EN ISO/IEC 24760-2:2022

SLOVENSKI STANDARD
01-januar-2023
Informacijska tehnologija - Varnostne tehnike - Okvir za upravljanje identitete - 2.
del: Referenčna arhitektura in zahteve (ISO/IEC 24760-2:2015)
Information technology - Security techniques - A framework for identity management -
Part 2: Reference architecture and requirements (ISO/IEC 24760-2:2015)
Informationstechnik - Sicherheitsverfahren - Rahmenwerk für Identitätsmanagement -
Teil2: Referenzarchitektur und Anforderungen (ISO/IEC24760-2:2015)
Technologies de l'information - Techniques de sécurité - Cadre pour la gestion de
l'identité - Partie 2: Architecture de référence et exigences (ISO/IEC 24760-2:2015)
Ta slovenski standard je istoveten z: EN ISO/IEC 24760-2:2022
ICS:
35.030 Informacijska varnost IT Security
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EUROPEAN STANDARD EN ISO/IEC 24760-2

NORME EUROPÉENNE
EUROPÄISCHE NORM
September 2022
ICS 35.030
English version
Information technology - Security techniques - A
framework for identity management - Part 2: Reference
architecture and requirements (ISO/IEC 24760-2:2015)
Technologies de l'information - Techniques de sécurité Informationstechnik - Sicherheitsverfahren -
- Cadre pour la gestion de l'identité - Partie 2: Rahmenwerk für Identitätsmanagement - Teil2:
Architecture de référence et exigences (ISO/IEC Referenzarchitektur und Anforderungen (ISO/IEC
24760-2:2015) 24760-2:2015)
This European Standard was approved by CEN on 5 September 2022.

CEN and CENELEC members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for
giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical
references concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to
any CEN and CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by
translation under the responsibility of a CEN and CENELEC member into its own language and notified to the CEN-CENELEC
Management Centre has the same status as the official versions.

CEN and CENELEC members are the national standards bodies and national electrotechnical committees of Austria, Belgium,
Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy,
Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia,
Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and United Kingdom.

CEN-CENELEC Management Centre:
Rue de la Science 23, B-1040 Brussels
© 2022 CEN/CENELEC All rights of exploitation in any form and by any means
Ref. No. EN ISO/IEC 24760-2:2022 E
reserved worldwide for CEN national Members and for
CENELEC Members.
Contents Page
European foreword . 3

European foreword
The text of ISO/IEC 24760-2:2015 has been prepared by Technical Committee ISO/IEC JTC 1
"Information technology” of the International Organization for Standardization (ISO) and has been
taken over as EN ISO/IEC 24760-2:2022 by Technical Committee CEN-CENELEC/ JTC 13 “Cybersecurity
and Data Protection” the secretariat of which is held by DIN.
This European Standard shall be given the status of a national standard, either by publication of an
identical text or by endorsement, at the latest by March 2023, and conflicting national standards shall
be withdrawn at the latest by March 2023.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN-CENELEC shall not be held responsible for identifying any or all such patent rights.
Any feedback and questions on this document should be directed to the users’ national standards body.
A complete listing of these bodies can be found on the CEN and CENELEC websites.
According to the CEN-CENELEC Internal Regulations, the national standards organizations of the
following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria,
Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland,
Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Republic of
North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and the
United Kingdom.
Endorsement notice
The text of ISO/IEC 24760-2:2015 has been approved by CEN-CENELEC as EN ISO/IEC 24760-2:2022
without any modification.
INTERNATIONAL ISO/IEC
STANDARD 24760-2
First edition
2015-06-01
Information technology — Security
techniques — A framework for
identity management —
Part 2:
Reference architecture and
requirements
Technologies de l’information — Techniques de sécurité — Cadre
pour la gestion de l’identité —
Partie 2: Architecture de référence et exigences
Reference number
ISO/IEC 24760-2:2015(E)
©
ISO/IEC 2015
ISO/IEC 24760-2:2015(E)
© ISO/IEC 2015
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO/IEC 2015 – All rights reserved

ISO/IEC 24760-2:2015(E)
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Symbols and abbreviated terms . 2
5 Reference Architecture . 2
5.1 General . 2
5.2 Architecture elements . 3
5.2.1 Overview . 3
5.2.2 Viewpoints . 3
5.3 Context view . 4
5.3.1 Stakeholders . 4
5.3.2 Actors . 7
5.3.3 Context model .12
5.3.4 Use case model .13
5.3.5 Compliance and governance model.15
5.4 Functional view .16
5.4.1 Component model .16
5.4.2 Processes and services .17
5.4.3 Physical model .23
5.5 Identity management scenarios .23
5.5.1 General.23
5.5.2 Enterprise scenario .23
5.5.3 Federated scenario .23
5.5.4 Service scenario .24
5.5.5 Heterogeneous scenario .24
6 Requirements for the management of identity information .24
6.1 General .24
6.2 Access policy for identity information .24
6.3 Functional requirements for management of identity information .25
6.3.1 Policy for identity information life cycle .25
6.3.2 Conditions and procedure to maintain identity information .25
6.3.3 Identity information interface.26
6.3.4 Reference identifier .26
6.3.5 Identity information quality and compliance .27
6.3.6 Archiving information .28
6.3.7 Terminating and deleting identity information .28
6.4 Non-functional requirements .28
Annex A (informative) Legal and regulatory aspects .30
Annex B (informative) Use case model .31
Annex C (informative) Component model .34
Annex D (informative) Business Process model .37
Bibliography .47
© ISO/IEC 2015 – All rights reserved iii

ISO/IEC 24760-2:2015(E)
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical
activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international
organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work. In the field of information technology, ISO and IEC have established a joint technical committee,
ISO/IEC JTC 1.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for
the different types of document should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject
of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.
Details of any patent rights identified during the development of the document will be in the Introduction
and/or on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the meaning of ISO specific terms and expressions related to conformity
assessment, as well as information about ISO’s adherence to the WTO principles in the Technical Barriers
to Trade (TBT), see the following URL: Foreword — Supplementary information.
The committee responsible for this document is ISO/IEC JTC 1, Information technology, Subcommittee,
SC 27, Security techniques.
ISO/IEC 24760 consists of the following parts, under the general title Information technology — Security
techniques — A framework for identity management:
— Part 1: Terminology and concepts
— Part 2: Reference architecture and requirements
The following part is under preparation:
— Part 3: Practice
Further parts may follow.
iv © ISO/IEC 2015 – All rights reserved

ISO/IEC 24760-2:2015(E)
Introduction
Data processing systems commonly gather a range of information on its users be it a person, piece of
equipment, or piece of software connected to it and make decisions based on the gathered information.
Such identity-based decisions may concern access to applications or other resources.
To address the need to efficiently and effectively implement systems that make identity-based decisions,
this part of ISO/IEC 24760 specifies a framework for the issuance, administration, and use of data that
serves to characterize individuals, organizations, or information technology components, which operate
on behalf of individuals or organizations.
For many organizations, the proper management of identity information is crucial to maintain security
of the organizational processes. For individuals, correct identity management is important to protect
privacy.
ISO/IEC 24760 specifies fundamental concepts and operational structures of identity management with
the purpose to realize information system management so that information systems can meet business,
contractual, regulatory, and legal obligations.
This part of ISO/IEC 24760 defines a reference architecture for an identity management system that
includes key architectural elements and their interrelationships. These architectural elements are
described in respect to identity management deployments models. This part of ISO/IEC 24760 specifies
requirements for the design and implementation of an identity management system so that it can meet
the objectives of stakeholders involved in the deployment and operation of that system.
This part of ISO/IEC 24760 is intended to provide a foundation for the implementation of other
International Standards related to identity information processing such as
— ISO/IEC 29100, Information technology ─ Security techniques ─ Privacy framework,
— ISO/IEC 29101, Information technology ─ Security techniques ─ Privacy reference architecture,
— ISO/IEC 29115, Information technology ─ Security techniques ─ Entity authentication assurance
framework, and
— ISO/IEC 29146, Information technology ─ Security techniques ─ A framework for access management.
© ISO/IEC 2015 – All rights reserved v

INTERNATIONAL STANDARD ISO/IEC 24760-2:2015(E)
Information technology — Security techniques — A
framework for identity management —
Part 2:
Reference architecture and requirements
1 Scope
This part of ISO/IEC 24760
— provides guidelines for the implementation of systems for the management of identity information,
and
— specifies requirements for the implementation and operation of a framework for identity
management.
This part of ISO/IEC 24760 is applicable to any information system where information relating to identity
is processed or stored.
2 Normative references
The following documents, in whole or in part, are normatively referenced in this document and are
indispensable for its application. For dated references, only the edition cited applies. For undated
references, the latest edition of the referenced document (including any amendments) applies.
ISO/IEC 24760-1, Information technology — Security techniques — A framework for identity management —
Part 1: Terminology and concepts
ISO/IEC 29115, Information technology — Security techniques — Entity authentication assurance
framework
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC 24760-1 and the following
apply.
3.1
documented design
authoritative description of structural, functional, and operational system aspects
Note 1 to entry: A documented design is the documentation created to serve as guidance for the implementation
of an ICT system.
Note 2 to entry: A documented design typically includes the description of a concrete architecture of the ICT
system.
3.2
identity management authority
entity responsible for setting and enforcing operational policies for an identity management system (3.3)
Note 1 to entry: An identity management authority typically commissions the design, implementation, and
deployment of an identity management system.
© ISO/IEC 2015 – All rights reserved 1

ISO/IEC 24760-2:2015(E)
EXAMPLE The executive management of a company deploying an identity management system in support of
its services.
3.3
identity management system
mechanism comprising policies, procedures, technology, and other resources for maintaining identity
information including metadata
Note 1 to entry: An identity management is typically used for identification or authentication of entities. It can
be deployed to support other automated decisions based on identity information for an entity recognized in the
domain of application for the identity management system.
3.4
principal
subject
entity to which identity information in an identity management system (3.3) pertains
Note 1 to entry: In the context of privacy protection requirements, a principal refers to a person.
3.5
invalidation
process performed in an identity management system (3.3) when a particular attribute is no longer valid
for a particular entity to mark the attribute invalid for future use
Note 1 to entry: Invalidation of attributes may be part of updating the attribute value, for instance, with a change
of address.
Note 2 to entry: Invalidation typically takes place for an attribute that is determined as no longer valid before the
end of a validity period that had previously been associated with it.
Note 3 to entry: The term “revocation” is commonly used for invalidation of attributes that are credentials.
Note 4 to entry: Invalidation typically happens immediately after the determination that an attribute is no longer
valid for a particular entity.
3.6
regulatory body
body tasked and empowered by law, regulation, or agreement to supervise the operation of identity
management systems (3.3)
3.7
stakeholder
individual, team, organization, or classes thereof having an interest in a system
[SOURCE: ISO/IEC 42010]
4 Symbols and abbreviated terms
ICT Information and Communication Technology
IMS Identity management system
PII Personal identifiable information
5 Reference Architecture
5.1 General
This clause describes the architectural elements of an identity management system and their
interrelationships.
2 © ISO/IEC 2015 – All rights reserved

ISO/IEC 24760-2:2015(E)
The documented design for the architecture of an identity management system should be based on
ISO/IEC 42010.
NOTE The reference architecture and architecture description defined in this standard are based on
ISO/IEC 42010
The documented design for the architecture of an identity management system should specify the system
in its deployed context based on stakeholders and actors defined in this part of ISO/IEC 24760. Business-
level actors are stakeholders. Some stakeholders do not interact with the system. The documented
design shall address requirements for both actor and non-actor stakeholders. The documented design
shall exhaustively describe the actors.
A documented design of an identity management system conforming to this part of ISO/IEC 24760
should use an appropriate architecture description language and reference architecture components
and functions by terms defined in this International Standards.
5.2 Architecture elements
5.2.1 Overview
Elements in this reference architecture are
— stakeholders (5.3.1),
— actors (5.3.2),
— views (5.3, 5.4),
— models (5.3.3, 5.3.4, 5.3.5, 5.4.1, 5.4.3),
— components (5.4.1),
— processes (5.4.2), and
— information flows and actions (5.4.2).
5.2.2 Viewpoints
5.2.2.1 General
The documented design of an identity management system shall include a context view and a functional
view. It may include a physical view. The documented design may contain other views, e.g. an information
view.
NOTE The required minimal set of viewpoints describes the system’s interactions with its environment and
the system’s internal components and interactions.
The description of a view should be focused. Diagrams in the view descriptions should be accompanied
with text defining the elements shown.
NOTE The description of viewpoints in this clause is based on Reference [2].
5.2.2.2 Context viewpoint
Definition — In the documented design the context viewpoint describes relationships, dependencies,
and interactions between the system and its environment (the people, systems, and external entities
with which it interacts).
Concerns — System scope and responsibilities, identity of external entities and services and data used,
nature and characteristics of external entities, identity and responsibilities of external interfaces, nature
© ISO/IEC 2015 – All rights reserved 3

ISO/IEC 24760-2:2015(E)
and characteristics of external interfaces, other external interdependencies, impact of the system on its
environment, and overall completeness, consistency, and coherence.
Models — A context viewpoint may contain a context model, use cases and interaction scenarios. The
context model is an informal box-and-line diagram that shows the system under discussion as a black
box with interfaces, top-level interactions and dependencies on external entities. See 5.3.3.
Points to take care of — Missing or incorrect external entities, missing implicit dependencies, loose or
inaccurate interface descriptions, inappropriate level of detail, scope creep, implicit or assumed context
or scope, overcomplicated interactions, overuse of jargon.
5.2.2.3 Functional viewpoint
Definition — In the documented design the functional viewpoint describes the key functional elements
with operational responsibilities, interfaces, and primary interactions.
Concerns — Refers to functional capabilities, external interfaces, internal structure, and functional
design philosophy.
Models — A functional viewpoint may contain a component model, physical model or an infrastructure
model.
In the documented design the functional viewpoint shall identify standards and guidelines applicable to
each of the functions it describes.
See 5.4 for guidance on specifying a function viewpoint.
5.3 Context view
5.3.1 Stakeholders
5.3.1.1 General
This part of ISO/IEC 24760 recognizes the following direct and indirect stakeholders of primary
importance
— principal,
— identity management authority,
— identity information authority,
— relying party,
— regulatory body,
— auditor, and
— consumer/citizen representative or advocate.
Each stakeholder performs a separate function in the identity management system. These functions
imply specific responsibilities and liabilities. With the exception of regulatory bodies and consumer
representatives, stakeholders interact with an identity management system, and thus are present in the
reference architecture as actors (see 5.3.2).
Concerns of stakeholders in an identity management system are described in the following sub-clauses
and should be addressed in the design, implementation and operation of the system.
4 © ISO/IEC 2015 – All rights reserved

ISO/IEC 24760-2:2015(E)
5.3.1.2 Principal
Concerns of a principal in an identity management system include
— correctness of identity information collected, processed and stored,
— protection of privacy,
— minimisation of identity information collected, processed and stored by the identity management
system,
— minimisation of identity information usage by the identity management system in its domain of
applicability,
— errors in identification including false negative and false positive identification and the detection
and handling of errors,
— knowledge of and consent to, identity information sharing with third parties,
— being correctly represented by identity information captured, processed or stored,
— correctness of operations in the delivery of services and the access to resources made available
based on the attributes presented in a specific situation,
— collection, processing and storage of identity information only occurs with its informed consent,
— equitable treatment in its interactions with the system, and
— an easily understandable, effective, appropriate user interface.
NOTE a concern of a principal that relates to a third party service using identity information obtained from
the identity management system is not a concern about the identity management system and therefore not in
scope for this standard.
5.3.1.3 Identity management authority
Concerns of the identity management authority in an identity management system include
— definition of identity management objectives for the domain(s) served by the identity management
system,
— specification of policies to maintain identity management objectives for the domain(s) served by the
identity management system,
— fulfilling the business objectives of the identity management system with respect to principals and
users of identity information,
— that the identity information provided by each principal is accurate and pertains to that principal to
a specific level of assurance, and
— compliance with regulation.
5.3.1.4 Identity information authority
Concerns of an identity information authority in an identity management system include
— correctness of identity information,
— meeting requirements from relying parties,
— compliance with regulation, and
— meeting business obligations with principals.
© ISO/IEC 2015 – All rights reserved 5

ISO/IEC 24760-2:2015(E)
5.3.1.5 Relying party
Concerns of a relying party in an identity management system include
— confidentiality, availability and integrity and applicability to a principal of identity information,
— provisioning of accurate identity information pertaining to relevant principals at the required level
of assurance,
— effective, documented and secure interfaces,
— conformance to regulation applicable to its operations, and
— effective mechanism and procedures for auditing.
5.3.1.6 Regulatory body
As an external independent organization, concerns of a regulatory body in an identity management
system include
— the proper documentation of operating policies,
— correctness of operation, in particular, in applying operational polices,
— proper accountability and audit of system operations,
— compliance of operational policy and operational practice with legal and regulatory requirements,
— effective reporting on system operations, including control effectiveness, incidents, and actions
taken in overcoming incidents, and
— effective response to incidents that violate, or have a potential to violate privacy protection.
NOTE Effectively, auditors, as actors in an identity management system (see 5.3.2.9), in inspecting the
operations of an identity management system (see 5.4) may represent the interests of regulatory bodies.
5.3.1.7 Consumer/citizen representative or advocate
Consumer/citizen advocates are individuals or groups that emerge from civil society and try to protect
consumers and citizens from surveillance and lobby for improved privacy regulations.
Consumer/citizen representatives are individuals appointed by a principal or selected by consumer
organisations to represent a consumer or citizen in its rights with respect to privacy.
Consumer/citizen representative and advocates’ main concerns are
— transparency, notification, compliance and protection against complex legal language, and
— access of services to disadvantaged populations
NOTE 1 Consumer and citizen representatives participate in recognised multi-stakeholder societal processes
such as governance and establish good practices and requirements to be met by those providing goods and
services to consumers and citizens.
NOTE 2 Consumer and citizen representatives are selected, briefed and where necessary trained to ensure that
they participate through reasonable and reasoned discussion, based wherever possible on good quality evidence.
6 © ISO/IEC 2015 – All rights reserved

ISO/IEC 24760-2:2015(E)
5.3.2 Actors
5.3.2.1 General
An actor interacts with an identity management system to participate in identity management
operations. An entity may interact with the same identity management system as multiple, different
actors. The document design shall define all interactions by any actor supported by the system.
The documented design should describe actor interactions in terms of the functions that the
interactions relate to. Where an actor that interacts with the identity management system needs to be
authenticated before interactions are allowed to proceed, the documented design shall specify the basis
for authentication (e.g. entity based; role based etc. authentication), the authentication method and the
assurance level required for each interaction as defined in ISO/IEC 29115.
NOTE One purpose of specifying actors in the design of an identity management system is to be able to
describe all intended interactions with the system.
A documented design may recognize the following actors:
— principal;
— identity management authority;
— identity registration authority
— relying party;
— identity information provider;
— identity information authority;
— verifier;
— auditor.
The documented design shall specify the level of assurance needed to identify and authenticate entities
requesting access to identity information contained in its identity management system as specified in
ISO/IEC 29115. The level of assurance may be different for different types of information and the type
of access granted i.e. read, write etc. Authorization may be implemented as specified in ISO/IEC 29146.
5.3.2.2 Principal
A principal is an actor who provides identification information to establish and validate its identity
within identification management processes. The Principal has the following responsibilities
— as an entity when applying to become registered in a domain of applicability, to provide accurate
identity information for enrolment as a new principal,
— as system user once enrolled, to request to be recognized by the identity management system and
to be approved for access to services or use of resources available in the domain of applicability
associated with the identity management system, and
— as the subject of observation to obtain identity information, to facilitate the observation;.
NOTE As a subject of observation the identity information obtained is anonymous, until its relation to the
principal has been established.
A principal can use an identity management system to
— request to be recognized by information in the identity management system and to be approved for
access to services or use of resources available in the domain of applicability associated with the
identity management system, and
© ISO/IEC 2015 – All rights reserved 7

ISO/IEC 24760-2:2015(E)
— be informed, as human, of the identity information pertaining to itself is held in the identity
management system and to request any errors in the identity information to be corrected
NOTE In appropriately defined circumstances, a legally authorised representative may act on behalf of a
principal.
5.3.2.3 Identity management authority
An identity management authority is associated with a domain of applicability with the duty and
capabilities to define and adjust business objectives for identity management in that domain and set
management policies to meet these objectives.
An identity management authority uses policies to regulate the use of registered identity information.
Policies may specify levels of service to provide including the level of assurance on identity information
that may be provided by the identity management system. Policies may also specify how to obtain
authorisation for access and modification of identity information in unforeseen circumstances.
The identity management authority shall define identity management objectives for a domain of
applicability served by the identity management system operating under its authority. The identity
management authority shall specify policies to meet identity management objectives for an associated
domain.
Responsibilities of an identity management authority include
— to create, modify or revoke operational policies,
— to ensure legal and regulatory compliance of the policies and operation of the identity management
system,
— to require and approve modification of mechanisms to establish a required level of assurance in
entity authentication for access to identity information and system control functions
— to respond to incidents,
— to approve changes in the type of information recorded in the identity register
— to initiate regular audits, and
— to evaluate audit reports, in particular on the effectiveness of policies,
An identity management authority may enter into formal association with one or more other identity
management authorities to form a “ federation.”
NOTE The purpose is to extend the domain of applicability for principals with the other domains of
applicability in a federation. This extension is achieved with strictly controlled sharing of identity information.
In a federation, responsibilities of each identity management authority include:
— to provide a level of assurance of identity information that meets the specified requirement of any
other member of the federation,
— to maintain control over access to the identity information contained in its identity management
system,
— to ascertain that the level of assurance realized by any other member of the federation in authorizing
access to identity information in the federated identity management systems meets its requirements
for access to its own identity information,
— to operate with common policies for information sharing, and
— to specify policies to maintain its trust in the level of assurance of identity authentication.
8 © ISO/IEC 2015 – All rights reserved

ISO/IEC 24760-2:2015(E)
NOTE 1 Typically, in a federation, some of the identity management policies, in particular on authorization for
access, will be part of an agreement between the identity management authorities involved in the domains.
NOTE 2 Identity management policies for use in multiple domains of applicability may be established by
international standards.
NOTE 3 Changes to structure, organisation and extent of a data federation may be subject to external
constraints such as legal or regulatory requirements or the granting of permission by regulatory bodies.
NOTE 4 Members of a federation may agree to delegate operational responsibilities of the identity management
authority to a common operator, designated as the “federation authority”.
5.3.2.4 Identity registration authority
An identity registration authority is an actor in a system for identity management with the duty and
capabilities to set and enforce operational policies for gathering, recording and updating identity
information in the identity register.
Identity registration policies shall identify different types of modifications to identity information and
the operational and security conditions under which these modifications are allowed. These policies
shall specify the procedures for achieving the level of assurance in gathered identity information.
Responsibilities of an identity registration authority include
— to modify, create or revoke operational policies,
— to approve changes in the type of information recorded in the repository, and
— to approve modification of identity information recorded in the repository.
5.3.2.5 Relying party
A relying party is an actor that relies on the identity information of a particular principal provided by
the identity management system. A relying party uses verified information to provide access to services
and resources under its control.
The responsibilities of a relying party include
— to process and store identity information in accordance with the policies set by the identity
management authority, in particular to protect privacy,
— to specify the level of assurance needed in the identity information used for access control
commensurate to the value of specific services and resources, and
— to provide information on its interactions with the identity management system for auditing.
5.3.2.6 Identity information authority
An identity information authority is an actor in an identity management system to provide authoritative
status to for identity information provided to relying parties. An identity information authority
provides identity information on entities known in the domain. Operationally an identity information
authority may be a service provider equipped to supply authoritative metadata associated with
identity information. Metadata may be complemented with information to establish its reliability, e.g.
cryptographic data authentication.
A domain may support one or more identity information authorities. An identity information authority
may be distinct from the identity management authority. An independent service provider may act as an
identity information authority.
NOTE Delegation of identity information provisioning to an independent service provider typically involves
a service level agreement.
© ISO/IEC 2015 – All rights reserved 9

ISO/IEC 24760-2:2015(E)
The procedures to establish an entity as identity information authority are beyond the scope of this part
of ISO/IEC 24760.
The documented design of an identity management system shall specify policies with procedures and
criteria to determine the level of assurance in the information that may be obtained from a particular
identity information authority. The following criteria should be considered in these policies:
— quality of identity proofing;
— level of assurance of the information recorded at enrolment;
— quality of the reference identifier generator (see 5.4.2.3.3);
— quality of identity information maintenance;
— nature of the procedures used to obtain attribute values;
— syntax and semantics of attributes;
— security of the identity management system;
— qualities of the secure communication protocols used for provisioning.
The documented design of an identity management system may specify policies for adding, removing
and qualifying an identity information authority as suitable in support of operating the identity
management system. These policies shall address maintaining the required level of assurance when
replacing a particular identity information authority with another one.
If the identity management system supports
...