|Description||General: Service Providers should classify identity management services against the service architecture and deployment model being utilized to determine the general security posture of the identity services, how it relates to assets assurance and security protection requirements, and define the needed security architecture to mitigate security risks.
Specifically, if identity related functions are distributed among multiple parties, all parties involved should be clearly identified (e.g., relying parties such as users and service providers, credential providers, verifier or authentication providers, or federation members) with clearly defined roles, responsibilities, and accountability for the security of the identity service and all associated assets.
|Network Type(s)||Cable; Internet/Data; Satellite; Wireless; Wireline|
|Industry Role(s)||Service Provider|
|Keyword(s)||Cyber Security;Information Protection;Intrusion Detection;|
|Reference/Comments||ITU-T X.1250, Baseline capabilities for enhanced global identity management and interoperability
NIST SP 800-63, Electronic Authentication Guideline