ISO/IEC /FDAmd 1. Additional terminology and concepts. General information. Status: Deleted. Edition: 1. Number of pages: Technical. ISO/IEC •defines terms for identity management, and •specifies core concepts of identity and identity management and their relationships. Aug 1, ISO/IEC consists of the following parts, under the general title Information technology — Security techniques — A framework for identity.

Author: Tuzragore Gar
Country: Greece
Language: English (Spanish)
Genre: Software
Published (Last): 11 July 2009
Pages: 26
PDF File Size: 16.27 Mb
ePub File Size: 5.4 Mb
ISBN: 835-8-69252-262-7
Downloads: 18997
Price: Free* [*Free Regsitration Required]
Uploader: Fenrizuru

I’ve seen this scenario play out more times than I have seen it work correctly. Information technology — Security techniques — Code of practice for information security controls. It seems to me that major vendors are more interested in ISO when it comes to IdAM than they are ISOwhich tells you about the applicability of the standard. Notify me of new comments via email.

The discussion of concepts seems very specific. It seems to favour particular implementations and approaches 2476 identity instead of being entirely general.

Information technology — Security techniques — Guidelines for information and communication technology readiness for business continuity. SC 27 engages in active liaison and collaboration with appropriate bodies to ensure the proper development and application of SC 27 standards and technical reports in relevant areas.

ISO/IEC /FDAmd 1 – Additional terminology and concepts

By using this site, you agree to the Terms of Use and Privacy Policy. Information technology — Security ixo — A framework for identity management — Part 1: Information technology — Security techniques — Isp for bodies providing audit and certification of information security management systems.


The focus of each working group is described in the group’s terms of reference. The concepts slip from being descriptive this is what the concept means to being normative this is how a system should behave.


Introduction and general model. Addresses the management needs for ensuring the security of applications [5] and presents an overview of application security through the introduction of definitions, concepts, principles and processes [25].

Provides a framework for the secure and reliable management of identities by: From Wikipedia, the free encyclopedia. Specifies the subjects to be addressed during the security evaluation of a biometric system [23].

Unfortunately it was adopted. Hi Doug, funny that I should come across your blog first when looking into advice onto adhering to this standard.

Identity management and privacy technologies. Fill in your details below or click an icon to log in: I couldn’t agree more with everything in it!

Provides a privacy framework that: Posted on February 10, at 9: Countries pay 2476 fee to ISO to be members of subcommittees. In many cases they use terms that are just as unclear as the one they are trying to define e. Information technology — Security techniques — Information security management systems — Requirements. Hi Doug, I was wondering whether you ever got around to sharing other standards and resources that do a better job of describing the concepts 224760 terminology around identity.

You are commenting using your WordPress. Specifies six methods for authenticated encryption with the security objectives of: This page was last edited on 6 Marchat Reference architecture and requirements.

Retrieved from ” https: By continuing to use this website, you agree to their use. Synonyms are given for terms that are clearly incorrect e. The reasons for this are many: We are looking for an 2470 Director of Finance for our head quarters in Noumea. Information technology — Security techniques — Application security — Part 1: Information technology – Security techniques – A framework for identity management – Part 2: They redefine commonly used terms in the industry authentication is redefined to mean a form of verification.


The only io I see is reference to it from other standards.

ISO/IEC JTC 1/SC 27 – Wikipedia

Notify me of new posts via email. Security controls and services. Jso are inconsistent in their use of other terms defined in the standard.

You are commenting using your Twitter account. Information technology — Security techniques — Information security management systems — Overview and vocabulary.

Provides a structured and planned approach to: In short, avoid this standard. Latest Tweets Nice article on practical concerns with modelling.

24706 the requirements for establishing, implementing, sio, and maintaining documented a documented ISMS within an organization.

There are other ones out there which do a better job of describing the key concepts of identity and identity management. Describes the concepts and principles of ICT readiness for business continuity and the method and framework needed to identify aspects in which to improve it. My view is that it should be avoided.