In the vision of the Future Internet, the notion of the network will move towards the "Internet of Things" – an extremely complex world of numerous interconnected devices and services. Users already encounter a bewildering array of connections, usernames and passwords as they access a wide variety of services. In addition, because users assume different roles and identities at different times (e.g. parent, doctor, sports fan), they require access to different groups of services according to their current role. As the interactions multiply, this complexity will also continue to grow, so the Future Internet will require solutions that will simplify the user experience whilst enabling the effective and reliable identification of users. Optimally, these solutions will be based on a unified and commonly agreed (i.e. standardized)
Up to now, standardization of Identity Management (IdM) has focused mainly on the web and application domains, with some activity also addressing Next Generation Networks. However, little has been done to address architectures and protocols that are the key to new networks and services and thus to business opportunities – the new ETSI Industry Specification Group will focus on these aspects by capturing the results of IdM research and development (R&D) activity and formulating an industry consensus.
Much of the input to the group will be derived from European Union 7th Framework Project (FP7) R&D activities on Identity Management with a specific focus on networks and services, languages for access control and privacy policies. The Industry Specification Group (ISG) plans to create a series of commonly-agreed Europe-wide specifications, which can further developed by standardization groups such as ETSI and 3GPP™ as formally adopted standards for European or global use.
The group is known as the ETSI Industry Specification Group for "Identity and access management for Networks and Services", or ISG INS, and held its first meeting in Aveiro, Portugal, on 16 September 2009. At this meeting, the group unanimously elected Amardeo Sarma (NEC) as Chairman and Ricardo Pereira (Portugal Telecom) and Peter Scholta (Deutsche Telecom) as vice-Chairmen. Membership of the group currently consists of two network operators (Deutsche Telekom and Portugal Telecom), two manufacturers (NEC and Nokia Siemens Networks), and two technical institutes (Fraunhofer Institute and Waterford Institute of Technology). This membership is expected to grow rapidly, as participation is open to all ETSI members, as well as to non-members of ETSI subject to signature of a participation agreement.
The ISG INS meeting also approved its initial activities which include development of specifications for:
• mechanisms, interfaces and protocols allowing service providers to perform authentication and retrieval of identity attributes through the network operator;
• requirements on the use and application of distributed policy management such that, for example, authentication of the user by the communications network can enable their authentication for the various services they wish to access;
• distributed user profile management where the network operator acts as an identity broker (taking responsibility for managing the user's identity);
• mechanisms, protocols and procedures allowing user access to their selected services based on dynamic service level agreement (SLA) negotiations.
Publication of these specifications is foreseen for March and October 2010.
The group's newly elected Chairman, Amardeo Sarma of NEC Europe, said: "This new group is a great opportunity to quickly agree on common specifications that will accelerate making business out of Identity and Access management, in particular for operators and services providers."
The next meeting of the Industry Specification Group is scheduled for 26 & 27 November 2009 in Heidelberg, Germany.
