Federated Identity Management and Network Virtualization
|
|
- Marybeth McDaniel
- 5 years ago
- Views:
Transcription
1 Federated Identity Management and Network Virtualization Yang Cui and Kostas Pentikousis 3rd ETSI Future Networks Workshop 10 April 2013 Sophia Antipolis, France The opinions expressed in this presentation are those of the authors and do not necessarily represent the views of Huawei Technologies Co., Ltd.
2 Talk Outline Federated ID Management Today Towards Network Virtualization Problems and Requirements Service and Operator Co-operation Single Sign-On (SSO) in Network Virtualization Multi-factor Authentication Standardization Challenges 2
3 Federated ID Management Today Single Sign-On (SSO) Centralized AUTH server Reduces costs, makes user life easier, but requires highly critical auth 3GPP SA3 study item TR SSO for IMS OpenID: URI as the federated ID No central Certification Authority (CA) low trust & security levels Security Assertion Markup Language (SAML) XML-based open-standard data format Exchange auth data between an identity provider and a service provider Liberty Alliance ID mapping to different domains Complexity of multiple ID providers, SAML 3
4 Federated System Requirements Interoperate across organizational boundaries Utilize identity storage Manage security approaches, authentication and authorization Support different programming models Within a federated system, security and privacy is critical Identities/credentials are stored and managed separately Manage own identities Share and accept identities and credentials from other members' sources 4
5 NFV: Industry Momentum Source: Network Functions Virtualisation (White Paper, Oct. 2012) 5
6 Network Virtualization Scalability Experimental Heterogeneity Isolation Programmability Manageability Legacy Support Deployment Convergence Flexibility Stability 6
7 NFV ID Management: Problems Threat model in a virtualized network environment? Need to be defined May borrow ideas from cloud computing Virtualized Network No clear security boundary for distinct ID domains ID/credential secure storage Universally standardized authentication system in multi-domains Trusted partnership Operation isolation in virtualized environment 7
8 NFV ID Management: Requirements Authentication and Authorization Need to support multi-domain scenarios Federated Authentication, Proxy and Delegation Protect credentials ( via centralized or distributed management) User Privacy ID (and credentials) may need unlinkability in multi-domains Support anonymity as needed Secure Storage Information leakage of permanent secrets shall be prevented Extensibility Possibility of interworking with a larger range of service providers 8
9 Requirements (cont.) Isolation and Robustness Compromise of one service shall not compromise the security of another service Compromise of application server or an external server shall not compromise the security of the whole system Flexible Control for the Operator Control system-level security either by operating the system themselves or by contractual agreements with trusted partners In a telecommunication network, operators use HSS Interfaces should keep the complexity of HSS low Interacting with HSS should not lead to HSS information leakage 9
10 Example: SSO in 3GPP IMS 3GPP SA3 Study Item SSO for IMS based on SIP or GBA UE SP NFV may work on new architecture Gm Ub Ua Liberty Alliance Consider a new framework not based on IMS or GBA? Security of virtualized network SIP AS Isc IM Subsystem (IMS) using IMS AKA S-CSCF BSF GBA Subsystem IdP/ NAF Zn IMS: IP Multimedia Subsystem SIP: Session Initiation Protocol GBA: Generic Bootstrapping Architecture BSF: Bootstrapping Server Function NAF: Network Application Function Cx HSS Zh 3GPP TR &
11 Service & Operator Cooperation Service OTT A Service OTT B Service OTT C An operator has an inherent advantage to managing user IDs Identity Identity Server Unify IDs for OTT service providers SP and IdP share their IDs w/o jeopardizing security HSS Operator Network In a virtualized network, Identity server may be further simplified User 11
12 Multi-factor Authentication Service OTT A Service OTT B Service OTT C Employ multi-factor authentication to enhance security Identity Identity Server Example: Service A becomes available only when AUTH succeeds from both the operator network and the user Token HSS Operator Network User Token A SSO and multi-factor AUTH for different service providers 12
13 Standardization Challenges To advance standardization for federated ID management, with consideration of future network virtualization, one may need to check Existing standards and frameworks Standardization organization to enroll with Define and clarify the threat model of federated ID management in NV Detailed security analysis is needed 13
14 Conclusion and Future Work Problems and requirements of Federated ID management in NV Co-operation between operators and service providers is needed for extending the capability of ID management Security mechanism in NV need to be carefully re-considered, including threat model and AUTH mechanism, etc. 14
15 Thank You! Yang Cui and Kostas Pentikousis The opinions expressed in this presentation are those of the authors and do not necessarily represent the views of Huawei Technologies Co., Ltd.
3GPP security. Valtteri Niemi 3GPP SA3 (Security) chairman Nokia
3GPP security Valtteri Niemi 3GPP SA3 (Security) chairman Nokia 1 Some history and background 2 Some history 1/2 SA3 took over the responsibility of specifications created by ETSI SMG10, e.g. TS 43.020
More information3GPP TR V7.0.0 ( )
TR 33.918 V7.0.0 (2005-12) Technical Report 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Generic Authentication Architecture (GAA); Early implementation
More informationPacketCable 2.0. HSS Technical Report PKT-TR-HSS-V RELEASED. Notice
PacketCable 2.0 HSS Technical Report RELEASED Notice This PacketCable technical report is the result of a cooperative effort undertaken at the direction of Cable Television Laboratories, Inc. for the benefit
More informationETSI TR V ( ) Technical Report
TR 133 924 V10.0.0 (2011-04) Technical Report Digital cellular telecommunications system (Phase 2+); Universal Mobile Telecommunications System (UMTS); LTE; Identity management and 3GPP security interworking;
More information3GPP TS V9.2.0 ( )
TS 24.259 V9.2.0 (2010-06) Technical Specification 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Personal Network Management (PNM); Stage 3 (Release 9) The
More informationISA 767, Secure Electronic Commerce Xinwen Zhang, George Mason University
Identity Management and Federated ID (Liberty Alliance) ISA 767, Secure Electronic Commerce Xinwen Zhang, xzhang6@gmu.edu George Mason University Identity Identity is the fundamental concept of uniquely
More informationETSI TS V ( )
TS 124 523 V12.2.0 (2015-01) TECHNICAL SPECIFICATION Universal Mobile Telecommunications System (UMTS); LTE; Core and enterprise Next Generation Network (NGN) interaction scenarios; Architecture and functional
More informationETSI TR V ( )
TR 133 905 V14.0.0 (2017-04) TECHNICAL REPORT Digital cellular telecommunications system (Phase 2+) (GSM); Universal Mobile Telecommunications System (UMTS); LTE; Recommendations for Trusted Open Platforms
More informationETSI TS V (201
TS 133 187 V12.2.0 (201 15-04) TECHNICAL SPECIFICATION Digital cellular telecommunications system (Phase 2+); Universal Mobile Telecommunications System (UMTS); LTE; Security aspects of Machine-Type Communications
More informationEfficient Application Single-Sign-On for Evolved Mobile Networks
1 Efficient Application Single-Sign-On for Evolved Mobile Networks Andreas U. Schmidt, Member, IEEE, Andreas Leicher, Novalyst IT AG Yogendra Shah, Inhyok Cha, InterDigital, Inc. Abstract Efficient and
More information3GPP support for IP based Emergency Calls - April 2007 Status
3GPP support for IP based Emergency Calls - April 2007 Status 2 nd SDO Emergency Services Coordination Workshop (ESW07) Library of Congress, Washington, DC, USA April 10-12, 2007 Stephen Edge, Qualcomm,
More informationETSI TS V9.2.0 ( ) Technical Specification
TS 124 259 V9.2.0 (2010-06) Technical Specification Digital cellular telecommunications system (Phase 2+); Universal Mobile Telecommunications System (UMTS); LTE; Personal Network Management (PNM); Stage
More informationSecurity Common Functions Architecture
Security Common Functions Architecture Candidate Version 1.1 30 Nov 2010 Open Mobile Alliance OMA-AD-SEC_CF-V1_1-20101130-C OMA-AD-SEC_CF-V1_1-20101130-C Page 2 (16) Use of this document is subject to
More information3GPP TS V7.6.0 ( )
TS 23.204 V7.6.0 (2009-03) Technical Specification 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Support of Short Message Service (SMS) over generic Internet
More information3GPP TR V9.0.0 ( )
TR 33.924 V9.0.0 (2009-12) Technical Report 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Identity management and security interworking; Identity management
More informationIdentity management. Tuomas Aura CSE-C3400 Information security. Aalto University, autumn 2014
Identity management Tuomas Aura CSE-C3400 Information security Aalto University, autumn 2014 Outline 1. Single sign-on 2. SAML and Shibboleth 3. OpenId 4. OAuth 5. (Corporate IAM) 6. Strong identity 2
More information3GPP TS V6.9.0 ( )
Technical Specification 3rd Generation Partnership Project; Technical Specification Group Core Network; Presence service using the IP Multimedia (IM) Core Network (CN) subsystem; Stage 3 () GLOBAL SYSTEM
More informationFacing the Challenges of M2M Security and Privacy Phil Hawkes Principal Engineer at Qualcomm Inc. onem2m
Facing the Challenges of M2M Security and Privacy Phil Hawkes Principal Engineer at Qualcomm Inc. phawkes@qti.qualcomm.com onem2m www.onem2m.org 1 Overview onem2m Architecture: a quick review Challenges
More informationETSI TS V ( )
TS 124 141 V15.0.0 (2018-06) TECHNICAL SPECIFICATION Digital cellular telecommunications system (Phase 2+) (GSM); Universal Mobile Telecommunications System (UMTS); LTE; Presence service using the IP Multimedia
More informationETSI TS V6.4.0 ( )
TS 124 109 V6.4.0 (2005-09) Technical Specification Universal Mobile Telecommunications System (UMTS); Bootstrapping interface (Ub) and network application function interface (Ua); Protocol details (3GPP
More informationEXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES BEST PRACTICES FOR IDENTITY FEDERATION IN AWS E-BOOK
EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES BEST PRACTICES FOR IDENTITY FEDERATION IN AWS 03 EXECUTIVE OVERVIEW 05 INTRODUCTION 07 MORE CLOUD DEPLOYMENTS MEANS MORE ACCESS 09 IDENTITY FEDERATION IN
More informationETSI TS V ( )
TS 133 328 V14.0.0 (2017-04) TECHNICAL SPECIFICATION Universal Mobile Telecommunications System (UMTS); LTE; IP Multimedia Subsystem (IMS) media plane security (3GPP TS 33.328 version 14.0.0 Release 14)
More informationETSI TS V (201
TS 124 481 V13.3.0 (201 17-01) TECHNICAL SPECIFICATION LTE; Mission Critical Services (MCS) group management; Protocol specification (3GPP TS 24.481 version 13.3.0 Release 13) 1 TS 124 481 V13.3.0 (2017-01)
More informationOpen Standards and Interoperability for IP Multimedia Subsystem (IMS)
Open Standards and Interoperability for IP Multimedia Subsystem (IMS) Jonas SUNDBORG Director of Standardization and Regulation Telefonaktiebolaget LM Ericsson Group Function R&D, Standardization Standards,
More information3GPP TS V ( )
TS 29.109 V10.0.0 (2011-03) Technical Specification 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Generic Authentication Architecture (GAA); Zh and Zn Interfaces
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name:_Unversity of Regina Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert
More informationIdentity Provider for SAP Single Sign-On and SAP Identity Management
Implementation Guide Document Version: 1.0 2017-05-15 PUBLIC Identity Provider for SAP Single Sign-On and SAP Identity Management Content 1....4 1.1 What is SAML 2.0.... 5 SSO with SAML 2.0.... 6 SLO with
More information3GPP TS V ( )
TS 24.525 V12.1.0 (2014-12) Technical Specification 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Business trunking; Architecture and functional description
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert authoritative and accurate identity attributes to resources being accessed, and that Participants
More information3GPP TS V ( )
TS 32.454 V10.0.0 (2011-03) Technical Specification 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Telecommunication management; Key Performance Indicators
More informationKerberos for the Web Current State and Leverage Points
Kerberos for the Web Current State and Leverage Points Executive Advisory Board Meeting and Financial Services Security Summit New York, 3-4 November 2008. Towards Kerberizing Web Identity and Services
More informationIdentity management. Tuomas Aura T Information security technology. Aalto University, autumn 2011
Identity management Tuomas Aura T-110.4206 Information security technology Aalto University, autumn 2011 Outline 1. Single sign-on 2. OpenId 3. SAML and Shibboleth 4. Corporate IAM 5. Strong identity 2
More informationAuthentication. Katarina
Authentication Katarina Valalikova @KValalikova k.valalikova@evolveum.com 1 Agenda History Multi-factor, adaptive authentication SSO, SAML, OAuth, OpenID Connect Federation 2 Who am I? Ing. Katarina Valaliková
More informationThe Business of Identity: Business Drivers and Use Cases of Identity Web Services
The Business of Identity: Business Drivers and Use Cases of Identity Web Services Roger Sullivan, Vice President, Liberty Alliance Vice President, Oracle Corporation Liberty s Architecture Liberty Identity
More informationNATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY
NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY Standardization of Entity Authentication Assurance 5th ETSI Security Workshop 20-2222 January 2010 ETSI, Sophia Antipolis, France Erika McCallister, Esq.,
More informationETSI TS V ( )
TS 133 185 V14.0.0 (2017-07) TECHNICAL SPECIFICATION LTE; 5G; Security aspect for LTE support of Vehicle-to-Everything (V2X) services (3GPP TS 33.185 version 14.0.0 Release 14) 1 TS 133 185 V14.0.0 (2017-07)
More information3GPP TSG SA WG3 Security SA3#33 S May 2004 Beijing, China
3GPP TSG SA WG3 Security SA3#33 S3-040337 10-14 May 2004 Beijing, China Source: Title: Nokia Shared key TLS usage within Ua interface Document for: Discussion and decision Agenda Item: GAA 1 Introduction
More informationIntegrating User Identity Management Systems with the Host Identity Protocol
Integrating User Identity Management Systems with the Host Identity Protocol Marc Barisch Institute of Communication Networks and Computer Engineering Universität Stuttgart marc.barisch@ikr.uni-stuttgart.de
More informationBridging IMS and Internet Identity
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 LAP Telecommunications SIG Version: 1.0 (Release Candidate) Date: 10 November 2009 Editors: Ingo Friese
More informationImproved One-Pass IP Multimedia Subsystem Authentication for UMTS
Improved One-Pass IP Multimedia Subsystem Authentication for UMTS Lili Gu RMIT University Melbourne, Australia l.gu@student.rmit.edu.au Abstract As defined in the 3GPP specifications, a UMTS user device
More information3GPP TS V8.1.0 ( )
TS 24.451 V8.1.0 (2014-06) Technical Specification 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Telecommunications and Internet converged Services and Protocols
More informationUnsolicited Communication in the NGN
Unsolicited Communication in the NGN Overview of Status and Activities in different SDOs Thilo Ewald Research Scientist NEC Laboratories Europe NEC Europe Ltd., Heidelberg, Germany ewald@nw.neclab.eu Page
More informationBridging IMS and Internet Identity
1 2 3 Bridging IMS and Internet Identity 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 Version: 1.0 Date: 1 December 2009 Editors: Ingo Friese (Deutsche
More informationIP Multimedia Subsystem Part 5 Marek Średniawa
IP Multimedia Subsystem Part 5 Marek Średniawa mareks@tele.pw.edu.pl Institute of Telecommunications Project is co-financed by European Union within the European Social Fund 1 Identification in IMS Identities
More informationETSI TS V1.1.1 ( )
TS 187 003 V1.1.1 (2006-03) Technical Specification Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); NGN Security; Security Architecture 2 TS 187 003 V1.1.1
More informationETSI TR V1.1.1 ( )
Technical Report Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); Organization of user data 2 Reference DTR/TISPAN-02027-NGN-R1 Keywords architecture,
More informationETSI TS V2.0.0 ( ) Technical Specification
TS 181 019 V2.0.0 (2007-11) Technical Specification Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); Business Communication Requirements 2 TS 181 019 V2.0.0
More informationARIB STD-T V IMS based PSS and MBMS User Service; Protocols. (Release 9)
ARIB STD-T63-26.237 V9.11.0 IMS based PSS and MBMS User Service; Protocols (Release 9) Refer to Industrial Property Rights (IPR) in the preface of ARIB STD-T63 for Related Industrial Property Rights. Refer
More informationArcGIS Server and Portal for ArcGIS An Introduction to Security
ArcGIS Server and Portal for ArcGIS An Introduction to Security Jeff Smith & Derek Law July 21, 2015 Agenda Strongly Recommend: Knowledge of ArcGIS Server and Portal for ArcGIS Security in the context
More information3GPP TR V7.0.0 ( )
TR 24.930 V7.0.0 (2006-12) Technical Report 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Signalling flows for the session setup in the IP Multimedia core
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name: Royal Society of Chemistry Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they
More information3GPP SIP Security Requirements for IETF
S3z010127 3GPP SIP Security Requirements for IETF Jari Arkko Ericsson Nice, France 13th-14th 14th September 2001 Background 1. 3GPP has been developing new SIP solutions 2. IETF SIPPING WG requests for
More informationETSI TS V8.2.0 ( ) Technical Specification
TS 124 147 V8.2.0 (2009-01) Technical Specification Digital cellular telecommunications system (Phase 2+); Universal Mobile Telecommunications System (UMTS); LTE; Conferencing using the IP Multimedia (IM)
More informationToday s workforce is Mobile. Cloud and SaaSbased. are being deployed and used faster than ever. Most applications are Web-based apps
Today s workforce is Mobile Most applications are Web-based apps Cloud and SaaSbased applications are being deployed and used faster than ever Hybrid Cloud is the new normal. % plan to migrate >50% of
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name: Lynda.com Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert authoritative
More informationETSI TS V7.4.0 ( )
TS 124 279 V7.4.0 (2007-03) Technical Specification Universal Mobile Telecommunications System (UMTS); Combining Circuit Switched (CS) and IP Multimedia Subsystem (IMS) services; Stage 3 (3GPP TS 24.279
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name: Concordia University of Edmonton Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that
More informationLocation in SIP/IP Core (LOCSIP)
in SIP/IP Core (LOCSIP) Conveyance with IMS: the OMA LOCSIP Service Enabler Don Lukacs Telcordia Applied Research 2010, Telcordia Technologies Inc. in SIP/IP Core (LOCSIP) Topics General Background Material
More informationETSI TR V (201
TR 124 980 V13.1.0 (201 16-07) TECHNICAL REPORT LTE; Minimum Requirements for support of MCPTT Servicee over the Gm reference point (3GPP TR 24.980 version 13.1.0 Release 13) 1 TR 124 980 V13.1.0 (2016-07)
More information05/31/2010. Smart OpenID
05/31/2010 Smart OpenID Smart OpenID Smartcard Webserver Enabled SSO for Web 2.0 using OpenID Andreas Leicher, Andreas U. Schmidt (Novalyst IT), Inhyok Cha, Yogendra Shah (InterDigital Communications)
More informationMajor SAML 2.0 Changes. Nate Klingenstein Internet2 EuroCAMP 2007 Helsinki April 17, 2007
Major SAML 2.0 Changes Nate Klingenstein Internet2 EuroCAMP 2007 Helsinki April 17, 2007 Tokens, Protocols, Bindings, and Profiles Tokens are requests and assertions Protocols bindings are communication
More information3GPP TS V7.0.0 ( )
TS 23.417 V7.0.0 (2007-12) Technical Specification 3rd Generation Partnership Project; Technical Specification Group Technical Specification Group Services and System Aspects; Telecommunications and Internet
More informationMoving Digital Identity to the Cloud, a Fundamental Shift in rethinking the enterprise collaborative model.
TEG Progress Update Moving Digital Identity to the Cloud, a Fundamental Shift in rethinking the enterprise collaborative model. Fulup Ar Foll Master Architect Sun Microsystems Fulup@sun.com 1 What is the
More information3GPP TS V ( )
TS 24.341 V12.6.0 (2014-12) Technical Specification 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Support of SMS over IP networks; Stage 3 (Release 12) The
More informationIP MULTIMEDIA SUBSYSTEM (IMS) SECURITY MODEL
International Journal of Advance Research, IJOAR.org ISSN 2320-9194 1 International Journal of Advance Research, IJOAR.org Volume 1, Issue 3, March 2013, Online: ISSN 2320-9194 IP MULTIMEDIA SUBSYSTEM
More informationCommunication and Distributed Systems Seminar on : LTE Security. By Anukriti Shrimal May 09, 2016
Communication and Distributed Systems Seminar on : LTE Security By Anukriti Shrimal May 09, 2016 LTE network with interfaces LTE Security 2 Contents LTE Security : Why, What, How EPS Architecture Design
More informationETSI TS V ( )
TS 132 454 V11.0.0 (2012-11) Technical Specification Universal Mobile Telecommunications System (UMTS); LTE; Telecommunication management; Key Performance Indicators (KPI) for the IP Multimedia Subsystem
More informationAdvanced Client Conor P. Cahill Systems Technology Lab Intel Corporation
Advanced Client Conor P. Cahill Systems Technology Lab Intel Corporation Disclaimer This presentation discusses work-in-progress within the Liberty Alliance Technology Expert Group. The end result of the
More informationETSI TS V ( )
TS 122 519 V14.0.0 (2017-03) TECHNICAL SPECIFICATION Universal Mobile Telecommunications System (UMTS); LTE; Business communication requirements (3GPP TS 22.519 version 14.0.0 Release 14) 1 TS 122 519
More informationSSO Integration Overview
SSO Integration Overview 2006-2014 Ping Identity Corporation. All rights reserved. PingFederate SSO Integration Overview Version 7.2 June, 2014 Ping Identity Corporation 1001 17th Street, Suite 100 Denver,
More information3GPP TR V ( )
TR 24.930 V10.1.0 (2011-12) Technical Report 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Signalling flows for the session setup in the IP Multimedia core
More informationMashing Up, Wiring Up, Gearing Up: Solving Multi-Protocol Problems in Identity
www.oasis-open.org Mashing Up, Wiring Up, Gearing Up: Solving Multi-Protocol Problems in Identity Eve Maler eve.maler@sun.com 1 A few notes about me and this talk Some relevant affiliations/perspectives:
More informationNGN Security standards for Fixed-Mobile Convergence
NGN Security standards for Fixed-Mobile Convergence Judith E. Y. Rossebø Telenor R&I ETSI TISPAN WG7 Chairman (judith.rossebo@telenor.com) 2nd ETSI Security Workshop: Future Security 16-17 - Sophia-Antipolis,
More informationETSI TR V6.5.0 ( )
TR 133 978 V6.5.0 (2006-09) Technical Report Universal Mobile Telecommunications System (UMTS); Security aspects of early IP Multimedia Subsystem (IMS) (3GPP TR 33.978 version 6.5.0 Release 6) 1 TR 133
More informationSAML-Based SSO Solution
About SAML SSO Solution, page 1 Single Sign on Single Service Provider Agreement, page 2 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 3 Cisco Unified Communications Applications
More information3GPP TS V7.2.0 ( )
TS 24.341 V7.2.0 (2007-12) Technical Specification 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Support of SMS over IP networks; Stage 3 (Release 7) GLOBAL
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name:_Gale_Cengage Learning Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert
More informationUnsolicited Communication / SPIT / multimedia-spam
Unsolicited Communication / SPIT / multimedia-spam overview of this topic in different SDOs Thilo Ewald NGN Group, NEC Laboratories Europe NEC Europe Ltd., Heidelberg, Germany ewald@nw.neclab.eu Page
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name: Fraser & Hoyt Incentives Ltd. Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that
More informationIMS, NFV and Cloud-based Services BUILDING INTEGRATED CLOUD COMMUNICATION SERVICES
Daitan White Paper IMS, NFV and Cloud-based Services BUILDING INTEGRATED CLOUD COMMUNICATION SERVICES Highly Reliable Software Development Services http://www.daitangroup.com Daitan Group 2014 IMS, NFV
More informationETSI TS V ( )
TS 124 315 V14.0.0 (2017-03) TECHNICAL SPECIFICATION Universal Mobile Telecommunications System (UMTS); LTE; IP Multimedia Subsystem (IMS) Operator Determined Barring (ODB); Stage 3: protocol specification
More informationINCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES
INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES Participation in the InCommon Federation ( Federation ) enables a federation participating organization ("Participant") to use Shibboleth identity
More informationForgeRock Access Management Core Concepts AM-400 Course Description. Revision B
ForgeRock Access Management Core Concepts AM-400 Course Description Revision B ForgeRock Access Management Core Concepts AM-400 Description This structured course comprises a mix of instructor-led lessons
More information3GPP TS V8.7.0 ( )
TS 23.237 V8.7.0 (2010-03) Technical Specification 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; IP Multimedia Subsystem (IMS) Service Continuity; Stage
More informationNational Identity Exchange Federation. Terminology Reference. Version 1.0
National Identity Exchange Federation Terminology Reference Version 1.0 August 18, 2014 Table of Contents 1. INTRODUCTION AND PURPOSE... 2 2. REFERENCES... 2 3. BASIC NIEF TERMS AND DEFINITIONS... 5 4.
More information3GPP TS V ( )
TS 24.229 V5.25.0 (2011-09) Technical Specification 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; IP Multimedia Call Control Protocol based on Session Initiation
More informationIdentity Management. Rolf Blom Ericsson Research
Identity Management Rolf Blom Ericsson Research Identity Management Agenda What is a Digital Identity Why Identity Management Identity Management Roles and technology User attitudes User Requirements Standardization
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name: Acadia University Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert
More informationETSI TS V ( )
TS 124 279 V15.0.0 (2018-06) TECHNICAL SPECIFICATION Universal Mobile Telecommunications System (UMTS); LTE; Combining Circuit Switched (CS) and IP Multimedia Subsystem (IMS) services; Stage 3 (3GPP TS
More information3GPP security hot topics: LTE/SAE and Home (e)nb
3GPP security hot topics: LTE/SAE and Home (e)nb Valtteri Niemi 3GPP SA3 (Security) chairman Nokia Research Center, Lausanne, Switzerland Marc Blommaert 3GPP LTE/SAE security rapporteur Devoteam Telecom
More informationLiberty Alliance Project
Liberty Alliance Project Federated Identity solutions to real world issues 4 October 2006 Timo Skyttä, Nokia Corporation Director, Internet and Consumer Standardization What is the Liberty Alliance? The
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name: McMaster University Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert
More informationETSI TS V ( )
TS 124 482 V14.3.0 (2018-04) TECHNICAL SPECIFICATION LTE; Mission Critical Services (MCS) identity management; Protocol specification (3GPP TS 24.482 version 14.3.0 Release 14) 1 TS 124 482 V14.3.0 (2018-04)
More informationSMS Interworking with OMA Instant Messaging
GPP X.S00-0 Version.0 May 0 SMS Interworking with OMA Instant Messaging 0 GPP GPP and its Organizational Partners claim copyright in this document and individual Organizational Partners may copyright and
More informationETSI TS V (201
TS 124 525 V12.2.0 (201 16-07) TECHNICAL SPECIFICATION Universal Mobile Telecommunications System (UMTS); LTE; Business trunking; Architecturee and functional description () 1 Reference RTS/TSGC-0124525vc20
More informationRamnish Singh IT Advisor Microsoft Corporation Session Code:
Ramnish Singh IT Advisor Microsoft Corporation Session Code: Agenda Microsoft s Identity and Access Strategy Geneva Claims Based Access User access challenges Identity Metasystem and claims solution Introducing
More informationOrange Liberty-enabled solution for 71 million subscribers. Aude Pichelin Orange Group Standardisation Manager
Orange Liberty-enabled solution for 71 million subscribers Aude Pichelin Orange Group Standardisation Manager Aude.pichelin@orangefrance.com Orange, Orange, 3GSM 3GSM Barcelona, Barcelona, February 15,
More informationThe View From Service Layer
Interworking SDP RCS MMTel and More The View From Service Layer Ravishankar G Shiroor 25-Nov-2010 Sophia Antipolis - France Agenda Challenges in front of the Service Layer IMS and Service Layer Complementing
More informationETSI TS V ( ) Technical Specification
TS 133 203 V10.2.0 (2011-05) Technical Specification Digital cellular telecommunications system (Phase 2+); Universal Mobile Telecommunications System (UMTS); LTE; 3G security; Access security for IP-based
More informationETSI TS V1.2.2 ( )
TS 183 010 V1.2.2 (2007-04) Technical Specification Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); NGN Signalling Control Protocol; Communication HOLD
More information