ITU-T Identity Management
Intercomms talks to Abbie Barbir, chair of the ITU-T Study Group 17's Focus Group on Identity Management set up in December 2006 about its hopes and aspirations
Abbie Barbir, Ph.D., co-chairs the OASIS TAB and is a member of Nortel's Strategic Standards group, where he serves as Senior Advisor in the areas of Web services and Security. This role has involved him in many activities within OASIS, W3C, WS-I, OMA, ITU-T, Canadian Advisory Committee (CAC) JTC1 SC6, IETF, Parlay and IPSphere. He recently was elected to the OASIS IDTrust Steering Committe for a two year term. He currently chairs the Cybersecurity question in ITU-T SG17 and is the vice chair of the CAC for JTC1 SC 6. In 2005, he represented OASIS to ITU-T and was instrumental in having the ITU-T consent the SAML and XACML OASIS Standards as ITU-T Recommendations. Abbie holds a Ph.D. in Computer Engineering from Louisiana State University in Baton Rouge, USA. In his more than 20 years in the software and telecommunication industry, he has been a professor of Computer Science in Western Carolina University, an application developer, data compression and encryption inventor, systems architect, security architect, engineering manager, consultant, author, and inventor of numerous security algorithms. His term on the TAB extends to July 2008.
Q: What is your remit or scope from the ITU?
Q: Could you outline a more complete gap
Q: Once you've established a framework of
current standards and then identified a
technology road map to support NGN today,
what's then necessary to have in place to
support NGN the day after tomorrow and so on?
Another missing feature today is in the use of unique identifiers and the discovery of those unique identifiers. That's missing today. The same is true of the management of entities across various domains and to identify patterns. Part of our focus is on these areas but also we are looking at internal interoperability, in particular among authorisation management protocols between providers and provider federations as part of the IDM framework. We would also like to see trust anchors and the ability of having authenticated assurances where the level of authentication would vary depending on what you wanted to access.
Q: How is the absence of the standards holding
back the industry?
Silo-ed IDM today means that users still have to remember a lot of passwords plus the user does not having the flexibility of a single sign in or global IDM. If you are roaming and you are visiting another city, your cell phone provider knows that you are out of town but this information is not properly provided to your applications. It doesn't change the time of wakeup calls or alert callers to the different timezone you are in because of the lack of a global harmonised IDM standard. It could be done but proprietary and specific solutions make its applicability very limited. We are not there yet in terms of what we could or can do for ID management as an application layer by itself.
Q: You have three meeting in quick succession;
April in Geneva, California in May and Tokyo in
July, by the end of those meeting what do you
hope to have established and achieved from
those three meetings?
If we had all the time in the world, it would be preferable to start with the use case scenarios first, then develop requirements and then establish various architectures and a global framework that fits together. This sequential approach doesn't relly work with us because of our limited life. Consequently, we are trying to do several things in a spiral approach where we can develop the framework at the same time as the requirements and the use case scenarios are each being developed.
The reason we have the first meeting between April and May is because we are catering to a global audience. April is a very good time for us because we already have ITU-T Study Group 13 and Study Group 17 meetings in Geneva. In May there is another big event that is happening, namely the Internet Identity Workshop and the IDM Focus Group will co-locate with the 350 experts in this field there them a full day to validate our architecture and our work with this community. In July we decided to go to Asia because we have a lot of Asian interest there and it will be good to meet locally with those participants in the Focus Group.
All Content Copyright © Entico Corporation Ltd. 2007