On new security mechanisms for identity management: Recognizing and meeting telecom operator and enterprise needs

Abstract

Initially created by the information technology industry, the identity management (IdM) concept has been increasingly recognized as a foundation for key new services by telecommunication network operators. Indeed, since telecom operators “own” wireless and wireline access, they also “own” a great deal of information about their subscribers. Based on those assets, telecom operators are in a unique position to offer a range of identity-based services — from home networking to straightforward authentication services for enterprise, to a complex blend of services, including financial and medical transactions. Conversely, by federating data from multiple application providers, coupled with single sign-on (SSO), telecom operators can offer unique mash-up services. The technology underpinning the development of such services is centered on security (i.e., the interworking of a range of authentication, key exchange, and encryption mechanisms, along with appropriate policies). This paper addresses the trends in certain novel mechanisms — published here for the first time — to fill in the present technology gaps. These trends are also active topics in standards bodies.