ISO/IEC 24760-2

Information security, cybersecurity and privacy protection — A framework for identity management — Part 2: Reference architecture and requirements ISO/IEC 24760-2

Scope

This document:
•       provides guidelines for the implementation of systems for the management of identity information, and
•       specifies requirements for the implementation and operation of a framework for identity management.
This document is applicable to any information system where information relating to identity is processed or stored."
to
“This document:
·       provides guidelines for the implementation of systems for the management of identity information,
·       specifies requirements for the implementation and operation of a framework for identity management,
·       is applicable to any information system where information relating to identity is processed or stored,
has been given the status of a horizontal document, as it applies concepts such as distinguishing the term “identity” from the term “identifier” on the implementation of systems for the management of identity information and on the requirements for the implementation and operation of a framework for identity management, as it provides an important contribution to assess identity management systems with regard to their privacy-friendliness and their ability to assure the relevant attributes of an identity, and consequently it provides a foundation and a common understanding for any other standard addressing identity, identity information, and identity management.