Sophia Antipolis, France – 23 March 2011
As a step towards bringing IT and network worlds closer, ETSI has completed its first batch of Identity Management specifications supporting interoperability and access control. The specifications can be used to simplify how users get authorized access to services and data beyond enterprise boundaries. They also support more privacy thus reducing the concerns in deploying these technologies.
Completion of this series of five pre-standardization specifications (known as Group Specifications) marks the end of the first phase of a successful transfer of European R&D projects of the European Commission's 6th and 7th Framework projects into specifications for industrial use. The specifications were created by ETSI's Industry Specification Group on 'Identity and access management for Networks and Services' (ISG INS).
This first set of group specifications support interoperability and incorporate privacy into the telecoms services and networks domain. For example, Group Specification GS INS 001 on Identity Management (IdM) interoperability between Operators or Internet Service Providers (ISPs) and Enterprise provides mechanisms, interfaces and protocols allowing scenarios where third party providers share attributes with the operator, or reuses its authentication. A typical instance is Single Sign-On, a procedure by which a user gains access to all authorized communication services, thus avoiding the need for repeated authentication. GS INS 003 on distributed user profiles defines the relationship between access control and societal privacy needs and the associated legal framework.
Amardeo Sarma, Chair of ETSI's ISG INS, said: "This framework will further ease the transparent use of applications and services within and across enterprises and public networks. It addresses IT and telecommunications services and provides key specifications for the upcoming cloud environment." New work items, which will lead to further specifications, have been defined for other highly relevant areas. These include establishing an enforcement framework to ensure that key actions are carried out when accessing data and processes, as well as for establishing user consent.
An example of R&D results that were transferred into the specifications is those from the EU project SWIFT that focused on extending identity functions and federation to the network. SWIFT had developed and validated a cross-layer Identity Framework to improve users' "Single Sign-On" experience while supporting privacy and protecting data. The ISG's future work foresees the participation of several other EU projects, thus ensuring that the transfer of R&D results into standards continues.
The efficiency with which the task of producing this batch of Identity Management specifications was achieved is further evidence of the effectiveness of this new form of ETSI committee, the Industry Specification Group, in fulfilling its promise to quickly develop pre-standardization specifications based on industrial interest.
The current members of ISG INS are: Deutsche Telekom AG, Fraunhofer Institute for Secure Information Technology SIT, NEC Europe Ltd., Portugal Telecom, Nokia Siemens Networks, Waterford Institute of Technology (WIT), Telenor ASA, Alcatel-Lucent, University of Patras (Greece) and University of Murcia (Spain). Other companies are welcome to join the ISG.
– END –
Notes for Editors
ETSI produces globally-applicable standards for Information and Communication Technologies (ICT), including fixed, mobile, radio, transport, broadcast and internet technologies and is officially recognized by the European Union as a European Standards Organization. ETSI is an independent, not-for-profit association whose 700+ member companies and organizations, drawn from 62 countries across 5 continents worldwide, determine its work programme and participate directly in its work. For more information: www.etsi.org.
The ETSI logo is a trademark of ETSI registered for the benefit of its Members.
About ETSI Industry Specification Groups
The Industry Specification Group (ISG) is an innovative and flexible standards mechanism offered by ETSI, which builds upon the strengths of ETSI's established processes, the professional support provided via the ETSI Portal, and its industry-leading IPR (Intellectual Property Rights) regime. ETSI Industry Specification Groups operate alongside the existing structure of Technical Committees and Working Groups and supplement ETSI's conventional standards development process. ISGs provide a mechanism for the speedy preparation of technical requirements or specifications for well-defined, specific issues, typically in response to a need expressed by a subset of the ETSI membership. ETSI has established six ISGs during the past two years.
|For more information about ETSI's Identity |
Management activities, please contact:
|For ETSI press enquiries:|