The first steps towards a globally harmonized approach to identity management (IdM) have been taken during a meeting bringing together, for the first time, the world’s key players in the IdM space.
IdM promises to reduce the need for multiple user names and passwords for each service used, while maintaining privacy of personal information. A global IdM solution will help diminish identity theft and fraud. Further, IdM is one of the key enablers for a simplified and secure interaction between customers and services such as e-commerce.
Experts at the meeting concurred that interoperability between existing IdM solutions will provide significant benefits such as increased trust by users of on-line services as well as cybersecurity, reduction of SPAM and seamless “nomadic” roaming between services worldwide.
Abbie Barbir, chairman of the Focus Group on Identity Management (FG IdM
): “Our main focus is on how to achieve the common goals of the telecommunication and IdM communities. Nobody can go it alone in this space, an IdM system must have global acceptance. There was a very positive feeling at the meeting that we can achieve this and crucially we saw a great level of participation from all key players.”
The meeting of the FG IdM brought together developers, software vendors, standards forums, manufacturers, telcos, solutions providers and academia from around the world to share their knowledge and coordinate their IdM efforts. Interoperability among solutions so far has been minimal. One conclusion of attendees is that cooperation is crucial and that players cannot exist in isolation. The spirit of the meeting was that everyone will gain by providing an open mechanism that will allow different IdM solutions to communicate even as each IdM solution continues to evolve. Such a “trust metric” does not exist today experts say.
Work will continue online and during Focus Group meetings in April, May, and July. An analysis of what IdM is used for will be followed by a gap analysis between existing IdM frameworks now being developed by industry fora and consortiums. These gaps should be addressed before the interworking and interoperability between the various solutions can be achieved. The aim is to provide the basis for a framework which can then be conveyed to the relevant standard bodies including ITU-T Study Groups. The document will include details on the requirements for the additional functionality needed within next generation networks (NGN).
ITU-T has a long history of innovation in this field, with key work on trusted, interoperable identity framework standards including Recommendation X.509 that today serves as the primary “public key” technical mechanism for communications security across all telecom and internet infrastructures.