Your browser has JavaScript turned off.
You must turn it on to proceed.










NORS -- CSRIC Best Practices Result

CSRIC Best Practices Result

Detailed Information for the Best Practice: 9-8-8767

Number 9-8-8767
Priority Critical
Description Identity Revocation: Service Providers should have applicable policies and enforcement for revoking an identity. Specifically,
(a) Enforce policies and terminate or destroy the credentials associated (e.g., digital certificates or tokens) with an identity when it is no longer valid or has a security breach.
(b) Provide notifications about the revocation or termination of an identity(s) or any of the data associated with the identity to the entity and to the systems and network elements that needs to be aware (i.e., All systems and processes with which the identity can be used for access have to be notified that the identity is no longer valid).
Network Type(s) Cable; Internet/Data; Satellite; Wireless; Wireline
Industry Role(s) Service Provider
Keyword(s) Cyber Security;Information Protection;Intrusion Detection;
Reference/Comments ITU-T Y.2720, NGN Identity Management Framework
ITU-T Y.2721, NGN Identity Management Requirements and Use Cases
ATIS-1000035, NGN Identity Management Framework.