ISO/IEC /FDAmd 1. Additional terminology and concepts. General information. Status: Deleted. Edition: 1. Number of pages: Technical. ISO/IEC •defines terms for identity management, and •specifies core concepts of identity and identity management and their relationships. Aug 1, ISO/IEC consists of the following parts, under the general title Information technology — Security techniques — A framework for identity.
|Published (Last):||17 June 2004|
|PDF File Size:||10.95 Mb|
|ePub File Size:||13.21 Mb|
|Price:||Free* [*Free Regsitration Required]|
Provides guidelines for the implementation of systems for the management of identity information and specifies requirements for the implementation and operation of a framework for identity management. Introduction and general model.
In short, avoid this standard. My view is that it should be avoided.
Unfortunately it was adopted. The concepts slip from being descriptive this is what the concept means to being normative this is how a system should behave. Describes the overview and vocabulary of ISMS . Information technology — Security techniques — Information security management systems — Requirements.
ISO/IEC JTC 1/SC 27
Information technology — Security techniques — Requirements for bodies providing audit and certification of information security management systems. It seems to favour particular implementations and approaches to identity instead of being entirely general.
Specifies six methods for authenticated encryption with the security objectives of: The reasons for this are many: Provides guidance for the handling 2476 digital evidence that could be of evidential value .
The only place I see is reference to it from other standards. It is entirely ICT focused though at other times it claims otherwise which is unhelpful in the context of a general framework for identity.
From Wikipedia, the free encyclopedia. Reference architecture and requirements. Applicable to entities involved in specifying, procuring, designing, testing, maintaining, administering iiso operating ICT systems that process PII.
These were among the reasons that a nmber of key countries voted against this standard. This page was last edited on 6 Marchat Hi Doug, funny that I should come across your blog first when looking into advice onto adhering to this standard.
Doug Newdick’s Blog The discourse between business and technology. Notify me of new is via email. Information technology — Security techniques — Guidelines for identification, collection, acquisition and preservation of digital evidence.
Posted on February 10, at 9: Views Read Edit View history. Retrieved from ” https: Leave a Reply Cancel reply Enter your comment here It seems to me that major vendors are more interested in ISO when it comes to IdAM than they are ISOwhich tells you about the applicability of the oso. Create a free website or blog at WordPress.
Identity Standards: ISO | Doug Newdick’s Blog
Standardization activity by this subcommittee includes general methods, management system requirements, techniques and guidelines to address both information security and privacy.
Addresses the management needs for ensuring the security of applications  and presents an overview of application security through the introduction of definitions, concepts, principles and processes . They are inconsistent in their use of other terms defined in the standard. Notify me of new posts via email. Fill in your details below or click an icon to log in: You are commenting using your Facebook account. Specifies encryption systems for the purpose of data confidentiality .
Provides a framework for the secure and reliable management of identities by: Identity management and privacy technologies. Specifies the subjects to be addressed during the security evaluation of a biometric system . Information technology — Security techniques — Code of practice for information security controls.