ISO/IEC /FDAmd 1. Additional terminology and concepts. General information. Status: Deleted. Edition: 1. Number of pages: Technical. ISO/IEC •defines terms for identity management, and •specifies core concepts of identity and identity management and their relationships. Aug 1, ISO/IEC consists of the following parts, under the general title Information technology — Security techniques — A framework for identity.
|Published (Last):||19 November 2008|
|PDF File Size:||7.55 Mb|
|ePub File Size:||17.46 Mb|
|Price:||Free* [*Free Regsitration Required]|
The definitions are mostly unclear and imprecise: The section on concepts is if anything, lso more problematic. Posted on February 10, at 9: Information technology — Security techniques — Information security management systems — Requirements. The reasons for this are many: Standardization activity by this subcommittee includes general methods, management system requirements, techniques and guidelines to address both information security and privacy. Latest Tweets Nice article on practical concerns with 244760.
Describes the io and principles of ICT readiness for business continuity and the method and framework needed to 247760 aspects in which to improve it. Leave a Reply Cancel reply Enter your comment here This standard is supposed to define key terms for identity management and specify core concepts in identity and identity management.
Information technology — Security techniques — Guidelines for identification, collection, acquisition and preservation of digital evidence. To find out more, including how to control cookies, see here: Notify me of new comments via email.
Provides a framework for the secure and reliable management of identities by: Specifies the subjects to be addressed during the security evaluation of a biometric system . Applicable to entities involved in specifying, procuring, designing, testing, maintaining, administering and operating ICT systems that process PII.
The only place I see is reference to it from other standards. By continuing to use this website, you agree to their use.
ISO/IEC JTC 1/SC 27
Information technology – Security techniques – A framework for identity management – Part 2: Information technology — Security techniques — Requirements for bodies providing audit and certification of information security management systems.
Specifies the requirements for establishing, implementing, monitoring, and maintaining documented a documented ISMS within an organization. The concepts slip from being descriptive this is what the concept means to being normative this is how a system should behave.
It seems to me that major vendors are more interested in ISO when it comes to IdAM than they are ISOwhich tells you about the applicability of the standard. Doug Newdick’s Blog The discourse between business and technology. Reference architecture and requirements. Email required Address never made public. We are looking for an experienced Director of Finance for our head quarters in Noumea.
Hi Doug, I was wondering whether you ever got around to sharing other standards and resources that do a better job of describing the concepts and terminology around identity. The discussion of concepts seems very specific. From Wikipedia, the free encyclopedia. Provides a structured and planned approach to: You are commenting using your Facebook account.
My view is that it should be avoided. Information technology — Security techniques — Application security — Part 1: Shane Day July 17, at 4: Identity management and privacy technologies.
ISO/IEC JTC 1/SC 27 – Wikipedia
It seems to favour particular implementations and approaches to identity instead of being entirely general. These were among the reasons that a nmber of key countries voted against this standard. Create a free website or blog at WordPress. Fill in your details below or click an icon to log in: Addresses the management needs for ensuring the security of applications  and presents an overview of application security through the introduction of definitions, concepts, principles and processes .
Defines a privacy architecture framework that: The focus of each working group is described in the group’s terms of reference.
Introduction and general model.
Security controls and services. Provides a privacy framework that: Specifies the structure and data elements of Authentication Context for Biometrics ACBiowhich checks the validity of biometric verification process results . Unfortunately it was adopted. There are other ones out there which do a better job of describing the key concepts of identity and identity management. Countries pay a fee to ISO to be members of subcommittees.
Provides guidelines for the implementation of systems for the management of identity information and specifies requirements for the implementation and operation of a framework for identity management.
Information technology — Security techniques — Code of practice for information security controls. I’ve seen this scenario play out more times than I have seen it work correctly.
You are commenting using your Twitter account.