| Requirement Group
| Description
| Requirements
|
| Critical Infrastructure protection; National Security/Emergency Preparedness/Emergency Telecommunication Service
|
- Public communications and SCADA infrastructure protection. The most basic requirement instituted by essentially every national or regional telecommunications legal regime, as well as the ITU's own treaty instruments internationally is the availability of a public communications infrastructure and its protection from harm. The requirement also encompasses Supervisory Control & Data Acquisition (SCADA) systems and networks that support other critical public infrastructures and services supporting, for example, essential government, transportation, utilities, finance, and health systems. This requirement typically results in an array of legal and regulatory provisions that mandate providers institute architectures and practices to protect their networks, control devices attached to the networks, and criminalize behavior that harms the infrastructure or impermissibly accesses network elements.
- Incident Response. When network use occurs that accidentally or deliberately brings about incidents of harm to public or SCADA networks, an array of regulatory, criminal, or industry normative requirements and practices are invoked designed to respond to, analyze, and report the incident forensics. Increasingly these requirements are international in nature and may be subject to international multilateral or bilateral treaty provisions or agreements.
- Priority access during major emergencies. During major emergencies or disasters, public communication infrastructures may experience diminished capacity because of harm to the infrastructure or massive public use. The ITU-T has instituted these requirements internationally as the Emergency Telecommunications Service. This requirement typically results in an array of legal and regulatory provisions that mandate providers institute architectures and practices that allow designated persons to obtain priority access to network resources and where allowed by national regulation, control over available resources.
- Services restoration after major disasters. In the course of a major disaster, significant destruction to identity management resources can occur that necessitates subsequent restoration of those resources. This requirement typically results in the imposition by national or local authorities of architectures, practices, and reporting requirements that allow restoration of destroyed identity management capabilities.
- Security related service provisioning constraints. Concerns frequently arise regarding the potential vulnerabilities of national identity management resources maintained by foreign providers. This requirement typically results in the imposition by national authorities of architectures, practices, and other controls that constrain identity management capabilities.
| As a group, these requirements typically result in a large array of global, regional, national, and local identity management requisites for providers, users, and objects that include resource discovery, authentication, authoritative identifiers and attributes, pattern logging, reputation and analysis, as well as availability and protection of these IdM resources.
|
| Public Safety
|
- Citizen emergency calls/messages. Citizens typically depend on the public and often private communication infrastructure to call or otherwise generate messages to local public safety officials to provide emergency assistance, frequently using well known routing identifiers such as 112 or 911. During the setup of these communications, the public safety officials depend substantially on identity management identifiers and attributes automatically obtained such as the identity and location of the caller. This requirement typically results in the imposition by national authorities of architectures, practices, and specific identity management capabilities designed to assist emergency responders.
- Authority emergency alert messages. Governments typically depend on the public communication infrastructure to call or otherwise generate messages to citizens to provide notice of an emergency or impending disaster. During the setup of these communications, the government officials and communication network providers depend substantially on authentication identity management authentication, identifiers and attributes, including the location of citizens. This requirement typically results in the imposition by national authorities of architectures, practices, and specific identity management capabilities designed to assist emergency responders.
| As a group, these requirements typically result in an important set of regional, national, and local identity management requisites for providers, users, and objects that include resource discovery, authentication, authoritative identifiers and attributes.
|
| Assistance to lawful authority
|
- Lawful Interception. Governments typically impose capability requirements on all public and often private communication infrastructure to capture and deliver to officials specific communications or signalling information associated with identified parties or described behavior to meet criminal forensic, regulatory (e.g., security trading) or national security needs. The operators of public networks in responding to incidents of harm to the network, or owners of private networks also implement such capabilities. This requirement typically results in the imposition by national authorities of architectures, practices, and specific identity management capabilities designed to assist authorized officials or persons.
- Retained data. Governments typically impose capability requirements on all public and often private communication infrastructure to extract and store signalling information to meet criminal forensic, regulatory (e.g., security trading) or national security needs. In some cases the requirement may be specific to a specified party or described behavior (known as "preservation"), or in other cases a general "data retention" requirement. The operators of public networks in responding to incidents of harm to the network, or owners of private networks also implement such capabilities. This requirement typically results in the imposition by national authorities of architectures, practices, and specific identity management capabilities designed to assist authorized officials or persons.
- Cybercrime forensics. In addition to lawful interception and retained data capabilities described above, government officials and network operators in specific incidences require identity management capabilities that enable trusted analysis and the availability of evidence sufficient for subsequent judicial action. For example, identity management is often critical to maintaining confidence in a chain of custody and prevention of tampering. The application of accurate or even certified timestamps is often essential for maintaining necessary analytical or evidentiary needs. This requirement typically results in the imposition by national authorities of architectures, practices, and specific identity management capabilities designed to assist authorized officials or persons.
- Anonymity or false identity. Governments typically impose capability requirements on all public communication infrastructure to protect the available identity information for specific privileged users such as investigatory personnel or witnesses or other persons potentially subject to harm if their true identity were known. This may also occur when a party is provided the right to remain anonymous in the course of setting up a communication. This requirement typically results in the imposition by national authorities of architectures, practices, and specific identity management capabilities designed to provide these needs.
| As a group, these requirements typically result in a large array of global, regional, national, and local identity management requisites for providers, users, and objects that include resource discovery, authentication, authoritative identifiers and attributes, pattern logging, reputation and analysis, as well as availability and protection of these IdM resources.
|
| Competition requirements
|
- Minimizing barriers to market entry; open Identity Services provisioning. Government authorities typically impose capability requirements on services provisioning architectures and protocols to minimize the barriers to market entry and enhance competitive opportunities both domestically and internationally, to meet a number of public policy objectives. These requirements often include prohibitions against unfair bundling of network elements and services to customers, especially by dominant providers. Examples with respect to identifier unbundling are described below under the Identifier Provisioning section. Very extensive open provisioning regimes have been established over the past two decades by international bodies such as the World Trade Organization, regional bodies such as the European Commission, and national regulatory and competition authorities. Some requirements may, however, be tempered by national security and critical infrastructure protection considerations.
- Avoiding market dominance. Except where there are overriding policy considerations such as national security, most jurisdictions try to avoid the existence of providers that exert "market dominance." Special network architectures or provisioning requirements may be imposed in some jurisdictions to avoid or minimize the effects of market dominance.
| As a group, these requirements typically result in a large array of global, regional, national, and local identity management requisites for providers, users, and objects that include resource discovery, authentication, authoritative identifiers and attributes, as well as availability and protection of these IdM resources.
|
| Identifier resource management
|
- Identifier/numbering allocation and assignment. An array of global treaty instruments and other intergovernmental agreements for many decades have established governmental entities as significant communication network Identity Providers . These provisions establish the basis for a broad array of critical public identifier resources that include ICT, network, object, security, and radiocommunications identifiers ranging from E.164 telecommunication/telephone numbers, to public network provider identifers, to device identifiers, to all-encompassing ICT domain name systems like OIDs. These resources at the global level are maintained within the bureaus of international organizations like the ITU Telecommunications Standardization Bureau and the Radiocommunication Bureau, and increasingly include server-based query-response capabilities. Governmental agencies in turn are then responsible for resource management at regional or national levels - who in turn often allocate responsibilities to local governmental or private sector authorities. At regional and national levels, most countries also enact identifier resource management statutory legal provisions that provide for the allocation and assignment of these identifiers, including their use as network elements.
- Administrative requirements. Global, regional, national, and local authorities in conjunction with the allocation and assignment of identifier resources for publicly available networks and services, institute a broad range of Identity Management administrative requirements that include authentication, identifier resolver support, and current, accurate attribute information associated with the assignee end user and terminal equipment, as well as other resource capabilities reflected in other parts of this compendium. These administrative requirements are generally regarded as among the most important means of insuring the integrity of Identity Management systems. Administrative requirements also include legal and regulatory requirements concerning the allocation of identifiers to certain classes of users - the most extensive of which are geographic requirements where the identifier has an geographic context such as a country or calling area.
- Number portability; unbundling. One of the more important identifier resource management legal and regulatory requirements in competitive provisioning environments is that of identifier unbundling. The requirements are applied to the use of telephone E.164 identifiers in many countries - resulting in administrative provisions and resolution architectures that enable a portability of the number among different service providers. IETF domain names represent an identifier system also allowing for identifier portability. These policy requirements may also include strictures on geographic number portability.
| As a group, these requirements typically result in a large array of global, regional, national, and local identity management requisites for government agencies and providers that include resource discovery, authentication, authoritative identifiers and attributes, as well as availability and protection of these IdM resources.
|
| Consumer needs
|
- Delegation; agency. Many classes of people require or prefer to allow others to undertake Identity Management related tasks and decisions for them. These classes include children, the elderly, the infirm and the mentally disabled. They also include employment and other kinds of relationships that frame an Identity Management context. These requirements are often explicitly reflected in legal and regulatory requirements, as well as the generic legal concept of "agency" which provides the basis for such delegations. Delegation and agency requirements can add significant complexity to Identity Management support capabilities.
- Universal service; equitable availability; social good funding and public policy objectives. Some very widely used identifiers such as telephone numbers and possibly IP addresses may be subject to legal, regulatory, and contributory requirements designed to assure fair, equitable distribution of identifiers or associated funding regimes designed to promote universal service and other social goods or policy objectives such as geographical distribution balances. Identifiers associated with businesses, radio or internet use, for example, often have regimes that provide for administrative funding for the associated support infrastructure and its administration. These objectives also tend to enhance the necessity for accuracy of identifier attribute information.
- User Privacy and Preventing Unwanted Intrusions. The term 'privacy' has different legal meanings among jurisdictions. One of those meanings involves the ability of end users to controlling or preventing unwanted intrustions in different contexts, that in turn are reflected in criminal, civil cause of action, and regulatory mandates that are implemented as identity attribute systems.
- DoNotCall; Opt-Out. DoNotCall requirements pertain to identifier lists or attribute flags that indicate a consumer does not want certain kinds of communications, especially solicitations for commercial sales.
- Trusted CallerID. CallerID is a service provider offering whereby the authoritative attributes of a calling party identifier are obtained and provided to the called party - usually as part of the call setup. The term 'authoritative' in this context is effected through a real-time query to the Identity provider that assigned the identifier to the calling party. In some jurisdictions, non-profit solicitors are obligated to use CallerID in conjunction with the call. CallerID allows the customer to make an informed choice regarding the communication - that may be enhanced through the use of distinctive ringtones or automated call diversion capabilities. In some jurisdictions it may be a criminal offense to deliberately alter the authoritative CallerID identifier attributes.
- Prevention of SPAM.' SPAM is a form of large-scale consumer unwanted messaging intrusion - often based on a mis-appropriation of a consumer's messaging address and identity attributes that in many jurisdictions may subject the sender of unwanted messaging to civil or criminal penalties. Prevention of SPAM requires an array of IdM support capabilities including authentication of the messaging servers, white lists, black lists, and reputational or other signature analysis techniques.
- Anti-Cyberstalking. Cyberstalking is a form of targeted intrusion by an anonymous party - typically against a single person who are frequently women - often with the intent to intimidate. In some jurisdictions, it it is a prohibited act to "make a telephone call or utilize a telecommunications device or the Internet, whether or not conversation or communication ensues, without disclosing identity and with intent to annoy, abuse, threaten, or harass any person at the called number or who receives the communications." 47.U.S.C. Sec. 233
- Anti-Cyberpredators. Cyberpredation is a form of targeted intrusion usually by an anonymous adult against a minor for the purposes of encouraging or engaging in illicit sexual activity. In many jurisdictions, the identity attribute of age of the respective parties is a substantial factor resulting in a serious criminal offense.
- User Privacy and CPNI Protection. Another meaning of privacy in many jurisdictions involves the ability of end users to controlling or preventing use of identity information in different contexts, that in turn are reflected in criminal, civil cause of action, and regulatory mandates that are implemented as identity attribute systems. Customer Proprietary Network Information (CPNI) refers to subscriber identity information - especially useage information.
- Use and access controls. One of the most common forms of privacy and CPNI protection in many jurisdictions are the strictures placed on the subsequent availability and use of information provided initially for the purpose of obtaining a service. These strictures may take the form of limits on the kind of information collected, retention lengths, protection of the information while it is retained, authentication of accessing parties, audit trails associated with access and use, and availability to third parties, including the associated terms and conditions. Legal and regulatory provisions include a mixture of industry practices, prohibitions, civil cause of action, and criminal culpability.
- Transparency. In addition to use and access controls, privacy and CPNI protection involves the ability for customers to meaningfully understand the conditions under which identity information is being requested or collected, the potential use of that information for other purposes, and to understand how and when consent is given for its use. The various legal and regulatory strictures typically address the readability of consent agreements, the granularity of their use, and whether the processes for their application are "opt-in" or "opt-out." These are burden allocation mechanisms where the former requires affirmative action by a consumer for an action to taken; while the latter requires affirmative action for an action not to be taken.
- Notice. Notice is an audit trail mechanism which compels communication with a consumer when an identity related action occurs. In the context of use and access controls, notice might compel an Identity Provider to inform a customer whenever information is accessed or provided to a third party.
- User Privacy and Anonymity. A third variant of privacy includes the ability of a customer to engage in communications without disclosing their true idenity. Anonymity may also be linked with rights to free expression in some jurisdictions - viewed as an enhancement of those rights. However, achieving anonymity in practice is both costly and often at odds with a multitude of other legal and regulatory requirements, including other consumer privacy requirements. In addition, the evidence discovery process in civil litigation, as well as potential culpability in criminal proceedings are examples of recent juridical mandates that dissuade providers from supporting anonymity capabilities for consumers.
- Prevention of identity theft. Identity theft is a crime in which an imposter obtains key pieces of personal information in order to impersonate someone else. These crimes are facilitated through "pretexting," i.e., pretending to be the victim in communications with Identity Providers. The information is then used to obtain credit, merchandise, and services in the name of the victim, or to provide the thief with false credentials. In addition to running up debt, an imposter might provide false identification to police, creating a criminal record or leaving outstanding arrest warrants for the person whose identity has been stolen. Identity theft prevention is the subject of broad-based cybersecurity and cybercrime provisions ranging internationally from the Cybercrime Convention and ITU treaty conference action, to new legislation making "pretexting" a serious crime and mandating additional IdM measures by providers.
- Revocation/repudiation. As identity theft becomes an increasingly large scale societal challenge, the ability of users and Identity Providers to revocate credentials or repudiate falso identity information such as reputation becomes more important as a consumer requirement. This need already has resulted in both national identity as well as industry IdM practices such as automatic verification that a credential has not been revoked.
- Disability assistance. Most jurisdictions require providers, including Identity Providers, institute disability capabilities to accommodate hearing, sight, and other physical or mental disabilities of customers. In many cases, these capabilities are implemented through the inclusion of disability information as an identity attribute.
| As a group, these requirements typically result in a large array of global, regional, national, and local identity management requisites for providers and users that include resource discovery, authentication, authoritative identifiers and attributes, pattern logging, reputation and analysis, as well as availability and protection of these IdM resources.
|
| Business needs
|
- Network interoperability. Public (and most private) ICT network and service providers collectively manage on a global array of distributed, essentially autonomous infrastructures at different logical layers (physical, transport, network, etc) that must be known to eachother with the ability to exchange and route traffic to addresses. The result is an enormous number of network-centric needs for trusted, current object, user, and provider identifiers, their correlation, and availability among providers. Time limited performance requirements are also especially significant for network interoperability. Diverse law and regulations combined with extensive industry normative standards and practices pertain to network interoperability.
- Intercarrier compensation. Network interoperability involves the availability and sustantial use of a provider's network resources by other providers - frequently worldwide. The compensation for this availability and use among providers necessitates some form of IdM based accounting and billing regime. Different levels of accounting granularity and toll means may exist - typically on the basis of calls, packets, available routes or bandwidth. Diverse law and regulations combined with extensive industry normative standards and practices pertain to network interoperability.
- Roaming. Because providers support large numbers of users and other providers who are physically or logically nomadic, large numbers of complex bilateral and multilateral (federation) agreements exist among network operators to allow access to and use of network resources. These agreements are usually classified as automatic and manual (i.e., temporary ad hoc agreements). The unbundling of network layers and elements, as well as the increase in the number of service providers and network operators worldwide significantly complicates roaming IdM and introduces constrained time dynamics. Diverse law and regulations combined with extensive industry normative standards and practices pertain to network interoperability.
- Distribution management. Operators of ICT networks support the discribution and auditing of large number of physical network or terminal device objects within their own infrastructures or those of third parties. The latter may involve products or objects moving through commercial or governmental distribution channels or transport paths using near field communications that may be RFID based or optical scanners. These needs give rise to highly dynamic IdM capabilities.
- Preventing and minimizing fraud and identity theft. Operators of ICT networks and providers of services are highly dependent on IdM to prevent and minimize fraud in the use of their network resources and services, as well as theft of their own identity. Identity theft is equally applicable and important for businesses as it is for consumers. Diverse law and regulations combined with extensive industry normative standards and practices pertain to network interoperability.
- Contracts. Businesses typically implement the preponderance of IdM requirements through contractual mechanisms both with customers and other providers. A substantial number of model IdM contractual agreements exist within federations.
- Risk assumptions and allocation; torts and negligence. In conjunction with IdM use and offerings, businesses typically assess and allocate their risk for IdM related failures, omissions, or misconduct by their employees, suppliers, partners, and customers; and deal with the risk in the context of laws concerning negligence and torts (i.e., a civil wrong). Such civil wrongs include personal injury, medical malpractice (in IdM eHealth), product liability, intellectual property infringements, defamation, intentional acts against persons, property, or other business, or invasion of privacy. Negligence is significant factor and body of law in dealing with tortious conduct that attempts to establish standards of reasonable care and allocation of risk when loss, injury, or damage occurs.
| As a group, these requirements typically result in a large array of global, regional, national, and local identity management requisites for providers, users, and objects that include resource discovery, authentication, authoritative identifiers and attributes, pattern logging, reputation and analysis, as well as availability and protection of these IdM resources.
|
| Intellectual Property Protection
|
- Digital rights management. One of the largest classes of digital objects are written materials, images, films, and audio recordings and other bodies of work or assets in which authors and publishers have ownership rights arising under copyright, patent, trademark and similar legal systems. Digital rights management seek to provide the means to control distribution of these works and assets, including the associated usage rights and means of compensation.
- Protection of privileged or sensitive information. Organizations and individual persons have recognized rights or powers to designate information as privileged or sensitive for a wide variety of reasons. These may include government secrets, trade secrets, privacy, or diverse forms of confidentiality. Large bodies of IdM related laws, regulation, standards, and normative practices apply to such information.
| As a group, these requirements typically result in a large array of global, regional, national, and local identity management requisites for providers, users, and objects that include resource discovery, authentication, authoritative identifiers and attributes, pattern logging, reputation and analysis, as well as availability and protection of these IdM resources.
|
| Juridical
|
- Evidence; judicial discovery. In the context of civil or criminal proceedings, most legal systems have bodies of rules and procedures that pertain to the identification and availability of evidence and its availability to opposing parties (judicial discovery). With the transition of many forms of evidence to digital form, some court systems have begun to impose organizational records keeping requirements that facilitate judicial discovery.
- Conflict of Laws. Because IdM legal requirements frequently differ among jurisdictions - sometimes requiring completely opposite conduct - bodies of law exists for dealing with such conflicting obligations of a party. In the arena of identity management across global ICT infrastructures - particularly in areas such as national security, law enforcement support, intellectual property protection, and privacy - such conflicts can be extremely difficult and complex. International agreements and activities establishing normative standards and processes for resolving these conflicts are common.
| As a group, these requirements typically result in a large array of global, regional, national, and local identity management requisites for providers, users, and objects that include resource discovery, authentication, authoritative identifiers and attributes, pattern logging, reputation and analysis, as well as availability and protection of these IdM resources.
|
