|Description||Identity Revocation: Service Providers should have applicable policies and enforcement for revoking an identity. Specifically,
(a) Enforce policies and terminate or destroy the credentials associated (e.g., digital certificates or tokens) with an identity when it is no longer valid or has a security breach.
(b) Provide notifications about the revocation or termination of an identity(s) or any of the data associated with the identity to the entity and to the systems and network elements that needs to be aware (i.e., All systems and processes with which the identity can be used for access have to be notified that the identity is no longer valid).
|Network Type(s)||Cable; Internet/Data; Satellite; Wireless; Wireline|
|Industry Role(s)||Service Provider|
|Keyword(s)||Cyber Security;Information Protection;Intrusion Detection;|
|Reference/Comments||ITU-T Y.2720, NGN Identity Management Framework
ITU-T Y.2721, NGN Identity Management Requirements and Use Cases
ATIS-1000035, NGN Identity Management Framework.