ImageVerifierCode 换一换
格式:PDF , 页数:14 ,大小:83.05KB ,
资源ID:803467      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-803467.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ITU-T SERIES X SUPP 7-2009 ITU-T X 1250 series C Supplement on overview of identity management in the context of cybersecurity (Study Group 17)《ITU-T X 290系列 关于网络安全环境中身份管理的综述补充 17号.pdf)为本站会员(刘芸)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ITU-T SERIES X SUPP 7-2009 ITU-T X 1250 series C Supplement on overview of identity management in the context of cybersecurity (Study Group 17)《ITU-T X 290系列 关于网络安全环境中身份管理的综述补充 17号.pdf

1、 International Telecommunication Union ITU-T Series XTELECOMMUNICATION STANDARDIZATION SECTOR OF ITU Supplement 7(02/2009) SERIES X: DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY ITU-T X.1250 series Supplement on overview of identity management in the context of cybersecurity ITU-T X-series

2、 Recommendations Supplement 7 ITU-T X-SERIES RECOMMENDATIONS DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY PUBLIC DATA NETWORKS X.1X.199 OPEN SYSTEMS INTERCONNECTION X.200X.299 INTERWORKING BETWEEN NETWORKS X.300X.399 MESSAGE HANDLING SYSTEMS X.400X.499DIRECTORY X.500X.599 OSI NETWORKING AN

3、D SYSTEM ASPECTS X.600X.699 OSI MANAGEMENT X.700X.799 SECURITY X.800X.849 OSI APPLICATIONS X.850X.899 OPEN DISTRIBUTED PROCESSING X.900X.999 INFORMATION AND NETWORK SECURITY General security aspects X.1000X.1029 Network security X.1030X.1049 Security management X.1050X.1069 Telebiometrics X.1080X.10

4、99 SECURE APPLICATIONS AND SERVICES Multicast security X.1100X.1109 Home network security X.1110X.1119 Mobile security X.1120X.1139 Web security X.1140X.1149 Security protocols X.1150X.1159 Peer-to-peer security X.1160X.1169 Networked ID security X.1170X.1179 IPTV security X.1180X.1199 CYBERSPACE SE

5、CURITY Cybersecurity X.1200X.1229 Countering spam X.1230X.1249 Identity management X.1250X.1279 SECURE APPLICATIONS AND SERVICES Emergency communications X.1300X.1309 Ubiquitous sensor network security X.1310X.1339 For further details, please refer to the list of ITU-T Recommendations. X series Supp

6、lement 7 (02/2009) i Supplement 7 to ITU-T X-series Recommendations ITU-T X.1250 series Supplement on overview of identity management in the context of cybersecurity Summary The security of the traditional public circuit switched telephone network (PSTN) has been addressed over many decades of opera

7、tion. However, the same cannot be said for distributed public packet-switched networks with multiple-service providers, such as the Internet and next generation networks (NGNs). Such networks use one common transport platform for control traffic and for user traffic which, in addition to the possibl

8、e anonymity of such traffic and the possibility of generating unidirectional traffic, makes such networks vulnerable to misuse. All electronic services (e-services such as e-business, e-commerce, e-health, e-government) are open to attack. This problem can be at least partly addressed by improving c

9、onfidence in the identity of users, network devices and service providers, so that they can be authenticated, granted appropriate access, and audited. Because identity management provides greater assurance and trust in user, service provider, and network device identities, it improves security by re

10、ducing exposure to security risks. This aspect of cybersecurity is something that service providers need to consider at a business and technical level, and that governments need to consider on a national level as part of the national cybersecurity plan. Source Supplement 7 to ITU-T X-series Recommen

11、dations was agreed on 20 February 2009 by ITU-T Study Group 17 (2009-2012). ii X series Supplement 7 (02/2009) FOREWORD The International Telecommunication Union (ITU) is the United Nations specialized agency in the field of telecommunications, information and communication technologies (ICTs). The

12、ITU Telecommunication Standardization Sector (ITU-T) is a permanent organ of ITU. ITU-T is responsible for studying technical, operating and tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on a worldwide basis. The World Telecommunication Standard

13、ization Assembly (WTSA), which meets every four years, establishes the topics for study by the ITU-T study groups which, in turn, produce Recommendations on these topics. The approval of ITU-T Recommendations is covered by the procedure laid down in WTSA Resolution 1. In some areas of information te

14、chnology which fall within ITU-Ts purview, the necessary standards are prepared on a collaborative basis with ISO and IEC. NOTE In this publication, the expression “Administration“ is used for conciseness to indicate both a telecommunication administration and a recognized operating agency. Complian

15、ce with this publication is voluntary. However, the publication may contain certain mandatory provisions (to ensure e.g. interoperability or applicability) and compliance with the publication is achieved when all of these mandatory provisions are met. The words “shall“ or some other obligatory langu

16、age such as “must“ and the negative equivalents are used to express requirements. The use of such words does not suggest that compliance with the publication is required of any party. INTELLECTUAL PROPERTY RIGHTS ITU draws attention to the possibility that the practice or implementation of this publ

17、ication may involve the use of a claimed Intellectual Property Right. ITU takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or others outside of the publication development process. As of the date of approval

18、 of this publication, ITU had not received notice of intellectual property, protected by patents, which may be required to implement this publication. However, implementers are cautioned that this may not represent the latest information and are therefore strongly urged to consult the TSB patent dat

19、abase at http:/www.itu.int/ITU-T/ipr/. ITU 2009 All rights reserved. No part of this publication may be reproduced, by any means whatsoever, without the prior written permission of ITU. X series Supplement 7 (02/2009) iii CONTENTS Page 1 Scope 1 2 References. 1 3 Definitions 1 4 Abbreviations and ac

20、ronyms 1 5 Conventions 1 6 Importance of IdM to global network infrastructure protection and multi-national coordination for security. 1 7 Identity management as an enabler of trusted communication between two entities. 1 8 Protection, maintenance, revocation and control of identity data 2 9 “Discov

21、ery“ of trusted sources of identity data 2 10 Electronic government services (e-government services) 2 11 Regulatory considerations in connection with IdM 2 iv X series Supplement 7 (02/2009) Introduction Identity management (IdM) is a way to manage and control the information that is used in the co

22、mmunications process to represent entities (such as service providers, end-user organizations, people, network devices, software applications and services). A single entity may have multiple digital identities in order to access various services with differing requirements, and these may exist in mu

23、ltiple locations. IdM is a key component of cybersecurity because it provides the capability to establish and maintain trusted communications among entities. IdM supports authentication of an entity. It also enables the authorization of a range of privileges (rather than all-or-nothing privileges) a

24、nd makes it easier to change privileges if an entitys role changes. IdM also improves an organizations ability to apply its security policies by enabling an entitys activity on the network to be monitored and audited. IdM can provide access to entities both inside and outside an organization. In sho

25、rt, a good IdM solution provides capabilities to support authentication, provision and manage identities, and audit an entitys activities. IdM is a critical component in managing security and enabling nomadic, on-demand access to networks and e-services. Along with other defensive mechanisms (e.g.,

26、firewalls, intrusion detection systems, virus protection), IdM plays an important role in protecting information, communications and services from cybercrimes such as fraud and identity theft. One consequence of this is that users confidence will grow as e-transactions will be secure and reliable. I

27、n turn, this will increase users willingness to use IP networks for e-services. In implementing an IdM system, fundamental privacy concerns must be addressed. This means developing methods to ensure that identity information is accurate and to prevent identity information from being used for purpose

28、s beyond those for which it was collected. X series Supplement 7 (02/2009) 1 Supplement 7 to ITU-T X-series Recommendations ITU-T X.1250 series Supplement on overview of identity management in the context of cybersecurity 1 Scope Identity management has emerged as a critical component that will impr

29、ove security by providing greater assurance by verifying the validity of identity information. This supplement provides a general overview of this new service. The use of the term “identity“ in this supplement relating to IdM does not indicate its absolute meaning. In particular, it does not constit

30、ute any positive validation. 2 References None. 3 Definitions Definitions can be found in other ITU-T Recommendations of the X.1250 series. 4 Abbreviations and acronyms This supplement uses the following abbreviations: IdM Identity Management IP Internet Protocol PSTN Public Switched Telephone Netwo

31、rk 5 Conventions None. 6 Importance of IdM to global network infrastructure protection and multi-national coordination for security Proper implementation and use of IdM capabilities and practices in various national, regional, and international networks will enhance the security of the global networ

32、k infrastructure. IdM best practices and implementations are important and necessary to provide assurance of identity information and of the integrity and availability of the global network infrastructure. IdM capabilities can be used to support national and international emergency telecommunication

33、 services by identifying users authorized for special services. In addition, IdM capabilities can be used to prevent, detect, and support coordination of responses to national and international cybersecurity incidents. In some instances, IdM may help authorities and entities coordinate their efforts

34、 to trace and locate the source of such incidents. 2 X series Supplement 7 (02/2009) 7 Identity management as an enabler of trusted communication between two entities One important function of IdM is the authentication of users, networks or services. In an authentication process involving two entiti

35、es, one entity makes assertions about its identity to the other. Depending on the second entitys security requirements, these assertions may need to be validated before the second entity will trust the first enough to grant it privileges. This process may be required in both directions. There are va

36、rious levels of authentication trust ranging from little-or-none, weak (e.g., user name and password), to strong (e.g., public key infrastructure (ITU-T X.509). A risk assessment can identify the appropriate level of authentication. There may need to be higher levels of authentication for one entity

37、 than for the other, for example, because one entity controls critical resources. 8 Protection, maintenance, revocation and control of identity data Other important functions of IdM are to protect, maintain, and control trusted identity data, including the ability to ascertain the current status of

38、an identity. Laws or policies may require that personally identifiable information is protected and that identity information is prevented from being used for purposes beyond those for which it was collected. Ensuring that identity data continues to be valid is another primary concern. For the servi

39、ces that use them to be viable, identity data must be properly maintained so that it is accurate, timely and consistent. Where relevant, management of identity data attributes should include the capability to check the identity data to see if it has been revoked. In many cases, entities will want to

40、 control the use of their own data and private information. 9 “Discovery“ of trusted sources of identity data IdM also encompasses the concept of “discovery“ of trusted identity data. In a highly distributed, multi-provider environment (such as the Internet and next generation networks), identity da

41、ta necessary to provide trust in the identity and related assertions of an entity can be located in different places on the network. Entities may have multiple digital identities with different sources of identity information in different locations. When one of the two entities in an authentication

42、process is nomadic, the other entity will need to locate and establish a trust relationship with an appropriate source of identity information in order to complete the process of authenticating the nomadic entity. The concept of discovery of sources of trusted information is similar to what occurs t

43、oday in mobile cell phone usage. 10 Electronic government services (e-government services) The advantages of an entity to implement IdM include risk reduction, trust enhancement, increased functionality and the potential for cost reduction. These reasons for implementing IdM are equally valid when t

44、he entity is a government. In e-government services, the main objectives are also to cut costs and to provide more efficient and more effective services to the governments citizens and business partners. Like other entities, governments are confronted by the challenge of how to effectively and effic

45、iently utilize identity in the networked world. In order to make e-government services a reality, a government must perform risk analyses on the e-services it intends to offer and implement suitable protective measures. The sensitive nature of many e-government services (for example, e-health) may r

46、equire a government to require strong authentication. X series Supplement 7 (02/2009) 3 11 Regulatory considerations in connection with IdM National administrations and regional groups need to consider a number of potential regulatory issues in connection with IdM implementation, such as privacy and

47、 data protection, national security and emergency preparedness, and mandatory settlements between carriers. Governments not only utilize identity management techniques but may also impose it on other entities to meet a broad array of national policy and security objectives. 4 X series Supplement 7 (

48、02/2009) Selected list of activities related to Identity Management Various forums are working on IdM issues. These include: ARK (California Digital Library Archival Resource Key): http:/www.cdlib.org/inside/diglib/ark/(ARK) 3GPP SA3: http:/www.3gpp.org/tb/sa/sa3/ToR.htm ETSI TISPAN WG7: http:/www.e

49、tsi.org/tispan/ EU eID Roadmap: http:/ec.europa.eu/information_society/activities/egovernment_research/doc/eidm_roadmap_paper.pdf European Citizen Card: http:/europa.eu.int/idabc/servlets/Doc?id=19132 FIDIS (EU Future of Identity in the Information Society): http:/ FIRST (Forum of Incident Response and Security Teams): http:/www.first.org/ Guide project (EU Government User Identity for Europe): http:/www.guide-project.org Handle: http:/ Higgins: http:/www.eclipse.org/higg

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1