ETSI creates new Industry Specification Group on Identity and Access Management

ETSI Headquarters, Sophia Antipolis, France – 23 September 2009

ETSI is pleased to announce the creation of a new Industry Specification Group to develop a common industry view on Identity Management protocols and architectures, relating mainly to networks and services for the Internet of the future.

In the vision of the Future Internet, the notion of the network will move towards the 'Internet of Things' – an extremely complex world of numerous interconnected devices and services. Users already encounter a bewildering array of connections, usernames and passwords as they access a wide variety of services. In addition, because users assume different roles and identities at different times (e.g. parent, doctor, sports fan), they require access to different groups of services according to their current role. As the interactions multiply, this complexity will also continue to grow, so the Future Internet will require solutions that will simplify the user experience whilst enabling the effective and reliable identification of users. Optimally, these solutions will be based on a unified and commonly agreed (i.e. standardized) approach. The major ambition is to allow the user simply to log in to one place and have the communications network automatically manage all the user's credentials, passwords etc. 

Up to now, standardization of Identity Management (IdM) has focused mainly on the web and application domains, with some activity also addressing Next Generation Networks. However, little has been done to address architectures and protocols that are the key to new networks and services and thus to business opportunities – the new ETSI Industry Specification Group will focus on these aspects by capturing the results of IdM research and development (R&D) activity and formulating an industry consensus.

Much of the input to the group will be derived from European Union 7th Framework Project (FP7) R&D activities on Identity Management with a specific focus on networks and services,  languages for access control and privacy policies. The Industry Specification Group (ISG) plans to create a series of commonly-agreed Europe-wide specifications, which can further developed by standardization groups such as ETSI and 3GPP™ as formally adopted standards for European or global use.

The group is known as the ETSI Industry Specification Group for 'Identity and access management for Networks and Services', or ISG INS, and held its first meeting in Aveiro, Portugal, on 16 September 2009. At this meeting, the group unanimously elected Amardeo Sarma (NEC) as Chairman and Ricardo Pereira (Portugal Telecom) and Peter Scholta (Deutsche Telecom) as vice-Chairmen. Membership of the group currently consists of two network operators (Deutsche Telekom and Portugal Telecom), two manufacturers (NEC and Nokia Siemens Networks), and two technical institutes (Fraunhofer Institute and Waterford Institute of Technology). This membership is expected to grow rapidly, as participation is open to all ETSI members, as well as to non-members of ETSI subject to signature of a participation agreement. 

The ISG INS meeting also approved its initial activities which include development of specifications for:
• mechanisms, interfaces and protocols allowing service providers to perform authentication and retrieval of identity attributes through the network operator;
• requirements on the use and application of distributed policy management such that, for example, authentication of the user by the communications network can enable their authentication for the various services they wish to access;
• distributed user profile management where the network operator acts as an identity broker (taking responsibility for managing the user's identity);
• mechanisms, protocols and procedures allowing user access to their selected services based on dynamic service level agreement (SLA) negotiations.
Publication of these specifications is foreseen for March and October 2010.

The group's newly elected Chairman, Amardeo Sarma of NEC Europe, said: 'This new group is a great opportunity to quickly agree on common specifications that will accelerate making business out of Identity and Access management, in particular for operators and services providers.'
The next meeting of the Industry Specification Group is scheduled for 26 & 27 November 2009 in Heidelberg, Germany.  


Notes for Editors

About ETSI 
ETSI produces globally-applicable standards for Information and Communications Technologies (ICT), including fixed, mobile, radio, converged, aeronautical, broadcast and internet technologies and is officially recognized by the European Union as a European Standards Organization. ETSI is an independent, not-for-profit association whose 766 member companies and organizations, drawn from 63 countries across 5 continents worldwide, participate directly in its work.
For more information please visit:  

About ETSI Industry Specification Groups
ETSI Industry Specification Groups (ISGs) operate alongside the existing structure of Technical Committees and Working Groups and supplement ETSI's conventional standards development process. ISGs provide a mechanism for the speedy preparation of technical requirements or specifications for well-defined, specific issues, typically in response to a need expressed by a subset of the ETSI membership.
An ETSI ISG may adopt working procedures that differ from those normally applying within ETSI. However, the fundamental rules of ETSI, in particular with regards to Intellectual Property Rights (IPR) still apply. The work of ETSI ISG's results in the publication of 'ETSI Group Specifications' which may later be passed to the traditional ETSI open standards-making process to become formally-recognized standards or reports.



For general ETSI press enquiries:
Paul Reid,
Events & Communications 
Tel:  +33 4 92944219  


For more information about ETSI's Industry Specification Group INS, please contact:

Laurent Vreck
Tel: +33 4 92944373