergency Telecommunications Service EV-DO Evolution Data Optimized FE Functional Entity FTTX Fiber-To-The-X GBA Generic Bootstrapping Architecture HSS Home Subscriber Server IBGC-FE Interconnection Border Gateway Control Functional Entity IdM Identity Management IdMCC-FE IdM C

22、oordination and Control Functional Entity ATIS-1000044.2011 7 IdSP Identity Service Provider IDPS Intrusion Detection and Prevention Systems ID-WSF Identity Web Services Framework IMS IP Multimedia Subsystem IP Internet Protocol IPTV IP Television ISC IMS Service Control IT Information Technology IT

23、U-T International Telecommunication Union Telecommunication Standardization Sector KDC Key Distribution Center LDAP Lightweight Directory Access Protocol LIDB Line Information Database LNP Local Number Portability LS Location Server LTE Long Term Evolution MNO Mobile Network Operator MSISDN Mobile S

24、ubscriber Integrated Service Director Number NACF Network Attachment Control Functions NGN Next Generation Network NNI Network-to-Network Interface OAM enable federated services; promote broadly-available subscription-based services; and meet end users needs for privacy and protection of Personally

25、Identifiable Information (PII). Business enterprises and users need to protect their business interests, have confidence in authentication capabilities for business transactions and protection of business partners identity data. Protection of the network infrastructure against cyber-attacks, and pro

26、tection of private data. Governmental organizations support of electronic Government services, public safety services, early warning services, Emergency Telecommunication Service (ETS). and other national services. 6.4 Multiple service provider and federated environment In a multiple service provide

27、r and federated environment, IdM services and capabilities are used to discover and communicate information to establish confidence in the identity(s) of an entity. For example, identifiers, credentials, and attributes associated with an identity could be verified by an identity service provider tha

28、t is regarded as trusted by the relying party and communicated, through assertions, to the relying party (e.g., a user, a service provider) to support authentication, which may be a basis for access control, business decisions, and enforcement of applicable policy (e.g., privacy and protection of pe

29、rsonally identifiable information). Additionally, there may be different and independent IdM solutions resulting in the need for interoperability among service providers. 6.5 Identity Service Provider (IdSP) This standard does not impose any restriction on who provides Identity Service Provider (IdS

30、P) services. An IdSP is an entity that maintains, manages, and may create identity information of other entities (e.g., user/subscribers, organizations, and devices) and offers identity-based services based on trust, business, and other types of relationship. In a multiple service provider environme

31、nt, it is possible for an NGN provider to also be an IdSP and offer identity management services (e.g., identity-based services) to other providers. In this standard, the term “NGN/IdSP” is used to indicate that it could be an NGN provider or third party that provides IdM services. ATIS-1000044.2011

32、 14 6.6 IdM in Context of NGN Architectures and Reference Models 6.6.1 Relationship with NGN Functional Architecture In the context of the NGN reference architecture model defined in ITU-T Y.2012, it is possible for IdM related functions to reside in the different planes (e.g., user, control, and ma

33、nagement) and different strata of the distributed architecture (e.g., service stratum and transport stratum). From a realization or implementation perspective, support of IdM services and capabilities could involve the use of existing network elements or it could involve the use of additional networ

34、k elements (e.g., specialized Application Servers) in a NGN. Figure 7-1 of ITU-T Y.2012 includes a functional block representing IdM functions in the NGN functional architecture. Figure 7-1 of ITU-T Y.2012 illustrates the general concepts that the support of IdM services and capabilities may involve

35、 interaction with specific functional entities (FEs) to enable and support services including identity services. This may include interactions with FEs in the following functional blocks depending on the specific IdM service or capability being supported and the implementation design: Applications;

36、Service stratum: Application support functions and service support functions, service control functions and content delivery functions; Transport stratum: Transport control functions and transport functions; End-user functions; and Management functions. ATIS-1000044.2011 15 T13-R020(10)_F02Service s

37、tratumTransport stratumTransport functionsTransport control functionsService control and content delivery functionsApplicationsApplication support functions and service support functionsService controlfunctionsContent deliveryfunctionsNetwork attachment and control functionsResourceandadmissioncontr

38、olfunctionsMobilitymanagement and controlfunctionsEnd-userfunctionsFunctionsfromothernetworksFunctionsfromotherserviceprovidersANINNISNIUNIService userprofilesTransport userprofilesIdMfunctionsControlMediaManagementIdMManagementfunctionsFigure 2 - Figure 7-1 of ITU-T Y.2012 In the NGN functional arc

39、hitecture, IdM functions may reside in different planes (e.g., user, control, and management) and different strata of the distributed architecture (e.g., service stratum and transport stratum). Although IdM functions are shown in a standalone group of functions, this is not intended to impose any de

40、sign and restrictions for IdM implementations. Implementation of IdM functions is subjected to the compliance with relevant policies, such as national and regional regulations and legislations for protection of identity data (e.g., PII). Specifically, implementation and use of IdM functions must ens

41、ure the compliance with the relevant policies for basic data protection principles: Binding of data to a specific purpose; No data sharing between applications for different purposes; Limitation of data to the minimum needed for a specific purpose; and ATIS-1000044.2011 16 Right of persons to have c

42、ontrol over their PII. 6.6.2 External Interfaces and IdM Communications The standard interfaces defined in ITU-T Y.2012 are used to exchange identity data among different administrative domains and federations. This may include the following interfaces as applicable: User-to-Network Interface (UNI)

43、Network-to-Network Interface (NNI) Application-to-Network Interface (ANI) Server-to-Network Interface (SNI) The interface solutions would depend on factors such as specific application and services needs (e.g., real-time versus near-real time), protocol solution (e.g., SAML, Diameter, RADIUS, SIP),

44、and mechanisms and approaches. Refer to Appendix VI for an example IdM realization scenario showing how the NGN external interfaces may be applicable. 6.6.3 Transactional Models b-ITU-T X.1250 provides descriptions of example transactional models involving multiple parties (e.g., users, IdSPs, and r

45、elying parties). Refer to Appendix V for a summary of the transactional models described in b-ITU-T X.1250. 7 IdM Objectives The following are general objectives for IdM: 1. Facilitate trust decisions between entities. 2. Support of IdM solution(s) minimizing impacts on users/subscribers. 3. Solutio

46、n(s) involving new capabilities would provide appropriate transition solution. 4. Support of interoperable IdM solutions within an NGN provider domain. For example, interoperability between different vendor products supporting multiple application services (e.g., VoIP, IPTV, Video, and Data). 5. Sup

47、port of interoperable IdM solutions across different NGN provider and service provider domains and federations based on applicable business arrangements and relationships and under application of regulation and policies for PII protection. 6. Support of bridging of heterogeneous IdM systems and fede

48、rations. For example, capability to allow bridging between NGN provider IdM systems and other types of IdM ATIS-1000044.2011 17 systems (e.g., web services, content, and 3rdparty provider IdM systems) based on applicable business arrangements and relationships and under application of regulation and

49、 policies for PII protection. 7. End users/subscribers being able to interact and use application services in an easy and intuitive fashion while retaining control of their personal data throughout their life cycle. This include how and when the information is used and by whom. 8. End users/subscribers being able to reveal only the minimally necessary information to establish mutual trust and conduct transactions based on the applicable policies. 9. End users/subscribers being able to check the authenticity of the

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1