fostering worldwide interoperability identity management and identification systems tia del document...

Fostering worldwide interoperability

Identity Management andIdentification Systems

TIA DEL

DOCUMENT #: GSC14-PLEN-009

FOR: Presentation GSC-14

SOURCE: TIA

AGENDA ITEM: OPEN PLEN 6.4

CONTACT(S): Dan Bart / Mark Epstein

2Fostering worldwide interoperability

Overview (1)

TIA’s standards work that relates to managing the identity of a user of a system, includes such things as the assignment functions of unique identifiers, such as ESNs, UIMs, MEIDs, E-UIMs, and other identifiers.It also includes building security into the standards to make sure that when using systems, such as cdma2000® technology for mobile communications, so that handsets and users can be uniquely identified and authenticated, as part of ID Mgmt and toll fraud prevention on such systems.Other systems standardized at TIA have similar ID Mgmt or authentication requirements including, for example, TR-8 P25 Systems used by Public Safety Users and authentication will be added to TIA-1039,"QoS Signaling for IP QoS Support," by TIA TR-34 also.


Overview (2)

TIA is considering possible work on Equipment Numbering Identifier security (e.g., MEID (IMEI), UIM, ESN) to help manage Identity more securely

Consider an International regulatory adoption of common Equipment Numbering Identifier security requirements

For information on TIA Numbering Resources see www.tiaonline.org/standards/resources

Electronic Serial Number (ESN) Assignment

Includes links to Information on UIM and E-UIM

Mobile Equipment Identifier (MEID)

System Operator Code (SOC)

SS7 Translation Type and SubSystem Numbers Assignment Notification Information Repository


Strategic Direction

In the USA much of Strategic Direction for ID Mgmt work is driven by increasing concerns over Identity Theft, loss of Personal Information, Privacy Concerns, Data Breaches, toll fraud prevention, Cyber Crime, etc.Thus, public policy drives the need for technical solutions and then standards to help solve the problems.The Office of Science and Technology Policy (“OSTP”) of the Executive Office of the President (“EOP”) has been working on a “Federal Vision for Identity Management,” for some time, under the National Science Technology Council (NSTC).

tinyurl.com/EOP-Fed-Vision-ID-MGMT-Jan09 www.biometrics.gov/nstc/Default.aspx


NSTC ID Management TF Report

NSTC issued a Report on ID MGMT in September 2008, after GSC-13.Available at:

www.ostp.gov/nstcwww.biometrics.govwww.idmanagement.govwww.ostp.gov/cs/nstc/documents_reports www.biometrics.gov/NSTC/Publications.aspx


Key Recommendations from the NSTC Report on ID Mgmt


Key Findings


Strategic Direction

In May 2009 the President’s National Security Telecommunications Advisory Committee (“NSTAC”) approved a report to President Obama on an “Identity Management Strategy.”

www.ncs.gov/nstac/may2009/nstac_meetings.html

Will be posted at:www.ncs.gov/nstac/nstac_publications.html


As noted in the NSTC report, many groups are dealing with issues involved in ID MGMT, domestically and internationally:

Domestic and international activities


Next Steps/Actions

Should the President act on NSTAC’s recommendations or should any of numerous legislative or regulatory actions that are pending impact TIA’s areas of standards expertise, we will respond accordingly.


Proposed Resolution

Will determine based on HIS Panel Discussions


Supplemental Slides


AcronymsESN – Electronic Serial Numbers.

The ESN is a number which uniquely identifies the mobile station. Each ESN is a 32-bit number consisting of two components: a manufacturer ID Code field and a mobile serial number field. The MFR Code range is 000-255.

UIM – User Identification ModuleR-UIM Removable UIM

Removable User Identification Module, often called the Subscriber Identity Module (SIM) card.

MEID – Mobile Equipment IdentifierMobile Equipment Identifier, uniquely identifies the mobile station. Each MEID is a 56-bit number encoded in Hexadecimal (base 16) format

E-UIM – Expanded UIMIMEI – International Mobile Equipment Identity

Administered by GSMA


National Science Technology CouncilThe National Science and Technology Council (NSTC) Subcommittee on Biometrics and Identity Management serves as part of the internal deliberative process of the NSTC. Reporting to and directed by the Committee on Technology, the Subcommittee’s tasking is to: For Biometrics:

Provide technical leadership in the development and implementation of interoperable federal biometric systems; Develop and implement multi-agency investment strategies that advance biometric sciences to meet public and private needs; Develop and adopt biometric standards as specified in the NSTC Policy for Enabling the Development, Adoption and Use of Biometric Standards; Develop consensus strategic outreach plans for biometrics, including collaboration on www.biometrics.gov, the annual Biometric Consortium Conference and other events;

For Identity Management (of which biometrics is a subset): Identify cross-sector IdM issues, and develop and implement plans to address the federal government’s priority S&T needs Facilitate the inclusion of privacy-protecting principles in IdM system design; Promote a scientifically educated and aware public that properly understands IdM technologies, federal programs and issues; Strengthen international and public sector partnerships to foster the advancement of IdM technologies.


Architectural Model from NSTC


TIA published Documents related to ID Mgmt via ESN, UIM and MEID number assignments

MEID Global Hexadecimal Assignment Guidelines and Procedures, v5.0ANSI/J-STD-025-B-1, Lawfully Authorized Electronic Surveillance, support for MEIDTIA-928, TIA 41 (MAP) support for MEIDTIA-1074, OTA support for MEIDTIA-881-1 [E], MAP Location Services Enhancements for support of MEIDTIA-1137.102, Multiple Authentication and 2G RUIM SupportANSI/J-STD-036-B, E911 Phase 2, support for MEIDTIA-943, MEID (TDMA) TIA-2001-D-1, MEID for cdma2000®


TIA published Standards related to ID Mgmt via ESN, UIM and MEID number assignments

TIA-2000-D, cdma2000® air interface support for MEIDTIA-1084-A, Signaling Test Specification for MEID support of cdma2000® Spread Spectrum SystemsTIA-835-B-1, cdma2000® packet data network support for MEIDTIA-820-C-1, RUIM for Spread Spectrum SystemsElectronic Serial Number Manufacturer’s Code Assignment Guidelines and Procedures, v2.0

18Fostering worldwide interoperability 18Geneva, 13-16 July 2009

Engineering Committee TR-8 has a subcommittee focused on Encryption Standards, TR-8.3

A block encryption Protocol document, TIA-102.AAAD-A has been approved for ballot in 2009TR-8 has standards for Advanced Encryption, Data Encryption, and OTAR

For overviews of these areas see ANSI/TIA-102.AAAB-A, ANSI/TIA-102.AAAB-A, and TIA-102.AACB

TR-8 Security, Encryption, Identity


Example of TIA P25 Standard for Authentication

TIA-102.AACE “Project 25 Digital Land Mobile Radio - Link Layer Authentication”

The authentication service described in this document is applicable to FDMA and TDMA trunking systems using an FDMA trunking control channel. Authentication is a standard option for trunked radio systems. This document describes two forms of authentication: unit authentication and mutual authentication. If the authentication standard is implemented in a Subscriber Unit, then unit authentication is mandatory and mutual authentication is optional. When the mutual authentication option is chosen, it must be implemented as specified herein. If the authentication standard is implemented in the FNE, both unit and mutual authentication are mandatory and must be implemented as specified herein.

fostering worldwide interoperability identity management and identification systems tia del document...

Documents

id mgmt slide

gsma slide

id mgmt work

nstc report

identity management

similar id mgmt

identity theft

identification systems