ISO/IEC INTERNATIONAL STANDARD 24760-2 First edition 2015-06-01 Information technology - Security techniques A framework for identity management - Part 2: Reference architecture and requirements Technologies de Il'information -Techniques de sécurité-Cadre pourlagestiondeI'identite Partie2:Architecturedereférenceetexigences Reference number ISO/IEC 24760-2:2015(E) IEC ISO @IS0/IEC2015 IS0/IEC24760-2:2015(E) COPYRIGHTPROTECTEDDOCUMENT IS0/IEC2015 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying,or posting on the internet or an intranet, without prior written permission. Permission can be requested from either ISo at the address below or ISo's member body in the country of the requester. ISO copyright office Case postale 56.CH-1211Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail [email protected] Web www.iso.org Published in Switzerland ii ISO/IEC2015-Allrightsreserved IS0/IEC24760-2:2015(E) Contents Page Foreword ..iv Introduction. .. 1 Scope. 2 Normative references 3 Terms and definitions 4 Symbols and abbreviated terms 5 Reference Architecture .2 5.1 General .2 5.2 Architecture elements .3 5.2.1 Overview. .3 ..3 5.2.2 Viewpoints 5.3 Contextview 4 5.3.1 Stakeholders 5.3.2 Actors. .7 5.3.3 Context model .12 5.3.4 Use case model .13 5.3.5 Complianceandgovernancemodel .15 5.4 Functional view. .16 5.4.1 Component model .16 5.4.2 Processes and services .17 5.4.3 Physical model .23 5.5 Identity management scenarios 23 5.5.1 .23 General. 5.5.2 Enterprise scenario 23 5.5.3 Federated scenario. 23 5.5.4 Service scenario. .24 5.5.5 Heterogeneous scenario .24 Requirements for the management ofidentity information .24 6 6.1 General 24 6.2 Accesspolicyforidentityinformation 24 6.3 Functional requirements for management ofidentityinformation .25 6.3.1 Policyfor identity information lifecycle 25 6.3.2 Conditionsand procedureto maintain identityinformation. 25 6.3.3 Identity information interface.. 26 6.3.4 Referenceidentifier. .26 6.3.5 Identityinformationqualityandcompliance .27 6.3.6 Archiving information. .28 6.3.7 Terminating and deleting identity information .28 6.4 Non-functional requirements. .28 AnnexA(informative)Legalandregulatoryaspects ..30 AnnexB (informative) Use case model. ..31 AnnexC (informative)Componentmodel. .34 AnnexD(informative)BusinessProcessmodel .37 Bibliography ..47 @IS0/IEC 2015 - All rights reserved ili