|Description||Identity Enrollment and Issuance: Service Providers should only issue the identity information (e.g., identifiers, credentials and attributes) associated with an identity after successful identity proofing of the entity. An entity requesting enrollment should be verified and validated according to the requirements of the context (i.e., in which the identity will be used) before enrolling or issuing any associated identifiers, credentials or attributes. The proofing process and policies should be based on the value of the resources (e.g., services, transactions, information and privileges) allowed by the identity and the risks associated with an unauthorized entity obtaining and using the identity. Specifically, measures to ensure the following is recommended:
(a) An entity (e.g., person, organization or legal entity) with the claimed attributes exists, and those attributes are suitable to distinguish the entity sufficiently according to the needs of the context.
(b) An applicant whose identity is recorded is in fact the entity to which the identity is bound;
(c) It is difficult for an entity which has used the recorded identity and credentials to later repudiate the registration/enrolment and dispute an authentication.
|Network Type(s)||Cable; Internet/Data; Satellite; Wireless; Wireline|
|Industry Role(s)||Service Provider|
|Keyword(s)||Cyber Security;Encryption;Information Protection;Intrusion Detection;|
|Reference/Comments||ITU-T Y.2720, NGN Identity Management Framework
ITU-T Y.2721, NGN Identity Management Requirements and Use Cases
ATIS-1000035, NGN Identity Management Framework.